Documentation ¶
Overview ¶
package clientapi implements methods for users to interact with the Coordinator.
Index ¶
- type ClientAPI
- func (a *ClientAPI) GetCertQuote(ctx context.Context) (cert string, certQuote []byte, err error)
- func (a *ClientAPI) GetManifestSignature(ctx context.Context) (manifestSignatureRootECDSA, manifestSignature, manifest []byte)
- func (a *ClientAPI) GetSecrets(ctx context.Context, requestedSecrets []string, client *user.User) (map[string]manifest.Secret, error)
- func (a *ClientAPI) GetStatus(ctx context.Context) (state.State, string, error)
- func (a *ClientAPI) GetUpdateLog(ctx context.Context) (string, error)
- func (a *ClientAPI) Recover(ctx context.Context, encryptionKey []byte) (keysLeft int, err error)
- func (a *ClientAPI) SetManifest(ctx context.Context, rawManifest []byte) (recoverySecretMap map[string][]byte, err error)
- func (a *ClientAPI) UpdateManifest(ctx context.Context, rawUpdateManifest []byte, updater *user.User) (err error)
- func (a *ClientAPI) VerifyUser(ctx context.Context, clientCerts []*x509.Certificate) (*user.User, error)
- func (a *ClientAPI) WriteSecrets(ctx context.Context, rawSecretManifest []byte, updater *user.User) (err error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ClientAPI ¶
type ClientAPI struct {
// contains filtered or unexported fields
}
ClientAPI implements the client API.
func New ¶
func New(txHandle transactionHandle, recovery recovery.Recovery, core core, log *zap.Logger, ) (*ClientAPI, error)
New returns an initialized instance of the ClientAPI.
func (*ClientAPI) GetCertQuote ¶
GetCertQuote gets the Coordinators certificate and corresponding quote (containing the cert).
Returns the remote attestation quote of its own certificate alongside this certificate, which allows to verify the Coordinator's integrity and authentication for use of the ClientAPI.
func (*ClientAPI) GetManifestSignature ¶
func (a *ClientAPI) GetManifestSignature(ctx context.Context) (manifestSignatureRootECDSA, manifestSignature, manifest []byte)
GetManifestSignature returns the hash of the manifest.
Returns ECDSA signature, SHA256 hash and byte encoded representation of the active manifest.
func (*ClientAPI) GetSecrets ¶
func (a *ClientAPI) GetSecrets(ctx context.Context, requestedSecrets []string, client *user.User) (map[string]manifest.Secret, error)
GetSecrets allows a user to retrieve secrets from the Coordinator.
func (*ClientAPI) GetStatus ¶
GetStatus returns status information about the state of the Coordinator.
func (*ClientAPI) GetUpdateLog ¶
GetUpdateLog returns the update history of the Coordinator.
func (*ClientAPI) Recover ¶
Recover sets an encryption key (ideally decrypted from the recovery data) and tries to unseal and load a saved state of the Coordinator.
func (*ClientAPI) SetManifest ¶
func (a *ClientAPI) SetManifest(ctx context.Context, rawManifest []byte) (recoverySecretMap map[string][]byte, err error)
SetManifest sets the manifest of the Coordinator.
rawManifest is the manifest of type Manifest in JSON format. recoverySecretMap is a map of recovery secrets that can be used to recover the Coordinator.
func (*ClientAPI) UpdateManifest ¶
func (a *ClientAPI) UpdateManifest(ctx context.Context, rawUpdateManifest []byte, updater *user.User) (err error)
UpdateManifest allows to update certain package parameters of the original manifest, supplied via a JSON manifest.
func (*ClientAPI) VerifyUser ¶
func (a *ClientAPI) VerifyUser(ctx context.Context, clientCerts []*x509.Certificate) (*user.User, error)
VerifyUser checks if a given client certificate matches the admin certificates specified in the manifest.