Affected by GO-2023-2378 and 1 other vulnerabilities

GO-2023-2378: Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks

GO-2025-3450: MarbleRun unauthenticated recovery allows Coordinator impersonation in github.com/edgelesssys/marblerun

quote

package

v0.5.0 Latest Latest Go to latest Published: Sep 7, 2021 License: MPL-2.0 Imports: 7 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/edgelesssys/marblerun

Links

Open Source Insights

Documentation ¶

Overview ¶

Package quote provides the quoting functionialty for remote attestation on both Coordinator and Marble site.

Index ¶

type FailIssuer
- func NewFailIssuer() *FailIssuer
- func (m *FailIssuer) Issue(cert []byte) ([]byte, error)
type FailValidator
- func NewFailValidator() *FailValidator
- func (m *FailValidator) Validate(quote []byte, cert []byte, pp PackageProperties, ip InfrastructureProperties) error
type InfrastructureProperties
- func (required InfrastructureProperties) IsCompliant(given InfrastructureProperties) bool
type Issuer
type MockIssuer
- func NewMockIssuer() *MockIssuer
- func (m *MockIssuer) Issue(message []byte) ([]byte, error)
type MockValidator
- func NewMockValidator() *MockValidator
- func (m *MockValidator) AddValidQuote(quote []byte, message []byte, pp PackageProperties, ...)
- func (m *MockValidator) Validate(quote []byte, message []byte, pp PackageProperties, ...) error
type PackageProperties
- func (required PackageProperties) IsCompliant(given PackageProperties) bool
type Validator

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type FailIssuer ¶

type FailIssuer struct{}

FailIssuer always fails

func NewFailIssuer ¶

func NewFailIssuer() *FailIssuer

NewFailIssuer returns a new FailIssuer object

func (*FailIssuer) Issue ¶

func (m *FailIssuer) Issue(cert []byte) ([]byte, error)

Issue implements the Issuer interface

type FailValidator ¶

type FailValidator struct {
}

FailValidator always fails

func NewFailValidator ¶

func NewFailValidator() *FailValidator

NewFailValidator returns a new FailValidator object

func (*FailValidator) Validate ¶

func (m *FailValidator) Validate(quote []byte, cert []byte, pp PackageProperties, ip InfrastructureProperties) error

Validate implements the Validator interface for FailValidator

type InfrastructureProperties ¶

type InfrastructureProperties struct {
	// Processor model and firmware security version number
	// NOTE: the Intel manual states that CPUSVN "cannot be compared mathematically"
	CPUSVN []byte
	// Quoting Enclave security version number
	QESVN *uint16
	// Provisioning Certification Enclave security version number
	PCESVN *uint16
	// Certificate of the root CA (not optional)
	RootCA []byte
}

InfrastructureProperties contains the infrastructure-specific properties of a SGX DCAP quote.

func (InfrastructureProperties) IsCompliant ¶

func (required InfrastructureProperties) IsCompliant(given InfrastructureProperties) bool

IsCompliant checks if the given infrastructure properties comply with the requirements

type Issuer ¶

type Issuer interface {
	// Issue issues a quote for remote attestation for a given message
	Issue(cert []byte) (quote []byte, err error)
}

Issuer issues quotes

type MockIssuer ¶

type MockIssuer struct{}

MockIssuer is a mockup quote issuer

func NewMockIssuer ¶

func NewMockIssuer() *MockIssuer

NewMockIssuer returns a new MockIssuer object

func (*MockIssuer) Issue ¶

func (m *MockIssuer) Issue(message []byte) ([]byte, error)

Issue implements the Issuer interface

type MockValidator ¶

type MockValidator struct {
	// contains filtered or unexported fields
}

MockValidator is a mockup quote validator

func NewMockValidator ¶

func NewMockValidator() *MockValidator

NewMockValidator returns a new MockValidator object

func (*MockValidator) AddValidQuote ¶

func (m *MockValidator) AddValidQuote(quote []byte, message []byte, pp PackageProperties, ip InfrastructureProperties)

AddValidQuote adds a valid quote

func (*MockValidator) Validate ¶

func (m *MockValidator) Validate(quote []byte, message []byte, pp PackageProperties, ip InfrastructureProperties) error

Validate implements the Validator interface

type PackageProperties ¶

type PackageProperties struct {
	// Debug Flag of the Attributes
	Debug bool
	// Hash of the enclave
	UniqueID string
	// Hash of the enclave signer's public key
	SignerID string
	// Product ID of the package
	ProductID *uint64
	// Security version number of the package
	SecurityVersion *uint
}

PackageProperties contains the enclave package-specific properties of an OpenEnclave quote. Either UniqueID or SignerID, ProductID, and SecurityVersion should be specified.

func (PackageProperties) IsCompliant ¶

func (required PackageProperties) IsCompliant(given PackageProperties) bool

IsCompliant checks if the given package properties comply with the requirements

type Validator ¶

type Validator interface {
	// Validate validates a quote for a given message and properties
	Validate(quote []byte, cert []byte, pp PackageProperties, ip InfrastructureProperties) error
}

Validator validates quotes

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
ertvalidator

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL