parsec_tpm

package
v0.0.2408 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 23, 2024 License: Apache-2.0 Imports: 18 Imported by: 0

README

Endorsement Store Interface

Reference Value

{
  "scheme": "PARSEC_TPM",
  "type": "REFERENCE_VALUE",
  "attributes": {
    "parsec-tpm.alg-id": 1,
    "parsec-tpm.class-id": "cd1f0e55-26f9-460d-b9d8-f7fde171787c",
    "parsec-tpm.digest": "h0KPxSKAPTEGXnvOPPA/5HUJZjHl4Hu9eg/eYMTPJcc=",
    "parsec-tpm.pcr": 0
  }
}

Trust Anchor

{
  "scheme": "PARSEC_TPM",
  "type": "VERIFICATION_KEY",
  "attributes": {
    "parsec-tpm.ak-pub": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETKRFE_RwSXooI8DdatPOYg_uiKm2XrtT_uEMEvqQZrwJHHcfw0c3WVzGoqL3Y_Q6xkHFfdUVqS2WWkPdKO03uw==",
    "parsec-tpm.class-id": "cd1f0e55-26f9-460d-b9d8-f7fde171787c",
    "parsec-tpm.instance-id": "AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
  }
}

Documentation

Overview

Copyright 2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2023 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2023 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Copyright 2024 Contributors to the Veraison project. SPDX-License-Identifier: Apache-2.0

Index

Constants

View Source
const (
	ScopeTrustAnchor = "trust anchor"
	ScopeRefValues   = "ref values"
)
View Source
const (
	SchemeName         = "PARSEC_TPM"
	EndorsementProfile = `"tag:github.com/parallaxsecond,2023-03-03:tpm"`
)

Variables

View Source
var EndorsementMediaTypes = []string{
	`application/corim-unsigned+cbor; profile=` + EndorsementProfile,
}
View Source
var EvidenceMediaTypes = []string{
	"application/vnd.parallaxsecond.key-attestation.tpm",
}

Functions

This section is empty.

Types

type CorimExtractor

type CorimExtractor struct{ Profile string }

func (CorimExtractor) RefValExtractor

func (o CorimExtractor) RefValExtractor(
	rv comid.ReferenceValue,
) ([]*handler.Endorsement, error)

func (*CorimExtractor) SetProfile

func (o *CorimExtractor) SetProfile(profile string)

func (CorimExtractor) TaExtractor

func (o CorimExtractor) TaExtractor(
	avk comid.AttestVerifKey,
) (*handler.Endorsement, error)

type EndorsementHandler

type EndorsementHandler struct{}

func (EndorsementHandler) Close

func (o EndorsementHandler) Close() error

func (EndorsementHandler) Decode

func (EndorsementHandler) GetAttestationScheme

func (o EndorsementHandler) GetAttestationScheme() string

func (EndorsementHandler) GetName

func (o EndorsementHandler) GetName() string

func (EndorsementHandler) GetSupportedMediaTypes

func (o EndorsementHandler) GetSupportedMediaTypes() []string

func (EndorsementHandler) Init

type Endorsements

type Endorsements struct {
	Scheme string `json:"scheme"`
	Type   string `json:"type"`
	Attr   SwAttr `json:"attributes"`
}

type EvidenceHandler

type EvidenceHandler struct{}

func (EvidenceHandler) AppraiseEvidence

func (s EvidenceHandler) AppraiseEvidence(ec *proto.EvidenceContext, endorsementStrings []string) (*ear.AttestationResult, error)

func (EvidenceHandler) ExtractClaims

func (s EvidenceHandler) ExtractClaims(
	token *proto.AttestationToken,
	trustAnchors []string,
) (map[string]interface{}, error)

func (EvidenceHandler) GetAttestationScheme

func (s EvidenceHandler) GetAttestationScheme() string

func (EvidenceHandler) GetName

func (s EvidenceHandler) GetName() string

func (EvidenceHandler) GetSupportedMediaTypes

func (s EvidenceHandler) GetSupportedMediaTypes() []string

func (EvidenceHandler) ValidateEvidenceIntegrity

func (s EvidenceHandler) ValidateEvidenceIntegrity(token *proto.AttestationToken, trustAnchors []string, endorsements []string) error

type ID

type ID struct {
	// contains filtered or unexported fields
}

func (*ID) FromEnvironment

func (o *ID) FromEnvironment(e comid.Environment) error

type StoreHandler

type StoreHandler struct{}

func (StoreHandler) GetAttestationScheme

func (s StoreHandler) GetAttestationScheme() string

func (StoreHandler) GetName

func (s StoreHandler) GetName() string

func (StoreHandler) GetRefValueIDs

func (s StoreHandler) GetRefValueIDs(
	tenantID string,
	trustAnchors []string,
	claims map[string]interface{},
) ([]string, error)

func (StoreHandler) GetSupportedMediaTypes

func (s StoreHandler) GetSupportedMediaTypes() []string

func (StoreHandler) GetTrustAnchorIDs

func (s StoreHandler) GetTrustAnchorIDs(token *proto.AttestationToken) ([]string, error)

func (StoreHandler) SynthKeysFromRefValue

func (s StoreHandler) SynthKeysFromRefValue(tenantID string, refVals *handler.Endorsement) ([]string, error)

func (StoreHandler) SynthKeysFromTrustAnchor

func (s StoreHandler) SynthKeysFromTrustAnchor(tenantID string, ta *handler.Endorsement) ([]string, error)

type SwAttr

type SwAttr struct {
	AlgID   *uint64 `json:"parsec-tpm.alg-id"`
	ClassID *string `json:"parsec-tpm.class-id"`
	Digest  *[]byte `json:"parsec-tpm.digest"`
	PCR     *uint   `json:"parsec-tpm.pcr"`
}

type TaAttr

type TaAttr struct {
	VerifKey *string `json:"parsec-tpm.ak-pub"`
	ClassID  *string `json:"parsec-tpm.class-id"`
	InstID   *string `json:"parsec-tpm.instance-id"`
}

type TaEndorsements

type TaEndorsements struct {
	Scheme string `json:"scheme"`
	Type   string `json:"type"`
	Attr   TaAttr `json:"attributes"`
}

Directories

Path Synopsis
plugin

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL