mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
a5021c52d3
* add ASK caching in joinservice Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use cached ASK in Azure SEV-SNP attestation Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update test charts Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix linter Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix typ Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * make caching mechanism less provider-specific Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * update buildfiles Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add `omitempty` flag Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * frontload certificate getter Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * rename frontloaded function Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * pass cached certificates to constructor Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix race condition Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix marshalling of empty certs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix validator usage Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * [wip] add certcache tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add certcache tests Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix validator test Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * remove unused fields in validator Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix certificate precedence Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use separate context Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * linter fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * linter fixes Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * Remove unnecessary comment Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * use background context Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * Use error format directive Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * `azure` -> `Azure` Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com> * improve error messages Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * add x509 -> PEM util function Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * use crypto util functions Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix certificate replacement logic Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * only require ASK from certcache Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * tidy Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * fix comment typo Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> Co-authored-by: Thomas Tendyck <51411342+thomasten@users.noreply.github.com>
70 lines
2.3 KiB
Python
70 lines
2.3 KiB
Python
load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
|
load("//bazel/go:go_test.bzl", "go_test")
|
|
|
|
go_library(
|
|
name = "snp",
|
|
srcs = [
|
|
"imds.go",
|
|
"issuer.go",
|
|
"maa.go",
|
|
"snp.go",
|
|
"validator.go",
|
|
],
|
|
importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/azure/snp",
|
|
visibility = ["//:__subpackages__"],
|
|
deps = [
|
|
"//internal/attestation",
|
|
"//internal/attestation/idkeydigest",
|
|
"//internal/attestation/variant",
|
|
"//internal/attestation/vtpm",
|
|
"//internal/cloud/azure",
|
|
"//internal/config",
|
|
"//internal/constants",
|
|
"@com_github_edgelesssys_go_azguestattestation//maa",
|
|
"@com_github_google_go_sev_guest//abi",
|
|
"@com_github_google_go_sev_guest//kds",
|
|
"@com_github_google_go_sev_guest//proto/sevsnp",
|
|
"@com_github_google_go_sev_guest//validate",
|
|
"@com_github_google_go_sev_guest//verify",
|
|
"@com_github_google_go_sev_guest//verify/trust",
|
|
"@com_github_google_go_tpm//legacy/tpm2",
|
|
"@com_github_google_go_tpm_tools//client",
|
|
"@com_github_google_go_tpm_tools//proto/attest",
|
|
],
|
|
)
|
|
|
|
go_test(
|
|
name = "snp_test",
|
|
srcs = [
|
|
"issuer_test.go",
|
|
"validator_test.go",
|
|
],
|
|
data = glob(["testdata/**"]),
|
|
embed = [":snp"],
|
|
# keep
|
|
gotags = select({
|
|
"//bazel/settings:tpm_simulator_enabled": [],
|
|
"//conditions:default": ["disable_tpm_simulator"],
|
|
}),
|
|
deps = [
|
|
"//internal/attestation",
|
|
"//internal/attestation/azure/snp/testdata",
|
|
"//internal/attestation/idkeydigest",
|
|
"//internal/attestation/simulator",
|
|
"//internal/attestation/vtpm",
|
|
"//internal/config",
|
|
"//internal/logger",
|
|
"@com_github_edgelesssys_go_azguestattestation//maa",
|
|
"@com_github_google_go_sev_guest//abi",
|
|
"@com_github_google_go_sev_guest//kds",
|
|
"@com_github_google_go_sev_guest//proto/sevsnp",
|
|
"@com_github_google_go_sev_guest//validate",
|
|
"@com_github_google_go_sev_guest//verify",
|
|
"@com_github_google_go_tpm//legacy/tpm2",
|
|
"@com_github_google_go_tpm_tools//client",
|
|
"@com_github_google_go_tpm_tools//proto/attest",
|
|
"@com_github_stretchr_testify//assert",
|
|
"@com_github_stretchr_testify//require",
|
|
],
|
|
)
|