Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AutoEnroll ¶
func AutoEnroll(ctx context.Context, devicesClient devicepb.DeviceTrustServiceClient) (*devicepb.Device, error)
AutoEnroll performs auto-enrollment for the current device. Equivalent to `NewAutoEnroll().Run()`.
Types ¶
type AutoEnrollCeremony ¶
type AutoEnrollCeremony struct {
*Ceremony
CollectDeviceData func(mode native.CollectDataMode) (*devicepb.DeviceCollectedData, error)
}
AutoEnrollCeremony is the auto-enrollment version of Ceremony.
func NewAutoEnrollCeremony ¶
func NewAutoEnrollCeremony() *AutoEnrollCeremony
NewAutoEnrollCeremony creates a new AutoEnrollCeremony based on the regular ceremony provided by NewCeremony.
func (*AutoEnrollCeremony) Run ¶
func (c *AutoEnrollCeremony) Run(ctx context.Context, devicesClient devicepb.DeviceTrustServiceClient) (*devicepb.Device, error)
Run attempts to create an auto-enroll token via devicepb.DeviceTrustServiceClient.CreateDeviceEnrollToken and enrolls the device using a regular Ceremony.
type Ceremony ¶
type Ceremony struct {
GetDeviceOSType func() devicepb.OSType
EnrollDeviceInit func() (*devicepb.EnrollDeviceInit, error)
SignChallenge func(chal []byte) (sig []byte, err error)
SolveTPMEnrollChallenge func(challenge *devicepb.TPMEnrollChallenge, debug bool) (*devicepb.TPMEnrollChallengeResponse, error)
}
Ceremony is the device enrollment ceremony. It takes the client role of devicepb.DeviceTrustServiceClient.EnrollDevice.
func NewCeremony ¶
func NewCeremony() *Ceremony
NewCeremony creates a new ceremony that delegates per-device behavior to lib/devicetrust/native. If you want to customize a Ceremony, for example for testing purposes, you may create a configure an instance directly, without calling this method.
func (*Ceremony) Run ¶
func (c *Ceremony) Run(ctx context.Context, devicesClient devicepb.DeviceTrustServiceClient, debug bool, enrollToken string) (*devicepb.Device, error)
Run performs the client-side device enrollment ceremony.
func (*Ceremony) RunAdmin ¶
func (c *Ceremony) RunAdmin( ctx context.Context, devicesClient devicepb.DeviceTrustServiceClient, debug bool, ) (*devicepb.Device, RunAdminOutcome, error)
RunAdmin is a more powerful variant of Run: it attempts to register the current device, creates an enrollment token and uses that token to call Run.
Must be called by a user capable of performing all actions above, otherwise it fails.
Returns the created or enrolled device, an outcome marker and an error. The zero outcome means everything failed.
Note that the device may be created and the ceremony can still fail afterwards, causing a return similar to "return dev, DeviceRegistered, err" (where nothing is "nil").
type RunAdminOutcome ¶
type RunAdminOutcome int
RunAdminOutcome is the outcome of Ceremony.RunAdmin. It is used to communicate the actions performed.
const ( DeviceEnrolled RunAdminOutcome DeviceRegistered DeviceRegisteredAndEnrolled )
Source Files