model

package
v0.1.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2026 License: AGPL-3.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var AllPCRGroups = []PCRGroup{PCRGroupFirmware, PCRGroupBoot, PCRGroupOS}

AllPCRGroups lists all PCR groups in evaluation order.

View Source 
var PCRGroupRegisters = map[PCRGroup][]int{
	PCRGroupFirmware: {0, 1},
	PCRGroupBoot:     {4, 5, 6, 7},
	PCRGroupOS:       {8, 9},
}

PCRGroupRegisters maps each PCR group to its constituent PCR indices.

Functions

func PCRMajorityKey added in v0.1.5 

func PCRMajorityKey(groupingKey string, group PCRGroup) string

PCRMajorityKey returns the canonical map key for a (groupingKey, pcrGroup) pair.

Types

type ACMEChallenge 

type ACMEChallenge struct {
	ID               uuid.UUID `json:"id"`
	DeviceID         uuid.UUID `json:"device_id"`
	FQDN             string    `json:"fqdn"`
	KeyAuthorization string    `json:"key_authorization"`
	CreatedAt        time.Time `json:"created_at"`
	ExpiresAt        time.Time `json:"expires_at"`
}

type Account added in v0.1.1 

type Account struct {
	ID                    uuid.UUID     `json:"id"`
	Status                AccountStatus `json:"status"`
	MembershipEpoch       int           `json:"membership_epoch"`
	FoundingEKFingerprint string        `json:"founding_ek_fingerprint,omitempty"`
	RecoveryDeadline      *time.Time    `json:"recovery_deadline,omitempty"`
	DissolvedAt           *time.Time    `json:"dissolved_at,omitempty"`
	CreatedAt             time.Time     `json:"created_at"`
}

type AccountDomain added in v0.1.1 

type AccountDomain struct {
	ID                 uuid.UUID    `json:"id"`
	AccountID          uuid.UUID    `json:"account_id"`
	Domain             string       `json:"domain"`
	CNAMETarget        string       `json:"cname_target"`
	Status             DomainStatus `json:"status"`
	CreatedAt          time.Time    `json:"created_at"`
	ExpiresAt          *time.Time   `json:"expires_at,omitempty"`
	VerifiedAt         *time.Time   `json:"verified_at,omitempty"`
	VerifiedByDeviceID *uuid.UUID   `json:"verified_by_device_id,omitempty"`

	// Populated by list queries
	AssignedDeviceIDs []uuid.UUID `json:"assigned_devices,omitempty"`
}

type AccountInvite added in v0.1.4 

type AccountInvite struct {
	ID                 uuid.UUID  `json:"id"`
	AccountID          uuid.UUID  `json:"account_id"`
	InviteCodeHash     string     `json:"-"`
	CreatedByDeviceID  uuid.UUID  `json:"created_by_device_id"`
	ExpiresAt          time.Time  `json:"expires_at"`
	ConsumedAt         *time.Time `json:"consumed_at,omitempty"`
	ConsumedByDeviceID *uuid.UUID `json:"consumed_by_device_id,omitempty"`
	CreatedAt          time.Time  `json:"created_at"`
}

type AccountStatus added in v0.1.4 

type AccountStatus string
const (
	AccountStatusActive          AccountStatus = "active"
	AccountStatusPendingRecovery AccountStatus = "pending_recovery"
)

type ActorType 

type ActorType string
const (
	ActorTypeDevice   ActorType = "device"
	ActorTypeNexus    ActorType = "nexus"
	ActorTypeSystem   ActorType = "system"
	ActorTypeOperator ActorType = "operator"
)

type AuditEntry 

type AuditEntry struct {
	ID           int64           `json:"id"`
	Timestamp    time.Time       `json:"timestamp"`
	ActorType    ActorType       `json:"actor_type"`
	ActorID      string          `json:"actor_id"`
	Action       string          `json:"action"`
	ResourceType string          `json:"resource_type"`
	ResourceID   *string         `json:"resource_id,omitempty"`
	Details      json.RawMessage `json:"details,omitempty"`
	IPAddress    net.IP          `json:"ip_address,omitempty"`
}

type Device 

type Device struct {
	ID                 uuid.UUID         `json:"id"`
	AccountID          uuid.UUID         `json:"account_id"`
	Slug               string            `json:"slug"`
	Hostname           string            `json:"hostname"`
	CustomHostname     *string           `json:"custom_hostname"`
	IdentityClass      string            `json:"identity_class"`
	EKFingerprint      string            `json:"ek_fingerprint"`
	EKCertDER          []byte            `json:"-"`
	AKPublicKey        []byte            `json:"-"`
	IssuerFingerprint  *string           `json:"issuer_fingerprint,omitempty"`
	OSVersion          *string           `json:"os_version,omitempty"`
	PCRValues          map[string]string `json:"pcr_values,omitempty"`
	TrustLevel         TrustLevel        `json:"trust_level"`
	TrustLevelOverride *TrustLevel       `json:"trust_level_override,omitempty"`
	IPAddress          net.IP            `json:"ip_address,omitempty"`
	Timezone           *string           `json:"timezone,omitempty"`
	Status             DeviceStatus      `json:"status"`

	HostnameChangesThisYear int        `json:"-"`
	HostnameYear            int        `json:"-"`
	LastHostnameChangeAt    *time.Time `json:"-"`
	VoucherPendingSince     *time.Time `json:"-"`

	CreatedAt  time.Time  `json:"created_at"`
	LastSeenAt *time.Time `json:"last_seen_at,omitempty"`
}

type DeviceStatus 

type DeviceStatus string
const (
	DeviceStatusActive    DeviceStatus = "active"
	DeviceStatusSuspended DeviceStatus = "suspended"
	DeviceStatusRevoked   DeviceStatus = "revoked"
)

type DomainAssignment added in v0.1.1 

type DomainAssignment struct {
	DeviceID  uuid.UUID `json:"device_id"`
	Domain    string    `json:"domain"`
	CreatedAt time.Time `json:"created_at"`
}

type DomainStatus added in v0.1.1 

type DomainStatus string
const (
	DomainStatusPending  DomainStatus = "pending"
	DomainStatusVerified DomainStatus = "verified"
)

type EKIssuerCensus added in v0.1.5 

type EKIssuerCensus struct {
	ID                        uuid.UUID  `json:"id"`
	IssuerFingerprint         string     `json:"issuer_fingerprint"`
	IssuerSubject             string     `json:"issuer_subject"`
	IssuerPublicKeyDER        []byte     `json:"-"`
	IssuerIsCA                *bool      `json:"issuer_is_ca"`
	IssuerHasCertSign         *bool      `json:"issuer_has_certsign"`
	DeviceCount               int        `json:"device_count"`
	DistinctSubnetCount       int        `json:"distinct_subnet_count"`
	StructuralComplianceScore *float32   `json:"structural_compliance_score"`
	Tier                      IssuerTier `json:"tier"`
	FirstSeenAt               time.Time  `json:"first_seen_at"`
	LastSeenAt                time.Time  `json:"last_seen_at"`
	Flagged                   bool       `json:"flagged"`
	FlaggedReason             *string    `json:"flagged_reason,omitempty"`
	CreatedAt                 time.Time  `json:"created_at"`
}

type EKIssuerObservation added in v0.1.5 

type EKIssuerObservation struct {
	ID                int64     `json:"id"`
	IssuerFingerprint string    `json:"issuer_fingerprint"`
	DeviceID          uuid.UUID `json:"device_id"`
	ClientIPSubnet    string    `json:"client_ip_subnet"`
	ObservedAt        time.Time `json:"observed_at"`
}

type IssuerTier added in v0.1.5 

type IssuerTier string
const (
	IssuerTierSeed              IssuerTier = "seed"
	IssuerTierCrowdCorroborated IssuerTier = "crowd_corroborated"
	IssuerTierUnverified        IssuerTier = "unverified"
)

type NexusInstance 

type NexusInstance struct {
	ID                       uuid.UUID   `json:"id"`
	Hostname                 string      `json:"hostname"`
	ResolvedAddresses        []net.IP    `json:"resolved_addresses"`
	Region                   *string     `json:"region,omitempty"`
	BackendPort              int         `json:"backend_port"`
	HeartbeatIntervalSeconds int         `json:"heartbeat_interval_seconds"`
	Status                   NexusStatus `json:"status"`
	RegisteredAt             time.Time   `json:"registered_at"`
	LastSeenAt               time.Time   `json:"last_seen_at"`
}

type NexusStatus 

type NexusStatus string
const (
	NexusStatusActive   NexusStatus = "active"
	NexusStatusInactive NexusStatus = "inactive"
)

type PCRCensus added in v0.1.5 

type PCRCensus struct {
	ID               uuid.UUID         `json:"id"`
	GroupingKey      string            `json:"grouping_key"`
	PCRGroup         PCRGroup          `json:"pcr_group"`
	PCRCompositeHash string            `json:"pcr_composite_hash"`
	PCRValues        map[string]string `json:"pcr_values"`
	DeviceCount      int               `json:"device_count"`
	IsMajority       bool              `json:"is_majority"`
	FirstSeenAt      time.Time         `json:"first_seen_at"`
	LastSeenAt       time.Time         `json:"last_seen_at"`
}

type PCRConsensusStatus added in v0.1.5 

type PCRConsensusStatus string

PCRConsensusStatus represents the result of comparing a device's PCR values against the census. 

const (
	PCRConsensusMajority PCRConsensusStatus = "majority"
	PCRConsensusOutlier  PCRConsensusStatus = "outlier"
	PCRConsensusUnknown  PCRConsensusStatus = "unknown"
)

type PCRGroup added in v0.1.5 

type PCRGroup string
const (
	PCRGroupFirmware PCRGroup = "firmware"
	PCRGroupBoot     PCRGroup = "boot"
	PCRGroupOS       PCRGroup = "os"
)

type RecoveryClaim added in v0.1.4 

type RecoveryClaim struct {
	ID                  uuid.UUID  `json:"id"`
	DeviceID            uuid.UUID  `json:"device_id"`
	ClaimedAccountID    uuid.UUID  `json:"claimed_account_id"`
	VoucherData         string     `json:"voucher_data"`
	VoucherQuote        string     `json:"voucher_quote"`
	VoucherEpoch        int        `json:"voucher_epoch"`
	IssuerAKPublicKey   []byte     `json:"-"`
	IssuerEKFingerprint string     `json:"issuer_ek_fingerprint"`
	IssuerEKCert        []byte     `json:"-"`
	Attributed          bool       `json:"attributed"`
	Rejected            bool       `json:"rejected"`
	RejectionReason     *string    `json:"rejection_reason,omitempty"`
	AttributedAt        *time.Time `json:"attributed_at,omitempty"`
	CreatedAt           time.Time  `json:"created_at"`
}

type TrustLevel added in v0.1.5 

type TrustLevel string
const (
	TrustLevelStrong      TrustLevel = "strong"
	TrustLevelStandard    TrustLevel = "standard"
	TrustLevelProvisional TrustLevel = "provisional"
	TrustLevelSuspicious  TrustLevel = "suspicious"
	TrustLevelQuarantine  TrustLevel = "quarantine"
)

type VoucherRequest added in v0.1.4 

type VoucherRequest struct {
	ID              uuid.UUID            `json:"id"`
	AccountID       uuid.UUID            `json:"account_id"`
	IssuerDeviceID  uuid.UUID            `json:"issuer_device_id"`
	SubjectDeviceID uuid.UUID            `json:"subject_device_id"`
	VoucherData     string               `json:"voucher_data"`
	Epoch           int                  `json:"epoch"`
	Status          VoucherRequestStatus `json:"status"`
	Quote           *string              `json:"quote,omitempty"`
	CreatedAt       time.Time            `json:"created_at"`
	SignedAt        *time.Time           `json:"signed_at,omitempty"`
}

type VoucherRequestStatus added in v0.1.4 

type VoucherRequestStatus string
const (
	VoucherRequestStatusPending VoucherRequestStatus = "pending"
	VoucherRequestStatusSigned  VoucherRequestStatus = "signed"
	VoucherRequestStatusExpired VoucherRequestStatus = "expired"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.