Documentation ¶
Overview ¶
Keep in sync with agent/pkg/api/types.go
Index ¶
- Constants
- Variables
- func Cookie(rng io.Reader) (string, error)
- func EqualNames(n1 *Name, n2 *Name) bool
- func GenerateAttestationCreation(rand *rand.Rand) tpm2.AttestationData
- func GenerateAttestationData(rand *rand.Rand) tpm2.AttestationData
- func GenerateCertifyInfo(rand *rand.Rand) tpm2.CertifyInfo
- func GenerateClockInfo(rand *rand.Rand) tpm2.ClockInfo
- func GenerateCreationInfo(rand *rand.Rand) tpm2.CreationInfo
- func GenerateECPoint(rand *rand.Rand, cv elliptic.Curve, size uint) tpm2.ECPoint
- func GenerateEK(rand *rand.Rand) tpm2.Public
- func GenerateKDFScheme(rand *rand.Rand) tpm2.KDFScheme
- func GenerateName(rand *rand.Rand) tpm2.Name
- func GenerateParamsECC(rand *rand.Rand, prop tpm2.KeyProp) tpm2.ECCParams
- func GenerateParamsRSA(rand *rand.Rand, prop tpm2.KeyProp) tpm2.RSAParams
- func GeneratePublic(rand *rand.Rand) tpm2.Public
- func GeneratePublicECC(rand *rand.Rand) tpm2.Public
- func GeneratePublicRSA(rand *rand.Rand) tpm2.Public
- func GenerateSigScheme(rand *rand.Rand, ecc bool) tpm2.SigScheme
- func GenerateSignature(rand *rand.Rand) tpm2.Signature
- func GenerateSignatureECC(rand *rand.Rand) tpm2.SignatureECC
- func GenerateSignatureRSA(rand *rand.Rand) tpm2.SignatureRSA
- func GenerateSymScheme(rand *rand.Rand) tpm2.SymScheme
- type ACPITables
- type Agent
- type Annotation
- type AnnotationID
- type Appraisal
- type Attest
- type Buffer
- type CPUIDLeaf
- type CPUVendor
- type Certificate
- type Change
- type Client
- func (c *Client) Attest(ctx context.Context, quoteCredential string, ev Evidence) (*Appraisal, error)
- func (c *Client) Configuration(ctx context.Context, lastUpdate *time.Time) (*Configuration, error)
- func (c *Client) Enroll(ctx context.Context, enrollToken string, enroll Enrollment) ([]*EncryptedCredential, error)
- func (c *Client) Get(ctx context.Context, route string, ifModifiedSince *time.Time) (jsonapi.Payloader, error)
- func (c *Client) Post(ctx context.Context, route string, doc interface{}) (jsonapi.Payloader, error)
- type Configuration
- type Device
- type DevicePatch
- type EFISignature
- type EnclavePageCache
- type EncryptedCredential
- type Enrollment
- type ErrorBuffer
- type Evidence
- type FirmwareError
- type FirmwareProperties
- type Host
- type Info
- type Key
- type KeyTemplate
- type MACAddresses
- type ME
- type MEClientCommands
- type MECommand
- type MSR
- type Memory
- type MemoryRange
- type NIC
- type NICList
- type NVPublic
- type Name
- type OS
- type PCIConfigSpace
- type Policy
- type PolicyCreation
- type PublicKey
- func (p *PublicKey) Encode() (Buffer, error)
- func (PublicKey) Generate(rand *rand.Rand, size int) reflect.Value
- func (a PublicKey) MarshalJSON() ([]byte, error)
- func (p *PublicKey) Name() (Name, error)
- func (pub *PublicKey) Scan(src interface{}) error
- func (a *PublicKey) UnmarshalJSON(data []byte) error
- func (pub PublicKey) Value() (driver.Value, error)
- type Report
- type ReportV1
- type ReportValues
- type SEV
- type SEVCommand
- type SGX
- type SMBIOS
- type Signature
- type TPM
- type TPM2NVIndex
- type TPM2Property
- type TPMEvent
- type TXT
- type UEFI
- type UEFIVariable
- type Verdict
Constants ¶
const ( OSWindows = "windows" OSLinux = "linux" OSUnknown = "unknown" )
const ( EFICertificate = "certificate" EFIFingerprint = "fingerprint" )
const ( ModeSetup = "setup" ModeAudit = "audit" ModeUser = "user" ModeDeployed = "deployed" )
const ( ICU = "ICU" TXE = "TXE" ConsumerME = "Consumer CSME" BusinessME = "Business CSME" LightME = "Light ME" SPS = "SPS" UnknownME = "Unrecognized" )
const ( BootchainCategory = "bootchain" FirmwareCategory = "firmware" ConfigurationCategory = "configuration" )
const ( // host AnnHostname = "host-hostname" AnnOSType = "host-type" AnnCPUVendor = "host-cpu-ven" // smbios AnnNoSMBIOS = "smbios-miss" AnnInvalidSMBIOS = "smbios-inv" AnnSMBIOSType0Missing = "smbios-type0-miss" AnnSMBIOSType0Dup = "smbios-type0-dup" AnnSMBIOSType1Missing = "smbios-type1-miss" AnnSMBIOSType1Dup = "smbios-type1-dup" // uefi AnnNoEFI = "uefi-vars-miss" AnnNoSecureBoot = "uefi-secure-boot" AnnNoDeployedSecureBoot = "uefi-deployed-secure-boot" AnnMissingEventLog = "uefi-eventlog-miss" AnnModeInvalid = "uefi-mode-inv" AnnPKMissing = "uefi-pk-miss" AnnPKInvalid = "uefi-pk-inv" AnnKEKMissing = "uefi-kek-miss" AnnKEKInvalid = "uefi-kek-inv" AnnDBMissing = "uefi-db-miss" AnnDBInvalid = "uefi-db-inv" AnnDBxMissing = "uefi-dbx-miss" AnnDBxInvalid = "uefi-dbx-inv" // txt AnnNoTXTPubspace = "txt-public-miss" // sgx AnnNoSGX = "sgx-missing" AnnSGXDisabled = "sgx-disabled" AnnSGXCaps0Missing = "sgx-cpuid0-miss" AnnSGXCaps1Missing = "sgx-cpuid1-miss" AnnSGXCaps29Missing = "sgx-cpuid2-9-miss" // tpm AnnNoTPM = "tpm-miss" AnnNoTPMManufacturer = "tpm-manuf-miss" AnnInvalidTPMManufacturer = "tpm-manuf-inv" AnnNoTPMVendorID = "tpm-vid-miss" AnnInvalidTPMVendorID = "tpm-vid-inv" AnnNoTPMSpecVersion = "tpm-spec-miss" AnnInvalidTPMSpecVersion = "tpm-spec-inv" AnnEventLogMissing = "tpm-eventlog-miss" AnnEventLogInvalid = "tpm-eventlog-inv" AnnEventLogBad = "tpm-eventlog-bad" AnnPCRInvalid = "tpm-pcr-miss" AnnPCRMissing = "tpm-pcr-inv" // sev AnnNoSEV = "sev-miss" AnnSEVDisabled = "sev-disabled" AnnPlatformStatusMissing = "sev-ps-miss" AnnPlatformStatusInvalid = "sev-ps-inv" // me AnnNoMEDevice = "me-miss" AnnMEConfigSpaceInvalid = "me-inv" AnnMEVariantInvalid = "me-variant-inv" AnnMEVersionMissing = "me-version-miss" AnnMEVersionInvalid = "me-version-inv" AnnMEFeaturesMissing = "me-feat-miss" AnnMEFeaturesInvalid = "me-feat-inv" AnnMEFWUPMissing = "me-fwup-miss" AnnMEFWUPInvalid = "me-fwup-inv" )
const ( StateNew = "new" StateUnseen = "unseen" StateVuln = "vulnerable" StateTrusted = "trusted" StateOutdated = "outdated" StateRetired = "retired" StateResurrectable = "resurrectable" )
const DefaultHTTPRequestTimeoutSec = 30
const DefaultPostRequestTimeoutSec = 60
const EvidenceType = "evidence/1"
const ReportType = "report/2"
const ReportTypeV1 = "report/1"
const VerdictType = "verdict/1"
Variables ¶
var ( ServerError = errors.New("API server error") NetworkError = errors.New("Connection error") AuthError = errors.New("Authentication token invalid") FormatError = errors.New("Data invalid") PaymentError = errors.New("Payment required") )
var ( ChangeEnroll = "enroll" // device ChangeRename = "rename" // device ChangeTag = "tag" // device ChangeAssociate = "associate" // device,policy ChangeTemplate = "template" // policy ChangeNew = "new" // policy ChangeInstaciate = "instanciate" // policy ChangeRevoke = "revoke" // policy ChangeRetire = "retire" // device )
var AnnFatal = map[AnnotationID]bool{ AnnHostname: false, AnnOSType: false, AnnCPUVendor: false, AnnNoSMBIOS: false, AnnInvalidSMBIOS: true, AnnSMBIOSType0Missing: true, AnnSMBIOSType0Dup: true, AnnSMBIOSType1Missing: true, AnnSMBIOSType1Dup: true, AnnNoEFI: false, AnnNoSecureBoot: true, AnnNoDeployedSecureBoot: true, AnnMissingEventLog: false, AnnModeInvalid: false, AnnPKMissing: true, AnnPKInvalid: true, AnnKEKMissing: true, AnnKEKInvalid: true, AnnDBMissing: true, AnnDBInvalid: true, AnnDBxMissing: true, AnnDBxInvalid: true, AnnNoTXTPubspace: false, AnnNoSGX: false, AnnSGXDisabled: false, AnnSGXCaps0Missing: true, AnnSGXCaps1Missing: true, AnnSGXCaps29Missing: true, AnnNoTPM: false, AnnNoTPMManufacturer: true, AnnInvalidTPMManufacturer: true, AnnNoTPMVendorID: true, AnnInvalidTPMVendorID: true, AnnNoTPMSpecVersion: true, AnnInvalidTPMSpecVersion: true, AnnEventLogMissing: false, AnnEventLogInvalid: true, AnnEventLogBad: true, AnnPCRInvalid: true, AnnPCRMissing: true, AnnNoSEV: false, AnnSEVDisabled: false, AnnPlatformStatusMissing: true, AnnPlatformStatusInvalid: true, AnnNoMEDevice: false, AnnMEConfigSpaceInvalid: true, AnnMEVariantInvalid: true, AnnMEVersionMissing: true, AnnMEVersionInvalid: true, AnnMEFeaturesMissing: true, AnnMEFeaturesInvalid: true, AnnMEFWUPMissing: true, AnnMEFWUPInvalid: true, }
Functions ¶
func EqualNames ¶
func GenerateAttestationCreation ¶
func GenerateAttestationCreation(rand *rand.Rand) tpm2.AttestationData
func GenerateAttestationData ¶
func GenerateAttestationData(rand *rand.Rand) tpm2.AttestationData
func GenerateCertifyInfo ¶
func GenerateCertifyInfo(rand *rand.Rand) tpm2.CertifyInfo
func GenerateCreationInfo ¶
func GenerateCreationInfo(rand *rand.Rand) tpm2.CreationInfo
func GenerateECPoint ¶
func GenerateSignatureECC ¶
func GenerateSignatureECC(rand *rand.Rand) tpm2.SignatureECC
func GenerateSignatureRSA ¶
func GenerateSignatureRSA(rand *rand.Rand) tpm2.SignatureRSA
Types ¶
type ACPITables ¶
type ACPITables struct { Tables map[string]Buffer `json:"tables,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Agent ¶
type Agent struct { Release string `json:"release"` ImageSHA2 ErrorBuffer `json:"sha,omitempty"` }
type Annotation ¶
type Annotation struct { Id AnnotationID `json:"id"` Expected string `json:"expected,omitempty"` Path string `json:"path"` Fatal bool `json:"fatal"` }
/v2/devices (apisrv)
func (Annotation) Category ¶
func (a Annotation) Category() string
type AnnotationID ¶
type AnnotationID string
func (AnnotationID) IsFatal ¶
func (a AnnotationID) IsFatal() bool
type Appraisal ¶
type Appraisal struct { Id string `jsonapi:"primary,appraisals" json:"id"` Received time.Time `jsonapi:"attr,received,rfc3339" json:"received"` Appraised time.Time `jsonapi:"attr,appraised,rfc3339" json:"appraised"` Expires time.Time `jsonapi:"attr,expires,rfc3339" json:"expires"` Verdict Verdict `jsonapi:"attr,verdict" json:"verdict"` Report Report `jsonapi:"attr,report" json:"report"` Policy *Policy `jsonapi:"relation,policy" json:"policy"` }
/v2/devices (apisrv)
type Attest ¶
type Attest tpm2.AttestationData
TPM2B_ATTEST wrapper type
func (Attest) MarshalJSON ¶
func (*Attest) UnmarshalJSON ¶
type CPUIDLeaf ¶
type CPUIDLeaf struct { LeafEAX uint32 `json:"leaf_eax,string"` LeafECX uint32 `json:"leaf_ecx,string"` EAX *uint32 `json:"eax,string,omitempty"` EBX *uint32 `json:"ebx,string,omitempty"` ECX *uint32 `json:"ecx,string,omitempty"` EDX *uint32 `json:"edx,string,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Certificate ¶
type Certificate x509.Certificate
Certificate wrapper type
func (Certificate) MarshalJSON ¶
func (c Certificate) MarshalJSON() ([]byte, error)
func (*Certificate) UnmarshalJSON ¶
func (c *Certificate) UnmarshalJSON(data []byte) error
type Change ¶
type Change struct { Id string `jsonapi:"primary,changes" json:"id"` Actor *string `jsonapi:"attr,actor,omitempty" json:"actor,omitempty"` Timestamp time.Time `jsonapi:"attr,timestamp,rfc3339" json:"timestamp"` Comment *string `jsonapi:"attr,comment,omitempty" json:"comment,omitempty"` Type string `jsonapi:"attr,type" json:"type"` // Change* Device *Device `jsonapi:"relation,devices,omitempty" json:"device,omitempty"` Policy *Policy `jsonapi:"relation,policies,omitempty" json:"policy,omitempty"` }
/v2/changes
type Client ¶
type Client struct { HTTP *http.Client Base *url.URL Auth string HTTPRequestTimeout time.Duration // Timeout for all HTTP requests except POST PostRequestTimeout time.Duration // POST requests may contain lots of data and need a different timeout AgentVersion string }
func (*Client) Configuration ¶
Client.Configuration returns a nil Configuration when lastUpdate is not nil and the server tells us to use a cached configuration
func (*Client) Enroll ¶
func (c *Client) Enroll(ctx context.Context, enrollToken string, enroll Enrollment) ([]*EncryptedCredential, error)
type Configuration ¶
type Configuration struct { Root KeyTemplate `jsonapi:"attr,root" json:"root"` Keys map[string]KeyTemplate `jsonapi:"attr,keys" json:"keys"` PCRBank uint16 `jsonapi:"attr,pcr_bank" json:"pcr_bank"` PCRs []int `jsonapi:"attr,pcrs" json:"pcrs"` UEFIVariables []UEFIVariable `jsonapi:"attr,uefi" json:"uefi"` MSRs []MSR `jsonapi:"attr,msrs" json:"msrs"` CPUIDLeafs []CPUIDLeaf `jsonapi:"attr,cpuid" json:"cpuid"` TPM2NVRAM []uint32 `jsonapi:"attr,tpm2_nvram" json:"tpm2_nvram,string"` SEV []SEVCommand `jsonapi:"attr,sev" json:"sev"` ME []MEClientCommands `jsonapi:"attr,me" json:"me"` TPM2Properties []TPM2Property `jsonapi:"attr,tpm2_properties" json:"tpm2_properties"` PCIConfigSpaces []PCIConfigSpace `jsonapi:"attr,pci" json:"pci"` }
/v2/configuration (apisrv)
type Device ¶
type Device struct { Id string `jsonapi:"primary,devices" json:"id"` Cookie string `jsonapi:"attr,cookie,omitempty" json:"cookie,omitempty"` Name string `jsonapi:"attr,name" json:"name"` Attributes map[string]interface{} `jsonapi:"attr,groups" json:"attributes"` State string `jsonapi:"attr,state" json:"state"` Hwid string `jsonapi:"attr,hwid" json:"hwid"` Policies []*Policy `jsonapi:"relation,policies,omitempty" json:"policies,omitempty"` Replaces []*Device `jsonapi:"relation,replaces,omitempty" json:"replaces,omitempty"` ReplacedBy []*Device `jsonapi:"relation,replaced_by,omitempty" json:"replaced_by,omitempty"` Appraisals []*Appraisal `jsonapi:"relation,appraisals,omitempty" json:"appraisals,omitempty"` Changes []*Change `jsonapi:"relation,changes,omitempty" json:"changes,omitempty"` }
/v2/devices
type DevicePatch ¶
type DevicePatch struct { Id string `jsonapi:"primary,devices" json:"id"` Name *string `jsonapi:"attr,name,omitempty" json:"name"` Attributes *map[string]interface{} `jsonapi:"attr,groups,omitempty" json:"attributes"` State *string `jsonapi:"attr,state,omitempty" json:"state"` Comment *string `jsonapi:"attr,comment,omitempty" json:"comment,omitempty"` }
/v2/devices
type EFISignature ¶
type EFISignature struct { Type string `json:"type"` // EFIFingerprint or EFICertificate Subject *string `json:"subject,omitempty"` // certificate only Issuer *string `json:"issuer,omitempty"` // certificate only Fingerprint string `json:"fingerprint"` NotBefore *time.Time `json:"not_before,omitempty,rfc3339"` // certificate only NotAfter *time.Time `json:"not_after,omitempty,rfc3339"` // certificate only Algorithm *string `json:"algorithm,omitempty"` // certificate only }
type EnclavePageCache ¶
type EnclavePageCache struct { Base uint64 `json:"base"` Size uint64 `json:"size"` CIRProtection bool `json:"cir_protection"` }
/v2/devices (apisrv)
type EncryptedCredential ¶
type EncryptedCredential struct { Name string `jsonapi:"attr,name" json:"name"` KeyID Buffer `jsonapi:"attr,key_id" json:"key_id"` Credential Buffer `jsonapi:"attr,credential" json:"credential"` // encrypted JWT Secret Buffer `jsonapi:"attr,secret" json:"secret"` Nonce Buffer `jsonapi:"attr,nonce" json:"nonce"` }
/v2/enroll (apisrv)
type Enrollment ¶
type Enrollment struct { NameHint string `jsonapi:"attr,name_hint" json:"name_hint"` EndoresmentKey PublicKey `jsonapi:"attr,endoresment_key" json:"endoresment_key"` EndoresmentCertificate *Certificate `jsonapi:"attr,endoresment_certificate" json:"endoresment_certificate"` Root PublicKey `jsonapi:"attr,root" json:"root"` Keys map[string]Key `jsonapi:"attr,keys" json:"keys"` Cookie string `jsonapi:"attr,cookie" json:"cookie"` }
/v2/enroll (apisrv)
type ErrorBuffer ¶
type ErrorBuffer struct { Data Buffer `json:"data,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Evidence ¶
type Evidence struct { Type string `jsonapi:"attr,type" json:"type"` Quote *Attest `jsonapi:"attr,quote,omitempty" json:"quote,omitempty"` Signature *Signature `jsonapi:"attr,signature,omitempty" json:"signature,omitempty"` Algorithm string `jsonapi:"attr,algorithm" json:"algorithm"` PCRs map[string]Buffer `jsonapi:"attr,pcrs" json:"pcrs"` AllPCRs map[string]map[string]Buffer `json:"allpcrs,omitempty"` Firmware FirmwareProperties `jsonapi:"attr,firmware" json:"firmware"` Cookie string `jsonapi:"attr,cookie" json:"cookie"` }
/v2/attest (apisrv)
type FirmwareError ¶
type FirmwareError string
const ( NoError FirmwareError = "" UnknownError FirmwareError = "unkn" NoPermission FirmwareError = "no-perm" NoResponse FirmwareError = "no-resp" NotImplemented FirmwareError = "not-impl" )
type FirmwareProperties ¶
type FirmwareProperties struct { UEFIVariables []UEFIVariable `json:"uefi,omitempty"` MSRs []MSR `json:"msrs,omitempty"` CPUIDLeafs []CPUIDLeaf `json:"cpuid,omitempty"` SEV []SEVCommand `json:"sev,omitempty"` ME []MEClientCommands `json:"me,omitempty"` TPM2Properties []TPM2Property `json:"tpm2_properties,omitempty"` TPM2NVRAM []TPM2NVIndex `json:"tpm2_nvram,omitempty"` PCIConfigSpaces []PCIConfigSpace `json:"pci,omitempty"` ACPI ACPITables `json:"acpi"` SMBIOS ErrorBuffer `json:"smbios"` TXTPublicSpace ErrorBuffer `json:"txt"` VTdRegisterSet ErrorBuffer `json:"vtd"` Flash ErrorBuffer `json:"flash"` TPM2EventLog ErrorBuffer `json:"event_log"` MACAddresses MACAddresses `json:"mac"` OS OS `json:"os"` NICs *NICList `json:"nic,omitempty"` Memory Memory `json:"memory"` Agent *Agent `json:"agent,omitempty"` }
/v2/attest (apisrv)
type Host ¶
type Host struct { // Windows: <ProductName> <CurrentMajorVersionNumber>.<CurrentMinorVersionNumber> Build <CurrentBuild> // Linux: /etc/os-release PRETTY_NAME or lsb_release -d OSName string `json:"name"` Hostname string `json:"hostname"` OSType string `json:"type"` // OS* CPUVendor CPUVendor `json:"cpu_vendor"` }
type Info ¶
type Info struct {
APIVersion string `jsonapi:"attr,api_version" json:"api_version"`
}
/v2/info (apisrv)
type Key ¶
type Key struct { Public PublicKey `json:"public"` CreationProof Attest `json:"certify_info"` CreationProofSignature Signature `json:"certify_signature"` }
/v2/enroll (apisrv)
type KeyTemplate ¶
/v2/configuration (apisrv)
type MACAddresses ¶
type MACAddresses struct { Addresses []string `json:"addrs"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type ME ¶
type ME struct { Features []string `json:"features"` Variant string `json:"variant"` // constants above Version []uint16 `json:"version"` RecoveryVersion []uint16 `json:"recovery_version"` FITCVersion []uint16 `json:"fitc_version"` API []uint `json:"api_version,string"` MEUpdate string `json:"updatable"` ChipsetVersion uint `json:"chipset_version,string"` ChipID uint `json:"chip_id,string"` Manufacturer string `json:"manufacturer,omitempty"` Size uint `json:"size,string"` Signature string `json:"signature"` }
type MEClientCommands ¶
type MEClientCommands struct { GUID *uuid.UUID `json:"guid,omitempty"` Address string `json:"address,omitempty"` Commands []MECommand `json:"commands"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type MECommand ¶
type MECommand struct { Command Buffer `json:"command"` Response Buffer `json:"response,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type MSR ¶
type MSR struct { MSR uint32 `json:"msr,string"` Values []uint64 `json:"value,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Memory ¶
type Memory struct { Values []MemoryRange `json:"values,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type MemoryRange ¶
type NIC ¶
type NIC struct { Name string `json:"name,omitempty"` IPv4 []string `json:"ipv4,omitempty"` IPv6 []string `json:"ipv6,omitempty"` MAC string `json:"mac"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type NICList ¶
type NICList struct { List []NIC `json:"list,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type NVPublic ¶
TPMS_NV_PUBLIC wrapper type
func (NVPublic) MarshalJSON ¶
func (*NVPublic) UnmarshalJSON ¶
type Name ¶
TPM2_Name wrapper type
func ComputeName ¶
Comptes the TCG Name and Qualified Name of TPM 2.0 entities.
func (Name) MarshalJSON ¶
func (*Name) UnmarshalJSON ¶
type OS ¶
type OS struct { Hostname string `json:"hostname"` Release string `json:"name"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type PCIConfigSpace ¶
type PCIConfigSpace struct { Bus uint16 `json:"bus,string"` Device uint16 `json:"device,string"` Function uint8 `json:"function,string"` Value Buffer `json:"value,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Policy ¶
type Policy struct { Id string `jsonapi:"primary,policies" json:"id"` Cookie string `jsonapi:"attr,cookie,omitempty" json:"cookie,omitempty"` Name string `jsonapi:"attr,name" json:"name"` ValidSince *time.Time `jsonapi:"attr,valid_from,omitempty,rfc3339" json:"valid_since,string,omitempty"` ValidUntil *time.Time `jsonapi:"attr,valid_until,omitempty,rfc3339" json:"valid_until,string,omitempty"` Revoked bool `jsonapi:"attr,revoked" json:"revoked"` PCRTemplate []string `jsonapi:"attr,pcr_template,omitempty" json:"pcr_template,string,omitempty"` FWTemplate []string `jsonapi:"attr,fw_template,omitempty" json:"fw_template,omitempty"` PCRs map[string]interface{} `jsonapi:"attr,pcrs,omitempty" json:"pcrs,omitempty"` FWOverrides []string `jsonapi:"attr,fw_overrides,omitempty" json:"fw_overrides,omitempty"` Devices []*Device `jsonapi:"relation,devices,omitempty" json:"devices,string"` Replaces []*Policy `jsonapi:"relation,replaces,omitempty" json:"replaces,omitempty,string"` ReplacedBy []*Policy `jsonapi:"relation,replaced_by,omitempty" json:"replaced_by,omitempty,string"` Changes []*Change `jsonapi:"relation,changes,omitempty" json:"changes"` }
/v2/policies
type PolicyCreation ¶
type PolicyCreation struct { Id string `jsonapi:"primary,policies" json:"id"` Name string `jsonapi:"attr,name,omitempty" json:"name"` Devices []*Device `jsonapi:"relation,devices,omitempty" json:"devices,string"` Cookie *string `jsonapi:"attr,cookie,omitempty" json:"cookie,omitempty"` ValidSince *time.Time `jsonapi:"attr,valid_from,omitempty,rfc3339" json:"valid_since,string,omitempty"` ValidUntil *time.Time `jsonapi:"attr,valid_until,omitempty,rfc3339" json:"valid_until,string,omitempty"` // policy.Template PCRTemplate []string `jsonapi:"attr,pcr_template,omitempty" json:"pcr_template,string,omitempty"` FWTemplate []string `jsonapi:"attr,fw_template,omitempty" json:"fw_template,omitempty"` RevokeActive *time.Time `jsonapi:"attr,revoke_active,omitempty,rfc3339" json:"revoke_active,string,omitempty"` // policy.New PCRs map[string]interface{} `jsonapi:"attr,pcrs,omitempty" json:"pcrs,omitempty"` FWOverrides []string `jsonapi:"attr,fw_overrides,omitempty" json:"fw_overrides,omitempty"` }
/v2/policies
type PublicKey ¶
TPMT_PUBLIC wrapper type
func (PublicKey) MarshalJSON ¶
func (*PublicKey) UnmarshalJSON ¶
type Report ¶
type Report struct { Type string `json:"type"` Values ReportValues `json:"values"` Annotations []Annotation `json:"annotations"` }
/v2/devices (apisrv)
type ReportV1 ¶
type ReportV1 struct { Type string `json:"type"` Host Host `json:"host"` SMBIOS *SMBIOS `json:"smbios,omitempty"` UEFI *UEFI `json:"uefi,omitempty"` TPM *TPM `json:"tpm,omitempty"` ME *ME `json:"me,omitempty"` SGX *SGX `json:"sgx,omitempty"` TXT *TXT `json:"txt,omitempty"` SEV *SEV `json:"sev,omitempty"` Annotations []Annotation `json:"annotations"` }
/v2/devices (apisrv)
type ReportValues ¶
type ReportValues struct { Host Host `json:"host"` SMBIOS *SMBIOS `json:"smbios,omitempty"` UEFI *UEFI `json:"uefi,omitempty"` TPM *TPM `json:"tpm,omitempty"` ME *ME `json:"me,omitempty"` SGX *SGX `json:"sgx,omitempty"` TXT *TXT `json:"txt,omitempty"` SEV *SEV `json:"sev,omitempty"` NICs []NIC `json:"nics,omitempty"` }
type SEVCommand ¶
type SEVCommand struct { Command uint32 `json:"command"` // firmware.SEV* ReadLength uint32 `json:"read_length"` Response *Buffer `json:"response,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type SMBIOS ¶
type SMBIOS struct { Manufacturer string `json:"manufacturer"` Product string `json:"product"` Serial string `json:"serial,omitempty"` UUID string `json:"uuid,omitempty"` BIOSReleaseDate string `json:"bios_release_date"` BIOSVendor string `json:"bios_vendor"` BIOSVersion string `json:"bios_version"` }
type Signature ¶
TPMT_SIGNATURE wrapper type
func (Signature) MarshalJSON ¶
func (*Signature) UnmarshalJSON ¶
type TPM2NVIndex ¶
type TPM2NVIndex struct { Index uint32 `json:"index,string"` Public *NVPublic `json:"public,omitempty"` Value *Buffer `json:"value,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type TPM2Property ¶
type TPM2Property struct { Property uint32 `json:"property,string"` Value *uint32 `json:"value,omitempty,string"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type TPMEvent ¶
type TPMEvent struct { PCR uint `json:"pcr"` Value string `json:"value"` Algorithm uint `json:"algorithm"` Note string `json:"note"` }
/v2/devices (apisrv)
type UEFI ¶
type UEFI struct { Mode string `json:"mode"` // Mode* SecureBoot bool `json:"secureboot"` PlatformKeys *[]EFISignature `json:"platform_keys"` ExchangeKeys *[]EFISignature `json:"exchange_keys"` PermittedKeys *[]EFISignature `json:"permitted_keys"` ForbiddenKeys *[]EFISignature `json:"forbidden_keys"` }
type UEFIVariable ¶
type UEFIVariable struct { Vendor string `json:"vendor"` Name string `json:"name"` Value *Buffer `json:"value,omitempty"` Error FirmwareError `json:"error,omitempty"` // FirmwareErr* }
type Verdict ¶
type Verdict struct { Type string `json:"type"` Result bool `json:"result"` SupplyChain bool `json:"supply_chain"` Configuration bool `json:"configuration"` Firmware bool `json:"firmware"` Bootloader bool `json:"bootloader"` OperatingSystem bool `json:"operating_system"` EndpointProtection bool `json:"endpoint_protection"` Bootchain bool `json:"bootchain"` // deprecated }
/v2/devices (apisrv)