Documentation ¶
Overview ¶
Package eventlog provides functions for reading PC Client event logs and various EventData they can carry.
Index ¶
- Constants
- Variables
- type ByteSizedArray
- type CryptoAgileLog
- type EfiGUID
- type Marshallable
- type SP800155Event3
- type Serializable
- type SerializableFromBytes
- type TCGEventData
- type TCGPCClientPCREvent
- type TCGPCREvent2
- type TaggedDigest
- type Uint32SizedArray
- type Uint32SizedArrayT
- type UnknownEvent
- type Unmarshallable
Constants ¶
const ( // RIMLocationRaw specifies that the location data is the data itself. RIMLocationRaw uint32 = iota // RIMLocationURI specifies that the location data is a URI for where to fetch the data. RIMLocationURI // RIMLocationLocal specifies that the location data is a local UEFI device path. RIMLocationLocal // RIMLocationVariable specifies that the location data is a UEFI variable name in 16-byte EFIGUID // followed by '\0\0'-terminated CHAR16 string of the variable name. RIMLocationVariable )
const (
// EvNoAction is an EventType indicating the event is not measured to any PCR.
EvNoAction = 3
)
const (
// EventSignatureSize is the size of the signature header for a TCG event log's EventData payload.
EventSignatureSize = 16
)
Variables ¶
var ( // TcgSP800155Event3Signature is the Canonical Event Log event signature for an unmeasured // informational event that directs the reader to reference measurements for the firmware and // platform. TcgSP800155Event3Signature = [...]byte{ 'S', 'P', '8', '0', '0', '-', '1', '5', '5', ' ', 'E', 'v', 'e', 'n', 't', '3'} )
Functions ¶
This section is empty.
Types ¶
type ByteSizedArray ¶
type ByteSizedArray struct {
Data []byte
}
ByteSizedArray represents an array of bytes no longer than 255 entries that is serialized first with a single byte specifying the array size.
func (*ByteSizedArray) Create ¶
func (*ByteSizedArray) Create() Serializable
Create creates a new ByteSizedArray.
type CryptoAgileLog ¶
type CryptoAgileLog struct { Header TCGPCClientPCREvent Events []*TCGPCREvent2 }
CryptoAgileLog represents events parsed from a TCG crypto agile log formatted document.
type EfiGUID ¶
EfiGUID represents a UUID that is marshalled as an EFI_GUID.
type Marshallable ¶
Marshallable is an interface for writing an object as a stream of bytes to a writer.
type SP800155Event3 ¶
type SP800155Event3 struct { PlatformManufacturerID uint32 ReferenceManifestGUID EfiGUID PlatformManufacturerStr ByteSizedArray PlatformModel ByteSizedArray PlatformVersion ByteSizedArray FirmwareManufacturerStr ByteSizedArray FirmwareManufacturerID uint32 FirmwareVersion ByteSizedArray RIMLocatorType uint32 RIMLocator Uint32SizedArray PlatformCertLocatorType uint32 PlatformCertLocator Uint32SizedArray }
SP800155Event3 represents a TCG SP 800-155 Event3 event specified in the PC Client Platform Firmware Profile.
func (*SP800155Event3) MarshalToBytes ¶
func (evt *SP800155Event3) MarshalToBytes() ([]byte, error)
MarshalToBytes writes the SP800155Event3 structure to its binary form and returns the byte array.
func (*SP800155Event3) UnmarshalFromBytes ¶
func (evt *SP800155Event3) UnmarshalFromBytes(data []byte) error
UnmarshalFromBytes reads a TCG SP 800-155 Event3 event from the whole of the input slice.
type Serializable ¶
type Serializable interface { Unmarshal(io.Reader) error Marshal(io.Writer) error Create() Serializable }
Serializable is an interface for populating the object by unmarshalling data, or marshalling the object to bytes.
type SerializableFromBytes ¶
type SerializableFromBytes interface { // UnmarshalFromBytes populates the current object from the totality of the given data or errors. UnmarshalFromBytes(data []byte) error // MarshalToBytes writes the object to a byte array, including its 16 byte signature. MarshalToBytes() ([]byte, error) }
SerializableFromBytes is an interface for populating the object by interpreting all given bytes as representing the object, and writing the object as a string of bytes.
type TCGEventData ¶
type TCGEventData struct {
Event SerializableFromBytes
}
TCGEventData represents data that may be in an event log's EventData payload. Expects the input data to have a 16 byte header specifying the event type.
type TCGPCClientPCREvent ¶
type TCGPCClientPCREvent struct { PCRIndex uint32 EventType uint32 SHA1Digest [20]byte EventData TCGEventData }
TCGPCClientPCREvent represents a TCG_PCClientPCREvent structure as specified in the PC Client Platform Firmware Profile.
type TCGPCREvent2 ¶
type TCGPCREvent2 struct { PCRIndex uint32 EventType uint32 Digests Uint32SizedArrayT[*TaggedDigest] EventData TCGEventData }
TCGPCREvent2 represents a TCG_PCR_EVENT2 structure as specified in the PC Client Platform Firmware Profile.
func (*TCGPCREvent2) Create ¶
func (*TCGPCREvent2) Create() Serializable
Create creates a TCGPCREvent2.
type TaggedDigest ¶
TaggedDigest represents a digest interpreted as tagged by the TPM_ALG_ID.
func (*TaggedDigest) Create ¶
func (*TaggedDigest) Create() Serializable
Create creates a TaggedDigest.
type Uint32SizedArray ¶
type Uint32SizedArray struct {
Data []byte
}
Uint32SizedArray represents an array of bytes no longer than 2^32 - 1 entries that is serialized first with a little endian uint32 specifying the array size.
func (*Uint32SizedArray) Create ¶
func (*Uint32SizedArray) Create() Serializable
Create creates a new Uint32SizedArray.
type Uint32SizedArrayT ¶
type Uint32SizedArrayT[T Serializable] struct { Array []T }
Uint32SizedArrayT represents a uint32 sized array of a given type, with elements that are serializable.
func (*Uint32SizedArrayT[T]) Create ¶
func (*Uint32SizedArrayT[T]) Create() Serializable
Create creates a Uint32SizedArrayT.
type UnknownEvent ¶
type UnknownEvent struct {
Data []byte
}
UnknownEvent is a catch-all for EventData with unknown signature.
func (*UnknownEvent) MarshalToBytes ¶
func (e *UnknownEvent) MarshalToBytes() ([]byte, error)
MarshalToBytes returns the stored data.
func (*UnknownEvent) UnmarshalFromBytes ¶
func (e *UnknownEvent) UnmarshalFromBytes(data []byte) error
UnmarshalFromBytes stores the given data is the object's representation.
type Unmarshallable ¶
Unmarshallable is an interface for populating the object by unmarshalling data.