Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-08-06 14:04:17 -04:00
Code Issues Projects Releases Packages Wiki Activity

AB#2350: Configurably enforce idkeydigest on Azure

Browse source 
* Add join-config entry for "enforceIdKeyDigest" bool
* Add join-config entry for "idkeydigest"
* Initially filled with TPM value from bootstrapper
* Add config entries for idkeydigest and enforceIdKeyDigest
* Extend azure attestation validator to check idkeydigest,
if configured.
* Update unittests
* Add logger to NewValidator for all CSPs
* Add csp to Updateable type

Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
Co-authored-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Otto Bittner 2022-08-29 16:41:09 +02:00
parent c84e44913b
commit 4adc19b7f5
31 changed files with 350 additions and 136 deletions
Download patch file Download diff file Expand all files Collapse all files

2
internal/attestation/azure/azure_test.go
View file

@ -21,7 +21,7 @@ func TestAttestation(t *testing.T) {
require := require.New(t)
issuer := NewIssuer()
validator := NewValidator(map[uint32][]byte{}, nil) // TODO: check for list of expected Azure PCRs
validator := NewValidator(map[uint32][]byte{}, nil, nil, false, nil) // TODO: check for list of expected Azure PCRs
nonce := []byte{2, 3, 4}
challenge := []byte("Constellation")