Categorygithub.com/intel/trustauthority-clientgo-connector

package

1.7.0

Repository: https://github.com/intel/trustauthority-client.git

Documentation: pkg.go.dev

# README

Intel® Trust Authority Client Go Connector

· 10/18/2024 ·

The Intel® Trust Authority go-connector module is the main component of the remote attestation client. The go-connector provides a set of Go modules for connecting to Intel Trust Authority services. The go-connector API is designed to be used by both attesters and relying parties, in either Passport or Background-check attestation mode. Go-connector relies on TEE adapters to interact with the underlying host platform.

There are two options for using go-connector: you can import the Go modules into your Go application, or you can execute the attestation client CLI from your application or workflow. The CLI is a wrapper around the go-connector that provides a command-line interface the core functionality of the go-connector, plus additional features exposed by TEE adapters.

go-connector requires configuration information to connect to the Intel Trust Authority service. The configuration information includes the URL of the Intel Trust Authority service for your region, the API key, TLS configuration, and optional connection retry parameters. For more information, see the sample configuration code.

For more information about go-connector and related topics, see the following resources:

Intel Trust Authority Go Connector Reference — Detailed documentation for the go-connector API.
Intel Trust Authority Attestation Client CLI — Documentation for the attestation client CLI.
Intel Trust Authority Documentation —The primary documentation for Intel Trust Authority.
Intel Trust Authority Client README — The main README for this branch.

Download go-connector

Download the latest version of the module with the following command.

go get github.com/intel/trustauthority-client/go-connector

Go Requirement

Use Go 1.22 or newer. See https://go.dev/doc/install for installation of Go.

Unit Tests

To run the tests, run cd go-connector && go test ./.... See the example test in go-connector/token_test.go for an example of a test.

Usage

For usage information, see the Intel Trust Authority Go Connector Reference.

Code of Conduct and Contributing

See the CONTRIBUTING file for information on how to contribute to this project. The project follows the Code of Conduct.

License

This library is distributed under the BSD-style license found in the LICENSE file.

# Functions

New

New returns a new Connector instance.

NewEvidenceBuilder

NewEvidenceBuilder creates a new EvidenceBuilder instance with the specified options.

ValidateTokenSigningAlg

No description provided by the author

WithEvidenceAdapter

WithEvidenceAdapter adds an EvidenceAdapter to the EvidenceBuilder.

WithPoliciesMustMatch

WithPoliciesMustMatch determines whether the Trust Authority will fail if policies do not match.

WithPolicyIds

WithPolicyIds sets the policy IDs that will be evaluated remotely by the Trust Authority.

WithTokenSigningAlgorithm

WithTokenSigningAlgorithm determines which signing algorithm will be applied when ITA creates an attestation token.

WithUserData

WithUserData includes user defined data ('userData') into the attestation request's payload.

WithVerifierNonce

WithVerifierNonce sets the verifier nonce to be used when building evidence data.

# Constants

AtsCertChainMaxLen

No description provided by the author

AzTdx

No description provided by the author

DefaultRetryWaitMaxSeconds

No description provided by the author

DefaultRetryWaitMinSeconds

No description provided by the author

HeaderRequestId

No description provided by the author

HeaderTraceId

No description provided by the author

HttpsScheme

No description provided by the author

MaxRetries

No description provided by the author

PS384

No description provided by the author

RS256

No description provided by the author

ServiceUnavailableError

No description provided by the author

Sgx

No description provided by the author

Tdx

No description provided by the author

# Structs

AttestArgs

AttestArgs holds the request parameters needed for attestation with Intel Trust Authority.

AttestationTokenResponse

AttestationTokenResponse holds the token recieved from Intel Trust Authority.

AttestResponse

AttestResponse holds the response parameters recieved during attestation flow.

Config

Config holds the Intel Trust Authority configuration for Connector.

Evidence

Evidence is used to store Quote to be sent for Attestation.

GetNonceArgs

GetNonceArgs holds the request parameters needed for getting nonce from Intel Trust Authority.

GetNonceResponse

GetNonceResponse holds the response parameters recieved from nonce endpoint.

GetTokenArgs

GetTokenArgs holds the request parameters needed for getting token from Intel Trust Authority.

GetTokenResponse

GetTokenResponse holds the response parameters recieved from attest endpoint.

RetryConfig

RetryConfig holds the configuration for automatic retries to tolerate minor outages.

VerifierNonce

VerifierNonce holds the signed nonce issued from Intel Trust Authority.

# Interfaces

CompositeEvidenceAdapter

CompositeEvidenceAdapter is an interface that facilitates the collection of composite attestation requests (i.e., that have multiple evidence types like TDX+TPM).

Connector

Connector is an interface which exposes methods for calling Intel Trust Authority REST APIs.

EvidenceAdapter

EvidenceAdapter is an interface which exposes methods for collecting Quote from Platform.

EvidenceBuilder

EvidenceBuilder is a utility for creating attestation evidence request payloads.

# Type aliases

EvidenceBuilderOption

No description provided by the author

EvidenceType

No description provided by the author

JwtAlg

No description provided by the author