Documentation
¶
Overview ¶
Package measurement provides different collectors to hash files, disks, dmi info and cpuid info.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func HashBytes ¶
func HashBytes(tpmHandle io.ReadWriteCloser, b []byte, eventDesc string) error
HashBytes extends PCR with a byte array and sends an event to sysfs. the sent event is described via eventDesc.
func HashFile ¶
func HashFile(tpmHandle io.ReadWriteCloser, inputVal string) error
* HashFile reads file input by user and calls TPM to measure it and store the hash. * * inputVal is of format <block device identifier>:<path> * E.g sda:/path/to/file _OR UUID:/path/to/file * Performs following actions * 1. mount device * 2. Read file on device into a byte slice. * 3. Unmount device * 4. Call tpm package which measures byte slice and stores it.
Types ¶
type CPUIDCollector ¶
describes the "cpuid" portion of policy file
func (*CPUIDCollector) Collect ¶
func (s *CPUIDCollector) Collect(tpmHandle io.ReadWriteCloser) error
* Collect satisfies collector interface. It calls various functions to * 1. get the cpuid info from cpuid package * 2. stores hash of the result in the tpm device. * 3. also keeps a copy of the result on disk at location provided in policy file.
type Collector ¶
type Collector interface {
Collect(tpmHandle io.ReadWriteCloser) error
}
* all collectors (storage, dmi, cpuid, files) should satisfy this * collectors get information and store the hash of that information in pcr * owned by the tpm device.
func GetCollector ¶
* GetCollector calls the appropriate init handlers for a particular * collector JSON object argument and returns a new Collector Interface. * - error is returned if unmarshalling fails or an unsupported collector is * passed as an argument.
func NewCPUIDCollector ¶
* NewCPUIDCollector extracts the "cpuid" portion from the policy file, * initializes a new CPUIDCollector structure and returns error * if unmarshalling of CPUIDCollector fails
func NewDmiCollector ¶
* NewDmiCollector extracts the "dmi" portion from the policy file. * initializes a new DmiCollector structure. * returns error if unmarshalling of DmiCollector fails
func NewFileCollector ¶
* NewFileCollector extracts the "files" portion from the policy file. * initializes a new FileCollector structure. * returns error if unmarshalling of FileCollector fails
func NewStorageCollector ¶
* NewStorageCollector extracts the "storage" portion from the policy file. * initializes a new StorageCollector structure. * returns error if unmarshalling of StorageCollector fails
type DmiCollector ¶
type DmiCollector struct {
Type string `json:"type"`
Clusters []fieldCluster `json:"events"`
}
describes the "dmi" portion of policy file
func (*DmiCollector) Collect ¶
func (s *DmiCollector) Collect(tpmHandle io.ReadWriteCloser) error
* Collect satisfies collector interface. It calls * 1. smbios package to get all smbios data, * 2. then, filters smbios data based on type provided in policy file, and * 3. the filtered data is then measured into the tpmHandle (tpm device).
type FileCollector ¶
describes the "files" portion of policy file
func (*FileCollector) Collect ¶
func (s *FileCollector) Collect(tpmHandle io.ReadWriteCloser) error
* Collect satisfies Collector Interface. It loops over all file paths provided by user * and for each file path, calls HashFile. HashFile measures each file on * that path and stores the result in TPM.
type StorageCollector ¶
describes the "storage" portion of policy file
func (*StorageCollector) Collect ¶
func (s *StorageCollector) Collect(tpmHandle io.ReadWriteCloser) error
* Collect satisfies Collector Interface. It loops over all storage paths provided * by user and calls measureStorageDevice for each storage path. storage path is of * form /dev/sda. measureStorageDevice in turn calls tpm * package which further hashes this buffer and extends pcr.
Source Files