Versions in this module Expand all Collapse all v0 v0.0.1 Jul 22, 2022 Changes in this version + const DefaultCARoots + var ErrBadAttestationDocument error = errors.New("Bad attestation document") + var ErrBadCABundle error = errors.New("Payload 'cabundle' has 0 elements") + var ErrBadCABundleItem error = errors.New("Payload 'cabundle' has a nil item or of length not in [1, 1024]") + var ErrBadCOSESign1Structure error = errors.New("Data is not a COSESign1 array") + var ErrBadCertificatePublicKeyAlgorithm error = errors.New("Payload 'certificate' has a bad public key algorithm (not ECDSA)") + var ErrBadCertificateSigningAlgorithm error = errors.New(...) + var ErrBadDigest error = errors.New("Payload 'digest' is not SHA384") + var ErrBadNonce error = errors.New("Payload 'nonce' has a value of length not in [1, 512]") + var ErrBadPCRIndex error = errors.New("Payload 'pcrs' key index is not in [0, 32)") + var ErrBadPCRValue error = errors.New("Payload 'pcrs' value is nil or not of length {32,48,64}") + var ErrBadPCRs error = errors.New("Payload 'pcrs' is less than 1 or more than 32") + var ErrBadPublicKey error = errors.New("Payload 'public_key' has a value of length not in [1, 1024]") + var ErrBadSignature error = errors.New("Payload's signature does not match signature from certificate") + var ErrBadTimestamp error = errors.New("Payload 'timestamp' is 0 or less") + var ErrBadUserData error = errors.New("Payload 'user_data' has a value of length not in [1, 512]") + var ErrCOSESign1BadAlgorithm error = errors.New("COSESign1 algorithm not ECDSA384") + var ErrCOSESign1EmptyPayloadSection error = errors.New("COSESign1 payload section is nil or empty") + var ErrCOSESign1EmptyProtectedSection error = errors.New("COSESign1 protected section is nil or empty") + var ErrCOSESign1EmptySignatureSection error = errors.New("COSESign1 signature section is nil or empty") + var ErrMandatoryFieldsMissing error = errors.New("One or more of mandatory fields missing") + type Document struct + CABundle [][]byte + Certificate []byte + Digest string + ModuleID string + Nonce []byte + PCRs map[uint][]byte + PublicKey []byte + Timestamp uint64 + UserData []byte + type Result struct + COSESign1 []byte + Certificates []*x509.Certificate + Document *Document + Payload []byte + Protected []byte + Signature []byte + SignatureOK bool + Unprotected []byte + func Verify(data []byte, options VerifyOptions) (*Result, error) + type VerifyOptions struct + CurrentTime time.Time + Roots *x509.CertPool