validate

package

v0.3.1 Latest Latest Go to latest Published: Feb 16, 2024 License: Apache-2.0 Imports: 10 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/go-tdx-guest

Links

Documentation ¶

Overview ¶

Package validate provides the library functions to validate a TDX quote

Index ¶

func RawTdxQuote(raw []byte, options *Options) error
func TdxQuote(quote any, options *Options) error
type HeaderOptions
type Options
- func PolicyToOptions(policy *ccpb.Policy) (*Options, error)
type TdQuoteBodyOptions

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func RawTdxQuote ¶ added in v0.2.1

func RawTdxQuote(raw []byte, options *Options) error

RawTdxQuote checks the raw bytes representation of an attestation quote.

func TdxQuote ¶ added in v0.2.1

func TdxQuote(quote any, options *Options) error

TdxQuote validates fields of the protobuf representation of an attestation Quote against expectations depending on supported quote formats - QuoteV4. Does not check the attestation certificates or signature.

Types ¶

type HeaderOptions ¶

type HeaderOptions struct {
	// MinimumQeSvn is the minimum QE security version number. Not checked if nil.
	MinimumQeSvn uint16
	// MinimumPceSvn is the minimum PCE security version number. Not checked if nil.
	MinimumPceSvn uint16
	// QeVendorID is the expected QE_VENDOR_ID field. Must be nil or 16 bytes long. Not checked if nil.
	QeVendorID []byte
}

HeaderOptions represents validation options for a TDX attestation Quote Header.

type Options ¶

type Options struct {
	HeaderOptions      HeaderOptions
	TdQuoteBodyOptions TdQuoteBodyOptions
}

Options represents validation options for a TDX attestation Quote.

func PolicyToOptions ¶

func PolicyToOptions(policy *ccpb.Policy) (*Options, error)

PolicyToOptions returns an Options object that is represented by a Policy message.

type TdQuoteBodyOptions ¶

type TdQuoteBodyOptions struct {
	// MinimumTeeTcbSvn is the component-wise minimum TEE_TCB security version number. Must be nil or 16 bytes long. Not checked if nil.
	MinimumTeeTcbSvn []byte
	// MrSeam is the expected MR_SEAM field. Must be nil or 48 bytes long. Not checked if nil.
	MrSeam []byte
	// TdAttributes is the expected TD_ATTRIBUTES field. Must be nil or 8 bytes long. Not checked if nil.
	TdAttributes []byte
	// Xfam is the expected XFAM field. Must be nil or 8 bytes long. Not checked if nil.
	Xfam []byte
	// MrTd is the expected MR_TD field. Must be nil or 48 bytes long. Not checked if nil.
	MrTd []byte
	// MrConfigID is the expected MR_CONFIG_ID field. Must be nil or 48 bytes long. Not checked if nil.
	MrConfigID []byte
	// MrOwner is the expected MR_OWNER field. Must be nil or 48 bytes long. Not checked if nil.
	MrOwner []byte
	// MrOwnerConfig is the expected MR_OWNER_CONFIG field. Must be nil or 48 bytes long. Not checked if nil.
	MrOwnerConfig []byte
	// Rtmrs is the expected RTMRS field. Must be nil or 48 * rtmrsCount. Not checked if nil.
	Rtmrs [][]byte
	// ReportData is the expected REPORT_DATA field. Must be nil or 64 bytes long. Not checked if nil.
	ReportData []byte
}

TdQuoteBodyOptions represents validation options for a TDX attestation Quote's TD Quote body.

Source Files ¶

View all Source files

validate.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL