Documentation
¶
Index ¶
- Constants
- Variables
- func ReplayFormatedEventLog(formatedEventLogs []FormatedTcgEvent) map[int]map[TCG_ALG][]byte
- type BinaryBlob
- func (b *BinaryBlob) Dump()
- func (b *BinaryBlob) ParseBytes(start, count int) ([]byte, int)
- func (b *BinaryBlob) ParseUint16(start int) (uint16, int)
- func (b *BinaryBlob) ParseUint32(start int) (uint32, int)
- func (b *BinaryBlob) ParseUint64(start int) (uint64, int)
- func (b *BinaryBlob) ParseUint8(start int) (uint8, int)
- type CC_Type
- type CcReport
- type DefaultIMARecorder
- type DeviceVersion
- type EventLogBlob
- func (b *EventLogBlob) Meta(start int) (uint32, TcgEventType, int, error)
- func (b *EventLogBlob) ParseEventLog(start, recNum, imr int, eventType TcgEventType, ...) (*TcgEventLogParser, int, error)
- func (b *EventLogBlob) ParseSpecIdEventLog(start, recNum, imr int, eventType TcgEventType) (*TcgEventLogParser, *TcgEfiSpecIdEvent, int, error)
- type EventLogger
- func (l *EventLogger) Count() int
- func (l *EventLogger) Dump(format QuoteDumpFormat)
- func (l *EventLogger) EventLog() []FormatedTcgEvent
- func (l *EventLogger) IsSelected() bool
- func (l *EventLogger) Parse() error
- func (l *EventLogger) Replay() map[int]map[TCG_ALG][]byte
- func (l *EventLogger) Select(start, count int) (*EventLogger, error)
- type EvidenceAPI
- type FormatedTcgEvent
- type IMALogBlob
- type IMARecorder
- type IMRGroup
- type QuoteDumpFormat
- type Report
- type TCG_ALG
- type TcgDigest
- type TcgEfiSpecIdEvent
- type TcgEfiSpecIdEventAlgorithmSize
- type TcgEventFormat
- type TcgEventLogParser
- type TcgEventType
- type TcgImrEvent
- type TcgPcClientImrEvent
Constants ¶
View Source
const ( TCG_PCCLIENT_FORMAT TcgEventFormat = "tcg_pcclient" TCG_CANONICAL_FORMAT TcgEventFormat = "tcg_canonical" EV_PREBOOT_CERT TcgEventType = 0x0 EV_POST_CODE TcgEventType = 0x1 EV_UNUSED TcgEventType = 0x2 EV_NO_ACTION TcgEventType = 0x3 EV_SEPARATOR TcgEventType = 0x4 EV_ACTION TcgEventType = 0x5 EV_EVENT_TAG TcgEventType = 0x6 EV_S_CRTM_CONTENTS TcgEventType = 0x7 EV_S_CRTM_VERSION TcgEventType = 0x8 EV_CPU_MICROCODE TcgEventType = 0x9 EV_PLATFORM_CONFIG_FLAGS TcgEventType = 0xa EV_TABLE_OF_DEVICES TcgEventType = 0xb EV_COMPACT_HASH TcgEventType = 0xc EV_IPL TcgEventType = 0xd EV_IPL_PARTITION_DATA TcgEventType = 0xe EV_NONHOST_CODE TcgEventType = 0xf EV_NONHOST_CONFIG TcgEventType = 0x10 EV_NONHOST_INFO TcgEventType = 0x11 EV_OMIT_BOOT_DEVICE_EVENTS TcgEventType = 0x12 EV_POST_CODE2 TcgEventType = 0x13 // IMA event type defined aligned with MSFT IMA_MEASUREMENT_EVENT TcgEventType = 0x14 EV_EFI_EVENT_BASE TcgEventType = 0x80000000 EV_EFI_VARIABLE_DRIVER_CONFIG TcgEventType = EV_EFI_EVENT_BASE + 0x1 EV_EFI_VARIABLE_BOOT TcgEventType = EV_EFI_EVENT_BASE + 0x2 EV_EFI_BOOT_SERVICES_APPLICATION TcgEventType = EV_EFI_EVENT_BASE + 0x3 EV_EFI_BOOT_SERVICES_DRIVER TcgEventType = EV_EFI_EVENT_BASE + 0x4 EV_EFI_RUNTIME_SERVICES_DRIVER TcgEventType = EV_EFI_EVENT_BASE + 0x5 EV_EFI_GPT_EVENT TcgEventType = EV_EFI_EVENT_BASE + 0x6 EV_EFI_ACTION TcgEventType = EV_EFI_EVENT_BASE + 0x7 EV_EFI_PLATFORM_FIRMWARE_BLOB TcgEventType = EV_EFI_EVENT_BASE + 0x8 EV_EFI_HANDOFF_TABLES TcgEventType = EV_EFI_EVENT_BASE + 0x9 EV_EFI_PLATFORM_FIRMWARE_BLOB2 TcgEventType = EV_EFI_EVENT_BASE + 0xa EV_EFI_HANDOFF_TABLES2 TcgEventType = EV_EFI_EVENT_BASE + 0xb EV_EFI_VARIABLE_BOOT2 TcgEventType = EV_EFI_EVENT_BASE + 0xc EV_EFI_GPT_EVENT2 TcgEventType = EV_EFI_EVENT_BASE + 0xd EV_EFI_HCRTM_EVENT TcgEventType = EV_EFI_EVENT_BASE + 0x10 EV_EFI_VARIABLE_AUTHORITY TcgEventType = EV_EFI_EVENT_BASE + 0xe0 EV_EFI_SPDM_FIRMWARE_BLOB TcgEventType = EV_EFI_EVENT_BASE + 0xe1 EV_EFI_SPDM_FIRMWARE_CONFIG TcgEventType = EV_EFI_EVENT_BASE + 0xe2 EV_EFI_SPDM_DEVICE_POLICY TcgEventType = EV_EFI_EVENT_BASE + 0xe3 EV_EFI_SPDM_DEVICE_AUTHORITY TcgEventType = EV_EFI_EVENT_BASE + 0xe4 )
View Source
const (
IMA_DATA_FILE = "/sys/kernel/security/integrity/ima/ascii_runtime_measurements"
)
Variables ¶
View Source
var ( TPM_ALG_HASH_DIGEST_SIZE_TABLE = map[TCG_ALG]int{ TPM_ALG_SHA1: 20, TPM_ALG_SHA256: 32, TPM_ALG_SHA384: 48, TPM_ALG_SHA512: 64, } )
Functions ¶
func ReplayFormatedEventLog ¶
func ReplayFormatedEventLog(formatedEventLogs []FormatedTcgEvent) map[int]map[TCG_ALG][]byte
Types ¶
type BinaryBlob ¶
BinaryBlob helps parse raw bytes into structure data
func NewBinaryBlob ¶
func NewBinaryBlob(b []byte, base int) BinaryBlob
func (*BinaryBlob) Dump ¶
func (b *BinaryBlob) Dump()
func (*BinaryBlob) ParseBytes ¶
func (b *BinaryBlob) ParseBytes(start, count int) ([]byte, int)
func (*BinaryBlob) ParseUint16 ¶
func (b *BinaryBlob) ParseUint16(start int) (uint16, int)
func (*BinaryBlob) ParseUint32 ¶
func (b *BinaryBlob) ParseUint32(start int) (uint32, int)
func (*BinaryBlob) ParseUint64 ¶
func (b *BinaryBlob) ParseUint64(start int) (uint64, int)
func (*BinaryBlob) ParseUint8 ¶
func (b *BinaryBlob) ParseUint8(start int) (uint8, int)
type DefaultIMARecorder ¶
type DefaultIMARecorder struct {
// contains filtered or unexported fields
}
func (*DefaultIMARecorder) FullIMALog ¶
func (r *DefaultIMARecorder) FullIMALog() ([]byte, error)
FullIMALog implements IMARecorder.
func (*DefaultIMARecorder) ProbeIMARecorder ¶
func (r *DefaultIMARecorder) ProbeIMARecorder() error
ProbeRecorder implements IMARecorder.
type DeviceVersion ¶
type DeviceVersion string
type EventLogBlob ¶
type EventLogBlob struct {
BinaryBlob
}
func NewEventLogBlob ¶
func NewEventLogBlob(b []byte) EventLogBlob
func (*EventLogBlob) Meta ¶
func (b *EventLogBlob) Meta(start int) (uint32, TcgEventType, int, error)
func (*EventLogBlob) ParseEventLog ¶
func (b *EventLogBlob) ParseEventLog(start, recNum, imr int, eventType TcgEventType, digestSizes []TcgEfiSpecIdEventAlgorithmSize) (*TcgEventLogParser, int, error)
func (*EventLogBlob) ParseSpecIdEventLog ¶
func (b *EventLogBlob) ParseSpecIdEventLog(start, recNum, imr int, eventType TcgEventType) (*TcgEventLogParser, *TcgEfiSpecIdEvent, int, error)
type EventLogger ¶
type EventLogger struct {
// contains filtered or unexported fields
}
func NewEventLogger ¶
func NewEventLogger(bootTimeLog, runTimeLog []byte, eventFormat TcgEventFormat) *EventLogger
func (*EventLogger) Count ¶
func (l *EventLogger) Count() int
func (*EventLogger) Dump ¶
func (l *EventLogger) Dump(format QuoteDumpFormat)
func (*EventLogger) EventLog ¶
func (l *EventLogger) EventLog() []FormatedTcgEvent
func (*EventLogger) IsSelected ¶
func (l *EventLogger) IsSelected() bool
func (*EventLogger) Parse ¶
func (l *EventLogger) Parse() error
func (*EventLogger) Select ¶
func (l *EventLogger) Select(start, count int) (*EventLogger, error)
type EvidenceAPI ¶
type EvidenceAPI interface {
GetDefaultAlgorithm() (TCG_ALG, error)
GetCCReport(nonce, userData []byte, extraArgs map[string]any) (Report, error)
DumpCCReport(reportBytes []byte) error
GetMeasurementCount() (int, error)
GetCCMeasurement(index int, alg TCG_ALG) (TcgDigest, error)
// two optional params can be specified for GetCCEventLog()
// which are start and count
GetCCEventLog(params ...int32) ([]FormatedTcgEvent, error)
ReplayCCEventLog(formatedEventLogs []FormatedTcgEvent) map[int]map[TCG_ALG][]byte
}
type FormatedTcgEvent ¶
type FormatedTcgEvent interface {
Dump()
GetFormatType() TcgEventFormat
GetImrIndex() uint32
GetEventType() TcgEventType
GetDigests() []TcgDigest
}
type IMALogBlob ¶
type IMALogBlob struct {
BinaryBlob
*bufio.Scanner
}
func NewIMALogBlob ¶
func NewIMALogBlob(b []byte) IMALogBlob
func (*IMALogBlob) ParseLine ¶
func (b *IMALogBlob) ParseLine(line []byte) (*TcgEventLogParser, error)
type IMARecorder ¶
type QuoteDumpFormat ¶
type QuoteDumpFormat string
const ( QuoteDumpFormatRaw QuoteDumpFormat = "raw" QuoteDumpFormatHuman QuoteDumpFormat = "human" )
type Report ¶
type Report interface {
InitFromBytes([]byte) error
IMRGroup() IMRGroup
Dump(QuoteDumpFormat)
}
type TcgEfiSpecIdEvent ¶
type TcgEventFormat ¶
type TcgEventFormat string
type TcgEventLogParser ¶
type TcgEventLogParser struct {
RecNum int
ImrIndex int
EventType TcgEventType
Digests []TcgDigest
EventSize int
Event []byte
ExtraInfo map[string]string
}
func (*TcgEventLogParser) Format ¶
func (p *TcgEventLogParser) Format(format TcgEventFormat) FormatedTcgEvent
type TcgEventType ¶
type TcgEventType uint32
func (TcgEventType) String ¶
func (t TcgEventType) String() string
type TcgImrEvent ¶
type TcgImrEvent struct {
ImrIndex uint32
EventType TcgEventType
Digests []TcgDigest
EventSize uint32
Event []byte
FormatType TcgEventFormat
}
func (*TcgImrEvent) GetDigests ¶
func (e *TcgImrEvent) GetDigests() []TcgDigest
GetDigests implements FormatedTcgEvent.
func (*TcgImrEvent) GetEventType ¶
func (e *TcgImrEvent) GetEventType() TcgEventType
GetEventType implements FormatedTcgEvent.
func (*TcgImrEvent) GetFormatType ¶
func (e *TcgImrEvent) GetFormatType() TcgEventFormat
FormatType implements FormatedTcgEvent.
func (*TcgImrEvent) GetImrIndex ¶
func (e *TcgImrEvent) GetImrIndex() uint32
GetImrIndex implements FormatedTcgEvent.
type TcgPcClientImrEvent ¶
type TcgPcClientImrEvent struct {
ImrIndex uint32
EventType TcgEventType
Digest [20]byte
EventDataSize uint32
Event []byte
FormatType TcgEventFormat
}
func (*TcgPcClientImrEvent) Dump ¶
func (e *TcgPcClientImrEvent) Dump()
Dump implements FormatedTcgEvent.
func (*TcgPcClientImrEvent) GetDigests ¶
func (e *TcgPcClientImrEvent) GetDigests() []TcgDigest
GetDigests implements FormatedTcgEvent.
func (*TcgPcClientImrEvent) GetEventType ¶
func (e *TcgPcClientImrEvent) GetEventType() TcgEventType
GetEventType implements FormatedTcgEvent.
func (*TcgPcClientImrEvent) GetFormatType ¶
func (e *TcgPcClientImrEvent) GetFormatType() TcgEventFormat
FormatType implements FormatedTcgEvent.
func (*TcgPcClientImrEvent) GetImrIndex ¶
func (e *TcgPcClientImrEvent) GetImrIndex() uint32
GetImrIndex implements FormatedTcgEvent.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.