mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-02 11:26:25 -05:00
cdc91b50bc
With the introduction of SNP-based attestation on AWS some of the information in the report (MAAToken) is not applicable to all attestation reports anymore. Thus, make verify cmd CSP-agnostic and move CSP-specific logic to internal/verify. Also make internal/attestation/snp CSP aware.
30 lines
777 B
Go
30 lines
777 B
Go
package verify
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
|
"github.com/edgelesssys/constellation/v2/internal/kubernetes/kubectl"
|
|
)
|
|
|
|
func getCertChainCache(ctx context.Context, kubectl *kubectl.Kubectl, log debugLog) ([]byte, error) {
|
|
log.Debugf("Retrieving certificate chain from cache")
|
|
cm, err := kubectl.GetConfigMap(ctx, constants.ConstellationNamespace, constants.SevSnpCertCacheConfigMapName)
|
|
if err != nil {
|
|
return nil, fmt.Errorf("getting certificate chain cache configmap: %w", err)
|
|
}
|
|
|
|
var result []byte
|
|
ask, ok := cm.Data[constants.CertCacheAskKey]
|
|
if ok {
|
|
result = append(result, ask...)
|
|
}
|
|
ark, ok := cm.Data[constants.CertCacheArkKey]
|
|
if ok {
|
|
result = append(result, ark...)
|
|
}
|
|
|
|
return result, nil
|
|
}
|