tdx

package
v2.20.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 3, 2024 License: AGPL-3.0 Imports: 22 Imported by: 0

Documentation

Overview

package tdx implements attestation for TDX on Azure.

Quotes are generated using an Azure provided vTPM and the IMDS API. They are verified using the go-tdx-guest library.

More specifically: - The vTPM is used to collected a TPM attestation and a Hardware Compatibility Layer (HCL) report. - The HCL report is sent to the IMDS API to generate a TDX quote. - The quote is verified using the go-tdx-guest library. - The quote's report data can be used to verify the TPM's attestation key. - The attestation key can be used to verify the TPM attestation.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type InstanceInfo added in v2.17.0

type InstanceInfo struct {
	AttestationReport []byte
	RuntimeData       []byte
}

InstanceInfo wraps the TDX report with additional Azure specific runtime data.

type Issuer

type Issuer struct {
	variant.AzureTDX
	*vtpm.Issuer
	// contains filtered or unexported fields
}

Issuer for Azure confidential VM attestation using TDX.

func NewIssuer

func NewIssuer(log attestation.Logger) *Issuer

NewIssuer initializes a new Azure Issuer.

type Validator

type Validator struct {
	variant.AzureTDX
	*vtpm.Validator
	// contains filtered or unexported fields
}

Validator for Azure confidential VM attestation using TDX.

func NewValidator

func NewValidator(cfg *config.AzureTDX, log attestation.Logger) *Validator

NewValidator returns a new Validator for Azure confidential VM attestation using TDX.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL