constellation/cli/cmd/verify_gcp_noncvm.go

package cmd

import (
	"github.com/edgelesssys/constellation/coordinator/atls"
	"github.com/edgelesssys/constellation/coordinator/attestation/gcp"
	"github.com/spf13/cobra"
)

// TODO: Remove this command once we no longer use non cvms.
func newVerifyGCPNonCVMCmd() *cobra.Command {
	cmd := &cobra.Command{
		Use:               "gcp-non-cvm IP PORT",
		Short:             "Verify the TPM attestation of your shielded VM Constellation on Google Cloud Platform.",
		Long:              "Verify the TPM attestation of your shielded VM Constellation on Google Cloud Platform.",
		Args:              cobra.ExactArgs(2),
		ValidArgsFunction: verifyCompletion,
		RunE:              runVerifyGCPNonCVM,
	}

	return cmd
}

func runVerifyGCPNonCVM(cmd *cobra.Command, args []string) error {
	pcrs := map[uint32][]byte{}
	validator, err := getGCPNonCVMValidator(cmd, pcrs)
	if err != nil {
		return err
	}

	return runVerify(cmd, args, pcrs, validator)
}

// getGCPNonCVMValidator returns a GCP validator for regular shielded VMs.
func getGCPNonCVMValidator(cmd *cobra.Command, pcrs map[uint32][]byte) (atls.Validator, error) {
	if err := prepareValidator(cmd, pcrs); err != nil {
		return nil, err
	}

	return gcp.NewNonCVMValidator(pcrs), nil
}
monorepo Co-authored-by: Malte Poll <mp@edgeless.systems> Co-authored-by: katexochen <katexochen@users.noreply.github.com> Co-authored-by: Daniel Weiße <dw@edgeless.systems> Co-authored-by: Thomas Tendyck <tt@edgeless.systems> Co-authored-by: Benedict Schlueter <bs@edgeless.systems> Co-authored-by: leongross <leon.gross@rub.de> Co-authored-by: Moritz Eckert <m1gh7ym0@gmail.com> 2022-03-22 15:03:15 +00:00			`package cmd`

			`import (`
			`"github.com/edgelesssys/constellation/coordinator/atls"`
			`"github.com/edgelesssys/constellation/coordinator/attestation/gcp"`
			`"github.com/spf13/cobra"`
			`)`

			`// TODO: Remove this command once we no longer use non cvms.`
			`func newVerifyGCPNonCVMCmd() *cobra.Command {`
			`cmd := &cobra.Command{`
			`Use: "gcp-non-cvm IP PORT",`
			`Short: "Verify the TPM attestation of your shielded VM Constellation on Google Cloud Platform.",`
			`Long: "Verify the TPM attestation of your shielded VM Constellation on Google Cloud Platform.",`
			`Args: cobra.ExactArgs(2),`
			`ValidArgsFunction: verifyCompletion,`
			`RunE: runVerifyGCPNonCVM,`
			`}`

			`return cmd`
			`}`

			`func runVerifyGCPNonCVM(cmd *cobra.Command, args []string) error {`
			`pcrs := map[uint32][]byte{}`
			`validator, err := getGCPNonCVMValidator(cmd, pcrs)`
			`if err != nil {`
			`return err`
			`}`

			`return runVerify(cmd, args, pcrs, validator)`
			`}`

			`// getGCPNonCVMValidator returns a GCP validator for regular shielded VMs.`
			`func getGCPNonCVMValidator(cmd *cobra.Command, pcrs map[uint32][]byte) (atls.Validator, error) {`
			`if err := prepareValidator(cmd, pcrs); err != nil {`
			`return nil, err`
			`}`

			`return gcp.NewNonCVMValidator(pcrs), nil`
			`}`