Versions in this module Expand all Collapse all v2 v2.7.0 Feb 15, 2023 Changes in this version + const BootGuardACMInfoMSR + const EnforcementPolicyDoNothing + const EnforcementPolicyShutdownImmediately + const EnforcementPolicyShutdownInThirtyMinutes + const EnforcementPolicyShutdownSomehow + const IntelBus + const IntelCSMEDeviceID + const IntelFunction + const IntelSPSDeviceID + func DecryptPrivKey(data []byte, password string) (crypto.PrivateKey, error) + func FindAdditionalIBBs(imagepath string) ([]cbntbootpolicy.IBBSegment, error) + func GenECCKey(curve int, password string, ...) error + func GenRSAKey(len int, password string, ...) error + func ParseFITEntries(image []byte) (bpm *fit.EntryBootPolicyManifestRecord, km *fit.EntryKeyManifestRecord, ...) + func PrintStructures(image []byte) error + func ReadPubKey(path string) (crypto.PublicKey, error) + func SaneMEBootGuardProvisioning(v bgheader.BootGuardVersion, fws *FirmwareStatus6, bgi *BGInfo) (bool, error) + func StitchFITEntries(biosFilename string, acm, bpm, km []byte) error + func WriteCBnTStructures(image []byte, bpmFile, kmFile, acmFile *os.File) error + type BGInfo struct + BootGuardCapability bool + ForceAnchorBoot bool + Measured bool + ModuleRevoked bool + NEMEnabled bool + NoResetSecretProtection bool + ServerTXTCapability bool + TPMSuccess bool + TPMType uint64 + Verified bool + func GetBGInfo(hw hwapi.LowLevelHardwareInterfaces) (*BGInfo, error) + type BootGuard struct + VData VersionedData + Version bgheader.BootGuardVersion + func NewBPM(bpm io.ReadSeeker) (*BootGuard, error) + func NewBPMAndKM(bpm io.ReadSeeker, km io.ReadSeeker) (*BootGuard, error) + func NewBPMAndKMFromBIOS(biosFilepath string, jsonFilepath *os.File) (*BootGuard, error) + func NewKM(km io.ReadSeeker) (*BootGuard, error) + func NewVData(vdata VersionedData) (*BootGuard, error) + func (b *BootGuard) BPMCryptoSecure() (bool, error) + func (b *BootGuard) BPMKeyMatchKMHash() (bool, error) + func (b *BootGuard) CalculateNEMSize(image []byte, acm *tools.ACM) (uint16, error) + func (b *BootGuard) GenerateBPMFromImage(biosFilepath string) (*BootGuard, error) + func (b *BootGuard) GetBPMPubHash(pubkey crypto.PublicKey, hashAlgo string) error + func (b *BootGuard) GetIBBsDigest(image []byte, hashAlgo string) (digest []byte, err error) + func (b *BootGuard) IBBsMatchBPMDigest(image []byte) (bool, error) + func (b *BootGuard) KMCryptoSecure() (bool, error) + func (b *BootGuard) KMHasBPMHash() (bool, error) + func (b *BootGuard) PrintBPM() + func (b *BootGuard) PrintKM() + func (b *BootGuard) ReadJSON(filepath string) error + func (b *BootGuard) SaneBPMSecurityProps() (bool, error) + func (b *BootGuard) SignBPM(signAlgo string, privkey crypto.PrivateKey) ([]byte, error) + func (b *BootGuard) SignKM(signAlgo string, privkey crypto.PrivateKey) ([]byte, error) + func (b *BootGuard) StitchBPM(pubKey crypto.PublicKey, signature []byte) ([]byte, error) + func (b *BootGuard) StitchKM(pubKey crypto.PublicKey, signature []byte) ([]byte, error) + func (b *BootGuard) ValidateBPM() error + func (b *BootGuard) ValidateKM() error + func (b *BootGuard) ValidateMEAgainstManifests(fws *FirmwareStatus6) (bool, error) + func (b *BootGuard) VerifyBPM() error + func (b *BootGuard) VerifyKM() error + func (b *BootGuard) WriteBPM() ([]byte, error) + func (b *BootGuard) WriteJSON(f *os.File) error + func (b *BootGuard) WriteKM() ([]byte, error) + type CMOSIoAddress struct + BitFieldPosition uint8 + BitFieldWidth uint8 + DataRegisterAddress uint16 + IndexOffset uint8 + IndexRegisterAddress uint16 + MediaType uint8 + type FirmwareStatus6 struct + ACMSVN uint32 + BPMSVN uint32 + BSPInitDisabled bool + BootGuardDisable bool + BootPolicyInvalid bool + BootPolicyManifestExecutionStatus bool + BypassBootPolicy bool + CPUDebugDisabled bool + Error bool + ErrorEnforcementPolicy uint32 + FPFDisable bool + FPFLock bool + ForceACMBootPolicy bool + KMID uint32 + KMSVN uint32 + MeasuredBootPolicy bool + ProtectBIOSEnvironment bool + TXTSupported bool + VerifiedBootPolicy bool + func GetMEInfo(hw hwapi.LowLevelHardwareInterfaces) (*FirmwareStatus6, error) + type IbbSegment struct + Flags uint16 + Offset uint32 + Size uint32 + type KeyHash struct + Algorithm cbnt.Algorithm + Hash string + Usage uint64 + type Pcr0Data struct + ACMPolicyStatus uint64 + ACMSVN uint16 + ACMSignature []byte + BPMIBBDigest []byte + BPMSignature []byte + KMSignature []byte + type Pcr7Data struct + ACMKeyHash [32]byte + ACMPolicyStatus uint64 + ACMSVN uint16 + BPMKey [32]byte + BPMKeyHash []byte + type PowerDownRequest struct + ID uint64 + PDReqMedia []byte + Reserved uint8 + SizeOfData uint16 + Version uint8 + type TPMNvAddress struct + BitFieldPosition uint8 + BitFieldWidth uint8 + IndexOffset uint8 + MediaType uint8 + NVIndex uint32 + type VersionedData struct + BGbpm *bgbootpolicy.Manifest + BGkm *bgkey.Manifest + CBNTbpm *cbntbootpolicy.Manifest + CBNTkm *cbntkey.Manifest