attributecert

package

v0.3.2 Latest Latest Go to latest Published: Apr 14, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/google/go-attestation

Links

Open Source Insights

Documentation ¶

Overview ¶

Package attributecert parses X.509-encoded attribute certificates.

Index ¶

type AttributeCertificate
- func ParseAttributeCertificate(asn1Data []byte) (*AttributeCertificate, error)
- func (c *AttributeCertificate) CheckSignatureFrom(parent *x509.Certificate) error
type AttributeCertificateIdentifier
type Certholder
type CertificateIdentifier
type CommonCriteriaMeasures
type CommonCriteriaMeasures_sda
type Component
type ComponentAddress
type ComponentClass
type ComponentIdentifierV1
type ComponentIdentifierV2
type FipsLevel
type NoticeReference
type PlatformConfigurationV1
type PlatformConfigurationV2
type PlatformConfigurationV2Workaround
type PlatformDataSET
type PlatformDataSequence
type Property
type TBBSecurityAssertions
type TBBSecurityAssertions_sda
type TCGCredentialSpecification
type TCGCredentialType
type TCGData
type TCGDirectoryEntry
type TCGPlatformSpecification
type TCGSpecificationVersion
type URIReference

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AttributeCertificate ¶

type AttributeCertificate struct {
	Raw                        []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
	RawTBSAttributeCertificate []byte // Certificate part of raw ASN.1 DER content.

	Signature          []byte
	SignatureAlgorithm x509.SignatureAlgorithm

	Version                  int
	SerialNumber             *big.Int
	Holder                   Certholder
	Issuer                   pkix.Name
	Subject                  pkix.Name
	NotBefore, NotAfter      time.Time // Validity bounds.
	TCGPlatformSpecification TCGPlatformSpecification
	TBBSecurityAssertions    TBBSecurityAssertions
	PlatformManufacturer     string
	PlatformModel            string
	PlatformVersion          string
	PlatformSerial           string
	CredentialSpecification  string
	UserNotice               userNotice
	Components               []Component
	Properties               []Property
	PropertiesURI            string
}

func ParseAttributeCertificate ¶

func ParseAttributeCertificate(asn1Data []byte) (*AttributeCertificate, error)

ParseAttributeCertificate parses a single attribute certificate from the given ASN.1 DER data.

func (*AttributeCertificate) CheckSignatureFrom ¶

func (c *AttributeCertificate) CheckSignatureFrom(parent *x509.Certificate) error

CheckSignatureFrom verifies that the signature on c is a valid signature from parent.

type AttributeCertificateIdentifier ¶

type AttributeCertificateIdentifier struct {
	HashAlgorithm          pkix.AlgorithmIdentifier
	HashOverSignatureValue string
}

type Certholder ¶

type Certholder struct {
	Issuer pkix.Name
	Serial *big.Int
}

type CertificateIdentifier ¶

type CertificateIdentifier struct {
	AttributeCertIdentifier AttributeCertificateIdentifier `asn1:"optional,tag:0"`
	GenericCertIdientifier  issuerSerial                   `asn1:"optional,tag:1"`
}

type CommonCriteriaMeasures ¶

type CommonCriteriaMeasures struct {
	Version            string
	AssuranceLevel     asn1.Enumerated
	EvaluationStatus   asn1.Enumerated
	Plus               bool
	StrengthOfFunction asn1.Enumerated       `asn1:"optional,tag:0"`
	ProfileOid         asn1.ObjectIdentifier `asn1:"optional,tag:1"`
	ProfileURI         string                `asn1:"optional,tag:2"`
	TargetOid          asn1.ObjectIdentifier `asn1:"optional,tag:3"`
	TargetURI          asn1.ObjectIdentifier `asn1:"optional,tag:4"`
}

type CommonCriteriaMeasures_sda ¶ added in v0.2.1

type CommonCriteriaMeasures_sda struct {
	Version            string
	AssuranceLevel     asn1.Enumerated
	EvaluationStatus   asn1.Enumerated
	Plus               bool                  `asn1:"optional,default=false"`
	StrengthOfFunction asn1.Enumerated       `asn1:"optional"`
	ProfileOid         asn1.ObjectIdentifier `asn1:"optional"`
	ProfileURI         string                `asn1:"optional"`
	TargetOid          asn1.ObjectIdentifier `asn1:"optional"`
	TargetURI          asn1.ObjectIdentifier `asn1:"optional"`
}

Certificates with this information in the SDA region appear to fail to tag the optional fields

type Component ¶ added in v0.2.1

type Component struct {
	Manufacturer     string
	Model            string
	Serial           string
	Revision         string
	ManufacturerID   int
	FieldReplaceable bool
	Addresses        []ComponentAddress
}

type ComponentAddress ¶

type ComponentAddress struct {
	AddressType  asn1.ObjectIdentifier
	AddressValue string
}

type ComponentClass ¶

type ComponentClass struct {
	ComponentClassRegistry asn1.ObjectIdentifier
	ComponentClassValue    []byte
}

type ComponentIdentifierV1 ¶

type ComponentIdentifierV1 struct {
	ComponentClass          []byte `asn1:"optional"`
	ComponentManufacturer   string
	ComponentModel          string
	ComponentSerial         string             `asn1:"optional,utf8,tag:0"`
	ComponentRevision       string             `asn1:"optional,utf8,tag:1"`
	ComponentManufacturerID int                `asn1:"optional,tag:2"`
	FieldReplaceable        bool               `asn1:"optional,tag:3"`
	ComponentAddresses      []ComponentAddress `asn1:"optional,tag:4"`
}

type ComponentIdentifierV2 ¶

type ComponentIdentifierV2 struct {
	ComponentClass           ComponentClass
	ComponentManufacturer    string
	ComponentModel           string
	ComponentSerial          string                `asn1:"optional,utf8,tag:0"`
	ComponentRevision        string                `asn1:"optional,utf8,tag:1"`
	ComponentManufacturerID  int                   `asn1:"optional,tag:2"`
	FieldReplaceable         bool                  `asn1:"optional,tag:3"`
	ComponentAddresses       []ComponentAddress    `asn1:"optional,tag:4"`
	ComponentPlatformCert    CertificateIdentifier `asn1:"optional,tag:5"`
	ComponentPlatformCertURI string                `asn1:"optional,tag:6"`
	Status                   asn1.Enumerated       `asn1:"optional,tag:7"`
}

type FipsLevel ¶

type FipsLevel struct {
	Version string
	Level   asn1.Enumerated
	Plus    bool `asn1:"optional,default=false"`
}

type NoticeReference ¶

type NoticeReference struct {
	Organization  string
	NoticeNumbers []int
}

RFC 5280 4.2.1.4

type PlatformConfigurationV1 ¶

type PlatformConfigurationV1 struct {
	ComponentIdentifiers  []ComponentIdentifierV1 `asn1:"optional,tag:0"`
	PlatformProperties    []Property              `asn1:"optional,tag:1"`
	PlatformPropertiesURI URIReference            `asn1:"optional,tag:2"`
}

type PlatformConfigurationV2 ¶

type PlatformConfigurationV2 struct {
	ComponentIdentifiers    []ComponentIdentifierV2 `asn1:"optional,tag:0"`
	ComponentIdentifiersURI URIReference            `asn1:"optional,tag:1"`
	PlatformProperties      []Property              `asn1:"optional,tag:2"`
	PlatformPropertiesURI   URIReference            `asn1:"optional,tag:3"`
}

type PlatformConfigurationV2Workaround ¶ added in v0.2.1

type PlatformConfigurationV2Workaround struct {
	ComponentIdentifiers    []ComponentIdentifierV2 `asn1:"optional,tag:0"`
	ComponentIdentifiersURI URIReference            `asn1:"optional,tag:1"`
	PlatformProperty        Property                `asn1:"optional,tag:2"`
	PlatformPropertiesURI   URIReference            `asn1:"optional,tag:3"`
}

type PlatformDataSET ¶

type PlatformDataSET []pkix.AttributeTypeAndValue

type PlatformDataSequence ¶

type PlatformDataSequence []PlatformDataSET

type Property ¶

type Property struct {
	PropertyName  string
	PropertyValue string
	Status        asn1.Enumerated `asn1:"optional,tag:0"`
}

type TBBSecurityAssertions ¶

type TBBSecurityAssertions struct {
	Version          int                    `asn1:"optional,default=0"`
	CcInfo           CommonCriteriaMeasures `asn1:"optional,tag:0"`
	FipsLevel        FipsLevel              `asn1:"optional,tag:1"`
	RtmType          asn1.Enumerated        `asn1:"optional,tag:2"`
	Iso9000Certified bool                   `asn1:"optional,default=false"`
	Iso9000URI       string                 `asn1:"optional"`
}

type TBBSecurityAssertions_sda ¶ added in v0.2.1

type TBBSecurityAssertions_sda struct {
	Version          int
	CcInfo           CommonCriteriaMeasures_sda `asn1:"optional"`
	FipsLevel        FipsLevel                  `asn1:"optional"`
	RtmType          asn1.Enumerated            `asn1:"optional"`
	Iso9000Certified bool                       `asn1:"optional"`
	Iso9000URI       string                     `asn1:"optional"`
}

type TCGCredentialSpecification ¶

type TCGCredentialSpecification struct {
	Version TCGSpecificationVersion
}

type TCGCredentialType ¶

type TCGCredentialType struct {
	CertificateType asn1.ObjectIdentifier
}

type TCGData ¶

type TCGData struct {
	ID   asn1.ObjectIdentifier
	Data string
}

type TCGDirectoryEntry ¶

type TCGDirectoryEntry struct {
	ID   asn1.ObjectIdentifier
	Data asn1.RawValue
}

type TCGPlatformSpecification ¶

type TCGPlatformSpecification struct {
	Version TCGSpecificationVersion
}

type TCGSpecificationVersion ¶

type TCGSpecificationVersion struct {
	MajorVersion int
	MinorVersion int
	Revision     int
}

type URIReference ¶

type URIReference struct {
	UniformResourceIdentifier string
	HashAlgorithm             pkix.AlgorithmIdentifier `asn1:"optional"`
	HashValue                 string                   `asn1:"optional"`
}

Source Files ¶

View all Source files

attributecert.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL