algorithm

package

v4.1.2 Latest Latest Go to latest Published: May 20, 2022 License: BSD-3-Clause, BSD-3-Clause Imports: 18 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/intel-secl/k8s-extensions

Links

Open Source Insights

Documentation ¶

Index ¶

func CheckAnnotationAttrib(cipherText string, node []v1.NodeSelectorRequirement, ...) bool
func FilteredHost(args *schedulerapi.ExtenderArgs, iHubPubKeys map[string][]byte, ...) (*schedulerapi.ExtenderFilterResult, error)
func JWTParseWithClaims(cipherText string, claim jwt.MapClaims) bool
func ParseRSAPublicKeyFromPEM(pubKey []byte) (*rsa.PublicKey, error)
func ValidateAnnotationByPublicKey(cipherText string, iHubPubKey []byte) error
func ValidateNodeByTime(claims jwt.MapClaims, validTo string) bool
func ValidatePodWithHvsAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, ...) bool
func ValidatePodWithSgxAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, ...) bool
type JwtHeader

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckAnnotationAttrib ¶

func CheckAnnotationAttrib(cipherText string, node []v1.NodeSelectorRequirement, iHubPubKeys map[string][]byte, tagPrefix, attestationType string) bool

CheckAnnotationAttrib is used to validate node with respect to time,trusted and location tags

func FilteredHost ¶

func FilteredHost(args *schedulerapi.ExtenderArgs, iHubPubKeys map[string][]byte, tagPrefix string) (*schedulerapi.ExtenderFilterResult, error)

FilteredHost is used for getting the nodes and pod details and verify and return if pod key matches with annotations

func JWTParseWithClaims ¶

func JWTParseWithClaims(cipherText string, claim jwt.MapClaims) bool

JWTParseWithClaims uses ParseUnverified from dgrijalva/jwt-go for parsing and adding the annotation values in claims map ParseUnverified doesnt do signature validation. But however the signature validation is being done at ValidateAnnotationByPublicKey

func ParseRSAPublicKeyFromPEM ¶

func ParseRSAPublicKeyFromPEM(pubKey []byte) (*rsa.PublicKey, error)

ParseRSAPublicKeyFromPEM is used for parsing and verify public key

func ValidateAnnotationByPublicKey ¶

func ValidateAnnotationByPublicKey(cipherText string, iHubPubKey []byte) error

ValidateAnnotationByPublicKey is used for validate the annotation(cipher) by public key

func ValidateNodeByTime ¶

func ValidateNodeByTime(claims jwt.MapClaims, validTo string) bool

ValidateNodeByTime is used for validate time for each node with current system time(Expiry validation)

func ValidatePodWithHvsAnnotation ¶

func ValidatePodWithHvsAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, trustprefix string) bool

ValidatePodWithAnnotation is to validate signed trusted and location report with pod keys and values

func ValidatePodWithSgxAnnotation ¶

func ValidatePodWithSgxAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, trustprefix string) bool

ValidatePodWithSgxAnnotation is to validate sgx signed trusted and location report with pod keys and values

Types ¶

type JwtHeader ¶

type JwtHeader struct {
	KeyId     string `json:"kid,omitempty"`
	Type      string `json:"typ,omitempty"`
	Algorithm string `json:"alg,omitempty"`
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL