Documentation ¶
Index ¶
- func Dial(network string, addr string, config *tls.Config, ...) (*tls.Conn, error)
- func GetCert(moreConfigs ...ConnectionOption[cmcConfig]) (tls.Certificate, error)
- func Listen(network, laddr string, config *tls.Config, ...) (net.Listener, error)
- func Read(c net.Conn) ([]byte, error)
- func Write(msg []byte, c net.Conn) error
- type ConnectionOption
- type Listener
- type PrivateKey
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func Dial ¶
func Dial(network string, addr string, config *tls.Config, moreConfigs ...ConnectionOption[cmcConfig]) (*tls.Conn, error)
Wraps tls.Dial Additionally performs remote attestation before returning the established connection.
func GetCert ¶
func GetCert(moreConfigs ...ConnectionOption[cmcConfig]) (tls.Certificate, error)
Obtains Certificate for the used TLS key from cmcd
func Listen ¶
func Listen(network, laddr string, config *tls.Config, moreConfigs ...ConnectionOption[cmcConfig]) (net.Listener, error)
Wrapper for tls.Listen Returns custom Listener that will perform additional remote attestation operations right after successful TLS connection establishment
Types ¶
type ConnectionOption ¶ added in v0.4.0
type ConnectionOption[T any] func(*T)
func WithCmcAddress ¶ added in v0.4.0
func WithCmcAddress(address string) ConnectionOption[cmcConfig]
WithCmcAddress sets the address with which to contact the CMC. If not specified, default is "localhost"
func WithCmcCa ¶ added in v0.4.0
func WithCmcCa(pem []byte) ConnectionOption[cmcConfig]
WithCmcCa specifies the CA the attestation report should be verified against in PEM format
func WithCmcPolicies ¶ added in v0.4.0
func WithCmcPolicies(policies []byte) ConnectionOption[cmcConfig]
WithCmcPolicies specified optional custom policies the attestation report should be verified against
func WithCmcPort ¶ added in v0.4.0
func WithCmcPort(port string) ConnectionOption[cmcConfig]
WithCmcPort sets the port on which to contact the CMC. If not specified, default is "9955"
type Listener ¶
type Listener struct { net.Listener // embedded interface *tls.Config // embedded struct // contains filtered or unexported fields }
Struct to implement Listener interface * holds net.Listener and adds additional functionality to it
func (Listener) Accept ¶
Implementation of Accept() in net.Listener iface Calls Accept of the net.Listnener and additionally performs remote attestation after connection establishment before returning the connection
type PrivateKey ¶
type PrivateKey struct {
// contains filtered or unexported fields
}
PrivateKey Wrapper Implementing crypto.Signer interface Used to contact cmcd for signing operations
func (PrivateKey) Public ¶
func (priv PrivateKey) Public() crypto.PublicKey
func (PrivateKey) Sign ¶
func (priv PrivateKey) Sign(random io.Reader, digest []byte, opts crypto.SignerOpts) ([]byte, error)
Implementation of Sign() in crypto.Signer iface Contacts cmcd for sign operation and returns received signature