platform

package

v1.3.1 Latest Latest Go to latest Published: Sep 12, 2024 License: Apache-2.0 Imports: 10 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/veraison/ccatoken

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func EncodeClaimsToCBOR(c IClaims) ([]byte, error)
func EncodeClaimsToJSON(c IClaims) ([]byte, error)
func ValidateAndEncodeClaimsToCBOR(c IClaims) ([]byte, error)
func ValidateAndEncodeClaimsToJSON(c IClaims) ([]byte, error)
func ValidateClaims(c IClaims) error
func ValidateSecurityLifeCycle(v uint16) error
type Claims
type IClaims
type LegacyProfile
- func (o LegacyProfile) GetClaims() psatoken.IClaims
- func (o LegacyProfile) GetName() string
type LifeCycleState
- func LifeCycleToState(v uint16) LifeCycleState
- func (o LifeCycleState) IsValid() bool
- func (o LifeCycleState) String() string
type Profile
- func (o Profile) GetClaims() psatoken.IClaims
- func (o Profile) GetName() string

Constants ¶

View Source

const (
	LifecycleUnknownMin                     = 0x0000
	LifecycleUnknownMax                     = 0x00ff
	LifecycleAssemblyAndTestMin             = 0x1000
	LifecycleAssemblyAndTestMax             = 0x10ff
	LifecycleRotProvisioningMin             = 0x2000
	LifecycleRotProvisioningMax             = 0x20ff
	LifecycleSecuredMin                     = 0x3000
	LifecycleSecuredMax                     = 0x30ff
	LifecycleNonCCAPlatformDebugMin         = 0x4000
	LifecycleNonCCAPlatformDebugMax         = 0x40ff
	LifecycleRecoverableCCAPlatformDebugMin = 0x5000
	LifecycleRecoverableCCAPlatformDebugMax = 0x50ff
	LifecycleDecommissionedMin              = 0x6000
	LifecycleDecommissionedMax              = 0x60ff
)

View Source

const LegacyProfileName = "http://arm.com/CCA-SSD/1.0.0"

View Source

const ProfileName = "tag:arm.com,2023:cca_platform#1.0.0"

Variables ¶

This section is empty.

Functions ¶

func EncodeClaimsToCBOR ¶

func EncodeClaimsToCBOR(c IClaims) ([]byte, error)

EncodeClaimsToCBOR marshals CCA platform claims to CBOR.

func EncodeClaimsToJSON ¶

func EncodeClaimsToJSON(c IClaims) ([]byte, error)

EncodeClaimsToJSON marshals CCA platform claims to JSON.

func ValidateAndEncodeClaimsToCBOR ¶

func ValidateAndEncodeClaimsToCBOR(c IClaims) ([]byte, error)

ValidateAndEncodeClaimsToCBOR validates and then marshals CCA platform claims to CBOR.

func ValidateAndEncodeClaimsToJSON ¶

func ValidateAndEncodeClaimsToJSON(c IClaims) ([]byte, error)

ValidateAndEncodeClaimsToJSON validates and then marshals CCA platform claims to JSON.

func ValidateClaims ¶

func ValidateClaims(c IClaims) error

ValidateClaims returns an error if the provided IClaims instance does not contain a valid set of CCA platform claims.

func ValidateSecurityLifeCycle ¶

func ValidateSecurityLifeCycle(v uint16) error

ValidateSecurityLifeCycle returns an error if the provided value does not correspond to a valid LifeCycleState.

Types ¶

type Claims ¶

type Claims struct {
	Profile           *eat.Profile           `cbor:"265,keyasint" json:"cca-platform-profile"`
	Challenge         *eat.Nonce             `cbor:"10,keyasint" json:"cca-platform-challenge"`
	ImplID            *[]byte                `cbor:"2396,keyasint" json:"cca-platform-implementation-id"`
	InstID            *eat.UEID              `cbor:"256,keyasint" json:"cca-platform-instance-id"`
	Config            *[]byte                `cbor:"2401,keyasint" json:"cca-platform-config"`
	SecurityLifeCycle *uint16                `cbor:"2395,keyasint" json:"cca-platform-lifecycle"`
	SwComponents      psatoken.ISwComponents `cbor:"2399,keyasint" json:"cca-platform-sw-components"`

	VSI       *string `cbor:"2400,keyasint,omitempty" json:"cca-platform-service-indicator,omitempty"`
	HashAlgID *string `cbor:"2402,keyasint" json:"cca-platform-hash-algo-id"`

	CanonicalProfile string `cbor:"-" json:"-"`
}

Claims contains the CCA platform claims. It implements IClaims, which is an extension of psatoken.IClaims.

func (*Claims) GetBootSeed ¶

func (c *Claims) GetBootSeed() ([]byte, error)

func (*Claims) GetCertificationReference ¶

func (c *Claims) GetCertificationReference() (string, error)

func (*Claims) GetClientID ¶

func (c *Claims) GetClientID() (int32, error)

func (*Claims) GetConfig ¶

func (c *Claims) GetConfig() ([]byte, error)

func (*Claims) GetHashAlgID ¶

func (c *Claims) GetHashAlgID() (string, error)

func (*Claims) GetImplID ¶

func (c *Claims) GetImplID() ([]byte, error)

func (*Claims) GetInstID ¶

func (c *Claims) GetInstID() ([]byte, error)

func (*Claims) GetNonce ¶

func (c *Claims) GetNonce() ([]byte, error)

func (*Claims) GetProfile ¶

func (c *Claims) GetProfile() (string, error)

Getters return a validated value or an error After successful call to Validate(), getters of mandatory claims are assured to never fail. Getters of optional claim may still fail with ErrOptionalClaimMissing in case the claim is not present.

func (*Claims) GetSecurityLifeCycle ¶

func (c *Claims) GetSecurityLifeCycle() (uint16, error)

func (*Claims) GetSoftwareComponents ¶

func (c *Claims) GetSoftwareComponents() ([]psatoken.ISwComponent, error)

func (*Claims) GetVSI ¶

func (c *Claims) GetVSI() (string, error)

func (Claims) MarshalCBOR ¶

func (c Claims) MarshalCBOR() ([]byte, error)

MarshalCBOR encodes the claims to CBOR

func (Claims) MarshalJSON ¶ added in v1.3.1

func (c Claims) MarshalJSON() ([]byte, error)

MarshalJSON encodes the claims into JSON

func (*Claims) SetBootSeed ¶

func (c *Claims) SetBootSeed(v []byte) error

func (*Claims) SetCertificationReference ¶

func (c *Claims) SetCertificationReference(v string) error

func (*Claims) SetClientID ¶

func (c *Claims) SetClientID(int32) error

func (*Claims) SetConfig ¶

func (c *Claims) SetConfig(v []byte) error

func (*Claims) SetHashAlgID ¶

func (c *Claims) SetHashAlgID(v string) error

func (*Claims) SetImplID ¶

func (c *Claims) SetImplID(v []byte) error

func (*Claims) SetInstID ¶

func (c *Claims) SetInstID(v []byte) error

func (*Claims) SetNonce ¶

func (c *Claims) SetNonce(v []byte) error

func (*Claims) SetSecurityLifeCycle ¶

func (c *Claims) SetSecurityLifeCycle(v uint16) error

func (*Claims) SetSoftwareComponents ¶

func (c *Claims) SetSoftwareComponents(scs []psatoken.ISwComponent) error

func (*Claims) SetVSI ¶

func (c *Claims) SetVSI(v string) error

func (*Claims) UnmarshalCBOR ¶

func (c *Claims) UnmarshalCBOR(buf []byte) error

UnmarshalCBOR decodes the claims from CBOR

func (*Claims) UnmarshalJSON ¶

func (c *Claims) UnmarshalJSON(buf []byte) error

UnmarshalJSON decodes the claims from JSON

func (*Claims) Validate ¶

func (c *Claims) Validate() error

Semantic validation

type IClaims ¶

type IClaims interface {
	psatoken.IClaims

	GetConfig() ([]byte, error)
	GetHashAlgID() (string, error)

	SetConfig([]byte) error
	SetHashAlgID(string) error
}

IClaims extends psatoken.IClaims to add accessors for CCA claims.

func DecodeAndValidateClaimsFromCBOR ¶

func DecodeAndValidateClaimsFromCBOR(buf []byte) (IClaims, error)

DecodeAndValidateClaimsFromCBOR unmarshals and validates CCA platform claims from provided CBOR buf.

func DecodeAndValidateClaimsFromJSON ¶

func DecodeAndValidateClaimsFromJSON(buf []byte) (IClaims, error)

DecodeAndValidateClaimsFromJSON unmarshals and validates CCA platform claims from provided JSON buf.

func DecodeClaimsFromCBOR ¶

func DecodeClaimsFromCBOR(buf []byte) (IClaims, error)

DecodeClaimsFromCBOR unmarshals CCA platform claims from provided CBOR buf.

func DecodeClaimsFromJSON ¶

func DecodeClaimsFromJSON(buf []byte) (IClaims, error)

DecodeClaimsFromJSON unmarshals CCA platform claims from provided JSON buf.

func NewClaims ¶

func NewClaims() IClaims

NewClaims claims returns a new instance of Claims.

func NewLegacyClaims ¶

func NewLegacyClaims() IClaims

type LegacyProfile ¶

type LegacyProfile struct{}

func (LegacyProfile) GetClaims ¶

func (o LegacyProfile) GetClaims() psatoken.IClaims

func (LegacyProfile) GetName ¶

func (o LegacyProfile) GetName() string

type LifeCycleState ¶

type LifeCycleState uint16

LifeCycleState indicates the life cycle state of attested device. The state is derived from the life cycle claim value, with a range of values mapping onto each state.

const (
	StateUnknown LifeCycleState = iota
	StateAssemblyAndTest
	StateCCARotProvisioning
	StateSecured
	StateNonCCAPlatformDebug
	StateRecoverableCCAPlatformDebug
	StateDecommissioned

	StateInvalid // must be last
)

func LifeCycleToState ¶

func LifeCycleToState(v uint16) LifeCycleState

LifeCycleToState translates the provide life cycle claim value into corresponding LifeCycleState.If the value is not within valid range, then StateInvalid is returned.

func (LifeCycleState) IsValid ¶

func (o LifeCycleState) IsValid() bool

IsValid returns true if the LifeCycleState has a valid value.

func (LifeCycleState) String ¶

func (o LifeCycleState) String() string

String returns a string representation of the life cycle state.

type Profile ¶

type Profile struct{}

Profile is the psatoken.IProfile implementation for CCA claims. It is registered to associate the claims with the profile name, so that it can be automatically used during unmarshaling.

func (Profile) GetClaims ¶

func (o Profile) GetClaims() psatoken.IClaims

func (Profile) GetName ¶

func (o Profile) GetName() string

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL