attributecert

package

v0.4.9 Latest Latest Go to latest Published: Apr 24, 2026 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/smallstep/go-attestation

Links

Open Source Insights

Documentation ¶

Overview ¶

Package attributecert parses X.509-encoded attribute certificates.

Index ¶

type AttributeCertificate
- func ParseAttributeCertificate(asn1Data []byte) (*AttributeCertificate, error)
- func (c *AttributeCertificate) CheckSignatureFrom(parent *x509.Certificate) error
type AttributeCertificateIdentifier
type Certholder
type CertificateIdentifier
type CommonCriteriaMeasures
type CommonCriteriaMeasures_sda
type Component
type ComponentAddress
type ComponentClass
type ComponentIdentifierV1
type ComponentIdentifierV2
type FipsLevel
type PlatformConfigurationV1
type PlatformConfigurationV2
type PlatformConfigurationV2Workaround
type PlatformDataSET
type PlatformDataSequence
type Property
type TBBSecurityAssertions
type TBBSecurityAssertions_sda
type TCGCredentialSpecification
type TCGCredentialType
type TCGData
type TCGDirectoryEntry
type TCGPlatformSpecification
type TCGSpecificationVersion
type URIReference

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AttributeCertificate ¶

type AttributeCertificate struct {
	Raw                        []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
	RawTBSAttributeCertificate []byte // Certificate part of raw ASN.1 DER content.

	Signature          []byte
	SignatureAlgorithm x509.SignatureAlgorithm

	Version                  int
	SerialNumber             *big.Int
	Holder                   Certholder
	Issuer                   pkix.Name
	Subject                  pkix.Name
	NotBefore, NotAfter      time.Time // Validity bounds.
	TCGPlatformSpecification TCGPlatformSpecification
	TBBSecurityAssertions    TBBSecurityAssertions
	PlatformManufacturer     string
	PlatformModel            string
	PlatformVersion          string
	PlatformSerial           string
	CredentialSpecification  string
	UserNotice               userNotice
	Components               []Component
	Properties               []Property
	PropertiesURI            string
}

func ParseAttributeCertificate ¶

func ParseAttributeCertificate(asn1Data []byte) (*AttributeCertificate, error)

ParseAttributeCertificate parses a single attribute certificate from the given ASN.1 DER data.

func (*AttributeCertificate) CheckSignatureFrom ¶

func (c *AttributeCertificate) CheckSignatureFrom(parent *x509.Certificate) error

CheckSignatureFrom verifies that the signature on c is a valid signature from parent.

type AttributeCertificateIdentifier ¶

type AttributeCertificateIdentifier struct {
	HashAlgorithm          pkix.AlgorithmIdentifier
	HashOverSignatureValue string
}

type Certholder ¶

type Certholder struct {
	Issuer pkix.Name
	Serial *big.Int
}

type CertificateIdentifier ¶

type CertificateIdentifier struct {
	AttributeCertIdentifier AttributeCertificateIdentifier `asn1:"optional,tag:0"`
	GenericCertIdientifier  issuerSerial                   `asn1:"optional,tag:1"`
}

type CommonCriteriaMeasures ¶

type CommonCriteriaMeasures struct {
	Version            string
	AssuranceLevel     asn1.Enumerated
	EvaluationStatus   asn1.Enumerated
	Plus               bool
	StrengthOfFunction asn1.Enumerated       `asn1:"optional,tag:0"`
	ProfileOid         asn1.ObjectIdentifier `asn1:"optional,tag:1"`
	ProfileURI         string                `asn1:"optional,tag:2"`
	TargetOid          asn1.ObjectIdentifier `asn1:"optional,tag:3"`
	TargetURI          asn1.ObjectIdentifier `asn1:"optional,tag:4"`
}

type CommonCriteriaMeasures_sda ¶

type CommonCriteriaMeasures_sda struct {
	Version            string
	AssuranceLevel     asn1.Enumerated
	EvaluationStatus   asn1.Enumerated
	Plus               bool                  `asn1:"optional,default=false"`
	StrengthOfFunction asn1.Enumerated       `asn1:"optional"`
	ProfileOid         asn1.ObjectIdentifier `asn1:"optional"`
	ProfileURI         string                `asn1:"optional"`
	TargetOid          asn1.ObjectIdentifier `asn1:"optional"`
	TargetURI          asn1.ObjectIdentifier `asn1:"optional"`
}

Certificates with this information in the SDA region appear to fail to tag the optional fields

type Component ¶

type Component struct {
	Manufacturer     string
	Model            string
	Serial           string
	Revision         string
	ManufacturerID   int
	FieldReplaceable bool
	Addresses        []ComponentAddress
}

type ComponentAddress ¶

type ComponentAddress struct {
	AddressType  asn1.ObjectIdentifier
	AddressValue string
}

type ComponentClass ¶

type ComponentClass struct {
	ComponentClassRegistry asn1.ObjectIdentifier
	ComponentClassValue    []byte
}

type ComponentIdentifierV1 ¶

type ComponentIdentifierV1 struct {
	ComponentClass          []byte `asn1:"optional"`
	ComponentManufacturer   string
	ComponentModel          string
	ComponentSerial         string             `asn1:"optional,utf8,tag:0"`
	ComponentRevision       string             `asn1:"optional,utf8,tag:1"`
	ComponentManufacturerID int                `asn1:"optional,tag:2"`
	FieldReplaceable        bool               `asn1:"optional,tag:3"`
	ComponentAddresses      []ComponentAddress `asn1:"optional,tag:4"`
}

type ComponentIdentifierV2 ¶

type ComponentIdentifierV2 struct {
	ComponentClass           ComponentClass
	ComponentManufacturer    string
	ComponentModel           string
	ComponentSerial          string                `asn1:"optional,utf8,tag:0"`
	ComponentRevision        string                `asn1:"optional,utf8,tag:1"`
	ComponentManufacturerID  int                   `asn1:"optional,tag:2"`
	FieldReplaceable         bool                  `asn1:"optional,tag:3"`
	ComponentAddresses       []ComponentAddress    `asn1:"optional,tag:4"`
	ComponentPlatformCert    CertificateIdentifier `asn1:"optional,tag:5"`
	ComponentPlatformCertURI string                `asn1:"optional,tag:6"`
	Status                   asn1.Enumerated       `asn1:"optional,tag:7"`
}

type FipsLevel ¶

type FipsLevel struct {
	Version string
	Level   asn1.Enumerated
	Plus    bool `asn1:"optional,default=false"`
}

type PlatformConfigurationV1 ¶

type PlatformConfigurationV1 struct {
	ComponentIdentifiers  []ComponentIdentifierV1 `asn1:"optional,tag:0"`
	PlatformProperties    []Property              `asn1:"optional,tag:1"`
	PlatformPropertiesURI URIReference            `asn1:"optional,tag:2"`
}

type PlatformConfigurationV2 ¶

type PlatformConfigurationV2 struct {
	ComponentIdentifiers    []ComponentIdentifierV2 `asn1:"optional,tag:0"`
	ComponentIdentifiersURI URIReference            `asn1:"optional,tag:1"`
	PlatformProperties      []Property              `asn1:"optional,tag:2"`
	PlatformPropertiesURI   URIReference            `asn1:"optional,tag:3"`
}

type PlatformConfigurationV2Workaround ¶

type PlatformConfigurationV2Workaround struct {
	ComponentIdentifiers    []ComponentIdentifierV2 `asn1:"optional,tag:0"`
	ComponentIdentifiersURI URIReference            `asn1:"optional,tag:1"`
	PlatformProperty        Property                `asn1:"optional,tag:2"`
	PlatformPropertiesURI   URIReference            `asn1:"optional,tag:3"`
}

type PlatformDataSET ¶

type PlatformDataSET []pkix.AttributeTypeAndValue

type PlatformDataSequence ¶

type PlatformDataSequence []PlatformDataSET

type Property ¶

type Property struct {
	PropertyName  string
	PropertyValue string
	Status        asn1.Enumerated `asn1:"optional,tag:0"`
}

type TBBSecurityAssertions ¶

type TBBSecurityAssertions struct {
	Version          int                    `asn1:"optional,default=0"`
	CcInfo           CommonCriteriaMeasures `asn1:"optional,tag:0"`
	FipsLevel        FipsLevel              `asn1:"optional,tag:1"`
	RtmType          asn1.Enumerated        `asn1:"optional,tag:2"`
	Iso9000Certified bool                   `asn1:"optional,default=false"`
	Iso9000URI       string                 `asn1:"optional"`
}

type TBBSecurityAssertions_sda ¶

type TBBSecurityAssertions_sda struct {
	Version          int
	CcInfo           CommonCriteriaMeasures_sda `asn1:"optional"`
	FipsLevel        FipsLevel                  `asn1:"optional"`
	RtmType          asn1.Enumerated            `asn1:"optional"`
	Iso9000Certified bool                       `asn1:"optional"`
	Iso9000URI       string                     `asn1:"optional"`
}

type TCGCredentialSpecification ¶

type TCGCredentialSpecification struct {
	Version TCGSpecificationVersion
}

type TCGCredentialType ¶

type TCGCredentialType struct {
	CertificateType asn1.ObjectIdentifier
}

type TCGData ¶

type TCGData struct {
	ID   asn1.ObjectIdentifier
	Data string
}

type TCGDirectoryEntry ¶

type TCGDirectoryEntry struct {
	ID   asn1.ObjectIdentifier
	Data asn1.RawValue
}

type TCGPlatformSpecification ¶

type TCGPlatformSpecification struct {
	Version TCGSpecificationVersion
}

type TCGSpecificationVersion ¶

type TCGSpecificationVersion struct {
	MajorVersion int
	MinorVersion int
	Revision     int
}

type URIReference ¶

type URIReference struct {
	UniformResourceIdentifier string
	HashAlgorithm             pkix.AlgorithmIdentifier `asn1:"optional"`
	HashValue                 string                   `asn1:"optional"`
}

Source Files ¶

View all Source files

attributecert.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL