Git-Mirrors/constellation
1
0
Fork 0
mirror of https://github.com/edgelesssys/constellation.git synced 2025-05-02 22:34:56 -04:00
Code Issues Projects Releases Packages Wiki Activity

AB#2316 Configurable enforced PCRs (#361)

Browse source 
* Add warnings for non enforced, untrusted PCRs

* Fix global state in Config PCR map

Signed-off-by: Daniel Weiße <dw@edgeless.systems>
This commit is contained in:
Daniel Weiße 2022-08-12 15:59:45 +02:00 committed by GitHub
parent 9478303f80
commit ba4471a228
30 changed files with 350 additions and 323 deletions
Download patch file Download diff file Expand all files Collapse all files

2
bootstrapper/internal/initserver/initserver.go
View file

@ -115,6 +115,7 @@ func (s *Server) Init(ctx context.Context, req *initproto.InitRequest) (*initpro
req.CloudServiceAccountUri,
req.KubernetesVersion,
measurementSalt,
req.EnforcedPcrs,
resources.KMSConfig{
MasterSecret: req.MasterSecret,
Salt: req.Salt,
@ -197,6 +198,7 @@ type ClusterInitializer interface {
cloudServiceAccountURI string,
k8sVersion string,
measurementSalt []byte,
enforcedPcrs []uint32,
kmsConfig resources.KMSConfig,
sshUserKeys map[string]string,
helmDeployments []byte,