client

package

v0.2.5 Latest Latest Go to latest Published: Oct 1, 2025 License: AGPL-3.0 Imports: 11 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/tinfoilsh/verifier

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
type GroundTruth
type Response
type SecureClient
- func NewPinnedSecureClient(enclave string, codeMeasurement *attestation.Measurement, ...) *SecureClient
- func NewSecureClient(enclave, repo string) *SecureClient
type TLSBoundRoundTripper
- func (t *TLSBoundRoundTripper) RoundTrip(r *http.Request) (*http.Response, error)

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	ErrNoTLS              = errors.New("no TLS connection")
	ErrCertMismatch       = errors.New("certificate fingerprint mismatch")
	ErrNoValidCertificate = errors.New("no valid certificate")
)

Functions ¶

This section is empty.

Types ¶

type GroundTruth ¶ added in v0.0.17

type GroundTruth struct {
	TLSPublicKey       string                   `json:"tls_public_key,omitempty"`
	HPKEPublicKey      string                   `json:"hpke_public_key,omitempty"`
	Digest             string                   `json:"digest"`
	CodeMeasurement    *attestation.Measurement `json:"code_measurement"`
	EnclaveMeasurement *attestation.Measurement `json:"enclave_measurement"`
	HardwarePlatform   string                   `json:"hardware_platform,omitempty"`
}

GroundTruth represents the "known good" verified of the enclave

type Response ¶

type Response struct {
	Status     string
	StatusCode int
	Body       []byte
}

type SecureClient ¶

type SecureClient struct {
	// contains filtered or unexported fields
}

func NewPinnedSecureClient ¶ added in v0.1.18

func NewPinnedSecureClient(enclave string, codeMeasurement *attestation.Measurement, hardwareMeasurements []*attestation.HardwareMeasurement) *SecureClient

func NewSecureClient ¶

func NewSecureClient(enclave, repo string) *SecureClient

func (*SecureClient) Enclave ¶ added in v0.1.16

func (s *SecureClient) Enclave() string

Enclave returns the enclave URL

func (*SecureClient) Get ¶

func (s *SecureClient) Get(url string, headers map[string]string) (*Response, error)

Get makes an HTTP GET request

func (*SecureClient) GroundTruth ¶ added in v0.0.17

func (s *SecureClient) GroundTruth() *GroundTruth

GroundTruth returns the last verified enclave state

func (*SecureClient) GroundTruthJSON ¶ added in v0.1.17

func (s *SecureClient) GroundTruthJSON() (string, error)

GroundTruthJSON returns the ground truth as a JSON string

func (*SecureClient) HTTPClient ¶

func (s *SecureClient) HTTPClient() (*http.Client, error)

HTTPClient returns an HTTP client that only accepts TLS connections to the verified enclave

func (*SecureClient) Post ¶

func (s *SecureClient) Post(url string, headers map[string]string, body []byte) (*Response, error)

Post makes an HTTP POST request

func (*SecureClient) Repo ¶ added in v0.1.16

func (s *SecureClient) Repo() string

Repo returns the repository URL

func (*SecureClient) Verify ¶

func (s *SecureClient) Verify() (*GroundTruth, error)

Verify fetches the latest verification information from GitHub and Sigstore and stores the ground truth results in the client

type TLSBoundRoundTripper ¶

type TLSBoundRoundTripper struct {
	ExpectedPublicKey string
}

func (*TLSBoundRoundTripper) RoundTrip ¶

func (t *TLSBoundRoundTripper) RoundTrip(r *http.Request) (*http.Response, error)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL