Documentation
¶
Index ¶
- Variables
- func VerifyJSON(enclave, repo string) (string, error)
- type GroundTruth
- type Response
- type Router
- type SecureClient
- func (s *SecureClient) Enclave() string
- func (s *SecureClient) Get(url string, headers map[string]string) (*Response, error)
- func (s *SecureClient) GroundTruth() *GroundTruth
- func (s *SecureClient) GroundTruthJSON() (string, error)
- func (s *SecureClient) HTTPClient() (*http.Client, error)
- func (s *SecureClient) Post(url string, headers map[string]string, body []byte) (*Response, error)
- func (s *SecureClient) Repo() string
- func (s *SecureClient) Verify() (*GroundTruth, error)
- type TLSBoundRoundTripper
Constants ¶
This section is empty.
Variables ¶
Functions ¶
func VerifyJSON ¶ added in v0.10.2
VerifyJSON verifies an enclave against a repo and returns the verification data as a JSON string
Types ¶
type GroundTruth ¶ added in v0.0.17
type GroundTruth struct {
TLSPublicKey string `json:"tls_public_key,omitempty"`
HPKEPublicKey string `json:"hpke_public_key,omitempty"`
Digest string `json:"digest"`
CodeMeasurement *attestation.Measurement `json:"code_measurement"`
EnclaveMeasurement *attestation.Measurement `json:"enclave_measurement"`
HardwareMeasurement *attestation.HardwareMeasurement `json:"hardware_measurement,omitempty"`
CodeFingerprint string `json:"code_fingerprint"`
EnclaveFingerprint string `json:"enclave_fingerprint"`
}
GroundTruth represents the "known good" verified of the enclave
type Router ¶ added in v0.10.0
type Router struct {
// contains filtered or unexported fields
}
func (*Router) Client ¶ added in v0.10.0
func (r *Router) Client() (*SecureClient, error)
type SecureClient ¶
type SecureClient struct {
// contains filtered or unexported fields
}
func NewDefaultClient ¶ added in v0.10.0
func NewDefaultClient() (*SecureClient, error)
NewDefaultClient creates a new secure client using the default router
func NewPinnedSecureClient ¶ added in v0.1.18
func NewPinnedSecureClient(enclave string, codeMeasurement *attestation.Measurement, hardwareMeasurements []*attestation.HardwareMeasurement) *SecureClient
func NewSecureClient ¶
func NewSecureClient(enclave, repo string) *SecureClient
func (*SecureClient) Enclave ¶ added in v0.1.16
func (s *SecureClient) Enclave() string
Enclave returns the enclave URL
func (*SecureClient) GroundTruth ¶ added in v0.0.17
func (s *SecureClient) GroundTruth() *GroundTruth
GroundTruth returns the last verified enclave state
func (*SecureClient) GroundTruthJSON ¶ added in v0.1.17
func (s *SecureClient) GroundTruthJSON() (string, error)
GroundTruthJSON returns the ground truth as a JSON string
func (*SecureClient) HTTPClient ¶
func (s *SecureClient) HTTPClient() (*http.Client, error)
HTTPClient returns an HTTP client that only accepts TLS connections to the verified enclave
func (*SecureClient) Repo ¶ added in v0.1.16
func (s *SecureClient) Repo() string
Repo returns the repository URL
func (*SecureClient) Verify ¶
func (s *SecureClient) Verify() (*GroundTruth, error)
Verify fetches the latest verification information from GitHub and Sigstore and stores the ground truth results in the client
Source Files
Click to show internal directories.
Click to hide internal directories.