|
|
|
@ -64,9 +64,6 @@ const (
|
|
|
|
|
|
|
|
|
|
// TPM is the format used to enable device-attest-01 with TPMs.
|
|
|
|
|
TPM ACMEAttestationFormat = "tpm"
|
|
|
|
|
|
|
|
|
|
WIREOIDC ACMEAttestationFormat = "oidc"
|
|
|
|
|
WIREDPOP ACMEAttestationFormat = "dpop"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// String returns a normalized version of the attestation format.
|
|
|
|
@ -77,7 +74,7 @@ func (f ACMEAttestationFormat) String() string {
|
|
|
|
|
// Validate returns an error if the attestation format is not a valid one.
|
|
|
|
|
func (f ACMEAttestationFormat) Validate() error {
|
|
|
|
|
switch ACMEAttestationFormat(f.String()) {
|
|
|
|
|
case APPLE, STEP, TPM, WIREOIDC, WIREDPOP:
|
|
|
|
|
case APPLE, STEP, TPM:
|
|
|
|
|
return nil
|
|
|
|
|
default:
|
|
|
|
|
return fmt.Errorf("acme attestation format %q is not supported", f)
|
|
|
|
@ -325,7 +322,7 @@ func (p *ACME) IsChallengeEnabled(_ context.Context, challenge ACMEChallenge) bo
|
|
|
|
|
// AttestationFormat provisioner property should have at least one element.
|
|
|
|
|
func (p *ACME) IsAttestationFormatEnabled(_ context.Context, format ACMEAttestationFormat) bool {
|
|
|
|
|
enabledFormats := []ACMEAttestationFormat{
|
|
|
|
|
APPLE, STEP, TPM, WIREOIDC, WIREDPOP,
|
|
|
|
|
APPLE, STEP, TPM,
|
|
|
|
|
}
|
|
|
|
|
if len(p.AttestationFormats) > 0 {
|
|
|
|
|
enabledFormats = p.AttestationFormats
|
|
|
|
|