Documentation
¶
Index ¶
- Constants
- Variables
- func Dial(network string, addr string, config *tls.Config, ...) (*tls.Conn, error)
- func GetCert(moreConfigs ...ConnectionOption[CmcConfig]) (tls.Certificate, error)
- func Listen(network, laddr string, config *tls.Config, ...) (net.Listener, error)
- func Read(c net.Conn) ([]byte, error)
- func Write(msg []byte, c net.Conn) error
- type AttestSelect
- type CmcApi
- type CmcApiSelect
- type CmcConfig
- type CoapApi
- type ConnectionOption
- func WithAttest(mAttest string) ConnectionOption[CmcConfig]
- func WithCmc(cmc *cmc.Cmc) ConnectionOption[CmcConfig]
- func WithCmcAddr(address string) ConnectionOption[CmcConfig]
- func WithCmcApi(api CmcApiSelect) ConnectionOption[CmcConfig]
- func WithCmcCa(pem []byte) ConnectionOption[CmcConfig]
- func WithCmcConfig(cmcConfig *CmcConfig) ConnectionOption[CmcConfig]
- func WithCmcNetwork(network string) ConnectionOption[CmcConfig]
- func WithCmcPolicies(policies []byte) ConnectionOption[CmcConfig]
- func WithMtls(mtls bool) ConnectionOption[CmcConfig]
- func WithResultCb(cb func(result *ar.VerificationResult)) ConnectionOption[CmcConfig]
- type GrpcApi
- type LibApi
- type Listener
- type PrivateKey
- type SocketApi
Constants ¶
const ( CmcApi_GRPC CmcApiSelect = 0 CmcApi_COAP CmcApiSelect = 1 CmcApi_Socket CmcApiSelect = 2 CmcApi_Lib CmcApiSelect = 3 Attest_Mutual AttestSelect = 0 Attest_Client AttestSelect = 1 Attest_Server AttestSelect = 2 Attest_None AttestSelect = 3 )
Variables ¶
var CmcApis = map[CmcApiSelect]CmcApi{}
Functions ¶
func Dial ¶
func Dial(network string, addr string, config *tls.Config, moreConfigs ...ConnectionOption[CmcConfig]) (*tls.Conn, error)
Wraps tls.Dial Additionally performs remote attestation before returning the established connection.
func GetCert ¶
func GetCert(moreConfigs ...ConnectionOption[CmcConfig]) (tls.Certificate, error)
Obtains Certificate for the Identity Key (IK) used for the connection from cmcd
func Listen ¶
func Listen(network, laddr string, config *tls.Config, moreConfigs ...ConnectionOption[CmcConfig]) (net.Listener, error)
Wrapper for tls.Listen Returns custom Listener that will perform additional remote attestation operations right after successful TLS connection establishment
Types ¶
type AttestSelect ¶ added in v0.6.0
type AttestSelect byte
func GetAttestMode ¶ added in v0.6.0
func GetAttestMode(mAttest string) AttestSelect
type CmcApiSelect ¶ added in v0.5.0
type CmcApiSelect uint32
type CmcConfig ¶ added in v0.6.0
type CmcConfig struct {
CmcAddr string
CmcApi CmcApi
Network string
Ca []byte
Policies []byte
Mtls bool
Attest AttestSelect
ResultCb func(result *ar.VerificationResult)
Cmc *cmc.Cmc
}
Struct that holds information on cmc address and port to be used by Listener and DialConfig
type ConnectionOption ¶ added in v0.4.0
type ConnectionOption[T any] func(*T)
func WithAttest ¶ added in v0.6.0
func WithAttest(mAttest string) ConnectionOption[CmcConfig]
WithAttest specifies whether to perform mutual, dialer only, or listener only attestation
func WithCmc ¶ added in v0.6.0
func WithCmc(cmc *cmc.Cmc) ConnectionOption[CmcConfig]
WithCmc takes a CMC object. This is only required for the Lib API, where the CMC is integrated directly into binary (instead of using the cmcd)
func WithCmcAddr ¶ added in v0.5.0
func WithCmcAddr(address string) ConnectionOption[CmcConfig]
WithCmcAddress sets the address with which to contact the CMC. If not specified, default is "localhost"
func WithCmcApi ¶ added in v0.5.0
func WithCmcApi(api CmcApiSelect) ConnectionOption[CmcConfig]
WithCmcApi specifies the API to be used to connect to the cmcd If not specified, default is grpc
func WithCmcCa ¶ added in v0.4.0
func WithCmcCa(pem []byte) ConnectionOption[CmcConfig]
WithCmcCa specifies the CA the attestation report should be verified against in PEM format
func WithCmcConfig ¶ added in v0.6.0
func WithCmcConfig(cmcConfig *CmcConfig) ConnectionOption[CmcConfig]
WithCmc specifies an entire CMC configuration
func WithCmcNetwork ¶ added in v0.6.0
func WithCmcNetwork(network string) ConnectionOption[CmcConfig]
WithCmcNetwork specifies the network type to be used to connect to the cmcd in case the socket API is selected
func WithCmcPolicies ¶ added in v0.4.0
func WithCmcPolicies(policies []byte) ConnectionOption[CmcConfig]
WithCmcPolicies specifies optional custom policies the attestation report should be verified against
func WithMtls ¶ added in v0.6.0
func WithMtls(mtls bool) ConnectionOption[CmcConfig]
WithMtls specifies whether to perform mutual TLS with mutual attestation or server-side authentication and attestation only
func WithResultCb ¶ added in v0.6.0
func WithResultCb(cb func(result *ar.VerificationResult)) ConnectionOption[CmcConfig]
WithResultCb is a callback for further processing of attestation results
type Listener ¶
type Listener struct {
net.Listener // embedded interface
CmcConfig // embedded struct
*tls.Config // embedded struct
}
Struct to implement Listener interface * holds net.Listener and adds additional functionality to it
func (Listener) Accept ¶
Implementation of Accept() in net.Listener iface Calls Accept of the net.Listnener and additionally performs remote attestation after connection establishment before returning the connection
type PrivateKey ¶
type PrivateKey struct {
CmcConfig // embedded struct
// contains filtered or unexported fields
}
PrivateKey Wrapper Implementing crypto.Signer interface Used to contact cmcd for signing operations
func (PrivateKey) Public ¶
func (priv PrivateKey) Public() crypto.PublicKey
func (PrivateKey) Sign ¶
func (priv PrivateKey) Sign(random io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
Implementation of Sign() in crypto.Signer iface Contacts cmcd for sign operation and returns received signature
Source Files