register

package

v0.0.2 Latest Latest Go to latest Published: Jan 6, 2025 License: Apache-2.0 Imports: 4 Imported by: 4

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/google/go-eventlog

Links

Open Source Insights

Documentation ¶

Overview ¶

Package register contains measurement register-specific implementations.

Index ¶

Variables
type FakeMR
- func (f FakeMR) Dgst() []byte
- func (f FakeMR) DgstAlg() crypto.Hash
- func (f FakeMR) Idx() int
type FakeMRBank
- func (f FakeMRBank) CryptoHash() (crypto.Hash, error)
- func (f FakeMRBank) MRs() []MR
type FakeROT
- func CreateFakeRot(hashes []crypto.Hash, numIdxs int) (FakeROT, error)
- func (f FakeROT) Digest(mr FakeMR) ([]byte, error)
- func (f FakeROT) ExtendMR(mr FakeMR) error
- func (f FakeROT) ReadMRs(hash crypto.Hash, mrSelection []int) (FakeMRBank, error)
type HashAlg
- func (a HashAlg) CryptoHash() crypto.Hash
- func (a HashAlg) GoTPMAlg() tpm2.Algorithm
- func (a HashAlg) String() string
type MR
type MRBank
type PCR
- func (p PCR) Dgst() []byte
- func (p PCR) DgstAlg() crypto.Hash
- func (p PCR) Idx() int
- func (p *PCR) QuoteVerified() bool
- func (p *PCR) SetQuoteVerified()
type PCRBank
- func (b PCRBank) CryptoHash() (crypto.Hash, error)
- func (b PCRBank) MRs() []MR
type RTMR
- func (r RTMR) Dgst() []byte
- func (r RTMR) DgstAlg() crypto.Hash
- func (r RTMR) Idx() int
type RTMRBank
- func (b RTMRBank) CryptoHash() (crypto.Hash, error)
- func (b RTMRBank) MRs() []MR

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	HashSHA1   = HashAlg(tpm2.AlgSHA1)
	HashSHA256 = HashAlg(tpm2.AlgSHA256)
	HashSHA384 = HashAlg(tpm2.AlgSHA384)
)

Valid hash algorithms.

Functions ¶

This section is empty.

Types ¶

type FakeMR ¶ added in v0.0.2

type FakeMR struct {
	Index     int
	Digest    []byte
	DigestAlg crypto.Hash
}

FakeMR encapsulates the value of a FakeMR at a point in time.

func (FakeMR) Dgst ¶ added in v0.0.2

func (f FakeMR) Dgst() []byte

Dgst gives the FakeMR digest.

func (FakeMR) DgstAlg ¶ added in v0.0.2

func (f FakeMR) DgstAlg() crypto.Hash

DgstAlg gives the FakeMR digest algorithm as a crypto.Hash.

func (FakeMR) Idx ¶ added in v0.0.2

func (f FakeMR) Idx() int

Idx gives the FakeMR index.

type FakeMRBank ¶ added in v0.0.2

type FakeMRBank struct {
	Hash    crypto.Hash
	FakeMRs []FakeMR
}

FakeMRBank is a bank of FakeMRs that all correspond to the same hash algorithm.

func (FakeMRBank) CryptoHash ¶ added in v0.0.2

func (f FakeMRBank) CryptoHash() (crypto.Hash, error)

CryptoHash returns the crypto.Hash algorithm related to the FakeMR bank.

func (FakeMRBank) MRs ¶ added in v0.0.2

func (f FakeMRBank) MRs() []MR

MRs returns a slice of MR from the PCR implementation.

type FakeROT ¶ added in v0.0.2

type FakeROT struct {
	// contains filtered or unexported fields
}

FakeROT implements a fake root-of-trust for measurement for test.

func CreateFakeRot ¶ added in v0.0.2

func CreateFakeRot(hashes []crypto.Hash, numIdxs int) (FakeROT, error)

CreateFakeRot creates a fake root-of-trust with banks corresponding to the given hash algorithms, each of size numIdxs.

func (FakeROT) Digest ¶ added in v0.0.2

func (f FakeROT) Digest(mr FakeMR) ([]byte, error)

Digest returns the current digest for the given measurement register indicated by FakeMR.

func (FakeROT) ExtendMR ¶ added in v0.0.2

func (f FakeROT) ExtendMR(mr FakeMR) error

ExtendMR extends the FakeROT's internal MRs corresponding to the bank, index with the digest specified in mr.

func (FakeROT) ReadMRs ¶ added in v0.0.2

func (f FakeROT) ReadMRs(hash crypto.Hash, mrSelection []int) (FakeMRBank, error)

ReadMRs returns the MRs given by the hash algo and MR index selection.

type HashAlg ¶

type HashAlg uint8

HashAlg identifies a hashing Algorithm. Included for backcompat with the go-attestation API.

func (HashAlg) CryptoHash ¶

func (a HashAlg) CryptoHash() crypto.Hash

CryptoHash turns the hash algo into a crypto.Hash

func (HashAlg) GoTPMAlg ¶

func (a HashAlg) GoTPMAlg() tpm2.Algorithm

GoTPMAlg returns the go-tpm definition of this crypto.Hash, based on the TCG Algorithm Registry.

func (HashAlg) String ¶

func (a HashAlg) String() string

String returns a human-friendly representation of the hash algorithm.

type MR ¶

type MR interface {
	Idx() int
	Dgst() []byte
	DgstAlg() crypto.Hash
}

MR provides a generic interface for measurement registers to implement.

type MRBank ¶

type MRBank interface {
	CryptoHash() (crypto.Hash, error)
	MRs() []MR
}

MRBank is a generic interface for a collection of measurement registers associated with the same hash algorithm.

type PCR ¶

type PCR struct {
	Index     int
	Digest    []byte
	DigestAlg crypto.Hash
	// contains filtered or unexported fields
}

PCR encapsulates the value of a PCR at a point in time.

func (PCR) Dgst ¶

func (p PCR) Dgst() []byte

Dgst gives the PCR digest.

func (PCR) DgstAlg ¶

func (p PCR) DgstAlg() crypto.Hash

DgstAlg gives the PCR digest algorithm as a crypto.Hash.

func (PCR) Idx ¶

func (p PCR) Idx() int

Idx gives the PCR index.

func (*PCR) QuoteVerified ¶

func (p *PCR) QuoteVerified() bool

QuoteVerified returns true if the value of this PCR was previously verified against a Quote, in a call to AKPublic.Verify or AKPublic.VerifyAll. NOT for use in go-eventlog. Included for backcompat with the go-attestation API.

func (*PCR) SetQuoteVerified ¶

func (p *PCR) SetQuoteVerified()

SetQuoteVerified sets that the quote verified is true. NOT for use in go-eventlog. Included for backcompat with the go-attestation API.

type PCRBank ¶

type PCRBank struct {
	TCGHashAlgo pb.HashAlgo
	PCRs        []PCR
}

PCRBank is a bank of PCRs that all correspond to the same hash algorithm.

func (PCRBank) CryptoHash ¶

func (b PCRBank) CryptoHash() (crypto.Hash, error)

CryptoHash returns the crypto.Hash algorithm related to the PCR bank.

func (PCRBank) MRs ¶

func (b PCRBank) MRs() []MR

MRs returns a slice of MR from the PCR implementation.

type RTMR ¶

type RTMR struct {
	// The RTMR Index, not the CC MR Index. e.g., for RTMR[1], put 1, not 2.
	Index  int
	Digest []byte
}

RTMR encapsulates the value of a TDX runtime measurement register at a point in time. The given RTMR must always have a SHA-384 digest.

func (RTMR) Dgst ¶

func (r RTMR) Dgst() []byte

Dgst gives the RTMR digest.

func (RTMR) DgstAlg ¶

func (r RTMR) DgstAlg() crypto.Hash

DgstAlg gives the RTMR digest algorithm as a crypto.Hash.

func (RTMR) Idx ¶

func (r RTMR) Idx() int

Idx gives the CC Measurement Register index. This value is the one used in Confidential Computing event logs. Confusingly, MRTD uses CC Measurement Register Index 0, so RTMR0 uses 1. RTMR1 uses 2, and so on. https://cdrdv2-public.intel.com/726792/TDX%20Guest-Hypervisor%20Communication%20Interface_1.5_348552_004%20-%2020230317.pdf https://github.com/cc-api/cc-trusted-vmsdk/issues/50

type RTMRBank ¶

type RTMRBank struct {
	RTMRs []RTMR
}

RTMRBank is a bank of RTMRs that all correspond to the SHA-384 algorithm.

func (RTMRBank) CryptoHash ¶

func (b RTMRBank) CryptoHash() (crypto.Hash, error)

CryptoHash returns the crypto.Hash algorithm related to the RTMR bank.

func (RTMRBank) MRs ¶

func (b RTMRBank) MRs() []MR

MRs returns a slice of MR from the RTMR implementation.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL