mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-15 02:44:24 -05:00
c7d12055d1
* config: move AMD root key to global constant * attestation: add SNP based attestation for aws * Always enable SNP, regardless of attestation type. * Make AWSNitroTPM default again There exists a bug in AWS SNP implementation where sometimes a host might not be able to produce valid SNP reports. Since we have to wait for AWS to fix this we are merging SNP attestation as opt-in feature.
51 lines
1.5 KiB
Python
51 lines
1.5 KiB
Python
load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
|
load("//bazel/go:go_test.bzl", "go_test")
|
|
|
|
go_library(
|
|
name = "snp",
|
|
srcs = [
|
|
"errors.go",
|
|
"issuer.go",
|
|
"snp.go",
|
|
"validator.go",
|
|
],
|
|
importpath = "github.com/edgelesssys/constellation/v2/internal/attestation/aws/snp",
|
|
visibility = ["//:__subpackages__"],
|
|
deps = [
|
|
"//internal/attestation",
|
|
"//internal/attestation/variant",
|
|
"//internal/attestation/vtpm",
|
|
"//internal/config",
|
|
"@com_github_google_go_sev_guest//abi",
|
|
"@com_github_google_go_sev_guest//client",
|
|
"@com_github_google_go_sev_guest//verify",
|
|
"@com_github_google_go_tpm//tpm2",
|
|
"@com_github_google_go_tpm_tools//client",
|
|
"@com_github_google_go_tpm_tools//proto/attest",
|
|
],
|
|
)
|
|
|
|
go_test(
|
|
name = "snp_test",
|
|
srcs = [
|
|
"issuer_test.go",
|
|
"validator_test.go",
|
|
],
|
|
data = glob(["testdata/**"]),
|
|
embed = [":snp"],
|
|
# keep
|
|
gotags = select({
|
|
"//bazel/settings:tpm_simulator_enabled": [],
|
|
"//conditions:default": ["disable_tpm_simulator"],
|
|
}),
|
|
deps = [
|
|
"//internal/attestation/simulator",
|
|
"//internal/attestation/vtpm",
|
|
"//internal/constants",
|
|
"@com_github_google_go_tpm_tools//client",
|
|
"@com_github_google_go_tpm_tools//proto/attest",
|
|
"@com_github_stretchr_testify//assert",
|
|
"@com_github_stretchr_testify//require",
|
|
],
|
|
)
|