Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var ( ErrFormatMismatch = errors.New("attestation format mismatch") ErrMeasurementMismatch = errors.New("measurement mismatch") )
View Source
var (
NitroEnclaveVerifierOpts = nitrite.VerifyOptions{}
)
Functions ¶
func CertPubkeyFP ¶ added in v0.1.0
func CertPubkeyFP(cert *x509.Certificate) (string, error)
CertPubkeyFP returns the fingerprint of the public key of a given certificate
func ConnectionCertFP ¶ added in v0.1.0
func ConnectionCertFP(c tls.ConnectionState) (string, error)
ConnectionCertFP gets the KeyFP of the public key of a TLS connection state
Types ¶
type Document ¶
type Document struct {
Format PredicateType `json:"format"`
Body string `json:"body"`
}
Document represents an attestation document
func NewDocument ¶ added in v0.1.6
func NewDocument(format PredicateType, body []byte) (*Document, error)
NewDocument creates a new attestation document from a given format and body
func (*Document) Verify ¶
func (d *Document) Verify() (*Verification, error)
Verify checks the attestation document against its trust root and returns the inner measurements
type Measurement ¶
type Measurement struct {
Type PredicateType
Registers []string
}
func (*Measurement) Equals ¶
func (m *Measurement) Equals(other *Measurement) error
func (*Measurement) Fingerprint ¶
func (m *Measurement) Fingerprint() string
Fingerprint computes the SHA-256 hash of all measurements, or returns the single measurement if there is only one
type PredicateType ¶
type PredicateType string
const ( AWSNitroEnclaveV1 PredicateType = "https://tinfoil.sh/predicate/aws-nitro-enclave/v1" SevGuestV1 PredicateType = "https://tinfoil.sh/predicate/sev-snp-guest/v1" SevGuestV2 PredicateType = "https://tinfoil.sh/predicate/sev-snp-guest/v2" TdxGuestV1 PredicateType = "https://tinfoil.sh/predicate/tdx-guest/v1" )
type Verification ¶ added in v0.0.17
type Verification struct {
Measurement *Measurement
PublicKeyFP string
}
func VerifyAttestationJSON ¶
func VerifyAttestationJSON(j []byte) (*Verification, error)
VerifyAttestationJSON verifies an attestation document in JSON format and returns the inner measurements
Click to show internal directories.
Click to hide internal directories.