algorithm

package
v4.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2021 License: BSD-3-Clause, BSD-3-Clause Imports: 18 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CheckAnnotationAttrib

func CheckAnnotationAttrib(cipherText string, node []v1.NodeSelectorRequirement, iHubPubKeys map[string][]byte, tagPrefix, attestationType string) bool

CheckAnnotationAttrib is used to validate node with respect to time,trusted and location tags

func FilteredHost

func FilteredHost(args *schedulerapi.ExtenderArgs, iHubPubKeys map[string][]byte, tagPrefix string) (*schedulerapi.ExtenderFilterResult, error)

FilteredHost is used for getting the nodes and pod details and verify and return if pod key matches with annotations

func JWTParseWithClaims

func JWTParseWithClaims(cipherText string, claim jwt.MapClaims) bool

JWTParseWithClaims uses ParseUnverified from dgrijalva/jwt-go for parsing and adding the annotation values in claims map ParseUnverified doesnt do signature validation. But however the signature validation is being done at ValidateAnnotationByPublicKey

func ParseRSAPublicKeyFromPEM

func ParseRSAPublicKeyFromPEM(pubKey []byte) (*rsa.PublicKey, error)

ParseRSAPublicKeyFromPEM is used for parsing and verify public key

func ValidateAnnotationByPublicKey

func ValidateAnnotationByPublicKey(cipherText string, iHubPubKey []byte) error

ValidateAnnotationByPublicKey is used for validate the annotation(cipher) by public key

func ValidateNodeByTime

func ValidateNodeByTime(claims jwt.MapClaims, validTo string) bool

ValidateNodeByTime is used for validate time for each node with current system time(Expiry validation)

func ValidatePodWithHvsAnnotation

func ValidatePodWithHvsAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, trustprefix string) bool

ValidatePodWithAnnotation is to validate signed trusted and location report with pod keys and values

func ValidatePodWithSgxAnnotation

func ValidatePodWithSgxAnnotation(nodeData []v1.NodeSelectorRequirement, claims jwt.MapClaims, trustprefix string) bool

ValidatePodWithSgxAnnotation is to validate sgx signed trusted and location report with pod keys and values

Types

type JwtHeader

type JwtHeader struct {
	KeyId     string `json:"kid,omitempty"`
	Type      string `json:"typ,omitempty"`
	Algorithm string `json:"alg,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL