Skip to content

Commit

Permalink
keylime: Introduce the registrar_client module
Browse files Browse the repository at this point in the history
The registrar_client module implements the builder pattern to allow
setting the optional parameters as needed.

This also implements the mechanism to allow the agent to communicate
with the registrar that support different API versions:

- The client will make a GET request to the '/version' endpoint of the
  registrar.  If the request is successful, the client will use the
  provided API version if it is enabled.
- If the registrar does not support the '/version' endpoint, the client
  will try to register using each of the enabled API versions, starting
  from the latest. If none of the enabled versions is supported by the
  registrar, the registration fails.

This is part of the implementation of the enhancement proposal 114:
keylime/enhancements#115

Signed-off-by: Anderson Toshiyuki Sasaki <[email protected]>
  • Loading branch information
ansasaki committed Dec 23, 2024
1 parent bf04206 commit 082ec7a
Show file tree
Hide file tree
Showing 6 changed files with 1,508 additions and 12 deletions.
76 changes: 71 additions & 5 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

7 changes: 1 addition & 6 deletions keylime-agent/src/api.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,18 +3,13 @@ use crate::{
notifications_handler, quotes_handler, QuoteData,
};
use actix_web::{http, web, HttpRequest, HttpResponse, Responder, Scope};
use keylime::list_parser::parse_list;
use keylime::{list_parser::parse_list, version::KeylimeVersion};
use log::*;
use serde::{Deserialize, Serialize};
use thiserror::Error;

pub static SUPPORTED_API_VERSIONS: &[&str] = &["2.1", "2.2"];

#[derive(Serialize, Deserialize, Debug)]
struct KeylimeVersion {
supported_version: String,
}

#[derive(Error, Debug, PartialEq)]
pub enum APIError {
#[error("API version \"{0}\" not supported")]
Expand Down
9 changes: 8 additions & 1 deletion keylime/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ log.workspace = true
openssl.workspace = true
pest.workspace = true
pest_derive.workspace = true
reqwest.workspace = true
serde.workspace = true
serde_derive.workspace = true
serde_json.workspace = true
Expand All @@ -23,11 +24,17 @@ tss-esapi.workspace = true
picky-asn1-der.workspace = true
picky-asn1-x509.workspace = true
tokio.workspace = true
# wiremock was moved to be a regular dependency because optional
# dev-dependencies are not supported
# see: https://github.com/rust-lang/cargo/issues/1596
wiremock = {version = "0.6", optional = true}

[dev-dependencies]
tempfile.workspace = true
actix-rt.workspace = true

[features]
# This feature enables tests that require a TPM and the TCTI environment
# variable properly configured
testing = []
# This should change to dev-dependencies when we have integration testing
testing = ["wiremock"]
2 changes: 2 additions & 0 deletions keylime/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,10 @@ pub mod hostname_parser;
pub mod ima;
pub mod ip_parser;
pub mod list_parser;
pub mod registrar_client;
pub mod serialization;
pub mod tpm;
pub mod version;

#[macro_use]
extern crate static_assertions;
Loading

0 comments on commit 082ec7a

Please sign in to comment.