attestdoc

package
v0.0.0-...-5c52f96 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 1, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

View Source 
const MAX_USER_DATA_SIZE_BYTES = 1024

Maximum size of user data that can be included in the attestation document

View Source 
const (
	// NumPCRValues is the number of PCR values in a successfully parsed attestation document
	NumPCRValues = 16
)

Variables

View Source 
var Now = time.Now

Overridable Now function (for testing)

Functions

This section is empty.

Types

type AttestDoc 

type AttestDoc struct {

	// Unmodified bytes of CBOR-encoded document.
	// Retrieved from NSM
	Raw []byte

	// Issuing NSM identifier
	IssuerID string

	// Document creation time (ms granularity)
	Timestamp time.Time

	// Type of enclave measurement (e.g. SHA-384)
	PCRType string

	// Enclave measurements
	PCRs PCRValues

	// Certificate with which the document is signed
	Certificate *x509.Certificate

	// Certificate validation chain from document;
	// root AWS certificate at [0] followed by intermediate certs in descending order
	CABundle []*x509.Certificate

	// Public key attested by user (if any)
	UserPublicKey *rsa.PublicKey

	// Additional data attested by user (if any)
	UserData []byte

	// Nonce attested by user (if any)
	UserNonce []byte
}

AttestDoc is the unsigned attestation document issued by NSM

type PCRValues 

type PCRValues [][]byte

/ Type representing raw PCR values

type SignedAttestDoc 

type SignedAttestDoc struct {

	// Unmodified bytes of CBOR-encoded COSE-signed document.
	// Retrieved from NSM
	Raw []byte

	// Attestation document
	Document *AttestDoc

	// Attestation document COSE Sign1 signature
	Signature *sign1.Sign1Message
}

SignedAttestDoc is the signed attestation document issued by NSM

func FromBytes 

func FromBytes(bytes []byte) (*SignedAttestDoc, error)

FromBytes unmarshals signed attestation document from COSE-signed CBOR-encoded bytes

func FromFile 

func FromFile(doc string) (*SignedAttestDoc, error)

FromFile reads signed attestation document from a file

func (SignedAttestDoc) IsDebugEnclave 

func (d SignedAttestDoc) IsDebugEnclave() bool

IsDebugEnclave returns true for debug enclaves (PCR0 is all zeros) and false otherwise

func (SignedAttestDoc) Validate 

func (d SignedAttestDoc) Validate() error

Validate validates the signed attestation document

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.