realm

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 12, 2024 License: Apache-2.0 Imports: 13 Imported by: 4

Documentation

Overview

CCA Realm Claims

Index

Constants

View Source 
const (
	MaxLenRealmExtendedMeas = 4
)
View Source 
const ProfileName = "tag:arm.com,2023:realm#1.0.0"

Variables

View Source 
var (

	// TestRAKPubRaw needs to be public because it is used also by tests in the
	// ccatoken package.
	TestRAKPubRaw = []byte{
		0x04, 0x81, 0x19, 0x58, 0x80, 0xa2, 0x20, 0x7f, 0xb9, 0x56, 0x03, 0x2a,
		0x3c, 0xb9, 0x7f, 0x5d, 0xa5, 0xaf, 0x72, 0x6f, 0xfc, 0xb7, 0x15, 0xee,
		0x16, 0x47, 0x84, 0xa7, 0xfb, 0x16, 0xc0, 0x60, 0x96, 0xbd, 0xd9, 0x46,
		0x2a, 0x32, 0x65, 0x0b, 0x29, 0x12, 0xa8, 0x55, 0x15, 0x70, 0xd6, 0xea,
		0x1f, 0x3b, 0x2d, 0x1f, 0x7d, 0xa8, 0xa2, 0x75, 0xfa, 0x00, 0x33, 0x0f,
		0x00, 0x78, 0x61, 0x8b, 0xc3, 0xe1, 0x49, 0x54, 0x9c, 0x81, 0x70, 0xd3,
		0x2e, 0xc5, 0x58, 0x90, 0xa7, 0xf9, 0xec, 0x78, 0x9f, 0x1f, 0x18, 0xae,
		0x92, 0xeb, 0x15, 0xd2, 0x22, 0xaf, 0x97, 0x1d, 0x97, 0x1c, 0x96, 0x5a,
		0xf1,
	}

	// TestAltRAKPubCOSE needs to be public because it is used also by tests in
	// the ccatoken package.
	TestAltRAKPubCOSE = []byte{}/* 107 elements not displayed */

)

Functions

func ECDSAPublicKeyFromCOSEKey 

func ECDSAPublicKeyFromCOSEKey(buf []byte) (*ecdsa.PublicKey, error)

func ECDSAPublicKeyFromRaw 

func ECDSAPublicKeyFromRaw(data []byte) (*ecdsa.PublicKey, error)

func EncodeClaimsToCBOR 

func EncodeClaimsToCBOR(c IClaims) ([]byte, error)

EncodeClaimsToCBOR marshals CCA realm claims to CBOR.

func EncodeClaimsToJSON 

func EncodeClaimsToJSON(c IClaims) ([]byte, error)

EncodeClaimsToJSON marshals CCA realm claims to JSON.

func ValidateAndEncodeClaimsToCBOR 

func ValidateAndEncodeClaimsToCBOR(c IClaims) ([]byte, error)

ValidateAndEncodeClaimsToCBOR validates and then marshals CCA realm claims to CBOR.

func ValidateAndEncodeClaimsToJSON 

func ValidateAndEncodeClaimsToJSON(c IClaims) ([]byte, error)

ValidateAndEncodeClaimsToJSON validates and then marshals CCA realm claims to JSON.

func ValidateChallenge 

func ValidateChallenge(v []byte) error

ValidateChallenge returns an error if the provided value does not contain a valid CCA challenge.

func ValidateClaims 

func ValidateClaims(c IClaims) error

ValidateClaims returns an error if the provided IClaims instance does not contain a valid set of CCA realm claims.

func ValidateExtendedMeas 

func ValidateExtendedMeas(v [][]byte) error

ValidateExtendedMeas returns an error if the provided slice does not contain valid realm extended measurements (it must be non-empty, and each value must be a valid ream measurement).

func ValidateHashAlgID 

func ValidateHashAlgID(v string) error

ValidateHashAlgID returns an error if the provided value is not a valid hash algorithm string.

func ValidatePersonalizationValue 

func ValidatePersonalizationValue(b []byte) error

ValidatePersonalizationValue returns an error if the provided value is not a valid personalization value (must be exactly 64 bytes long).

func ValidateRealmMeas 

func ValidateRealmMeas(b []byte) error

ValidateRealmMeas returns an error if the provided value does not contain a valid realm measurement (must be 32, 48, or 64 bytes long).

func ValidateRealmPubKey 

func ValidateRealmPubKey(b []byte) error

ValidateRealmPubKey returns an error if the provided value does not contain a valid realm public key (must 97-byte ECC-P384).

func ValidateRealmPubKeyCOSE 

func ValidateRealmPubKeyCOSE(b []byte) error

ValidateRealmPubKeyCOSE returns an error if the provided value does not contain a valid realm public key in CBOR-encoded COSE_Key format

