attestation

package

v0.59.1 Latest Latest Go to latest Published: Mar 3, 2025 License: Apache-2.0 Imports: 15 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smallstep/crypto

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func NewRequestIDContext(ctx context.Context, requestID string) context.Context
func RequestIDFromContext(ctx context.Context) (string, bool)
type Client
- func NewClient(tpmAttestationCABaseURL string, options ...Option) (*Client, error)
- func (ac *Client) Attest(ctx context.Context, t *tpm.TPM, ek *tpm.EK, ak *tpm.AK) ([]*x509.Certificate, error)
type Option
- func WithInsecure() Option
- func WithRootsFile(filename string) Option
type Options

Constants ¶

This section is empty.

Variables ¶

View Source

var UserAgent = "step-attestation-http-client/1.0"

UserAgent is the value of the User-Agent HTTP header that will be set in HTTP requests to the attestation CA.

Functions ¶

func NewRequestIDContext ¶ added in v0.45.1

func NewRequestIDContext(ctx context.Context, requestID string) context.Context

NewRequestIDContext returns a new context with the given request ID added to the context.

func RequestIDFromContext ¶ added in v0.45.1

func RequestIDFromContext(ctx context.Context) (string, bool)

RequestIDFromContext returns the request ID from the context if it exists. and is not empty.

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func NewClient ¶

func NewClient(tpmAttestationCABaseURL string, options ...Option) (*Client, error)

NewClient creates a new Client that can be used to perform remote attestation.

func (*Client) Attest ¶

func (ac *Client) Attest(ctx context.Context, t *tpm.TPM, ek *tpm.EK, ak *tpm.AK) ([]*x509.Certificate, error)

Attest performs remote attestation using the AK backed by TPM t.

TODO: support multiple EKs again? Currently selection of the EK is left to the caller.

type Option ¶

type Option func(o *Options) error

func WithInsecure ¶

func WithInsecure() Option

WithInsecure disables TLS server certificate chain checking. In general this shouldn't be used, but it can be of use in during development and testing.

func WithRootsFile ¶

func WithRootsFile(filename string) Option

WithRootsFile can be used to set the trusted roots when setting up a TLS connection. An empty filename will be ignored.

type Options ¶

type Options struct {
	// contains filtered or unexported fields
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL