Documentation ¶
Index ¶
- Variables
- func NodeAttestorPluginServer(server NodeAttestorServer) pluginsdk.PluginServer
- func RegisterNodeAttestorServer(s grpc.ServiceRegistrar, srv NodeAttestorServer)
- type Challenge
- type NodeAttestorClient
- type NodeAttestorPluginClient
- type NodeAttestorServer
- type NodeAttestor_AidAttestationClient
- type NodeAttestor_AidAttestationServer
- type PayloadOrChallengeResponse
- func (*PayloadOrChallengeResponse) Descriptor() ([]byte, []int)deprecated
- func (x *PayloadOrChallengeResponse) GetChallengeResponse() []byte
- func (m *PayloadOrChallengeResponse) GetData() isPayloadOrChallengeResponse_Data
- func (x *PayloadOrChallengeResponse) GetPayload() []byte
- func (*PayloadOrChallengeResponse) ProtoMessage()
- func (x *PayloadOrChallengeResponse) ProtoReflect() protoreflect.Message
- func (x *PayloadOrChallengeResponse) Reset()
- func (x *PayloadOrChallengeResponse) String() string
- type PayloadOrChallengeResponse_ChallengeResponse
- type PayloadOrChallengeResponse_Payload
- type UnimplementedNodeAttestorServer
- type UnsafeNodeAttestorServer
Constants ¶
This section is empty.
Variables ¶
var File_spire_plugin_agent_nodeattestor_v1_nodeattestor_proto protoreflect.FileDescriptor
var NodeAttestor_ServiceDesc = grpc.ServiceDesc{ ServiceName: "spire.plugin.agent.nodeattestor.v1.NodeAttestor", HandlerType: (*NodeAttestorServer)(nil), Methods: []grpc.MethodDesc{}, Streams: []grpc.StreamDesc{ { StreamName: "AidAttestation", Handler: _NodeAttestor_AidAttestation_Handler, ServerStreams: true, ClientStreams: true, }, }, Metadata: "spire/plugin/agent/nodeattestor/v1/nodeattestor.proto", }
NodeAttestor_ServiceDesc is the grpc.ServiceDesc for NodeAttestor service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)
Functions ¶
func NodeAttestorPluginServer ¶
func NodeAttestorPluginServer(server NodeAttestorServer) pluginsdk.PluginServer
func RegisterNodeAttestorServer ¶
func RegisterNodeAttestorServer(s grpc.ServiceRegistrar, srv NodeAttestorServer)
Types ¶
type Challenge ¶
type Challenge struct { // Required. The challenge issued by SPIRE Server. See the AidAttestation // RPC for details. Challenge []byte `protobuf:"bytes,1,opt,name=challenge,proto3" json:"challenge,omitempty"` // contains filtered or unexported fields }
func (*Challenge) Descriptor
deprecated
func (*Challenge) GetChallenge ¶
func (*Challenge) ProtoMessage ¶
func (*Challenge) ProtoMessage()
func (*Challenge) ProtoReflect ¶
func (x *Challenge) ProtoReflect() protoreflect.Message
type NodeAttestorClient ¶
type NodeAttestorClient interface { // AidAttestation facilitates attestation by returning the attestation // payload and participating in attestation challenge/response. // // The attestation flow is as follows: // 1. SPIRE Agent opens up a stream to the plugin via FetchAttestationData. // 2. The plugin returns a response with the payload. // 3. SPIRE Agent sends the payload to SPIRE Server. // 4. Optionally, SPIRE Server responds with a challenge: // 4a. SPIRE Agent sends the challenge to the plugin. // 4b. The plugin responds with the challenge response. // 4c. SPIRE Agent sends the challenge response to SPIRE Server. // 4d. Step 4 is repeated until SPIRE Server is satisfied and does not // respond with an additional challenge. // 5. SPIRE Agent closes the stream. // // Note that SPIRE Agent does NOT send a request down the stream unless it // needs to issue the challenge returned by SPIRE Server (step 4a). // // Plugins that do not need challenge/response as part of the attestation // process may close the stream as soon as they send the attestation // payload (step 2). AidAttestation(ctx context.Context, opts ...grpc.CallOption) (NodeAttestor_AidAttestationClient, error) }
NodeAttestorClient is the client API for NodeAttestor service.
