validate

package
v0.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 16, 2024 License: Apache-2.0 Imports: 10 Imported by: 5

Documentation

Overview

Package validate provides the library functions to validate a TDX quote

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func RawTdxQuote added in v0.2.1 

func RawTdxQuote(raw []byte, options *Options) error

RawTdxQuote checks the raw bytes representation of an attestation quote.

func TdxQuote added in v0.2.1 

func TdxQuote(quote any, options *Options) error

TdxQuote validates fields of the protobuf representation of an attestation Quote against expectations depending on supported quote formats - QuoteV4. Does not check the attestation certificates or signature.

Types

type HeaderOptions 

type HeaderOptions struct {
	// MinimumQeSvn is the minimum QE security version number. Not checked if nil.
	MinimumQeSvn uint16
	// MinimumPceSvn is the minimum PCE security version number. Not checked if nil.
	MinimumPceSvn uint16
	// QeVendorID is the expected QE_VENDOR_ID field. Must be nil or 16 bytes long. Not checked if nil.
	QeVendorID []byte
}

HeaderOptions represents validation options for a TDX attestation Quote Header.

type Options 

type Options struct {
	HeaderOptions      HeaderOptions
	TdQuoteBodyOptions TdQuoteBodyOptions
}

Options represents validation options for a TDX attestation Quote.

func PolicyToOptions 

func PolicyToOptions(policy *ccpb.Policy) (*Options, error)

PolicyToOptions returns an Options object that is represented by a Policy message.

type TdQuoteBodyOptions 

type TdQuoteBodyOptions struct {
	// MinimumTeeTcbSvn is the component-wise minimum TEE_TCB security version number. Must be nil or 16 bytes long. Not checked if nil.
	MinimumTeeTcbSvn []byte
	// MrSeam is the expected MR_SEAM field. Must be nil or 48 bytes long. Not checked if nil.
	MrSeam []byte
	// TdAttributes is the expected TD_ATTRIBUTES field. Must be nil or 8 bytes long. Not checked if nil.
	TdAttributes []byte
	// Xfam is the expected XFAM field. Must be nil or 8 bytes long. Not checked if nil.
	Xfam []byte
	// MrTd is the expected MR_TD field. Must be nil or 48 bytes long. Not checked if nil.
	MrTd []byte
	// MrConfigID is the expected MR_CONFIG_ID field. Must be nil or 48 bytes long. Not checked if nil.
	MrConfigID []byte
	// MrOwner is the expected MR_OWNER field. Must be nil or 48 bytes long. Not checked if nil.
	MrOwner []byte
	// MrOwnerConfig is the expected MR_OWNER_CONFIG field. Must be nil or 48 bytes long. Not checked if nil.
	MrOwnerConfig []byte
	// Rtmrs is the expected RTMRS field. Must be nil or 48 * rtmrsCount. Not checked if nil.
	Rtmrs [][]byte
	// ReportData is the expected REPORT_DATA field. Must be nil or 64 bytes long. Not checked if nil.
	ReportData []byte
}

TdQuoteBodyOptions represents validation options for a TDX attestation Quote's TD Quote body.

Source Files

View all Source files
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.