-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy pathtrustvector.go
More file actions
120 lines (103 loc) · 3.39 KB
/
trustvector.go
File metadata and controls
120 lines (103 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
// Copyright 2022 Contributors to the Veraison project.
// SPDX-License-Identifier: Apache-2.0
package ear
// TrustVector is an implementation of the Trustworthiness Vector (and Claims)
// described in §2.3 of draft-ietf-rats-ar4si-03, using a JSON serialization.
type TrustVector struct {
InstanceIdentity TrustClaim `json:"instance-identity,omitempty"`
Configuration TrustClaim `json:"configuration,omitempty"`
Executables TrustClaim `json:"executables,omitempty"`
FileSystem TrustClaim `json:"file-system,omitempty"`
Hardware TrustClaim `json:"hardware,omitempty"`
RuntimeOpaque TrustClaim `json:"runtime-opaque,omitempty"`
StorageOpaque TrustClaim `json:"storage-opaque,omitempty"`
SourcedData TrustClaim `json:"sourced-data,omitempty"`
}
// AsMap() returns a map[string]TrustClaim with claims names mapped onto
// corresponding TrustClaim values.
func (o TrustVector) AsMap() map[string]TrustClaim {
return map[string]TrustClaim{
"instance-identity": o.InstanceIdentity,
"configuration": o.Configuration,
"executables": o.Executables,
"file-system": o.FileSystem,
"hardware": o.Hardware,
"runtime-opaque": o.RuntimeOpaque,
"storage-opaque": o.StorageOpaque,
"sourced-data": o.SourcedData,
}
}
func ToTrustVector(v interface{}) (*TrustVector, error) {
if v == nil {
return nil, nil
}
var tv TrustVector
err := populateStructFromInterface(
&tv, v, "json",
map[string]parser{}, // use defaultParser below for everything
func(iface interface{}) (interface{}, error) {
claim, err := ToTrustClaim(iface)
return *claim, err
}, false)
return &tv, err
}
// SetAll sets all vector elements to the specified claim. This is primarily
// useful with globally-applicable claims such as -1 (verifier malfunction), 0
// (no claim, in order to "reset" the vector), or 99 (cryptographic validation
// failed).
func (o *TrustVector) SetAll(c TrustClaim) {
o.InstanceIdentity = c
o.Configuration = c
o.Executables = c
o.FileSystem = c
o.Hardware = c
o.RuntimeOpaque = c
o.StorageOpaque = c
o.SourcedData = c
}
// Report provides an annotated view of the TrustVector state.
// short and color are used to control the level of details and the use of
// colors when printing the trust tier, respectively
func (o TrustVector) Report(short, color bool) string {
s := "Instance Identity " +
o.InstanceIdentity.trustTierTag(color) +
": " +
o.InstanceIdentity.asInstanceIdentityDetails(short, color) +
"\n"
s += "Configuration " +
o.Configuration.trustTierTag(color) +
": " +
o.Configuration.asConfigurationDetails(short, color) +
"\n"
s += "Executables " +
o.Executables.trustTierTag(color) +
": " +
o.Executables.asExecutablesDetails(short, color) +
"\n"
s += "File System " +
o.FileSystem.trustTierTag(color) +
": " +
o.FileSystem.asFileSystemDetails(short, color) +
"\n"
s += "Hardware " +
o.Hardware.trustTierTag(color) +
": " +
o.Hardware.asHardwareDetails(short, color) +
"\n"
s += "Runtime Opaque " +
o.RuntimeOpaque.trustTierTag(color) +
": " +
o.RuntimeOpaque.asRuntimeOpaqueDetails(short, color) +
"\n"
s += "Storage Opaque " +
o.StorageOpaque.trustTierTag(color) +
": " +
o.StorageOpaque.asStorageOpaqueDetails(short, color) +
"\n"
s += "Sourced Data " +
o.SourcedData.trustTierTag(color) +
": " +
o.SourcedData.asSourcedDataDetails(short, color) +
"\n"
return s
}