Documentation ¶
Overview ¶
Package sevsnp implements a protocol buffer for representing SEV-SNP attestations.
Index ¶
- Variables
- type Attestation
- func (*Attestation) Descriptor() ([]byte, []int)deprecated
- func (x *Attestation) GetCertificateChain() *CertificateChain
- func (x *Attestation) GetProduct() *SevProduct
- func (x *Attestation) GetReport() *Report
- func (*Attestation) ProtoMessage()
- func (x *Attestation) ProtoReflect() protoreflect.Message
- func (x *Attestation) Reset()
- func (x *Attestation) String() string
- type CertificateChain
- func (*CertificateChain) Descriptor() ([]byte, []int)deprecated
- func (x *CertificateChain) GetArkCert() []byte
- func (x *CertificateChain) GetAskCert() []byte
- func (x *CertificateChain) GetExtras() map[string][]byte
- func (x *CertificateChain) GetFirmwareCert() []bytedeprecated
- func (x *CertificateChain) GetVcekCert() []byte
- func (x *CertificateChain) GetVlekCert() []byte
- func (*CertificateChain) ProtoMessage()
- func (x *CertificateChain) ProtoReflect() protoreflect.Message
- func (x *CertificateChain) Reset()
- func (x *CertificateChain) String() string
- type Report
- func (*Report) Descriptor() ([]byte, []int)deprecated
- func (x *Report) GetAuthorKeyDigest() []byte
- func (x *Report) GetChipId() []byte
- func (x *Report) GetCommittedBuild() uint32
- func (x *Report) GetCommittedMajor() uint32
- func (x *Report) GetCommittedMinor() uint32
- func (x *Report) GetCommittedTcb() uint64
- func (x *Report) GetCpuid1EaxFms() uint32
- func (x *Report) GetCurrentBuild() uint32
- func (x *Report) GetCurrentMajor() uint32
- func (x *Report) GetCurrentMinor() uint32
- func (x *Report) GetCurrentTcb() uint64
- func (x *Report) GetFamilyId() []byte
- func (x *Report) GetGuestSvn() uint32
- func (x *Report) GetHostData() []byte
- func (x *Report) GetIdKeyDigest() []byte
- func (x *Report) GetImageId() []byte
- func (x *Report) GetLaunchTcb() uint64
- func (x *Report) GetMeasurement() []byte
- func (x *Report) GetPlatformInfo() uint64
- func (x *Report) GetPolicy() uint64
- func (x *Report) GetReportData() []byte
- func (x *Report) GetReportId() []byte
- func (x *Report) GetReportIdMa() []byte
- func (x *Report) GetReportedTcb() uint64
- func (x *Report) GetSignature() []byte
- func (x *Report) GetSignatureAlgo() uint32
- func (x *Report) GetSignerInfo() uint32
- func (x *Report) GetVersion() uint32
- func (x *Report) GetVmpl() uint32
- func (*Report) ProtoMessage()
- func (x *Report) ProtoReflect() protoreflect.Message
- func (x *Report) Reset()
- func (x *Report) String() string
- type SevProduct
- func (*SevProduct) Descriptor() ([]byte, []int)deprecated
- func (x *SevProduct) GetMachineStepping() *wrapperspb.UInt32Value
- func (x *SevProduct) GetName() SevProduct_SevProductName
- func (x *SevProduct) GetStepping() uint32deprecated
- func (*SevProduct) ProtoMessage()
- func (x *SevProduct) ProtoReflect() protoreflect.Message
- func (x *SevProduct) Reset()
- func (x *SevProduct) String() string
- type SevProduct_SevProductName
- func (SevProduct_SevProductName) Descriptor() protoreflect.EnumDescriptor
- func (x SevProduct_SevProductName) Enum() *SevProduct_SevProductName
- func (SevProduct_SevProductName) EnumDescriptor() ([]byte, []int)deprecated
- func (x SevProduct_SevProductName) Number() protoreflect.EnumNumber
- func (x SevProduct_SevProductName) String() string
- func (SevProduct_SevProductName) Type() protoreflect.EnumType
Constants ¶
This section is empty.
Variables ¶
var ( SevProduct_SevProductName_name = map[int32]string{ 0: "SEV_PRODUCT_UNKNOWN", 1: "SEV_PRODUCT_MILAN", 2: "SEV_PRODUCT_GENOA", 3: "SEV_PRODUCT_TURIN", } SevProduct_SevProductName_value = map[string]int32{ "SEV_PRODUCT_UNKNOWN": 0, "SEV_PRODUCT_MILAN": 1, "SEV_PRODUCT_GENOA": 2, "SEV_PRODUCT_TURIN": 3, } )
Enum value maps for SevProduct_SevProductName.
var File_sevsnp_proto protoreflect.FileDescriptor
Functions ¶
This section is empty.
Types ¶
type Attestation ¶
type Attestation struct { Report *Report `protobuf:"bytes,1,opt,name=report,proto3" json:"report,omitempty"` CertificateChain *CertificateChain `protobuf:"bytes,2,opt,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"` Product *SevProduct `protobuf:"bytes,3,opt,name=product,proto3" json:"product,omitempty"` // contains filtered or unexported fields }
func (*Attestation) Descriptor
deprecated
func (*Attestation) Descriptor() ([]byte, []int)
Deprecated: Use Attestation.ProtoReflect.Descriptor instead.
func (*Attestation) GetCertificateChain ¶
func (x *Attestation) GetCertificateChain() *CertificateChain
func (*Attestation) GetProduct ¶ added in v0.7.1
func (x *Attestation) GetProduct() *SevProduct
func (*Attestation) GetReport ¶
func (x *Attestation) GetReport() *Report
func (*Attestation) ProtoMessage ¶
func (*Attestation) ProtoMessage()
func (*Attestation) ProtoReflect ¶
func (x *Attestation) ProtoReflect() protoreflect.Message
func (*Attestation) Reset ¶
func (x *Attestation) Reset()
func (*Attestation) String ¶
func (x *Attestation) String() string
type CertificateChain ¶
type CertificateChain struct { // The versioned chip endorsement key's certificate for the // key that signed this report. VcekCert []byte `protobuf:"bytes,1,opt,name=vcek_cert,json=vcekCert,proto3" json:"vcek_cert,omitempty"` // The versioned loaded endorsement key's certificate for the // key that signed this report. VlekCert []byte `protobuf:"bytes,6,opt,name=vlek_cert,json=vlekCert,proto3" json:"vlek_cert,omitempty"` // The AMD SEV or AMD SEV-VLEK certificate that signed the V?EK cert. AskCert []byte `protobuf:"bytes,2,opt,name=ask_cert,json=askCert,proto3" json:"ask_cert,omitempty"` // The AMD Root key certificate (signs the ASK cert). ArkCert []byte `protobuf:"bytes,3,opt,name=ark_cert,json=arkCert,proto3" json:"ark_cert,omitempty"` // A certificate the host may inject to endorse the measurement of the // firmware. // // Deprecated: Marked as deprecated in sevsnp.proto. FirmwareCert []byte `protobuf:"bytes,4,opt,name=firmware_cert,json=firmwareCert,proto3" json:"firmware_cert,omitempty"` // Non-standard certificates the host may inject. Extras map[string][]byte `` /* 153-byte string literal not displayed */ // contains filtered or unexported fields }
func (*CertificateChain) Descriptor
deprecated
func (*CertificateChain) Descriptor() ([]byte, []int)
Deprecated: Use CertificateChain.ProtoReflect.Descriptor instead.
func (*CertificateChain) GetArkCert ¶
func (x *CertificateChain) GetArkCert() []byte
func (*CertificateChain) GetAskCert ¶
func (x *CertificateChain) GetAskCert() []byte
func (*CertificateChain) GetExtras ¶ added in v0.9.0
func (x *CertificateChain) GetExtras() map[string][]byte
func (*CertificateChain) GetFirmwareCert
deprecated
added in
v0.4.4
func (x *CertificateChain) GetFirmwareCert() []byte
Deprecated: Marked as deprecated in sevsnp.proto.
func (*CertificateChain) GetVcekCert ¶
func (x *CertificateChain) GetVcekCert() []byte
func (*CertificateChain) GetVlekCert ¶ added in v0.8.0
func (x *CertificateChain) GetVlekCert() []byte
func (*CertificateChain) ProtoMessage ¶
func (*CertificateChain) ProtoMessage()
func (*CertificateChain) ProtoReflect ¶
func (x *CertificateChain) ProtoReflect() protoreflect.Message
func (*CertificateChain) Reset ¶
func (x *CertificateChain) Reset()
func (*CertificateChain) String ¶
func (x *CertificateChain) String() string
type Report ¶
type Report struct { Version uint32 `protobuf:"varint,1,opt,name=version,proto3" json:"version,omitempty"` // Should be 2 for revision 1.55, and 3 for revision 1.56 GuestSvn uint32 `protobuf:"varint,2,opt,name=guest_svn,json=guestSvn,proto3" json:"guest_svn,omitempty"` Policy uint64 `protobuf:"varint,3,opt,name=policy,proto3" json:"policy,omitempty"` FamilyId []byte `protobuf:"bytes,4,opt,name=family_id,json=familyId,proto3" json:"family_id,omitempty"` // Should be 16 bytes long ImageId []byte `protobuf:"bytes,5,opt,name=image_id,json=imageId,proto3" json:"image_id,omitempty"` // Should be 16 bytes long Vmpl uint32 `protobuf:"varint,6,opt,name=vmpl,proto3" json:"vmpl,omitempty"` SignatureAlgo uint32 `protobuf:"varint,7,opt,name=signature_algo,json=signatureAlgo,proto3" json:"signature_algo,omitempty"` CurrentTcb uint64 `protobuf:"varint,8,opt,name=current_tcb,json=currentTcb,proto3" json:"current_tcb,omitempty"` PlatformInfo uint64 `protobuf:"varint,9,opt,name=platform_info,json=platformInfo,proto3" json:"platform_info,omitempty"` SignerInfo uint32 `protobuf:"varint,10,opt,name=signer_info,json=signerInfo,proto3" json:"signer_info,omitempty"` // AuthorKeyEn, MaskChipKey, SigningKey ReportData []byte `protobuf:"bytes,11,opt,name=report_data,json=reportData,proto3" json:"report_data,omitempty"` // Should be 64 bytes long Measurement []byte `protobuf:"bytes,12,opt,name=measurement,proto3" json:"measurement,omitempty"` // Should be 48 bytes long HostData []byte `protobuf:"bytes,13,opt,name=host_data,json=hostData,proto3" json:"host_data,omitempty"` // Should be 32 bytes long IdKeyDigest []byte `protobuf:"bytes,14,opt,name=id_key_digest,json=idKeyDigest,proto3" json:"id_key_digest,omitempty"` // Should be 48 bytes long AuthorKeyDigest []byte `protobuf:"bytes,15,opt,name=author_key_digest,json=authorKeyDigest,proto3" json:"author_key_digest,omitempty"` // Should be 48 bytes long ReportId []byte `protobuf:"bytes,16,opt,name=report_id,json=reportId,proto3" json:"report_id,omitempty"` // Should be 32 bytes long ReportIdMa []byte `protobuf:"bytes,17,opt,name=report_id_ma,json=reportIdMa,proto3" json:"report_id_ma,omitempty"` // Should be 32 bytes long ReportedTcb uint64 `protobuf:"varint,18,opt,name=reported_tcb,json=reportedTcb,proto3" json:"reported_tcb,omitempty"` ChipId []byte `protobuf:"bytes,19,opt,name=chip_id,json=chipId,proto3" json:"chip_id,omitempty"` // Should be 64 bytes long CommittedTcb uint64 `protobuf:"varint,20,opt,name=committed_tcb,json=committedTcb,proto3" json:"committed_tcb,omitempty"` // Each build, minor, major triple should be packed together in a uint32 // packed together at 7:0, 15:8, 23:16 respectively CurrentBuild uint32 `protobuf:"varint,21,opt,name=current_build,json=currentBuild,proto3" json:"current_build,omitempty"` CurrentMinor uint32 `protobuf:"varint,22,opt,name=current_minor,json=currentMinor,proto3" json:"current_minor,omitempty"` CurrentMajor uint32 `protobuf:"varint,23,opt,name=current_major,json=currentMajor,proto3" json:"current_major,omitempty"` CommittedBuild uint32 `protobuf:"varint,24,opt,name=committed_build,json=committedBuild,proto3" json:"committed_build,omitempty"` CommittedMinor uint32 `protobuf:"varint,25,opt,name=committed_minor,json=committedMinor,proto3" json:"committed_minor,omitempty"` CommittedMajor uint32 `protobuf:"varint,26,opt,name=committed_major,json=committedMajor,proto3" json:"committed_major,omitempty"` LaunchTcb uint64 `protobuf:"varint,27,opt,name=launch_tcb,json=launchTcb,proto3" json:"launch_tcb,omitempty"` Signature []byte `protobuf:"bytes,28,opt,name=signature,proto3" json:"signature,omitempty"` // Should be 512 bytes long Cpuid1EaxFms uint32 `protobuf:"varint,29,opt,name=cpuid1eax_fms,json=cpuid1eaxFms,proto3" json:"cpuid1eax_fms,omitempty"` // The cpuid(1).eax & 0x0fff0fff representation of family/model/stepping // contains filtered or unexported fields }
