attestation

package
v0.59.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 3, 2025 License: Apache-2.0 Imports: 15 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var UserAgent = "step-attestation-http-client/1.0"

UserAgent is the value of the User-Agent HTTP header that will be set in HTTP requests to the attestation CA.

Functions

func NewRequestIDContext added in v0.45.1

func NewRequestIDContext(ctx context.Context, requestID string) context.Context

NewRequestIDContext returns a new context with the given request ID added to the context.

func RequestIDFromContext added in v0.45.1

func RequestIDFromContext(ctx context.Context) (string, bool)

RequestIDFromContext returns the request ID from the context if it exists. and is not empty.

Types

type Client

type Client struct {
	// contains filtered or unexported fields
}

func NewClient

func NewClient(tpmAttestationCABaseURL string, options ...Option) (*Client, error)

NewClient creates a new Client that can be used to perform remote attestation.

func (*Client) Attest

func (ac *Client) Attest(ctx context.Context, t *tpm.TPM, ek *tpm.EK, ak *tpm.AK) ([]*x509.Certificate, error)

Attest performs remote attestation using the AK backed by TPM t.

TODO: support multiple EKs again? Currently selection of the EK is left to the caller.

type Option

type Option func(o *Options) error

func WithInsecure

func WithInsecure() Option

WithInsecure disables TLS server certificate chain checking. In general this shouldn't be used, but it can be of use in during development and testing.

func WithRootsFile

func WithRootsFile(filename string) Option

WithRootsFile can be used to set the trusted roots when setting up a TLS connection. An empty filename will be ignored.

type Options

type Options struct {
	// contains filtered or unexported fields
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL