Make oak_sdk_containers::crypto::InstanceSessionBinder public.

Commit f6837fb dropped `pub mod crypto` from the Oak Containers SDK, making the InstanceSessionBinder no longer public. It also made the OrchestratorCryptoClient private, so it's no longer possible for another crate to construct a InstanceSessionBinder. This change therefore adds a new constructor method patterned after InstanceEncryptionKeyHandle::create. Change-Id: Ic802dd40b4ff26b53ce8155ac8c5845fdd347c21
project-oak · Mar 3, 2025 · d889956 · d889956
1 parent a44e24f
commit d889956
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/oak_sdk/containers/lib.rs b/oak_sdk/containers/lib.rs
@@ -16,4 +16,4 @@
 
 pub use orchestrator_channel::default_orchestrator_channel;
 pub use orchestrator_client::OrchestratorClient;
-pub use orchestrator_crypto_client::InstanceEncryptionKeyHandle;
+pub use orchestrator_crypto_client::{InstanceEncryptionKeyHandle, InstanceSessionBinder};
diff --git a/oak_sdk/containers/orchestrator_crypto_client.rs b/oak_sdk/containers/orchestrator_crypto_client.rs
@@ -126,6 +126,14 @@ pub struct InstanceSessionBinder {
 }
 
 impl InstanceSessionBinder {
+    pub fn create(orchestrator_channel: &tonic::transport::Channel) -> Self {
+        Self {
+            orchestrator_crypto_client: Arc::new(OrchestratorCryptoClient::create(
+                orchestrator_channel,
+            )),
+        }
+    }
+
     async fn bind_session(&self, transcript: &[u8]) -> anyhow::Result<Signature> {
         self.orchestrator_crypto_client
             .bind_session(transcript, SESSION_BINDER_INFO_STRING.as_bytes())