Documentation
¶
Overview ¶
Package api defines the IAS interfaces.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RegisterService ¶
RegisterService registers a new IAS service with the given gRPC server.
Types ¶
type Client ¶ added in v0.2501.0
type Client struct {
// contains filtered or unexported fields
}
Client is a gRPC IAS endpoint client.
func NewClient ¶ added in v0.2501.0
func NewClient(c *grpc.ClientConn) *Client
NewClient creates a new gRPC IAS endpoint client.
func (*Client) GetSPIDInfo ¶ added in v0.2501.0
type Endpoint ¶
type Endpoint interface {
// VerifyEvidence takes the provided quote, (optional) PSE manifest, and
// (optional) nonce, and returns the corresponding AVR, signature, and
// certificate chain respectively.
VerifyEvidence(ctx context.Context, evidence *Evidence) (*ias.AVRBundle, error)
// GetSPIDInfo returns the SPID and associated info used by the endpoint.
GetSPIDInfo(ctx context.Context) (*SPIDInfo, error)
// GetSigRL returns the Signature Revocation List for a given EPID group.
GetSigRL(ctx context.Context, epidGID uint32) ([]byte, error)
// Cleanup performs post-termination service cleanup.
Cleanup()
}
Endpoint is an attestation validation endpoint, likely remote.
type Evidence ¶
type Evidence struct {
RuntimeID common.Namespace `json:"runtime_id"`
Quote []byte `json:"quote"`
PSEManifest []byte `json:"pse_manifest"`
Nonce string `json:"nonce"`
EarlyTCBUpdate bool `json:"early_tcb_update,omitempty"`
MinTCBEvaluationDataNumber uint32 `json:"min_tcb_evaluation_data_number,omitempty"`
}
Evidence is attestation evidence.
Source Files
Click to show internal directories.
Click to hide internal directories.