nodeattestorv1

package

v1.11.0 Latest Latest Go to latest Published: Oct 21, 2024 License: Apache-2.0 Imports: 9 Imported by: 24

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/spiffe/spire-plugin-sdk

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NodeAttestorPluginServer(server NodeAttestorServer) pluginsdk.PluginServer
func RegisterNodeAttestorServer(s grpc.ServiceRegistrar, srv NodeAttestorServer)
type Challenge
type NodeAttestorClient
- func NewNodeAttestorClient(cc grpc.ClientConnInterface) NodeAttestorClient
type NodeAttestorPluginClient
type NodeAttestorServer
type NodeAttestor_AidAttestationClient
type NodeAttestor_AidAttestationServer
type PayloadOrChallengeResponse
type PayloadOrChallengeResponse_ChallengeResponse
type PayloadOrChallengeResponse_Payload
type UnimplementedNodeAttestorServer
- func (UnimplementedNodeAttestorServer) AidAttestation(NodeAttestor_AidAttestationServer) error
type UnsafeNodeAttestorServer

Constants ¶

This section is empty.

Variables ¶

View Source

var File_spire_plugin_agent_nodeattestor_v1_nodeattestor_proto protoreflect.FileDescriptor

View Source

var NodeAttestor_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "spire.plugin.agent.nodeattestor.v1.NodeAttestor",
	HandlerType: (*NodeAttestorServer)(nil),
	Methods:     []grpc.MethodDesc{},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "AidAttestation",
			Handler:       _NodeAttestor_AidAttestation_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
	},
	Metadata: "spire/plugin/agent/nodeattestor/v1/nodeattestor.proto",
}

NodeAttestor_ServiceDesc is the grpc.ServiceDesc for NodeAttestor service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

Functions ¶

func NodeAttestorPluginServer ¶

func NodeAttestorPluginServer(server NodeAttestorServer) pluginsdk.PluginServer

func RegisterNodeAttestorServer ¶

func RegisterNodeAttestorServer(s grpc.ServiceRegistrar, srv NodeAttestorServer)

Types ¶

type Challenge ¶

type Challenge struct {

	// Required. The challenge issued by SPIRE Server. See the AidAttestation
	// RPC for details.
	Challenge []byte `protobuf:"bytes,1,opt,name=challenge,proto3" json:"challenge,omitempty"`
	// contains filtered or unexported fields
}

func (*Challenge) Descriptor deprecated

func (*Challenge) Descriptor() ([]byte, []int)

Deprecated: Use Challenge.ProtoReflect.Descriptor instead.

func (*Challenge) GetChallenge ¶

func (x *Challenge) GetChallenge() []byte

func (*Challenge) ProtoMessage ¶

func (*Challenge) ProtoMessage()

func (*Challenge) ProtoReflect ¶

func (x *Challenge) ProtoReflect() protoreflect.Message

func (*Challenge) Reset ¶

func (x *Challenge) Reset()

func (*Challenge) String ¶

func (x *Challenge) String() string

type NodeAttestorClient ¶

type NodeAttestorClient interface {
	// AidAttestation facilitates attestation by returning the attestation
	// payload and participating in attestation challenge/response.
	//
	// The attestation flow is as follows:
	// 1. SPIRE Agent opens up a stream to the plugin via FetchAttestationData.
	// 2. The plugin returns a response with the payload.
	// 3. SPIRE Agent sends the payload to SPIRE Server.
	// 4. Optionally, SPIRE Server responds with a challenge:
	//   4a. SPIRE Agent sends the challenge to the plugin.
	//   4b. The plugin responds with the challenge response.
	//   4c. SPIRE Agent sends the challenge response to SPIRE Server.
	//   4d. Step 4 is repeated until SPIRE Server is satisfied and does not
	//       respond with an additional challenge.
	// 5. SPIRE Agent closes the stream.
	//
	// Note that SPIRE Agent does NOT send a request down the stream unless it
	// needs to issue the challenge returned by SPIRE Server (step 4a).
	//
	// Plugins that do not need challenge/response as part of the attestation
	// process may close the stream as soon as they send the attestation
	// payload (step 2).
	AidAttestation(ctx context.Context, opts ...grpc.CallOption) (NodeAttestor_AidAttestationClient, error)
}

NodeAttestorClient is the client API for NodeAttestor service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewNodeAttestorClient ¶

func NewNodeAttestorClient(cc grpc.ClientConnInterface) NodeAttestorClient

type NodeAttestorPluginClient ¶

type NodeAttestorPluginClient struct {
	NodeAttestorClient
}

func (*NodeAttestorPluginClient) GRPCServiceName ¶

func (c *NodeAttestorPluginClient) GRPCServiceName() string

func (*NodeAttestorPluginClient) InitClient ¶

func (c *NodeAttestorPluginClient) InitClient(conn grpc.ClientConnInterface) interface{}

func (*NodeAttestorPluginClient) IsInitialized ¶

func (c *NodeAttestorPluginClient) IsInitialized() bool

func (NodeAttestorPluginClient) Type ¶

func (s NodeAttestorPluginClient) Type() string

type NodeAttestorServer ¶

type NodeAttestorServer interface {
	// AidAttestation facilitates attestation by returning the attestation
	// payload and participating in attestation challenge/response.
	//
	// The attestation flow is as follows:
	// 1. SPIRE Agent opens up a stream to the plugin via FetchAttestationData.
	// 2. The plugin returns a response with the payload.
	// 3. SPIRE Agent sends the payload to SPIRE Server.
	// 4. Optionally, SPIRE Server responds with a challenge:
	//   4a. SPIRE Agent sends the challenge to the plugin.
	//   4b. The plugin responds with the challenge response.
	//   4c. SPIRE Agent sends the challenge response to SPIRE Server.
	//   4d. Step 4 is repeated until SPIRE Server is satisfied and does not
	//       respond with an additional challenge.
	// 5. SPIRE Agent closes the stream.
	//
	// Note that SPIRE Agent does NOT send a request down the stream unless it
	// needs to issue the challenge returned by SPIRE Server (step 4a).
	//
	// Plugins that do not need challenge/response as part of the attestation
	// process may close the stream as soon as they send the attestation
	// payload (step 2).
	AidAttestation(NodeAttestor_AidAttestationServer) error
	// contains filtered or unexported methods
}

NodeAttestorServer is the server API for NodeAttestor service. All implementations must embed UnimplementedNodeAttestorServer for forward compatibility

type NodeAttestor_AidAttestationClient ¶

type NodeAttestor_AidAttestationClient interface {
	Send(*Challenge) error
	Recv() (*PayloadOrChallengeResponse, error)
	grpc.ClientStream
}

type NodeAttestor_AidAttestationServer ¶

type NodeAttestor_AidAttestationServer interface {
	Send(*PayloadOrChallengeResponse) error
	Recv() (*Challenge, error)
	grpc.ServerStream
}

type PayloadOrChallengeResponse ¶

type PayloadOrChallengeResponse struct {

	// Types that are assignable to Data:
	//	*PayloadOrChallengeResponse_Payload
	//	*PayloadOrChallengeResponse_ChallengeResponse
	Data isPayloadOrChallengeResponse_Data `protobuf_oneof:"data"`
	// contains filtered or unexported fields
}

func (*PayloadOrChallengeResponse) Descriptor deprecated

func (*PayloadOrChallengeResponse) Descriptor() ([]byte, []int)

Deprecated: Use PayloadOrChallengeResponse.ProtoReflect.Descriptor instead.

func (*PayloadOrChallengeResponse) GetChallengeResponse ¶

func (x *PayloadOrChallengeResponse) GetChallengeResponse() []byte

func (*PayloadOrChallengeResponse) GetData ¶

func (m *PayloadOrChallengeResponse) GetData() isPayloadOrChallengeResponse_Data

func (*PayloadOrChallengeResponse) GetPayload ¶

func (x *PayloadOrChallengeResponse) GetPayload() []byte

func (*PayloadOrChallengeResponse) ProtoMessage ¶

func (*PayloadOrChallengeResponse) ProtoMessage()

func (*PayloadOrChallengeResponse) ProtoReflect ¶

func (x *PayloadOrChallengeResponse) ProtoReflect() protoreflect.Message

func (*PayloadOrChallengeResponse) Reset ¶

func (x *PayloadOrChallengeResponse) Reset()

func (*PayloadOrChallengeResponse) String ¶

func (x *PayloadOrChallengeResponse) String() string

type PayloadOrChallengeResponse_ChallengeResponse ¶

type PayloadOrChallengeResponse_ChallengeResponse struct {
	// Required in subsequent responses. The challenge response to a
	// challenge issued by SPIRE Server. See the AidAttestation RPC for
	// details.
	ChallengeResponse []byte `protobuf:"bytes,2,opt,name=challenge_response,json=challengeResponse,proto3,oneof"`
}

type PayloadOrChallengeResponse_Payload ¶

type PayloadOrChallengeResponse_Payload struct {
	// Required in the first response. This is the attestation payload that
	// is to be sent to SPIRE Server. See the AidAttestation RPC for
	// details.
	Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3,oneof"`
}

type UnimplementedNodeAttestorServer ¶

type UnimplementedNodeAttestorServer struct {
}

UnimplementedNodeAttestorServer must be embedded to have forward compatible implementations.

func (UnimplementedNodeAttestorServer) AidAttestation ¶

func (UnimplementedNodeAttestorServer) AidAttestation(NodeAttestor_AidAttestationServer) error

type UnsafeNodeAttestorServer ¶

type UnsafeNodeAttestorServer interface {
	// contains filtered or unexported methods
}

UnsafeNodeAttestorServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to NodeAttestorServer will result in compilation errors.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL