Documentation
¶
Index ¶
- Constants
- func CreateCsr(priv crypto.PrivateKey, s Serializer, metadata [][]byte) (*x509.CertificateRequest, error)
- func EmptyEventdata(evData *EventData) bool
- func ExtKeyUsageToString(usage []x509.ExtKeyUsage) []string
- func KeyUsageToString(usage x509.KeyUsage) []string
- type AppDescResult
- type AppDescription
- type AppManifest
- type Artifact
- type AttestationReport
- type AttributesCheck
- type BooleanMatch
- type CborSerializer
- func (s CborSerializer) GetPayload(raw []byte) ([]byte, error)
- func (s CborSerializer) Marshal(v any) ([]byte, error)
- func (s CborSerializer) Sign(data []byte, signer Driver) ([]byte, error)
- func (s CborSerializer) Unmarshal(data []byte, v any) error
- func (s CborSerializer) VerifyToken(data []byte, roots []*x509.Certificate) (TokenResult, []byte, bool)
- type CompDescResult
- type CompanyDescription
- type CsrParams
- type CtrData
- type DevDescResult
- type DeviceConfig
- type DeviceDescription
- type DigestResult
- type Driver
- type DriverConfig
- type EFILoadOption
- type Environment
- type ErrorCode
- type EventData
- type ExternalInterface
- type FilePathList
- type GPTHeader
- type GPTPartitionEntry
- type Hash
- type HexByte
- type ImageLoadEvent
- type IntelCollateral
- type InternalConnection
- type JsonSerializer
- func (s JsonSerializer) GetPayload(raw []byte) ([]byte, error)
- func (s JsonSerializer) Marshal(v any) ([]byte, error)
- func (s JsonSerializer) Sign(data []byte, signer Driver) ([]byte, error)
- func (s JsonSerializer) Unmarshal(data []byte, v any) error
- func (s JsonSerializer) VerifyToken(data []byte, roots []*x509.Certificate) (TokenResult, []byte, bool)
- type ManifestResult
- type MeasureEvent
- type Measurement
- type MeasurementResult
- type MetaInfo
- type Metadata
- type MetadataResult
- type Name
- type OsManifest
- type PCClientTaggedEvent
- type PkixExtension
- type PolicyCheck
- type ReferenceValue
- type Result
- type RtMrHashChainElem
- type RtmManifest
- type SGXAttributes
- type SGXDetails
- type Serializer
- type SgxAttributesCheck
- type SgxResult
- type SignatureDatabase
- type SignatureResult
- type SnpDetails
- type SnpFw
- type SnpPolicy
- type SnpResult
- type SnpTcb
- type TDAttributes
- type TDId
- type TDMeasurements
- type TDXDetails
- type TcbCheck
- type TcbLevelResult
- type TdAttributesCheck
- type TdxResult
- type TokenResult
- type TpmResult
- type UEFICertificate
- type UefiConfigurationTable
- type UefiHandoffTablePointer
- type UefiPlatformFirmwareBlob
- type UefiVariableData
- type Validity
- type VerificationResult
- type VersionCheck
- type X509CertExtracted
- type X509Name
Constants ¶
View Source
const ( SHA1_DIGEST_LEN = 20 SHA256_DIGEST_LEN = 32 SHA384_DIGEST_LEN = 48 )
Variables ¶
This section is empty.
Functions ¶
func CreateCsr ¶ added in v0.6.0
func CreateCsr(priv crypto.PrivateKey, s Serializer, metadata [][]byte) (*x509.CertificateRequest, error)
func EmptyEventdata ¶ added in v0.6.0
func ExtKeyUsageToString ¶ added in v0.6.0
func ExtKeyUsageToString(usage []x509.ExtKeyUsage) []string
ExtKeyUsageToString translates the internal representation of allowed extended key usage in an x509 certificate to a string array.
func KeyUsageToString ¶ added in v0.6.0
KeyUsageToString translates the internal representation of allowed key usage in an x509 certificate to a string array.
Types ¶
type AppDescResult ¶ added in v0.7.0
type AppDescResult struct {
MetaInfo
AppManifest string `json:"appManifest"`
Environment []Environment `json:"environment,omitempty"`
External []ExternalInterface `json:"external,omitempty"`
}
type AppDescription ¶
type AppDescription struct {
MetaInfo
AppManifest string `json:"appManifest" cbor:"3,keyasint"` // Links to App Manifest.Name
External []ExternalInterface `json:"externalConnections,omitempty" cbor:"4,keyasint,omitempty"`
Environment []Environment `json:"environment,omitempty" cbor:"5,keyasint,omitempty"`
}
AppDescription represents the attestation report element of type 'App Description'
type AppManifest ¶
type AppManifest struct {
MetaInfo
DevCommonName string `json:"developerCommonName" cbor:"3,keyasint"`
Oss []string `json:"oss" cbor:"4,keyasint"` // Links to OsManifest.Name
Description string `json:"description" cbor:"5,keyasint"`
CertificationLevel int `json:"certificationLevel" cbor:"6,keyasint"`
Validity Validity `json:"validity" cbor:"7,keyasint"`
ReferenceValues []ReferenceValue `json:"referenceValues" cbor:"8,keyasint"`
}
AppManifest represents the attestation report element of type 'App Manifest'
type Artifact ¶ added in v0.7.2
type Artifact struct {
Type string `json:"type" cbor:"0,keyasint"` // PCR Summary, PCR Eventlog, SW Eventlog
Pcr *int `json:"pcr,omitempty" cbor:"1,keyasint"`
Summary HexByte `json:"summary,omitempty" cbor:"2,keyasint,omitempty"` // Either summary
Events []MeasureEvent `json:"events,omitempty" cbor:"3,keyasint,omitempty"` // Or Events
}
Artifact represents the digests of a measurement, e.g., of a single PCR. If the type is 'PCR Summary', Summary is the final PCR value. If the type is 'PCR Eventlog', Events contains a list of the extends that lead to the final PCR value. The list is retrieved by the prover, e.g., from the TPM binary bios measurements list or the IMA runtime measurements list. If the type is 'SW Eventlog', Events contains a list of digests that have been recorded as SW measurements
type AttestationReport ¶ added in v0.6.0
type AttestationReport struct {
Type string `json:"type" cbor:"0,keyasint"`
Measurements []Measurement `json:"measurements,omitempty" cbor:"1,keyasint,omitempty"`
RtmManifest []byte `json:"rtmManifest" cbor:"2,keyasint"`
OsManifest []byte `json:"osManifest" cbor:"3,keyasint"`
AppManifests [][]byte `json:"appManifests,omitempty" cbor:"4,keyasint,omitempty"`
CompanyDescription []byte `json:"companyDescription,omitempty" cbor:"5,keyasint,omitempty"`
DeviceDescription []byte `json:"deviceDescription" cbor:"6,keyasint"`
}
AttestationReport represents the attestation report in JWS/COSE format with its contents already in signed JWS/COSE format
type AttributesCheck ¶ added in v0.6.0
type BooleanMatch ¶ added in v0.4.0
type CborSerializer ¶ added in v0.5.0
type CborSerializer struct{}
func (CborSerializer) GetPayload ¶ added in v0.5.0
func (s CborSerializer) GetPayload(raw []byte) ([]byte, error)
func (CborSerializer) Marshal ¶ added in v0.5.0
func (s CborSerializer) Marshal(v any) ([]byte, error)
func (CborSerializer) Sign ¶ added in v0.5.0
func (s CborSerializer) Sign(data []byte, signer Driver) ([]byte, error)
func (CborSerializer) Unmarshal ¶ added in v0.5.0
func (s CborSerializer) Unmarshal(data []byte, v any) error
func (CborSerializer) VerifyToken ¶ added in v0.5.0
func (s CborSerializer) VerifyToken(data []byte, roots []*x509.Certificate) (TokenResult, []byte, bool)
type CompDescResult ¶ added in v0.2.0
type CompDescResult struct {
MetaInfo
CompCertLevel int `json:"compCertLevel"` // Certification level for the company operating the device
Summary Result `json:"result"` // Summarizing value illustrating whether any issues were detected during validation of the Company Description
SignatureCheck []SignatureResult `json:"signatureValidation"` // Results for validation of the Description Signatures and the used certificates
ValidityCheck Result `json:"validityCheck"` // Result from checking the validity of the description
}
CompDescResult represents the results of the validation of the Company Description and its mapping to the used device certificate.
type CompanyDescription ¶
type CompanyDescription struct {
MetaInfo
CertificationLevel int `json:"certificationLevel" cbor:"3,keyasint"`
Description string `json:"description" cbor:"4,keyasint"`
Validity Validity `json:"validity" cbor:"5,keyasint"`
}
CompanyDescription represents the attestation report element of type 'Company Description'
type CsrParams ¶ added in v0.6.0
type CsrParams struct {
Subject Name `json:"subject" cbor:"0,keyasint"`
SANs []string `json:"sans,omitempty" cbor:"1,keyasint,omitempty"`
}
CsrParams contains certificate signing request parameters
type DevDescResult ¶ added in v0.2.0
type DevDescResult struct {
MetaInfo
Description string `json:"description"`
Location string `json:"location"`
Summary Result `json:"result"`
CorrectRtm Result `json:"correctRtm"`
CorrectOs Result `json:"correctOs"`
CorrectApps []Result `json:"correctApps"`
RtmOsCompatibility Result `json:"rtmOsCompatibility"`
OsAppsCompatibility []Result `json:"osAppCompatibility"`
AppResults []AppDescResult `json:"appDescResults"`
SignatureCheck []SignatureResult `json:"signatureValidation"`
}
DevDescResult represents the results of the validation of the Device Description in the Attestation Report.
type DeviceConfig ¶ added in v0.6.0
type DeviceConfig struct {
MetaInfo
AkCsr CsrParams `json:"akCsr" cbor:"3,keyasint"`
IkCsr CsrParams `json:"ikCsr" cbor:"4,keyasint"`
SgxValues struct {
EncryptedPPID HexByte `json:"encryptedPPID" cbor:"5,keyasint"`
Pceid HexByte `json:"pceid" cbor:"6,keyasint"`
Cpusvn HexByte `json:"cpusvn" cbor:"7,keyasint"`
Pcesvn HexByte `json:"pcesvn" cbor:"8,keyasint"`
}
}
DeviceConfig contains the local device configuration parameters
type DeviceDescription ¶ added in v0.2.0
type DeviceDescription struct {
MetaInfo
Description string `json:"description" cbor:"3,keyasint"`
Location string `json:"location" cbor:"4,keyasint"`
RtmManifest string `json:"rtmManifest" cbor:"5,keyasint"`
OsManifest string `json:"osManifest" cbor:"6,keyasint"`
AppDescriptions []AppDescription `json:"appDescriptions" cbor:"7,keyasint"`
Internal []InternalConnection `json:"internalConnections" cbor:"8,keyasint"`
External []ExternalInterface `json:"externalEndpoints" cbor:"9,keyasint"`
}
DeviceDescription represents the attestation report element of type 'Device Description'
type DigestResult ¶ added in v0.6.0
type DigestResult struct {
Pcr *int `json:"pcr,omitempty"` // Number for the PCR if present (TPM)
Name string `json:"name,omitempty"` // Name of the software artifact
Digest string `json:"digest,omitempty"` // Reference Digest
Description string `json:"description,omitempty"` // Optional description, measured PCR in case of PCR result
Success bool `json:"success"` // Indicates whether match was found
Type string `json:"type,omitempty"` // On fail, indicates whether digest is reference or measurement
EventData *EventData `json:"eventdata,omitempty"` // data that was included from bioseventlog
}
DigestResult represents a generic result for a digest that was processed during attestation or for an entire PCR
type Driver ¶ added in v0.6.0
type Driver interface {
Init(c *DriverConfig) error // Initializes the driver
Measure(nonce []byte) (Measurement, error) // Retrieves measurements
Lock() error // For sync, if required
Unlock() error // For sync, if required
GetSigningKeys() (crypto.PrivateKey, crypto.PublicKey, error) // Get Signing key handles
GetCertChain() ([]*x509.Certificate, error) // Get cert chain for signing key
}
Driver is an interface representing a driver for a hardware trust anchor, capable of providing attestation evidence and signing data. This can be e.g. a Trusted Platform Module (TPM), AMD SEV-SNP, or the ARM PSA Initial Attestation Service (IAS). The driver must be capable of performing measurements, i.e. retrieving attestation evidence such as a TPM Quote or an SNP attestation report and providing handles to signing keys and their certificate chains
type DriverConfig ¶ added in v0.6.0
type DriverConfig struct {
StoragePath string
ServerAddr string
KeyConfig string
Metadata [][]byte
UseIma bool
ImaPcr int
Serializer Serializer
MeasurementLog bool
UseCtr bool
CtrPcr int
CtrLog string
CtrDriver string
}
DriverConfig contains all configuration values required for the different drivers
type EFILoadOption ¶ added in v0.6.0
type EFILoadOption struct {
Attributes uint32 `json:"attributes" cbor:"0,keyasint"`
// - could also get resolved to the different options UEFISpec:73
//-ex filePathListLength uint16
Description string `json:"description" cbor:"1,keyasint"`
FilepathList []FilePathList `json:"filepathlist" cbor:"2,keyasint"`
// optional Data
OptionalData HexByte `json:"optionaldata,omitempty" cbor:"3,keyasint,omitempty"`
}
type Environment ¶ added in v0.7.0
type Environment struct {
Key string `json:"key" cbor:"0,keyasint"`
Value string `json:"value" cbor:"1,keyasint"`
}
Environment represents environment variables for apps
type ErrorCode ¶ added in v0.6.0
type ErrorCode int
const ( NotSet ErrorCode = iota CaFingerprint CRLCheckRoot CRLCheckPCK CRLCheckSigningCert DecodeCertChain UnknownSerialization DownloadRootCRL DownloadPCKCRL EvidenceLength EvidenceType Expired ExtractPubKey Internal InvalidCertificationLevel JWSNoSignatures JWSSignatureOrder JWSPayload MeasurementNoMatch MeasurementTypeNotSupported NotPresent NotYetValid OidLength OidNotPresent OidTag Parse ParseAR ParseX5C ParseCA ParseCAFingerprint ParseCert ParseTcbInfo ParseJSON ParseOSManifest ParseEvidence ParseExtensions ParseQEIdentity ParseRTMManifest ParseTime PolicyEngineNotImplemented RefValTypeNotSupported SetupSystemCA SgxFmpcMismatch SgxPceidMismatch SignatureLength DetailsNotPresent RefValMultiple RefValNotPresent RefValType RefValNoMatch TcbInfoExpired TcbLevelUnsupported TcbLevelRevoked UnsupportedAlgorithm VerifyAR VerifyCertChain VerifyPCKChain VerifyOSManifest VerifyPolicies VerifyQEIdentityErr VerifyRTMManifest VerifySignature VerifyTCBChain VerifyTcbInfo ExtensionsCheck PcrNotSpecified )
type EventData ¶ added in v0.6.0
type EventData struct {
//for certain Uefi variable information events
Uefivariabledata *UefiVariableData `json:"uefivariabledata,omitempty" cbor:"0,keyasint,omitempty"`
//for the GPT_Event
GPTHeader *GPTHeader `json:"gptheader,omitempty" cbor:"1,keyasint,omitempty"`
//for PCClientTaggedEvent
PCClientTaggedEvent *PCClientTaggedEvent `json:"pcclienttaggedevent,omitempty" cbor:"2,keyasint,omitempty"`
ImageLoadEvent *ImageLoadEvent `json:"imageloadevent,omitempty" cbor:"3,keyasint,omitempty"`
UefiHandoffTablePointer *UefiHandoffTablePointer `json:"uefihandofftablepointer,omitempty" cbor:"4,keyasint,omitempty"`
UefiPlatformFirmwareBlob *UefiPlatformFirmwareBlob `json:"uefiplatformfirmwareblob,omitempty" cbor:"5,keyasint,omitempty"`
//used e.g. for EFI_IPL event
StringContent string `json:"stringcontent,omitempty" cbor:"6,keyasint,omitempty"`
//generic data (when no further differentiation is implemented)
GenericData HexByte `json:"genericdata,omitempty" cbor:"7,keyasint,omitempty"`
}
func ParseEventData ¶ added in v0.6.0
type ExternalInterface ¶
type ExternalInterface struct {
Type string `json:"type" cbor:"0,keyasint"`
AppEndpoint string `json:"appEndpoint" cbor:"1,keyasint"` // Links to AppManifest.Endpoint
Interface string `json:"interface" cbor:"2,keyasint"` // Links to AppDescription.Name
Port int `json:"port" cbor:"3,keyasint"` // Links to App Manifest.Endpoint
}
ExternalInterface represents the attestation report element of type 'External Interface'
type FilePathList ¶ added in v0.6.0
type FilePathList struct {
Type string `json:"type" cbor:"0,keyasint"`
Subtype string `json:"subtype" cbor:"1,keyasint"`
//optional stuff
// - 2.1 (ACPI Device Path)
HID HexByte `json:"hid,omitempty" cbor:"2,keyasint,omitempty"`
UID HexByte `json:"uid,omitempty" cbor:"3,keyasint,omitempty"`
// - 3.a (messaging device path: vendor-defined messaging device path)
VendorGUID string `json:"vendorguid,omitempty" cbor:"4,keyasint,omitempty"`
VendorDefinedData HexByte `json:"vendordefineddata,omitempty" cbor:"4,keyasint,omitempty"`
// - 4.1 (media device path: hard drive)
PartitionNumber uint32 `json:"partitionnumber,omitempty" cbor:"5,keyasint,omitempty"`
PartitionStart uint64 `json:"partitionstart,omitempty" cbor:"6,keyasint,omitempty"`
PartitionSize uint64 `json:"partitionsize,omitempty" cbor:"7,keyasint,omitempty"`
PartitionSignature HexByte `json:"partitionsignature,omitempty" cbor:"8,keyasint,omitempty"` //[16]byte
PartitionFormat byte `json:"partitionformat,omitempty" cbor:"9,keyasint,omitempty"`
SignaturType byte `json:"signaturetype,omitempty" cbor:"10,keyasint,omitempty"`
// - 4.2 (media device path: CD-ROM Media Device Path)
BootEntry uint32 `json:"bootentry,omitempty" cbor:"11,keyasint,omitempty"`
// - 4.4 (media device path: file path media device path)
PathName string `json:"pathname,omitempty" cbor:"12,keyasint,omitempty"`
// - 4.5 (media device path: Media Protocol Device Path)
ProtocolGUID string `json:"protocolguid,omitempty" cbor:"13,keyasint,omitempty"`
// - 4.9 (media device path: RAM Disk)
StartingAddress uint64 `json:"startingaddress,omitempty" cbor:"14,keyasint,omitempty"`
EndingAddress uint64 `json:"endingaddress,omitempty" cbor:"15,keyasint,omitempty"`
DiskTypeGUID string `json:"disktypeguid,omitempty" cbor:"16,keyasint,omitempty"`
DiskInstance uint16 `json:"diskinstance,omitempty" cbor:"17,keyasint,omitempty"`
// - 5.1 (BIOS Boot Specification Device Path)
DeviceType uint16 `json:"devicetype,omitempty" cbor:"18,keyasint,omitempty"`
StatusFlag uint16 `json:"statusflag,omitempty" cbor:"19,keyasint,omitempty"`
DescriptionString string `json:"descriptionstring,omitempty" cbor:"20,keyasint,omitempty"`
}
type GPTHeader ¶ added in v0.6.0
type GPTHeader struct {
Signature uint64 `json:"signature,omitempty" cbor:"0,keyasint,omitempty"`
Revision uint32 `json:"revision,omitempty" cbor:"1,keyasint,omitempty"`
HeaderSize uint32 `json:"headersize,omitempty" cbor:"2,keyasint,omitempty"`
HeaderCRC32 uint32 `json:"headercrc32,omitempty" cbor:"3,keyasint,omitempty"`
Reserved uint32 `json:"reserved,omitempty" cbor:"4,keyasint,omitempty"`
MyLBA uint64 `json:"mylba,omitempty" cbor:"5,keyasint,omitempty"`
AlternativeLBA uint64 `json:"alternativelba,omitempty" cbor:"6,keyasint,omitempty"`
FirstUsableLBA uint64 `json:"firstusablelba,omitempty" cbor:"7,keyasint,omitempty"`
LastUsableLBA uint64 `json:"lastusablelba,omitempty" cbor:"8,keyasint,omitempty"`
DiskGUID string `json:"diskguid,omitempty" cbor:"9,keyasint,omitempty"`
PartitionEntryLBA uint64 `json:"partitionentrylba,omitempty" cbor:"10,keyasint,omitempty"`
NumberOfPartitionEntries uint32 `json:"numberofpartitionentries,omitempty" cbor:"11,keyasint,omitempty"`
SizeOfPartitionEntry uint32 `json:"sizeofpartitionentry,omitempty" cbor:"12,keyasint,omitempty"`
PartitionEntryArrayCRC32 uint32 `json:"partitionentryarraycrc32,omitempty" cbor:"13,keyasint,omitempty"`
Partitions []GPTPartitionEntry `json:"partitions,omitempty" cbor:"13,keyasint,omitempty"`
}
type GPTPartitionEntry ¶ added in v0.6.0
type GPTPartitionEntry struct {
PartitionTypeGUID string `json:"paritiontypeguid,omitempty" cbor:"0,keyasint,omitempty"`
UniquePartitionGUID string `json:"uniquepartitionguid,omitempty" cbor:"0,keyasint,omitempty"`
StartingLBA uint64 `json:"startinglba,omitempty" cbor:"0,keyasint,omitempty"`
EndingLBA uint64 `json:"endinglba,omitempty" cbor:"0,keyasint,omitempty"`
Attributes uint64 `json:"attributes,omitempty" cbor:"0,keyasint,omitempty"`
ParitionName string `json:"partitionname,omitempty" cbor:"0,keyasint,omitempty"` //ParitionName parsed in [36] UTF16
}
type HexByte ¶ added in v0.5.0
type HexByte []byte
Custom type for JSON unmarshaller as byte arrays are encoded as hex strings in JSON but used as byte arrays internally and by CBOR encoding
func (*HexByte) MarshalJSON ¶ added in v0.5.0
MarshalJSON marshalls a byte array into a hex string
func (*HexByte) UnmarshalJSON ¶ added in v0.5.0
UnmarshalJSON unmarshalls JSON hex strings into byte arrays
type ImageLoadEvent ¶ added in v0.6.0
type ImageLoadEvent struct {
ImageLocationInMemory address `json:"imagelocationinmemory" cbor:"0,keyasint"` //(assume 64 bit architecture)
ImageLengthInMemory uint64 `json:"imagelengthinmemory" cbor:"1,keyasint"`
ImageLinkTimeAddress uint64 `json:"imagelinktimeaddress" cbor:"2,keyasint"`
// LengthOfDevicePath uint64
//device path
UefiDevicePath *FilePathList `json:"uefidevicepath" cbor:"3,keyasint"`
}
type IntelCollateral ¶ added in v0.6.0
type IntelCollateral struct {
TeeType uint32 `json:"teeType" cbor:"0,keyasint"`
TcbInfo json.RawMessage `json:"tcbInfo" cbor:"1,keyasint"`
TcbInfoSize uint32 `json:"tcbInfoSize" cbor:"2,keyasint"`
QeIdentity json.RawMessage `json:"qeIdentity" cbor:"3,keyasint"`
QeIdentitySize uint32 `json:"qeIdentitySize" cbor:"4,keyasint"`
}
type InternalConnection ¶
type InternalConnection struct {
Type string `json:"type" cbor:"0,keyasint"`
NameAppA string `json:"nameAppA" cbor:"1,keyasint"` // Links to AppDescription.Name
EndpointAppA string `json:"endpointAppA" cbor:"2,keyasint"` // Links to AppManifest.Endpoint
NameAppB string `json:"nameAppB" cbor:"3,keyasint"` // Links to AppDescription.Name
EndpointAppB string `json:"endpointAppB" cbor:"4,keyasint"` // Links to AppManifest.Endpoint
}
InternalConnection represents the attestation report element of type 'Internal Connection'
type JsonSerializer ¶ added in v0.5.0
type JsonSerializer struct{}
func (JsonSerializer) GetPayload ¶ added in v0.5.0
func (s JsonSerializer) GetPayload(raw []byte) ([]byte, error)
func (JsonSerializer) Marshal ¶ added in v0.5.0
func (s JsonSerializer) Marshal(v any) ([]byte, error)
func (JsonSerializer) Sign ¶ added in v0.5.0
func (s JsonSerializer) Sign(data []byte, signer Driver) ([]byte, error)
Sign signs data with the specified driver 'signer' (to enale hardware-based signatures)
func (JsonSerializer) Unmarshal ¶ added in v0.5.0
func (s JsonSerializer) Unmarshal(data []byte, v any) error
func (JsonSerializer) VerifyToken ¶ added in v0.5.0
func (s JsonSerializer) VerifyToken(data []byte, roots []*x509.Certificate) (TokenResult, []byte, bool)
VerifyToken verifies signatures and certificate chains for JWS tokens
type ManifestResult ¶ added in v0.2.0
type ManifestResult struct {
MetaInfo
Summary Result `json:"result"`
SignatureCheck []SignatureResult `json:"signatureValidation"`
ValidityCheck Result `json:"validityCheck"`
Details any `json:"details,omitempty"`
}
ManifestResult represents the results of the validation of a manifest provided in the Attestation Report.
type MeasureEvent ¶ added in v0.7.2
type MeasureEvent struct {
Sha256 HexByte `json:"sha256" cbor:"2,keyasint"`
EventName string `json:"eventname,omitempty" cbor:"4,keyasint,omitempty"`
EventData *EventData `json:"eventdata,omitempty" cbor:"5,keyasint,omitempty"`
CtrData *CtrData `json:"ctrData,omitempty" cbor:"6,keyasint,omitempty"`
}
type Measurement ¶
type Measurement struct {
Type string `json:"type" cbor:"0,keyasint"`
Evidence []byte `json:"evidence,omitempty" cbor:"1,keyasint"`
Certs [][]byte `json:"certs,omitempty" cbor:"3,keyasint"`
Signature []byte `json:"signature,omitempty" cbor:"2,keyasint,omitempty"`
Artifacts []Artifact `json:"details,omitempty" cbor:"4,keyasint,omitempty"`
}
Measurement represents the attestation report elements of type 'TPM Measurement', 'SNP Measurement', 'TDX Measurement', 'SGX Measurement', 'IAS Measurement' or 'SW Measurement'
type MeasurementResult ¶ added in v0.2.0
type MeasurementResult struct {
Type string `json:"type"`
Summary Result `json:"summary"`
Freshness Result `json:"freshness"`
Signature SignatureResult `json:"signature"`
Artifacts []DigestResult `json:"artifacts"`
TpmResult *TpmResult `json:"tpmResult,omitempty"`
SnpResult *SnpResult `json:"snpResult,omitempty"`
SgxResult *SgxResult `json:"sgxResult,omitempty"`
TdxResult *TdxResult `json:"tdxResult,omitempty"`
}
type MetaInfo ¶ added in v0.6.0
type MetaInfo struct {
Type string `json:"type" cbor:"0,keyasint"`
Name string `json:"name" cbor:"1,keyasint"`
Version string `json:"version" cbor:"2,keyasint"`
}
MetaInfo is a helper struct for generic info present in every metadata object
type Metadata ¶ added in v0.6.0
type Metadata struct {
RtmManifest RtmManifest `json:"rtmManifest" cbor:"2,keyasint"`
OsManifest OsManifest `json:"osManifest" cbor:"3,keyasint"`
AppManifests []AppManifest `json:"appManifests,omitempty" cbor:"4,keyasint,omitempty"`
CompanyDescription *CompanyDescription `json:"companyDescription,omitempty" cbor:"5,keyasint,omitempty"`
DeviceDescription DeviceDescription `json:"deviceDescription" cbor:"6,keyasint"`
}
Metadata is an internal structure for manifests and descriptions
type MetadataResult ¶ added in v0.6.0
type MetadataResult struct {
CompDescResult *CompDescResult `json:"companyValidation,omitempty"`
RtmResult ManifestResult `json:"rtmValidation"`
OsResult ManifestResult `json:"osValidation"`
AppResults []ManifestResult `json:"appValidation,omitempty"`
DevDescResult DevDescResult `json:"deviceDescValidation"`
}
type Name ¶
type Name struct {
CommonName string `json:"commonName,omitempty" cbor:"0,keyasint,omitempty"`
Country string `json:"country,omitempty" cbor:"1,keyasint,omitempty"`
Organization string `json:"organization,omitempty" cbor:"2,keyasint,omitempty"`
OrganizationalUnit string `json:"organizationalUnit,omitempty" cbor:"3,keyasint,omitempty"`
Locality string `json:"locality,omitempty" cbor:"4,keyasint,omitempty"`
Province string `json:"province,omitempty" cbor:"5,keyasint,omitempty"`
StreetAddress string `json:"streetAddress,omitempty" cbor:"6,keyasint,omitempty"`
PostalCode string `json:"postalCode,omitempty" cbor:"7,keyasint,omitempty"`
Names []interface{} `json:"names,omitempty" cbor:"8,keyasint,omitempty"`
}
Name is the PKIX Name for CsrParams
type OsManifest ¶
type OsManifest struct {
MetaInfo
DevCommonName string `json:"developerCommonName" cbor:"3,keyasint"`
Rtms []string `json:"rtms" cbor:"4,keyasint"` // Links to Type RtmManifest.Name
Description string `json:"description" cbor:"5,keyasint"`
CertificationLevel int `json:"certificationLevel" cbor:"6,keyasint"`
Validity Validity `json:"validity" cbor:"7,keyasint"`
ReferenceValues []ReferenceValue `json:"referenceValues" cbor:"8,keyasint"`
Details any `json:"details,omitempty" cbor:"9,keyasint,omitempty"`
}
OsManifest represents the attestation report element of type 'OsManifest'
type PCClientTaggedEvent ¶ added in v0.6.0
type PkixExtension ¶ added in v0.6.0
type PkixExtension struct {
Id string `json:"id"`
Critical bool `json:"critical"`
Value []byte `json:"value"`
}
PkixExtension represents extensions of a x509 certificate.
type PolicyCheck ¶ added in v0.4.0
type PolicyCheck struct {
Summary Result `json:"result"`
Abi VersionCheck `json:"abi"`
Smt BooleanMatch `json:"smt"`
Migration BooleanMatch `json:"migration"`
Debug BooleanMatch `json:"debug"`
SingleSocket BooleanMatch `json:"singleSocket"`
}
type ReferenceValue ¶ added in v0.5.0
type ReferenceValue struct {
Type string `json:"type" cbor:"0,keyasint"`
Sha256 HexByte `json:"sha256,omitempty" cbor:"1,keyasint,omitempty"`
Sha384 HexByte `json:"sha384,omitempty" cbor:"2,keyasint,omitempty"`
Name string `json:"name,omitempty" cbor:"3,keyasint,omitempty"`
Optional bool `json:"optional,omitempty" cbor:"4,keyasint,omitempty"`
Pcr *int `json:"pcr,omitempty" cbor:"5,keyasint,omitempty"`
Snp *SnpDetails `json:"snp,omitempty" cbor:"6,keyasint,omitempty"`
Tdx *TDXDetails `json:"tdx,omitempty" cbor:"7,keyasint,omitempty"`
Sgx *SGXDetails `json:"sgx,omitempty" cbor:"8,keyasint,omitempty"`
Description string `json:"description,omitempty" cbor:"9,keyasint,omitempty"`
EventData *EventData `json:"eventdata,omitempty" cbor:"10,keyasint,omitempty"`
}
ReferenceValue represents the attestation report element of types 'SNP Reference Value', 'TPM Reference Value', 'TDX Reference Value', 'SGX Reference Value' and 'SW Reference Value'
type Result ¶ added in v0.2.0
type Result struct {
Success bool `json:"success"`
Got string `json:"got,omitempty"`
Expected string `json:"expected,omitempty"`
ExpectedOneOf []string `json:"expectedOneOf,omitempty"` // Required for compatibility
ExpectedBetween []string `json:"expectedBetween,omitempty"` // Required for validity
ErrorCode ErrorCode `json:"errorCode,omitempty"`
}
type RtMrHashChainElem ¶ added in v0.6.0
type RtMrHashChainElem struct {
Type string `json:"type" cbor:"0,keyasint"`
Name string `json:"name" cbor:"1,keyasint"`
Hashes []HexByte `json:"Hashes" cbor:"2,keyasint"`
Summary bool `json:"summary" cbor:"3,keyasint"` // Indicates if element represents final RMTR value or single artifact
}
RtMrHashChainElem represents the attestation report element of type 'HashChain' embedded in 'TDXDetails'
type RtmManifest ¶
type RtmManifest struct {
MetaInfo
DevCommonName string `json:"developerCommonName" cbor:"3,keyasint"`
Description string `json:"description" cbor:"4,keyasint"`
CertificationLevel int `json:"certificationLevel" cbor:"5,keyasint"`
Validity Validity `json:"validity" cbor:"6,keyasint"`
ReferenceValues []ReferenceValue `json:"referenceValues" cbor:"7,keyasint"`
Details any `json:"details,omitempty" cbor:"8,keyasint,omitempty"`
}
RtmManifest represents the attestation report element of type 'RTM Manifest'
type SGXAttributes ¶ added in v0.6.0
type SGXAttributes struct {
Initted bool `json:"initted" cbor:"0,keyasint"`
Debug bool `json:"debug" cbor:"1,keyasint"`
Mode64Bit bool `json:"mode64Bit" cbor:"2,keyasint"`
ProvisionKey bool `json:"provisionKey" cbor:"3,keyasint"`
EInitToken bool `json:"eInitToken" cbor:"4,keyasint"`
Kss bool `json:"kss" cbor:"5,keyasint"`
Legacy bool `json:"legacy" cbor:"6,keyasint"`
Avx bool `json:"avx" cbor:"7,keyasint"`
}
SGX attributes according to https://download.01.org/intel-sgx/latest/linux-latest/docs/Intel_SGX_Developer_Reference_Linux_2.22_Open_Source.pdf (page 414)
type SGXDetails ¶ added in v0.6.0
type SGXDetails struct {
Version uint16 `json:"version" cbor:"0,keyasint"`
Collateral IntelCollateral `json:"collateral" cbor:"1,keyasint"`
CaFingerprint string `json:"caFingerprint" cbor:"2,keyasint"` // Intel Root CA Certificate Fingerprint
IsvProdId uint16 `json:"isvProdId" cbor:"3,keyasint"`
MrSigner string `json:"mrSigner" cbor:"4,keyasint"`
IsvSvn uint16 `json:"isvSvn" cbor:"5,keyasint"`
Attributes SGXAttributes `json:"attributes" cbor:"6,keyasint"`
}
type Serializer ¶ added in v0.5.0
type Serializer interface {
GetPayload(raw []byte) ([]byte, error)
Marshal(v any) ([]byte, error)
Unmarshal(data []byte, v any) error
Sign(data []byte, signer Driver) ([]byte, error)
VerifyToken(data []byte, roots []*x509.Certificate) (TokenResult, []byte, bool)
}
Serializer is a generic interface providing methods for data serialization and de-serialization. This enables to generate and verify attestation reports in different formats, such as JSON/JWS or CBOR/COSE
type SgxAttributesCheck ¶ added in v0.6.0
type SgxAttributesCheck struct {
Initted BooleanMatch `json:"initted"`
Debug BooleanMatch `json:"debug"`
Mode64Bit BooleanMatch `json:"mode64Bit"`
ProvisionKey BooleanMatch `json:"provisionKey"`
EInitToken BooleanMatch `json:"eInitToken"`
Kss BooleanMatch `json:"kss"`
Legacy BooleanMatch `json:"legacy"`
Avx BooleanMatch `json:"avx"`
}
type SgxResult ¶ added in v0.6.0
type SgxResult struct {
VersionMatch Result `json:"reportVersionMatch"`
TcbInfoCheck TcbLevelResult `json:"tcbInfoCheck"`
QeIdentityCheck TcbLevelResult `json:"qeIdentityCheck"`
SgxAttributesCheck SgxAttributesCheck `json:"sgxAttributesCheck"`
}
type SignatureDatabase ¶ added in v0.6.0
type SignatureDatabase struct {
SignatureTypeGUID string `json:"efisignaturelistguid,omitempty" cbor:"0,keyasint,omitempty"`
SignatureHeader HexByte `json:"signatureheader,omitempty" cbor:"1,keyasint,omitempty"`
//only one of the following per SignatureDataBase
Certificates []UEFICertificate `json:"ueficertificates,omitempty" cbor:"2,keyasint,omitempty"`
Sha256Hash []Hash `json:"sha256hashes,omitempty" cbor:"3,keyasint,omitempty"`
}
type SignatureResult ¶ added in v0.2.0
type SignatureResult struct {
SignCheck Result `json:"signatureVerification"` // Result from checking the signature has been calculated with this certificate
CertChainCheck Result `json:"certChainValidation"` // Result from validatint the certification chain back to a shared root of trust
ExtensionsCheck []Result `json:"extensionsCheck,omitempty"`
ValidatedCerts [][]X509CertExtracted `json:"validatedCerts"` //Stripped information from validated x509 cert chain(s) for additional checks from the policies module
}
SignatureResults represents the results for validation of a provided signature and the used certificates.
func (*SignatureResult) PrintErr ¶ added in v0.6.0
func (r *SignatureResult) PrintErr(format string, args ...interface{})
type SnpDetails ¶ added in v0.4.0
type SnpPolicy ¶ added in v0.4.0
type SnpPolicy struct {
Type string `json:"type" cbor:"0,keyasint"`
SingleSocket bool `json:"singleSocket" cbor:"1,keyasint"`
Debug bool `json:"debug" cbor:"2,keyasint"`
Migration bool `json:"migration" cbor:"3,keyasint"`
Smt bool `json:"smt" cbor:"4,keyasint"`
AbiMajor uint8 `json:"abiMajor" cbor:"5,keyasint"`
AbiMinor uint8 `json:"abiMinor" cbor:"6,keyasint"`
}
type SnpResult ¶ added in v0.6.0
type SnpResult struct {
VersionMatch Result `json:"reportVersionMatch"`
FwCheck VersionCheck `json:"fwCheck"`
TcbCheck TcbCheck `json:"tcbCheck"`
PolicyCheck PolicyCheck `json:"policyCheck"`
}
type TDAttributes ¶ added in v0.6.0
type TDAttributes struct {
Debug bool `json:"debug" cbor:"0,keyasint"`
SeptVEDisable bool `json:"septVEDisable" cbor:"1,keyasint"`
Pks bool `json:"pks" cbor:"2,keyasint"`
Kl bool `json:"kl" cbor:"3,keyasint"`
}
Structure of the security relevant attributes for a TD (Bits 0 - 31 of attributes array in quote) according to https://download.01.org/intel-sgx/latest/dcap-latest/linux/docs/Intel_TDX_DCAP_Quoting_Library_API.pdf (page 40)
type TDMeasurements ¶ added in v0.6.0
type TDMeasurements struct {
RtMr0 RtMrHashChainElem `json:"rtMr0" cbor:"0,keyasint"` // Firmware measurement
RtMr1 RtMrHashChainElem `json:"rtMr1" cbor:"1,keyasint"` // BIOS measurement
RtMr2 RtMrHashChainElem `json:"rtMr2" cbor:"2,keyasint"` // OS measurement
RtMr3 RtMrHashChainElem `json:"rtMr3" cbor:"3,keyasint"` // Runtime measurement
MrSeam HexByte `json:"mrSeam" cbor:"4,keyasint"` // TDX Module measurement
}
type TDXDetails ¶ added in v0.6.0
type TDXDetails struct {
Version uint16 `json:"version" cbor:"0,keyasint"`
Collateral IntelCollateral `json:"collateral" cbor:"1,keyasint"`
CaFingerprint string `json:"caFingerprint" cbor:"2,keyasint"` // Intel Root CA Certificate Fingerprint
TdId TDId `json:"tdId" cbor:"3,keyasint"`
TdMeas TDMeasurements `json:"tdMeasurements" cbor:"4,keyasint"`
Xfam [8]byte `json:"xfam" cbor:"5,keyasint"`
TdAttributes TDAttributes `json:"tdAttributes" cbor:"6,keyasint"`
}
type TcbCheck ¶ added in v0.4.0
type TcbCheck struct {
Summary Result `json:"result"`
Bl VersionCheck `json:"bl"`
Tee VersionCheck `json:"tee"`
Snp VersionCheck `json:"snp"`
Ucode VersionCheck `json:"ucode"`
}
type TcbLevelResult ¶ added in v0.6.0
type TdAttributesCheck ¶ added in v0.6.0
type TdAttributesCheck struct {
Debug BooleanMatch `json:"debug"`
SeptVEDisable BooleanMatch `json:"septVEDisable"`
Pks BooleanMatch `json:"pks"`
Kl BooleanMatch `json:"kl"`
}
type TdxResult ¶ added in v0.6.0
type TdxResult struct {
VersionMatch Result `json:"reportVersionMatch"`
TcbInfoCheck TcbLevelResult `json:"tcbInfoCheck"`
QeIdentityCheck TcbLevelResult `json:"qeIdentityCheck"`
TdAttributesCheck TdAttributesCheck `json:"tdAttributesCheck"`
SeamAttributesCheck AttributesCheck `json:"seamAttributesCheck"`
XfamCheck AttributesCheck `json:"xfamCheck"`
}
type TokenResult ¶ added in v0.5.0
type TokenResult struct {
Summary Result `json:"result"`
SignatureCheck []SignatureResult `json:"signatureValidation"`
}
TokenResult is a helper struct for the validation of JWS or COSE tokens focussing on the validation of the provided signatures.
type TpmResult ¶ added in v0.6.0
type TpmResult struct {
PcrMatch []DigestResult `json:"pcrMatch"`
AggPcrQuoteMatch Result `json:"aggPcrQuoteMatch"`
}
type UEFICertificate ¶ added in v0.6.0
type UEFICertificate struct {
SignatureOwnerGUID string `json:"signatureownerguid" cbor:"0,keyasint"`
Certificates X509CertExtracted `json:"certificates" cbor:"1,keyasint"`
}
type UefiConfigurationTable ¶ added in v0.6.0
type UefiConfigurationTable struct {
EFIGuid string `json:"guid" cbor:"0,keyasint"`
VendorTable address `json:"tableaddress" cbor:"1,keyasint"`
}
type UefiHandoffTablePointer ¶ added in v0.6.0
type UefiHandoffTablePointer struct {
// NumberOfTables uint64
TableEntry []UefiConfigurationTable `json:"ueficonfigurationtable" cbor:"0,keyasint"`
}
type UefiPlatformFirmwareBlob ¶ added in v0.6.0
type UefiVariableData ¶ added in v0.6.0
type UefiVariableData struct {
VariableNameGUID string `json:"variablenameguid,omitempty" cbor:"0,keyasint,omitempty"`
UnicodeName string `json:"unicodename,omitempty" cbor:"1,keyasint,omitempty"`
//can be one of the following
Signaturedb []SignatureDatabase `json:"signaturedb,omitempty" cbor:"2,keyasint,omitempty"`
BootOrder []uint16 `json:"bootorder,omitempty" cbor:"3,keyasint,omitempty"`
BootNext uint16 `json:"bootnext,omitempty" cbor:"4,keyasint,omitempty"`
BootCurrent uint16 `json:"bootcurrent,omitempty" cbor:"5,keyasint,omitempty"`
BootOptionSupport uint32 `json:"bootoptionsupport,omitempty" cbor:"6,keyasint,omitempty"`
EFILoadOption *EFILoadOption `json:"efiloadoption,omitempty" cbor:"7,keyasint,omitempty"`
DriverOrder []uint16 `json:"driverorder,omitempty" cbor:"8,keyasint,omitempty"`
//genericData
StringContent string `json:"stringcontent,omitempty" cbor:"9,keyasint,omitempty"`
VariableData HexByte `json:"variabledata,omitempty" cbor:"10,keyasint,omitempty"`
// DevicePath *FilePathList `json:"devicepath,omitempty" cbor:"10,keyasint,omitempty"`
GUIDArray []string `json:"guidarray,omitempty" cbor:"11,keyasint,omitempty"`
}
type Validity ¶
type Validity struct {
NotBefore string `json:"notBefore" cbor:"0,keyasint"`
NotAfter string `json:"notAfter" cbor:"1,keyasint"`
}
Validity is a helper struct for 'Validity'
type VerificationResult ¶
type VerificationResult struct {
Type string `json:"type"`
Success bool `json:"raSuccessful"`
ErrorCode ErrorCode `json:"errorCode,omitempty"` // Set in case of global errors
Prover string `json:"prover,omitempty"` // Name of the proving device the report was created for
Created string `json:"created,omitempty"` // Timestamp the attestation verification was completed
SwCertLevel int `json:"swCertLevel"` // Overall certification level for the software stack
Measurements []MeasurementResult `json:"measurements"`
ReportSignature []SignatureResult `json:"reportSignatureCheck"` // Result for validation of the overall report signature
MetadataResult
PolicySuccess bool `json:"policySuccess,omitempty"` // Result of custom policy validation (if utilized)
}
VerificationResult represents the results of all steps taken during the validation of an attestation report.
func (*VerificationResult) PrintErr ¶ added in v0.6.0
func (r *VerificationResult) PrintErr()
type VersionCheck ¶ added in v0.4.0
type X509CertExtracted ¶ added in v0.6.0
type X509CertExtracted struct {
Version int `json:"version"`
SerialNumber *big.Int `json:"serialNumber"`
Issuer X509Name `json:"issuer"`
Subject X509Name `json:"subject"`
Validity Validity `json:"validity"`
KeyUsage []string `json:"keyUsage"`
SignatureAlgorithm string `json:"signatureAlgorithm"`
PublicKeyAlgorithm string `json:"publicKeyAlgorithm"`
PublicKey string `json:"publicKey"`
// Extensions contains raw X.509 extensions extracted during parsing.
Extensions []PkixExtension `json:"pkixExtensions"`
ExtKeyUsage []string `json:"extKeyUsage,omitempty"` // Sequence of extended key usages.
UnknownExtKeyUsage []string `json:"unknownExtKeyUsage,omitempty"` // Encountered extended key usages unknown to this package.
BasicConstraintsValid bool `json:"basicConstraintsValid"` // BasicConstraintsValid indicates whether IsCA, MaxPathLen, and MaxPathLenZero are valid.
IsCA bool `json:"isCA,omitempty"`
// MaxPathLen and MaxPathLenZero indicate the presence and
// value of the BasicConstraints' "pathLenConstraint".
//
// A positive non-zero MaxPathLen means that the field was specified,
// -1 means it was unset, and MaxPathLenZero being true means that the field was
// explicitly set to zero. The case of MaxPathLen==0 with MaxPathLenZero==false
// should be treated equivalent to -1 (unset).
MaxPathLen int `json:"maxPathLen,omitempty"`
// MaxPathLenZero indicates that BasicConstraintsValid==true
// and MaxPathLen==0 should be interpreted as an actual
// maximum path length of zero. Otherwise, that combination is
// interpreted as MaxPathLen not being set.
MaxPathLenZero bool `json:"maxPathLenZero,omitempty"`
SubjectKeyId []byte `json:"subjectKeyId"`
AuthorityKeyId []byte `json:"authorityKeyId"`
// Subject Alternate Name values.
DNSNames []string `json:"dnsNames,omitempty"`
EmailAddresses []string `json:"emailAddresses,omitempty"`
IPAddresses []string `json:"ipAddresses,omitempty"`
URIs []string `json:"uris,omitempty"`
}
X509CertExtracted represents a x509 certificate with attributes in a human-readable way and prepared for (un)marshaling JSON objects. It is based on the type Certificate from the crypto/x509 package.
func ExtractX509Infos ¶ added in v0.6.0
func ExtractX509Infos(cert *x509.Certificate) X509CertExtracted
ExtractX509Infos extracts relevant attributes from cert and transform some attribute into a more human-readable form by translating enums to a string representations.
type X509Name ¶ added in v0.6.0
type X509Name struct {
Country []string `json:"country,omitempty"`
Organization []string `json:"organization,omitempty"`
OrganizationalUnit []string `json:"organizationalUnit,omitempty"`
Locality []string `json:"locality,omitempty"`
Province []string `json:"province,omitempty"`
StreetAddress []string `json:"streetAddress,omitempty"`
PostalCode []string `json:"postalCode,omitempty"`
SerialNumber string `json:"serialNumber,omitempty"`
CommonName string `json:"commonName,omitempty"`
}
X509Name represents an X.509 distinguished name. This only includes the common elements of a DN. Note that the structure is not a complete representation of the X.509 structure.
Source Files
Click to show internal directories.
Click to hide internal directories.