Report represents an SEV-SNP ATTESTATION_REPORT, specified in SEV SNP API
documentation https://www.amd.com/system/files/TechDocs/56860.pdf
func (*Report) Descriptor
deprecated
func (*Report) GetAuthorKeyDigest ¶
func (*Report) GetCommittedBuild ¶
func (*Report) GetCommittedMajor ¶
func (*Report) GetCommittedMinor ¶
func (*Report) GetCommittedTcb ¶
func (*Report) GetCpuid1EaxFms ¶ added in v0.12.0
func (*Report) GetCurrentBuild ¶
func (*Report) GetCurrentMajor ¶
func (*Report) GetCurrentMinor ¶
func (*Report) GetCurrentTcb ¶
func (*Report) GetFamilyId ¶
func (*Report) GetGuestSvn ¶
func (*Report) GetHostData ¶
func (*Report) GetIdKeyDigest ¶
func (*Report) GetImageId ¶
func (*Report) GetLaunchTcb ¶
func (*Report) GetMeasurement ¶
func (*Report) GetPlatformInfo ¶
func (*Report) GetReportData ¶
func (*Report) GetReportId ¶
func (*Report) GetReportIdMa ¶
func (*Report) GetReportedTcb ¶
func (*Report) GetSignature ¶
func (*Report) GetSignatureAlgo ¶
func (*Report) GetSignerInfo ¶ added in v0.8.0
func (*Report) GetVersion ¶
func (*Report) ProtoMessage ¶
func (*Report) ProtoMessage()
func (*Report) ProtoReflect ¶
func (x *Report) ProtoReflect() protoreflect.Message
type SevProduct ¶ added in v0.7.1
type SevProduct struct { Name SevProduct_SevProductName `protobuf:"varint,1,opt,name=name,proto3,enum=sevsnp.SevProduct_SevProductName" json:"name,omitempty"` // Deprecated: Marked as deprecated in sevsnp.proto. Stepping uint32 `protobuf:"varint,2,opt,name=stepping,proto3" json:"stepping,omitempty"` // Must be a 4-bit number MachineStepping *wrapperspb.UInt32Value `protobuf:"bytes,3,opt,name=machine_stepping,json=machineStepping,proto3" json:"machine_stepping,omitempty"` // contains filtered or unexported fields }
The CPUID[EAX=1] version information includes product info as described in the AMD KDS specification. The product name, model, and stepping values are important for determining the required parameters to KDS when requesting the endorsement key's certificate.
func (*SevProduct) Descriptor
deprecated
added in
v0.7.1
func (*SevProduct) Descriptor() ([]byte, []int)
Deprecated: Use SevProduct.ProtoReflect.Descriptor instead.
func (*SevProduct) GetMachineStepping ¶ added in v0.9.2
func (x *SevProduct) GetMachineStepping() *wrapperspb.UInt32Value
func (*SevProduct) GetName ¶ added in v0.7.1
func (x *SevProduct) GetName() SevProduct_SevProductName
func (*SevProduct) GetStepping
deprecated
added in
v0.9.1
func (x *SevProduct) GetStepping() uint32
Deprecated: Marked as deprecated in sevsnp.proto.
func (*SevProduct) ProtoMessage ¶ added in v0.7.1
func (*SevProduct) ProtoMessage()
func (*SevProduct) ProtoReflect ¶ added in v0.7.1
func (x *SevProduct) ProtoReflect() protoreflect.Message
func (*SevProduct) Reset ¶ added in v0.7.1
func (x *SevProduct) Reset()
func (*SevProduct) String ¶ added in v0.7.1
func (x *SevProduct) String() string
type SevProduct_SevProductName ¶ added in v0.7.1
type SevProduct_SevProductName int32
const ( SevProduct_SEV_PRODUCT_UNKNOWN SevProduct_SevProductName = 0 SevProduct_SEV_PRODUCT_MILAN SevProduct_SevProductName = 1 SevProduct_SEV_PRODUCT_GENOA SevProduct_SevProductName = 2 SevProduct_SEV_PRODUCT_TURIN SevProduct_SevProductName = 3 )
func (SevProduct_SevProductName) Descriptor ¶ added in v0.7.1
func (SevProduct_SevProductName) Descriptor() protoreflect.EnumDescriptor
func (SevProduct_SevProductName) Enum ¶ added in v0.7.1
func (x SevProduct_SevProductName) Enum() *SevProduct_SevProductName
func (SevProduct_SevProductName) EnumDescriptor
deprecated
added in
v0.7.1
func (SevProduct_SevProductName) EnumDescriptor() ([]byte, []int)
Deprecated: Use SevProduct_SevProductName.Descriptor instead.
func (SevProduct_SevProductName) Number ¶ added in v0.7.1
func (x SevProduct_SevProductName) Number() protoreflect.EnumNumber
func (SevProduct_SevProductName) String ¶ added in v0.7.1
func (x SevProduct_SevProductName) String() string
func (SevProduct_SevProductName) Type ¶ added in v0.7.1
func (SevProduct_SevProductName) Type() protoreflect.EnumType