For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.
func NewNodeAttestorClient ¶
func NewNodeAttestorClient(cc grpc.ClientConnInterface) NodeAttestorClient
type NodeAttestorPluginClient ¶
type NodeAttestorPluginClient struct {
NodeAttestorClient
}
func (*NodeAttestorPluginClient) GRPCServiceName ¶
func (c *NodeAttestorPluginClient) GRPCServiceName() string
func (*NodeAttestorPluginClient) InitClient ¶
func (c *NodeAttestorPluginClient) InitClient(conn grpc.ClientConnInterface) interface{}
func (*NodeAttestorPluginClient) IsInitialized ¶
func (c *NodeAttestorPluginClient) IsInitialized() bool
func (NodeAttestorPluginClient) Type ¶
func (s NodeAttestorPluginClient) Type() string
type NodeAttestorServer ¶
type NodeAttestorServer interface { // AidAttestation facilitates attestation by returning the attestation // payload and participating in attestation challenge/response. // // The attestation flow is as follows: // 1. SPIRE Agent opens up a stream to the plugin via FetchAttestationData. // 2. The plugin returns a response with the payload. // 3. SPIRE Agent sends the payload to SPIRE Server. // 4. Optionally, SPIRE Server responds with a challenge: // 4a. SPIRE Agent sends the challenge to the plugin. // 4b. The plugin responds with the challenge response. // 4c. SPIRE Agent sends the challenge response to SPIRE Server. // 4d. Step 4 is repeated until SPIRE Server is satisfied and does not // respond with an additional challenge. // 5. SPIRE Agent closes the stream. // // Note that SPIRE Agent does NOT send a request down the stream unless it // needs to issue the challenge returned by SPIRE Server (step 4a). // // Plugins that do not need challenge/response as part of the attestation // process may close the stream as soon as they send the attestation // payload (step 2). AidAttestation(NodeAttestor_AidAttestationServer) error // contains filtered or unexported methods }
NodeAttestorServer is the server API for NodeAttestor service. All implementations must embed UnimplementedNodeAttestorServer for forward compatibility
type NodeAttestor_AidAttestationClient ¶
type NodeAttestor_AidAttestationClient interface { Send(*Challenge) error Recv() (*PayloadOrChallengeResponse, error) grpc.ClientStream }
type NodeAttestor_AidAttestationServer ¶
type NodeAttestor_AidAttestationServer interface { Send(*PayloadOrChallengeResponse) error Recv() (*Challenge, error) grpc.ServerStream }
type PayloadOrChallengeResponse ¶
type PayloadOrChallengeResponse struct { // Types that are assignable to Data: // *PayloadOrChallengeResponse_Payload // *PayloadOrChallengeResponse_ChallengeResponse Data isPayloadOrChallengeResponse_Data `protobuf_oneof:"data"` // contains filtered or unexported fields }
func (*PayloadOrChallengeResponse) Descriptor
deprecated
func (*PayloadOrChallengeResponse) Descriptor() ([]byte, []int)
Deprecated: Use PayloadOrChallengeResponse.ProtoReflect.Descriptor instead.
func (*PayloadOrChallengeResponse) GetChallengeResponse ¶
func (x *PayloadOrChallengeResponse) GetChallengeResponse() []byte
func (*PayloadOrChallengeResponse) GetData ¶
func (m *PayloadOrChallengeResponse) GetData() isPayloadOrChallengeResponse_Data
func (*PayloadOrChallengeResponse) GetPayload ¶
func (x *PayloadOrChallengeResponse) GetPayload() []byte
func (*PayloadOrChallengeResponse) ProtoMessage ¶
func (*PayloadOrChallengeResponse) ProtoMessage()
func (*PayloadOrChallengeResponse) ProtoReflect ¶
func (x *PayloadOrChallengeResponse) ProtoReflect() protoreflect.Message
func (*PayloadOrChallengeResponse) Reset ¶
func (x *PayloadOrChallengeResponse) Reset()
func (*PayloadOrChallengeResponse) String ¶
func (x *PayloadOrChallengeResponse) String() string
type PayloadOrChallengeResponse_ChallengeResponse ¶
type PayloadOrChallengeResponse_ChallengeResponse struct { // Required in subsequent responses. The challenge response to a // challenge issued by SPIRE Server. See the AidAttestation RPC for // details. ChallengeResponse []byte `protobuf:"bytes,2,opt,name=challenge_response,json=challengeResponse,proto3,oneof"` }
type PayloadOrChallengeResponse_Payload ¶
type PayloadOrChallengeResponse_Payload struct { // Required in the first response. This is the attestation payload that // is to be sent to SPIRE Server. See the AidAttestation RPC for // details. Payload []byte `protobuf:"bytes,1,opt,name=payload,proto3,oneof"` }
type UnimplementedNodeAttestorServer ¶
type UnimplementedNodeAttestorServer struct { }
UnimplementedNodeAttestorServer must be embedded to have forward compatible implementations.
func (UnimplementedNodeAttestorServer) AidAttestation ¶
func (UnimplementedNodeAttestorServer) AidAttestation(NodeAttestor_AidAttestationServer) error
type UnsafeNodeAttestorServer ¶
type UnsafeNodeAttestorServer interface {
// contains filtered or unexported methods
}
UnsafeNodeAttestorServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to NodeAttestorServer will result in compilation errors.