Skip to content

Commit

Permalink
tdx/validator: temporarily remove certGetter
Browse files Browse the repository at this point in the history
The interfaces for trust.HTTPSGetter is different for go-sev-guest and
go-tdx-guest. We won't be able to share the same implementation for
both of them. Until then we simply won't use a caching getter for TDX.
  • Loading branch information
Freax13 committed Aug 26, 2024
1 parent 286da30 commit 029b55e
Showing 1 changed file with 4 additions and 7 deletions.
11 changes: 4 additions & 7 deletions internal/attestation/tdx/validator.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@ import (
"github.com/google/go-tdx-guest/proto/tdx"
"github.com/google/go-tdx-guest/validate"
"github.com/google/go-tdx-guest/verify"
"github.com/google/go-tdx-guest/verify/trust"
"github.com/prometheus/client_golang/prometheus"
"google.golang.org/protobuf/proto"
)
Expand All @@ -37,7 +36,6 @@ var tdxRootCert []byte
type Validator struct {
validateOptsGen validateOptsGenerator
callbackers []validateCallbacker
certGetter trust.HTTPSGetter
logger *slog.Logger
metrics metrics
}
Expand Down Expand Up @@ -67,17 +65,16 @@ func (v *StaticValidateOptsGenerator) TDXValidateOpts(_ *tdx.QuoteV4) (*validate
}

// NewValidator returns a new Validator.
func NewValidator(optsGen validateOptsGenerator, certGetter trust.HTTPSGetter, log *slog.Logger) *Validator {
func NewValidator(optsGen validateOptsGenerator, log *slog.Logger) *Validator {
return &Validator{
validateOptsGen: optsGen,
certGetter: certGetter,
logger: log,
}
}

// NewValidatorWithCallbacks returns a new Validator with callbacks.
func NewValidatorWithCallbacks(optsGen validateOptsGenerator, certGetter trust.HTTPSGetter, log *slog.Logger, attestationFailures prometheus.Counter, callbacks ...validateCallbacker) *Validator {
v := NewValidator(optsGen, certGetter, log)
func NewValidatorWithCallbacks(optsGen validateOptsGenerator, log *slog.Logger, attestationFailures prometheus.Counter, callbacks ...validateCallbacker) *Validator {
v := NewValidator(optsGen, log)
v.callbackers = callbacks
v.metrics = metrics{attestationFailures: attestationFailures}
return v
Expand Down Expand Up @@ -125,7 +122,7 @@ func (v *Validator) Validate(ctx context.Context, attDocRaw []byte, nonce []byte
verifyOpts.TrustedRoots = rootCerts
verifyOpts.CheckRevocations = true
verifyOpts.GetCollateral = true
verifyOpts.Getter = v.certGetter
// TODO(freax13): Set .Getter with a caching HTTP getter implementation.

// Verify the report signature.

Expand Down

0 comments on commit 029b55e

Please sign in to comment.