Types

type Claims 

type Claims struct {
	Profile                *eat.Profile `cbor:"265,keyasint" json:"cca-realm-profile,omitempty"`
	Challenge              *eat.Nonce   `cbor:"10,keyasint" json:"cca-realm-challenge"`
	PersonalizationValue   *[]byte      `cbor:"44235,keyasint" json:"cca-realm-personalization-value"`
	InitialMeasurement     *[]byte      `cbor:"44238,keyasint" json:"cca-realm-initial-measurement"`
	ExtensibleMeasurements *[][]byte    `cbor:"44239,keyasint" json:"cca-realm-extensible-measurements"`
	HashAlgID              *string      `cbor:"44236,keyasint" json:"cca-realm-hash-algo-id"`
	PublicKey              *[]byte      `cbor:"44237,keyasint" json:"cca-realm-public-key"`
	PublicKeyHashAlgID     *string      `cbor:"44240,keyasint" json:"cca-realm-public-key-hash-algo-id"`
}

Claims contains the CCA realm claims. It implements IClaims, which is an extension of psatoken.IClaimBase.

func (Claims) GetChallenge 

func (c Claims) GetChallenge() ([]byte, error)

Getters

func (Claims) GetExtensibleMeasurements 

func (c Claims) GetExtensibleMeasurements() ([][]byte, error)

func (Claims) GetHashAlgID 

func (c Claims) GetHashAlgID() (string, error)

func (Claims) GetInitialMeasurement 

func (c Claims) GetInitialMeasurement() ([]byte, error)

func (Claims) GetPersonalizationValue 

func (c Claims) GetPersonalizationValue() ([]byte, error)

func (*Claims) GetProfile 

func (c *Claims) GetProfile() (string, error)

If profile is not found return ErrOptionalClaimMissing

func (Claims) GetPubKey 

func (c Claims) GetPubKey() ([]byte, error)

func (Claims) GetPubKeyHashAlgID 

func (c Claims) GetPubKeyHashAlgID() (string, error)

func (*Claims) SetChallenge 

func (c *Claims) SetChallenge(v []byte) error

func (*Claims) SetExtensibleMeasurements 

func (c *Claims) SetExtensibleMeasurements(v [][]byte) error

func (*Claims) SetHashAlgID 

func (c *Claims) SetHashAlgID(v string) error

func (*Claims) SetInitialMeasurement 

func (c *Claims) SetInitialMeasurement(v []byte) error

func (*Claims) SetPersonalizationValue 

func (c *Claims) SetPersonalizationValue(v []byte) error

func (*Claims) SetPubKey 

func (c *Claims) SetPubKey(v []byte) error

func (*Claims) SetPubKeyHashAlgID 

func (c *Claims) SetPubKeyHashAlgID(v string) error

func (Claims) Validate 

func (c Claims) Validate() error

Semantic validation

type IClaims 

type IClaims interface {
	psatoken.IClaimsBase

	// Getters
	GetChallenge() ([]byte, error)
	GetPersonalizationValue() ([]byte, error)
	GetInitialMeasurement() ([]byte, error)
	GetExtensibleMeasurements() ([][]byte, error)
	GetHashAlgID() (string, error)
	GetPubKey() ([]byte, error)
	GetPubKeyHashAlgID() (string, error)
	GetProfile() (string, error)

	// Setters
	SetChallenge([]byte) error
	SetPersonalizationValue([]byte) error
	SetInitialMeasurement([]byte) error
	SetExtensibleMeasurements([][]byte) error
	SetHashAlgID(string) error
	SetPubKey([]byte) error
	SetPubKeyHashAlgID(string) error
}

IClaims provides a uniform interface for dealing with CCA realm claims

func DecodeAndValidateClaimsFromCBOR 

func DecodeAndValidateClaimsFromCBOR(buf []byte) (IClaims, error)

DecodeAndValidateClaimsFromCBOR unmarshals and validates CCA realm claims from provided CBOR data.

func DecodeAndValidateClaimsFromJSON 

func DecodeAndValidateClaimsFromJSON(buf []byte) (IClaims, error)

DecodeAndValidateClaimsFromJSON unmarshals and validates CCA realm claims from provided JSON data.

func DecodeClaimsFromCBOR 

func DecodeClaimsFromCBOR(buf []byte) (IClaims, error)

DecodeClaimsFromCBOR unmarshals CCA realm claims from provided CBOR data.

func DecodeClaimsFromJSON 

func DecodeClaimsFromJSON(buf []byte) (IClaims, error)

DecodeClaimsFromJSON unmarshals CCA realm claims from provided JSON data.

func NewClaims 

func NewClaims() IClaims

NewClaims claims returns a new instance of Claims.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.