validate

package
v0.12.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2024 License: Apache-2.0 Imports: 15 Imported by: 7

Documentation

Overview

Package validate is for checking attestation report properties other than signature verification.

Index

Constants

View Source
const (
	// CertEntryAllowMissing will only error if the key is present in the certificate table and
	// Validate returns an error.
	CertEntryAllowMissing = iota
	// CertEntryRequire will cause an error if the certificate table does not include the key.
	CertEntryRequire
)

Variables

This section is empty.

Functions

func RawSnpAttestation

func RawSnpAttestation(report []byte, certTable []byte, options *Options) error

RawSnpAttestation validates fields of a raw attestation report against expectations. Does not check the attestation certificates or signature.

func SnpAttestation

func SnpAttestation(attestation *spb.Attestation, options *Options) error

SnpAttestation validates fields of the protobuf representation of an attestation report against expectations. Does not check the attestation certificates or signature.

Types

type CertEntryKind added in v0.9.0

type CertEntryKind int

CertEntryKind represents a simple policy kind for cert table entries. If a UUID string key is present in the CertTableOptions, then the Validate function must not error when given both the attestation and the blob associated with the UUID. If a UUID is missing, then the kind matters: should missing entries be considered an error, or an allowed omission?

type CertEntryOption added in v0.9.0

type CertEntryOption struct {
	Kind     CertEntryKind
	Validate func(attestation *spb.Attestation, blob []byte) error
}

CertEntryOption represents a pluggable validation option for CertTable entries. This allows for golden measurements (RIMs and the like) to be injected into the guest about various provided infrastructure.

type Options

type Options struct {
	// GuestPolicy is the maximum of acceptable guest policies.
	GuestPolicy abi.SnpPolicy
	// MinimumGuestSvn is the minimum guest security version number.
	MinimumGuestSvn uint32
	// ReportData is the expected REPORT_DATA field. Must be nil or 64 bytes long. Not checked if nil.
	ReportData []byte
	// HostData is the expected HOST_DATA field. Must be nil or 32 bytes long. Not checked if nil.
	HostData []byte
	// ImageID is the expected IMAGE_ID field. Must be nil or 16 bytes long. Not checked if nil.
	ImageID []byte
	// FamilyID is the expected FAMILY_ID field. Must be nil or 16 bytes long. Not checked if nil.
	FamilyID []byte
	// ReportID is the expected REPORT_ID field. Must be nil or 32 bytes long. Not checked if nil.
	ReportID []byte
	// ReportIDMA is the expected REPORT_ID_MA field. Must be nil or 32 bytes long. Not checked if nil.
	ReportIDMA []byte
	// Measurement is the expected MEASUREMENT field. Must be nil or 48 bytes long. Not checked if nil.
	Measurement []byte
	// ChipID is the expected CHIP_ID field. Must be nil or 64 bytes long. Not checked if nil.
	ChipID []byte
	// MinimumBuild is the minimum firmware build version reported in the attestation report.
	MinimumBuild uint8
	// MinimumVersion is the minimum firmware API version reported in the attestation report,
	// where the MSB is the major number and the LSB is the minor number.
	MinimumVersion uint16
	// MinimumTCB is the component-wise minimum TCB reported in the attestation report. This
	// does not include the LaunchTCB.
	MinimumTCB kds.TCBParts
	// MinimumLaunchTCB is the component-wise minimum for the attestation report LaunchTCB.
	MinimumLaunchTCB kds.TCBParts
	// PermitProvisionalFirmware if true, allows the committed TCB, build, and API values to be less
	// than or equal to the current values. If false, committed and current values must be equal.
	PermitProvisionalFirmware bool
	// PlatformInfo is the maximum of acceptable PLATFORM_INFO data. Not checked if nil.
	PlatformInfo *abi.SnpPlatformInfo
	// RequireAuthorKey if true, will not validate a report without AUTHOR_KEY_EN equal to 1.
	// Implies RequireIDBlock is true.
	RequireAuthorKey bool
	// VMPL is the expected VMPL value, 0-3. Unchecked if nil.
	VMPL *int
	// RequireIDBlock if true, will not validate a report if it does not have an ID_KEY_DIGEST that
	// is trusted through all keys in TrustedIDKeys or TrustedIDKeyHashes, or any ID key whose hash
	// was signed by a key in TrustedAuthorKeys or TrustedIDKeyHashes. No signatures are checked,
	// since presence in the attestation report implies that the AMD firmware successfully verified
	// the signature at VM launch. If false, ID_KEY_DIGEST and AUTHOR_KEY_DIGEST are not checked.
	RequireIDBlock bool
	// Certificates of keys that are permitted to sign ID keys. Any ID key signed by a trusted author
	// key is implicitly trusted. Not required if TrustedAuthorKeyHashes is provided.
	TrustedAuthorKeys []*x509.Certificate
	// TrustedAuthorKeys is an array of SHA-384 hashes of trusted author keys's public key in SEV-SNP
	// API format. Not required if TrustedAuthorKeys is provided.
	TrustedAuthorKeyHashes [][]byte
	// Certificates of keys that are permitted to sign IDBlocks. Not required if TrustedIDKeyHashes is
	// provided.
	TrustedIDKeys []*x509.Certificate
	// TrustedIDKeyHashes is an array of SHA-384 hashes of trusted ID signer keys's public key in
	// SEV-SNP API format. Not required if TrustedIDKeys is provided.
	TrustedIDKeyHashes [][]byte
	// CertTableOptions allows the caller to specify extra validation conditions on non-standard
	// UUID entries in the certificate table returned by GetExtendedReport.
	CertTableOptions map[string]*CertEntryOption
}

Options represents verification options for an SEV-SNP attestation report.

func PolicyToOptions added in v0.3.0

func PolicyToOptions(policy *cpb.Policy) (*Options, error)

PolicyToOptions returns an Options object that is represented by a Policy message.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL