sevsnp

package
v0.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 20, 2023 License: Apache-2.0 Imports: 5 Imported by: 20

Documentation

Overview

Package sevsnp implements a protocol buffer for representing SEV-SNP attestations.

Index

Constants

This section is empty.

Variables

View Source 
var (
	SevProduct_SevProductName_name = map[int32]string{
		0: "SEV_PRODUCT_UNKNOWN",
		1: "SEV_PRODUCT_MILAN",
		2: "SEV_PRODUCT_GENOA",
	}
	SevProduct_SevProductName_value = map[string]int32{
		"SEV_PRODUCT_UNKNOWN": 0,
		"SEV_PRODUCT_MILAN":   1,
		"SEV_PRODUCT_GENOA":   2,
	}
)

Enum value maps for SevProduct_SevProductName.

View Source 
var File_sevsnp_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type Attestation 

type Attestation struct {
	Report           *Report           `protobuf:"bytes,1,opt,name=report,proto3" json:"report,omitempty"`
	CertificateChain *CertificateChain `protobuf:"bytes,2,opt,name=certificate_chain,json=certificateChain,proto3" json:"certificate_chain,omitempty"`
	Product          *SevProduct       `protobuf:"bytes,3,opt,name=product,proto3" json:"product,omitempty"`
	// contains filtered or unexported fields
}

func (*Attestation) Descriptor deprecated 

func (*Attestation) Descriptor() ([]byte, []int)

Deprecated: Use Attestation.ProtoReflect.Descriptor instead.

func (*Attestation) GetCertificateChain 

func (x *Attestation) GetCertificateChain() *CertificateChain

func (*Attestation) GetProduct added in v0.7.1 

func (x *Attestation) GetProduct() *SevProduct

func (*Attestation) GetReport 

func (x *Attestation) GetReport() *Report

func (*Attestation) ProtoMessage 

func (*Attestation) ProtoMessage()

func (*Attestation) ProtoReflect 

func (x *Attestation) ProtoReflect() protoreflect.Message

func (*Attestation) Reset 

func (x *Attestation) Reset()

func (*Attestation) String 

func (x *Attestation) String() string

type CertificateChain 

type CertificateChain struct {

	// The versioned chip endorsement key's certificate for the
	// key that signed this report.
	VcekCert []byte `protobuf:"bytes,1,opt,name=vcek_cert,json=vcekCert,proto3" json:"vcek_cert,omitempty"`
	// The versioned loaded endorsement key's certificate for the
	// key that signed this report.
	VlekCert []byte `protobuf:"bytes,6,opt,name=vlek_cert,json=vlekCert,proto3" json:"vlek_cert,omitempty"`
	// The AMD SEV or AMD SEV-VLEK certificate that signed the V?EK cert.
	AskCert []byte `protobuf:"bytes,2,opt,name=ask_cert,json=askCert,proto3" json:"ask_cert,omitempty"`
	// The AMD Root key certificate (signs the ASK cert).
	ArkCert []byte `protobuf:"bytes,3,opt,name=ark_cert,json=arkCert,proto3" json:"ark_cert,omitempty"`
	// A certificate the host may inject to endorse the measurement of the
	// firmware.
	//
	// Deprecated: Marked as deprecated in sevsnp.proto.
	FirmwareCert []byte `protobuf:"bytes,4,opt,name=firmware_cert,json=firmwareCert,proto3" json:"firmware_cert,omitempty"`
	// Non-standard certificates the host may inject.
	Extras map[string][]byte `` /* 153-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*CertificateChain) Descriptor deprecated 

func (*CertificateChain) Descriptor() ([]byte, []int)

Deprecated: Use CertificateChain.ProtoReflect.Descriptor instead.

func (*CertificateChain) GetArkCert 

func (x *CertificateChain) GetArkCert() []byte

func (*CertificateChain) GetAskCert 

func (x *CertificateChain) GetAskCert() []byte

func (*CertificateChain) GetExtras added in v0.9.0 

func (x *CertificateChain) GetExtras() map[string][]byte

func (*CertificateChain) GetFirmwareCert deprecated added in v0.4.4 

func (x *CertificateChain) GetFirmwareCert() []byte

Deprecated: Marked as deprecated in sevsnp.proto.

func (*CertificateChain) GetVcekCert 

func (x *CertificateChain) GetVcekCert() []byte

func (*CertificateChain) GetVlekCert added in v0.8.0 

func (x *CertificateChain) GetVlekCert() []byte

func (*CertificateChain) ProtoMessage 

func (*CertificateChain) ProtoMessage()

func (*CertificateChain) ProtoReflect 

func (x *CertificateChain) ProtoReflect() protoreflect.Message

func (*CertificateChain) Reset 

func (x *CertificateChain) Reset()

func (*CertificateChain) String 

func (x *CertificateChain) String() string

type Report 

type Report struct {
	Version         uint32 `protobuf:"varint,1,opt,name=version,proto3" json:"version,omitempty"` // Should be 1 for revision 1.51
	GuestSvn        uint32 `protobuf:"varint,2,opt,name=guest_svn,json=guestSvn,proto3" json:"guest_svn,omitempty"`
	Policy          uint64 `protobuf:"varint,3,opt,name=policy,proto3" json:"policy,omitempty"`
	FamilyId        []byte `protobuf:"bytes,4,opt,name=family_id,json=familyId,proto3" json:"family_id,omitempty"` // Should be 16 bytes long
	ImageId         []byte `protobuf:"bytes,5,opt,name=image_id,json=imageId,proto3" json:"image_id,omitempty"`    // Should be 16 bytes long
	Vmpl            uint32 `protobuf:"varint,6,opt,name=vmpl,proto3" json:"vmpl,omitempty"`
	SignatureAlgo   uint32 `protobuf:"varint,7,opt,name=signature_algo,json=signatureAlgo,proto3" json:"signature_algo,omitempty"`
	CurrentTcb      uint64 `protobuf:"varint,8,opt,name=current_tcb,json=currentTcb,proto3" json:"current_tcb,omitempty"`
	PlatformInfo    uint64 `protobuf:"varint,9,opt,name=platform_info,json=platformInfo,proto3" json:"platform_info,omitempty"`
	SignerInfo      uint32 `protobuf:"varint,10,opt,name=signer_info,json=signerInfo,proto3" json:"signer_info,omitempty"`                 // AuthorKeyEn, MaskChipKey, SigningKey
	ReportData      []byte `protobuf:"bytes,11,opt,name=report_data,json=reportData,proto3" json:"report_data,omitempty"`                  // Should be 64 bytes long
	Measurement     []byte `protobuf:"bytes,12,opt,name=measurement,proto3" json:"measurement,omitempty"`                                  // Should be 48 bytes long
	HostData        []byte `protobuf:"bytes,13,opt,name=host_data,json=hostData,proto3" json:"host_data,omitempty"`                        // Should be 32 bytes long
	IdKeyDigest     []byte `protobuf:"bytes,14,opt,name=id_key_digest,json=idKeyDigest,proto3" json:"id_key_digest,omitempty"`             // Should be 48 bytes long
	AuthorKeyDigest []byte `protobuf:"bytes,15,opt,name=author_key_digest,json=authorKeyDigest,proto3" json:"author_key_digest,omitempty"` // Should be 48 bytes long
	ReportId        []byte `protobuf:"bytes,16,opt,name=report_id,json=reportId,proto3" json:"report_id,omitempty"`                        // Should be 32 bytes long
	ReportIdMa      []byte `protobuf:"bytes,17,opt,name=report_id_ma,json=reportIdMa,proto3" json:"report_id_ma,omitempty"`                // Should be 32 bytes long
	ReportedTcb     uint64 `protobuf:"varint,18,opt,name=reported_tcb,json=reportedTcb,proto3" json:"reported_tcb,omitempty"`
	ChipId          []byte `protobuf:"bytes,19,opt,name=chip_id,json=chipId,proto3" json:"chip_id,omitempty"` // Should be 64 bytes long
	CommittedTcb    uint64 `protobuf:"varint,20,opt,name=committed_tcb,json=committedTcb,proto3" json:"committed_tcb,omitempty"`
	// Each build, minor, major triple should be packed together in a uint32
	// packed together at 7:0, 15:8, 23:16 respectively
	CurrentBuild   uint32 `protobuf:"varint,21,opt,name=current_build,json=currentBuild,proto3" json:"current_build,omitempty"`
	CurrentMinor   uint32 `protobuf:"varint,22,opt,name=current_minor,json=currentMinor,proto3" json:"current_minor,omitempty"`
	CurrentMajor   uint32 `protobuf:"varint,23,opt,name=current_major,json=currentMajor,proto3" json:"current_major,omitempty"`
	CommittedBuild uint32 `protobuf:"varint,24,opt,name=committed_build,json=committedBuild,proto3" json:"committed_build,omitempty"`
	CommittedMinor uint32 `protobuf:"varint,25,opt,name=committed_minor,json=committedMinor,proto3" json:"committed_minor,omitempty"`
	CommittedMajor uint32 `protobuf:"varint,26,opt,name=committed_major,json=committedMajor,proto3" json:"committed_major,omitempty"`
	LaunchTcb      uint64 `protobuf:"varint,27,opt,name=launch_tcb,json=launchTcb,proto3" json:"launch_tcb,omitempty"`
	Signature      []byte `protobuf:"bytes,28,opt,name=signature,proto3" json:"signature,omitempty"` // Should be 512 bytes long
	// contains filtered or unexported fields
}

Report represents an SEV-SNP ATTESTATION_REPORT, specified in SEV SNP API 

documentation https://www.amd.com/system/files/TechDocs/56860.pdf

func (*Report) Descriptor deprecated 

func (*Report) Descriptor() ([]byte, []int)

Deprecated: Use Report.ProtoReflect.Descriptor instead.

func (*Report) GetAuthorKeyDigest 

func (x *Report) GetAuthorKeyDigest() []byte

func (*Report) GetChipId 

func (x *Report) GetChipId() []byte

func (*Report) GetCommittedBuild 

func (x *Report) GetCommittedBuild() uint32

func (*Report) GetCommittedMajor 

func (x *Report) GetCommittedMajor() uint32

func (*Report) GetCommittedMinor 

func (x *Report) GetCommittedMinor() uint32

func (*Report) GetCommittedTcb 

func (x *Report) GetCommittedTcb() uint64

func (*Report) GetCurrentBuild 

func (x *Report) GetCurrentBuild() uint32

func (*Report) GetCurrentMajor 

func (x *Report) GetCurrentMajor() uint32

func (*Report) GetCurrentMinor 

func (x *Report) GetCurrentMinor() uint32

func (*Report) GetCurrentTcb 

func (x *Report) GetCurrentTcb() uint64

func (*Report) GetFamilyId 

func (x *Report) GetFamilyId() []byte

func (*Report) GetGuestSvn 

func (x *Report) GetGuestSvn() uint32

func (*Report) GetHostData 

func (x *Report) GetHostData() []byte

func (*Report) GetIdKeyDigest 

func (x *Report) GetIdKeyDigest() []byte

func (*Report) GetImageId 

func (x *Report) GetImageId() []byte

func (*Report) GetLaunchTcb 

func (x *Report) GetLaunchTcb() uint64

func (*Report) GetMeasurement 

func (x *Report) GetMeasurement() []byte

func (*Report) GetPlatformInfo 

func (x *Report) GetPlatformInfo() uint64

func (*Report) GetPolicy 

func (x *Report) GetPolicy() uint64

func (*Report) GetReportData 

func (x *Report) GetReportData() []byte

func (*Report) GetReportId 

func (x *Report) GetReportId() []byte

func (*Report) GetReportIdMa 

func (x *Report) GetReportIdMa() []byte

func (*Report) GetReportedTcb 

func (x *Report) GetReportedTcb() uint64

func (*Report) GetSignature 

func (x *Report) GetSignature() []byte

func (*Report) GetSignatureAlgo 

func (x *Report) GetSignatureAlgo() uint32

func (*Report) GetSignerInfo added in v0.8.0 

func (x *Report) GetSignerInfo() uint32

func (*Report) GetVersion 

func (x *Report) GetVersion() uint32

func (*Report) GetVmpl 

func (x *Report) GetVmpl() uint32

func (*Report) ProtoMessage 

func (*Report) ProtoMessage()

func (*Report) ProtoReflect 

func (x *Report) ProtoReflect() protoreflect.Message

func (*Report) Reset 

func (x *Report) Reset()

func (*Report) String 

func (x *Report) String() string

type SevProduct added in v0.7.1 

type SevProduct struct {
	Name SevProduct_SevProductName `protobuf:"varint,1,opt,name=name,proto3,enum=sevsnp.SevProduct_SevProductName" json:"name,omitempty"`
	// Deprecated: Marked as deprecated in sevsnp.proto.
	Stepping        uint32                `protobuf:"varint,2,opt,name=stepping,proto3" json:"stepping,omitempty"` // Must be a 4-bit number
	MachineStepping *wrappers.UInt32Value `protobuf:"bytes,3,opt,name=machine_stepping,json=machineStepping,proto3" json:"machine_stepping,omitempty"`
	// contains filtered or unexported fields
}

The CPUID[EAX=1] version information includes product info as described in the AMD KDS specification. The product name, model, and stepping values are important for determining the required parameters to KDS when requesting the endorsement key's certificate.

func (*SevProduct) Descriptor deprecated added in v0.7.1 

func (*SevProduct) Descriptor() ([]byte, []int)

Deprecated: Use SevProduct.ProtoReflect.Descriptor instead.

func (*SevProduct) GetMachineStepping added in v0.9.2 

func (x *SevProduct) GetMachineStepping() *wrappers.UInt32Value

func (*SevProduct) GetName added in v0.7.1 

func (x *SevProduct) GetName() SevProduct_SevProductName

func (*SevProduct) GetStepping deprecated added in v0.9.1 

func (x *SevProduct) GetStepping() uint32

Deprecated: Marked as deprecated in sevsnp.proto.

func (*SevProduct) ProtoMessage added in v0.7.1 

func (*SevProduct) ProtoMessage()

func (*SevProduct) ProtoReflect added in v0.7.1 

func (x *SevProduct) ProtoReflect() protoreflect.Message

func (*SevProduct) Reset added in v0.7.1 

func (x *SevProduct) Reset()

func (*SevProduct) String added in v0.7.1 

func (x *SevProduct) String() string

type SevProduct_SevProductName added in v0.7.1 

type SevProduct_SevProductName int32
const (
	SevProduct_SEV_PRODUCT_UNKNOWN SevProduct_SevProductName = 0
	SevProduct_SEV_PRODUCT_MILAN   SevProduct_SevProductName = 1
	SevProduct_SEV_PRODUCT_GENOA   SevProduct_SevProductName = 2
)

func (SevProduct_SevProductName) Descriptor added in v0.7.1 

func (SevProduct_SevProductName) Descriptor() protoreflect.EnumDescriptor

func (SevProduct_SevProductName) Enum added in v0.7.1 

func (x SevProduct_SevProductName) Enum() *SevProduct_SevProductName

func (SevProduct_SevProductName) EnumDescriptor deprecated added in v0.7.1 

func (SevProduct_SevProductName) EnumDescriptor() ([]byte, []int)

Deprecated: Use SevProduct_SevProductName.Descriptor instead.

func (SevProduct_SevProductName) Number added in v0.7.1 

func (x SevProduct_SevProductName) Number() protoreflect.EnumNumber

func (SevProduct_SevProductName) String added in v0.7.1 

func (x SevProduct_SevProductName) String() string

func (SevProduct_SevProductName) Type added in v0.7.1 

func (SevProduct_SevProductName) Type() protoreflect.EnumType

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.