provision

package
v0.9.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 29, 2026 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	PEM = iota
	DER
)

Variables

This section is empty.

Functions

func DownloadVcek added in v0.9.5 

func DownloadVcek(url string) (*x509.Certificate, int, error)

func SnpCaUrl 

func SnpCaUrl(aktype internal.AkType, codeName string) string

func SnpVcekUrl 

func SnpVcekUrl(codeName string, chipId []byte, tcbRaw uint64) string

func VerifyEk 

func VerifyEk(pub, cert []byte, tpmInfo, certUrl, ekDbPath string, verifyEk bool) error

func VerifyIk 

func VerifyIk(ikParams attest.CertificationParameters, akPub []byte) error

func VerifyTpmCsr 

func VerifyTpmCsr(tpmPub []byte, csr *x509.CertificateRequest) error

Types

type IntelEk 

type IntelEk struct {
	Pubhash string `json:"pubhash"`
	Cert    string `json:"certificate"`
}

type SnpConfig 

type SnpConfig struct {
	VcekMutex       sync.Mutex
	VcekCacheFolder string
	Vceks           map[VcekInfo][]byte
	CaCacheFolder   string
}

func (*SnpConfig) GetSnpCa 

func (s *SnpConfig) GetSnpCa(codeName string, akType internal.AkType) ([]*x509.Certificate, error)

func (*SnpConfig) GetVcek 

func (s *SnpConfig) GetVcek(codeName string, chipId []byte, tcb uint64) (*x509.Certificate, error)

Get Vcek takes the TCB and chip ID, calculates the VCEK URL and gets the certificate in DER format from the cache or downloads it from the AMD server if not present

type TpmConfig 

type TpmConfig struct {
	VerifyEkCert bool
	DbPath       string
}

type VcekInfo 

type VcekInfo struct {
	ChipId [lenChipId]byte
	Tcb    uint64
}

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.