ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2025-05-25 03:24:20 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Parse out platform component and properties data

Browse Source 
This provides information about individual components within the system,
which may be useful for various policy decisions.
This commit is contained in:
Matthew Garrett 2020-05-08 12:52:40 -07:00 committed by Matthew Garrett
parent 3538e3d287
commit fbd936aac7
13 changed files with 215 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
attributecert/attributecert.go
View File

@ -263,6 +263,16 @@ type Certholder struct {
Serial *big.Int Serial *big.Int
} }
type Component struct {
Manufacturer string
Model string
Serial string
Revision string
ManufacturerID int
FieldReplaceable bool
Addresses []ComponentAddress
}
type AttributeCertificate struct { type AttributeCertificate struct {
Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature). Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
RawTBSAttributeCertificate []byte // Certificate part of raw ASN.1 DER content. RawTBSAttributeCertificate []byte // Certificate part of raw ASN.1 DER content.
@ -284,6 +294,9 @@ type AttributeCertificate struct {
PlatformSerial string PlatformSerial string
CredentialSpecification string CredentialSpecification string
UserNotice userNotice UserNotice userNotice
Components []Component
Properties []Property
PropertiesURI string
} }
// ParseAttributeCertificate parses a single attribute certificate from the // ParseAttributeCertificate parses a single attribute certificate from the
@ -441,7 +454,7 @@ type ComponentIdentifierV1 struct {
ComponentModel string ComponentModel string
ComponentSerial string `asn1:"optional,tag:0"` ComponentSerial string `asn1:"optional,tag:0"`
ComponentRevision string `asn1:"optional,tag:1"` ComponentRevision string `asn1:"optional,tag:1"`
ComponentManufacturerId int `asn1:"optional,tag:2"` ComponentManufacturerID int `asn1:"optional,tag:2"`
FieldReplaceable bool `asn1:"optional,tag:3"` FieldReplaceable bool `asn1:"optional,tag:3"`
ComponentAddresses []ComponentAddress `asn1:"optional,tag:4"` ComponentAddresses []ComponentAddress `asn1:"optional,tag:4"`
} }
@ -550,11 +563,39 @@ func parseAttributeCertificate(in *attributeCertificate) (*AttributeCertificate,
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil { if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil {
return nil, err return nil, err
} }
for _, component := range platformConfiguration.ComponentIdentifiers {
t := Component{
Manufacturer: component.ComponentManufacturer,
Model: component.ComponentModel,
Serial: component.ComponentSerial,
Revision: component.ComponentRevision,
ManufacturerID: component.ComponentManufacturerID,
FieldReplaceable: component.FieldReplaceable,
Addresses: component.ComponentAddresses,
}
out.Components = append(out.Components, t)
}
out.Properties = platformConfiguration.PlatformProperties
out.PropertiesURI = platformConfiguration.PlatformPropertiesURI.UniformResourceIdentifier
case attribute.ID.Equal(oidTcgPlatformConfigurationV2): case attribute.ID.Equal(oidTcgPlatformConfigurationV2):
var platformConfiguration PlatformConfigurationV2 var platformConfiguration PlatformConfigurationV2
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil { if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil {
return nil, err return nil, err
} }
for _, component := range platformConfiguration.ComponentIdentifiers {
t := Component{
Manufacturer: component.ComponentManufacturer,
Model: component.ComponentModel,
Serial: component.ComponentSerial,
Revision: component.ComponentRevision,
ManufacturerID: component.ComponentManufacturerID,
FieldReplaceable: component.FieldReplaceable,
Addresses: component.ComponentAddresses,
}
out.Components = append(out.Components, t)
}
out.Properties = platformConfiguration.PlatformProperties
out.PropertiesURI = platformConfiguration.PlatformPropertiesURI.UniformResourceIdentifier
case attribute.ID.Equal(oidTcgPlatformConfigURI): case attribute.ID.Equal(oidTcgPlatformConfigURI):
var platformConfigurationURI URIReference var platformConfigurationURI URIReference
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfigurationURI); err != nil { if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfigurationURI); err != nil {

67
attributecert/testdata/Intel_nuc1.cer.json vendored
View File

@ -197,5 +197,72 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
},
"Components": [
{
"Manufacturer": "Intel(R) Corporation",
"Model": "Core i5",
"Serial": "X2398392",
"Revision": "2.6",
"ManufacturerID": 3355699,
"FieldReplaceable": true,
"Addresses": null
},
{
"Manufacturer": "Samsung",
"Model": "M471A5143EB0-CPB",
"Serial": "ABC45989",
"Revision": "3.1",
"ManufacturerID": 3225910,
"FieldReplaceable": false,
"Addresses": null
},
{
"Manufacturer": "Not Specified",
"Model": "KINGSTON SA400S3",
"Serial": "50026B777805270B",
"Revision": "609.0",
"ManufacturerID": 3225910,
"FieldReplaceable": false,
"Addresses": null
},
{
"Manufacturer": "Intel Corporation",
"Model": "Ethernet Connection I219-LM",
"Serial": "8c:0f:6f:72:c6:c5",
"Revision": "21.0",
"ManufacturerID": 3355699,
"FieldReplaceable": true,
"Addresses": [
{
"AddressType": [
2,
23,
133,
17,
1
],
"AddressValue": "8c:0f:6f:72:c6:c5"
} }
]
}
],
"Properties": [
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "vPro Enabled",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "DropShip Enabled",
"PropertyValue": "false",
"Status": 0
}
],
"PropertiesURI": "https://www.platformmfg.com/platforproperties/493894384.htm"
} }

5
attributecert/testdata/Intel_nuc_pc.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_nuc_pc2.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_pc1.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": [] "NoticeNumbers": []
}, },
"ExplicitText": "TCPA Trusted Platform Endorsement" "ExplicitText": "TCPA Trusted Platform Endorsement"
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_pc2.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_pc3.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_pc4.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

5
attributecert/testdata/Intel_pc5.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
} },
"Components": null,
"Properties": null,
"PropertiesURI": ""
} }

9
attributecert/testdata/lenovo.cer.json vendored
View File

@ -186,5 +186,14 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
} }
],
"PropertiesURI": ""
} }

36
attributecert/testdata/plat_cert1.cer.json vendored
View File

@ -193,5 +193,41 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
},
"Components": [
{
"Manufacturer": "Intel",
"Model": "platform2018",
"Serial": "BQKP52840678",
"Revision": "1.0",
"ManufacturerID": 12110025430499884,
"FieldReplaceable": true,
"Addresses": [
{
"AddressType": [
2,
23,
133,
5,
1,
6
],
"AddressValue": "2.23.133.5.1.6"
} }
]
}
],
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
}
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
} }

14
attributecert/testdata/plat_cert2.cer.json vendored
View File

@ -193,5 +193,19 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
} }
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
} }

14
attributecert/testdata/plat_cert3.cer.json vendored
View File

@ -171,5 +171,19 @@
"NoticeNumbers": null "NoticeNumbers": null
}, },
"ExplicitText": "" "ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
} }
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
} }