trustedservices

package
v0.0.2502 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 21, 2025 License: Apache-2.0 Imports: 24 Imported by: 1

README

Configuration

  • server-addr (optional): address of the VTS server in the form <host>:<port>. If not specified, this defaults to 127.0.0.1:50051. Unless listen-addr is specified (see below), VTS server will extract the port to listen on from this setting (but will listen on all local interfaces)
  • listen-addr (optional): The address the VTS server will listen on in the form <host>:<port>. Only specify this if you want to restrict the server to listen on a particular interface; otherwise, the server will listen on all interfaces on the port specified in server-addr.
  • tls (optional): specifies whether TLS should be used for client connections. Defaults to true.
  • cert: path to the file containing the certificate that should be used by the server if tls (see above) is true.
  • cert-key: path to the file containing the key associated with the certificate specified by server-cert (see above).
  • ca-certs (optional): a list of paths to certificates that will be used in addition to system certs during mutual validation with the client when tls (see above) is true.

Documentation

Overview

Copyright 2022-2023 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2022-2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2022-2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Index

Constants

View Source
const DummyTenantID = "0"

XXX should be (also) serviceID should be passed as a parameter

Variables

View Source
var (
	DefaultVTSAddr = "127.0.0.1:50051"
)

Functions

func LoadTLSCreds

func LoadTLSCreds(
	certPath, keyPath string,
	caPaths []string,
) (credentials.TransportCredentials, error)

Types

type GRPC

type GRPC struct {
	ServerAddress string

	TaStore            kvstore.IKVStore
	EnStore            kvstore.IKVStore
	EvPluginManager    plugin.IManager[handler.IEvidenceHandler]
	EndPluginManager   plugin.IManager[handler.IEndorsementHandler]
	StorePluginManager plugin.IManager[handler.IStoreHandler]
	PolicyManager      *policymanager.PolicyManager
	EarSigner          earsigner.IEarSigner

	Server *grpc.Server
	Socket net.Listener

	proto.UnimplementedVTSServer
	// contains filtered or unexported fields
}

func (*GRPC) Close

func (o *GRPC) Close() error

func (*GRPC) GetAttestation

func (o *GRPC) GetAttestation(
	ctx context.Context,
	token *proto.AttestationToken,
) (*proto.AppraisalContext, error)

func (*GRPC) GetEARSigningPublicKey

func (o *GRPC) GetEARSigningPublicKey(context.Context, *emptypb.Empty) (*proto.PublicKey, error)

func (*GRPC) GetServiceState

func (o *GRPC) GetServiceState(context.Context, *emptypb.Empty) (*proto.ServiceState, error)

func (*GRPC) GetSupportedProvisioningMediaTypes

func (c *GRPC) GetSupportedProvisioningMediaTypes(context.Context, *emptypb.Empty) (*proto.MediaTypeList, error)

func (*GRPC) GetSupportedVerificationMediaTypes

func (c *GRPC) GetSupportedVerificationMediaTypes(context.Context, *emptypb.Empty) (*proto.MediaTypeList, error)

func (*GRPC) Run

func (o *GRPC) Run() error

type GRPCConfig

type GRPCConfig struct {
	ServerAddress string   `mapstructure:"server-addr" valid:"dialstring"`
	ListenAddress string   `mapstructure:"listen-addr" valid:"dialstring" config:"zerodefault"`
	UseTLS        bool     `mapstructure:"tls" config:"zerodefault"`
	ServerCert    string   `mapstructure:"cert" config:"zerodefault"`
	ServerCertKey string   `mapstructure:"cert-key" config:"zerodefault"`
	CACerts       []string `mapstructure:"ca-certs" config:"zerodefault"`
}

Supported parameters:

func NewGRPCConfig

func NewGRPCConfig() *GRPCConfig

type ITrustedServices

type ITrustedServices interface {
	Init(
		cfg *viper.Viper,
		evm plugin.IManager[handler.IEvidenceHandler],
		endm plugin.IManager[handler.IEndorsementHandler],
		stm plugin.IManager[handler.IStoreHandler],
	) error
	Close() error
	Run() error

	proto.VTSServer
}

func NewGRPC

func NewGRPC(
	taStore, enStore kvstore.IKVStore,
	evpluginManager plugin.IManager[handler.IEvidenceHandler],
	endpluginManager plugin.IManager[handler.IEndorsementHandler],
	storepluginManager plugin.IManager[handler.IStoreHandler],
	policyManager *policymanager.PolicyManager,
	earSigner earsigner.IEarSigner,
	logger *zap.SugaredLogger,
) ITrustedServices

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL