Documentation
¶
Overview ¶
Google Cloud Platform attestation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func GCEInstanceInfo ¶ added in v2.17.0
func GCEInstanceInfo(client gcpMetadataClient) func(context.Context, io.ReadWriteCloser, []byte) ([]byte, error)
GCEInstanceInfo fetches VM metadata used for attestation from the GCE Metadata API.
func TrustedKeyGetter ¶ added in v2.17.0
func TrustedKeyGetter( attestationVariant variant.Variant, newRESTClient func(ctx context.Context, opts ...option.ClientOption) (CVMRestClient, error), ) (func(ctx context.Context, attDoc vtpm.AttestationDocument, _ []byte) (crypto.PublicKey, error), error)
TrustedKeyGetter returns a function that queries the GCE API for a shieldedVM's public signing key. This key can be used to verify attestation statements issued by the VM.
Types ¶
type CVMRestClient ¶ added in v2.17.0
type CVMRestClient interface {
GetShieldedInstanceIdentity(ctx context.Context, req *computepb.GetShieldedInstanceIdentityInstanceRequest, opts ...gax.CallOption) (*computepb.ShieldedInstanceIdentity, error)
Close() error
}
CVMRestClient is the interface a GCP REST client for a CVM must implement.
func NewRESTClient ¶ added in v2.17.0
func NewRESTClient(ctx context.Context, opts ...option.ClientOption) (CVMRestClient, error)
NewRESTClient creates a new RESTClient.
type MetadataClient ¶ added in v2.17.0
type MetadataClient struct{}
A MetadataClient fetches metadata from the GCE Metadata API.
func (MetadataClient) InstanceName ¶ added in v2.17.0
func (c MetadataClient) InstanceName(ctx context.Context) (string, error)
InstanceName returns the instance name of the GCE instance.
type RESTClient ¶ added in v2.17.0
type RESTClient struct {
*compute.InstancesClient
}
RESTClient is a client for the GCE API.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.