Documentation
¶
Overview ¶
Package variant defines Attestation variants for different CSPs.
Each variant defines an OID, a string representation, and a function to compare it to other OIDs.
The OID is used in attested TLS to distinguish the attestation documents. OIDs beginning with 1.3.9900 are reserved and can be used without registration.
* The 1.3.9900.1 branch is reserved for placeholder values and testing.
* The 1.3.9900.2 branch is reserved for AWS.
* The 1.3.9900.3 branch is reserved for GCP.
* The 1.3.9900.4 branch is reserved for Azure.
* The 1.3.9900.5 branch is reserved for QEMU.
Deprecated OIDs should never be reused for different purposes. Instead, new OIDs should be added in the appropriate branch at the next available index.
String representation should be lowercase and contain only letters, numbers, and hyphens. They should be prefixed with the branch name, e.g. all variants in the 1.3.9900.2 (AWS) branch should start with "aws-". Each variant should have a unique string representation.
Index ¶
- func RemoveDuplicate[T comparable](sliceList []T) []T
- func ValidProvider(provider cloudprovider.Provider, variant Variant) bool
- type AWSNitroTPM
- type AWSSEVSNP
- type AzureSEVSNP
- type AzureTDX
- type AzureTrustedLaunch
- type Dummy
- type GCPSEVES
- type GCPSEVSNP
- type Getter
- type QEMUTDX
- type QEMUVTPM
- type Variant
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func RemoveDuplicate ¶
func RemoveDuplicate[T comparable](sliceList []T) []T
RemoveDuplicate removes duplicate elements from a slice.
func ValidProvider ¶
func ValidProvider(provider cloudprovider.Provider, variant Variant) bool
ValidProvider returns true if the attestation variants is valid for the given provider.
Types ¶
type AWSNitroTPM ¶
type AWSNitroTPM struct{}
AWSNitroTPM holds the AWS nitro TPM OID.
func (AWSNitroTPM) Equal ¶
func (AWSNitroTPM) Equal(other Getter) bool
Equal returns true if the other variant is also AWSNitroTPM.
func (AWSNitroTPM) OID ¶
func (AWSNitroTPM) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
func (AWSNitroTPM) String ¶
func (AWSNitroTPM) String() string
String returns the string representation of the OID.
type AWSSEVSNP ¶
type AWSSEVSNP struct{}
AWSSEVSNP holds the AWS nitro TPM OID.
func (AWSSEVSNP) OID ¶
func (AWSSEVSNP) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type AzureSEVSNP ¶
type AzureSEVSNP struct{}
AzureSEVSNP holds the OID for Azure SNP CVMs.
func (AzureSEVSNP) Equal ¶
func (AzureSEVSNP) Equal(other Getter) bool
Equal returns true if the other variant is also AzureSEVSNP.
func (AzureSEVSNP) OID ¶
func (AzureSEVSNP) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
func (AzureSEVSNP) String ¶
func (AzureSEVSNP) String() string
String returns the string representation of the OID.
type AzureTDX ¶ added in v2.15.0
type AzureTDX struct{}
AzureTDX holds the OID for Azure TDX CVMs.
func (AzureTDX) OID ¶ added in v2.15.0
func (AzureTDX) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type AzureTrustedLaunch ¶
type AzureTrustedLaunch struct{}
AzureTrustedLaunch holds the OID for Azure TrustedLaunch VMs.
func (AzureTrustedLaunch) Equal ¶
func (AzureTrustedLaunch) Equal(other Getter) bool
Equal returns true if the other variant is also AzureTrustedLaunch.
func (AzureTrustedLaunch) OID ¶
func (AzureTrustedLaunch) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
func (AzureTrustedLaunch) String ¶
func (AzureTrustedLaunch) String() string
String returns the string representation of the OID.
type Dummy ¶
type Dummy struct{}
Dummy OID for testing.
func (Dummy) OID ¶
func (Dummy) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type GCPSEVES ¶
type GCPSEVES struct{}
GCPSEVES holds the GCP SEV-ES OID.
func (GCPSEVES) OID ¶
func (GCPSEVES) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type GCPSEVSNP ¶ added in v2.17.0
type GCPSEVSNP struct{}
GCPSEVSNP holds the GCP SEV-SNP OID.
func (GCPSEVSNP) Equal ¶ added in v2.17.0
Equal returns true if the other variant is also GCPSEVSNP.
func (GCPSEVSNP) OID ¶ added in v2.17.0
func (GCPSEVSNP) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type Getter ¶
type Getter interface {
OID() asn1.ObjectIdentifier
}
Getter returns an ASN.1 Object Identifier.
type QEMUTDX ¶
type QEMUTDX struct{}
QEMUTDX holds the QEMU TDX OID. Placeholder for dev-cloud integration.
func (QEMUTDX) OID ¶
func (QEMUTDX) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier. Placeholder for dev-cloud integration.
type QEMUVTPM ¶
type QEMUVTPM struct{}
QEMUVTPM holds the QEMUVTPM OID.
func (QEMUVTPM) OID ¶
func (QEMUVTPM) OID() asn1.ObjectIdentifier
OID returns the struct's object identifier.
type Variant ¶
Variant describes an attestation variant.
func FromString ¶
FromString returns the OID for the given string.
func GetAvailableAttestationVariants ¶
func GetAvailableAttestationVariants() []Variant
GetAvailableAttestationVariants returns the available attestation variants.
func GetDefaultAttestation ¶
func GetDefaultAttestation(provider cloudprovider.Provider) Variant
GetDefaultAttestation returns the default attestation variant for the given provider. If not found, it returns the default variant.
Source Files