ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-18 20:47:57 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Parse out platform component and properties data

Browse Source 
This provides information about individual components within the system,
which may be useful for various policy decisions.
This commit is contained in:
Matthew Garrett 2020-05-08 12:52:40 -07:00 committed by Matthew Garrett
parent 3538e3d287
commit fbd936aac7
13 changed files with 215 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
attributecert/attributecert.go
View File

@ -263,6 +263,16 @@ type Certholder struct {
Serial *big.Int
}
type Component struct {
Manufacturer string
Model string
Serial string
Revision string
ManufacturerID int
FieldReplaceable bool
Addresses []ComponentAddress
}
type AttributeCertificate struct {
Raw []byte // Complete ASN.1 DER content (certificate, signature algorithm and signature).
RawTBSAttributeCertificate []byte // Certificate part of raw ASN.1 DER content.
@ -284,6 +294,9 @@ type AttributeCertificate struct {
PlatformSerial string
CredentialSpecification string
UserNotice userNotice
Components []Component
Properties []Property
PropertiesURI string
}
// ParseAttributeCertificate parses a single attribute certificate from the
@ -441,7 +454,7 @@ type ComponentIdentifierV1 struct {
ComponentModel string
ComponentSerial string `asn1:"optional,tag:0"`
ComponentRevision string `asn1:"optional,tag:1"`
ComponentManufacturerId int `asn1:"optional,tag:2"`
ComponentManufacturerID int `asn1:"optional,tag:2"`
FieldReplaceable bool `asn1:"optional,tag:3"`
ComponentAddresses []ComponentAddress `asn1:"optional,tag:4"`
}
@ -550,11 +563,39 @@ func parseAttributeCertificate(in *attributeCertificate) (*AttributeCertificate,
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil {
return nil, err
}
for _, component := range platformConfiguration.ComponentIdentifiers {
t := Component{
Manufacturer: component.ComponentManufacturer,
Model: component.ComponentModel,
Serial: component.ComponentSerial,
Revision: component.ComponentRevision,
ManufacturerID: component.ComponentManufacturerID,
FieldReplaceable: component.FieldReplaceable,
Addresses: component.ComponentAddresses,
}
out.Components = append(out.Components, t)
}
out.Properties = platformConfiguration.PlatformProperties
out.PropertiesURI = platformConfiguration.PlatformPropertiesURI.UniformResourceIdentifier
case attribute.ID.Equal(oidTcgPlatformConfigurationV2):
var platformConfiguration PlatformConfigurationV2
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfiguration); err != nil {
return nil, err
}
for _, component := range platformConfiguration.ComponentIdentifiers {
t := Component{
Manufacturer: component.ComponentManufacturer,
Model: component.ComponentModel,
Serial: component.ComponentSerial,
Revision: component.ComponentRevision,
ManufacturerID: component.ComponentManufacturerID,
FieldReplaceable: component.FieldReplaceable,
Addresses: component.ComponentAddresses,
}
out.Components = append(out.Components, t)
}
out.Properties = platformConfiguration.PlatformProperties
out.PropertiesURI = platformConfiguration.PlatformPropertiesURI.UniformResourceIdentifier
case attribute.ID.Equal(oidTcgPlatformConfigURI):
var platformConfigurationURI URIReference
if _, err := asn1.Unmarshal(attribute.RawValues[0].FullBytes, &platformConfigurationURI); err != nil {

67
attributecert/testdata/Intel_nuc1.cer.json vendored
View File

@ -197,5 +197,72 @@
"NoticeNumbers": null
},
"ExplicitText": ""
},
"Components": [
{
"Manufacturer": "Intel(R) Corporation",
"Model": "Core i5",
"Serial": "X2398392",
"Revision": "2.6",
"ManufacturerID": 3355699,
"FieldReplaceable": true,
"Addresses": null
},
{
"Manufacturer": "Samsung",
"Model": "M471A5143EB0-CPB",
"Serial": "ABC45989",
"Revision": "3.1",
"ManufacturerID": 3225910,
"FieldReplaceable": false,
"Addresses": null
},
{
"Manufacturer": "Not Specified",
"Model": "KINGSTON SA400S3",
"Serial": "50026B777805270B",
"Revision": "609.0",
"ManufacturerID": 3225910,
"FieldReplaceable": false,
"Addresses": null
},
{
"Manufacturer": "Intel Corporation",
"Model": "Ethernet Connection I219-LM",
"Serial": "8c:0f:6f:72:c6:c5",
"Revision": "21.0",
"ManufacturerID": 3355699,
"FieldReplaceable": true,
"Addresses": [
{
"AddressType": [
2,
23,
133,
17,
1
],
"AddressValue": "8c:0f:6f:72:c6:c5"
}
]
}
],
"Properties": [
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "vPro Enabled",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "DropShip Enabled",
"PropertyValue": "false",
"Status": 0
}
],
"PropertiesURI": "https://www.platformmfg.com/platforproperties/493894384.htm"
}

5
attributecert/testdata/Intel_nuc_pc.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_nuc_pc2.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_pc1.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": []
},
"ExplicitText": "TCPA Trusted Platform Endorsement"
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_pc2.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_pc3.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_pc4.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

5
attributecert/testdata/Intel_pc5.cer.json vendored
View File

@ -164,5 +164,8 @@
"NoticeNumbers": null
},
"ExplicitText": ""
}
},
"Components": null,
"Properties": null,
"PropertiesURI": ""
}

9
attributecert/testdata/lenovo.cer.json vendored
View File

@ -186,5 +186,14 @@
"NoticeNumbers": null
},
"ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
}
],
"PropertiesURI": ""
}

36
attributecert/testdata/plat_cert1.cer.json vendored
View File

@ -193,5 +193,41 @@
"NoticeNumbers": null
},
"ExplicitText": ""
},
"Components": [
{
"Manufacturer": "Intel",
"Model": "platform2018",
"Serial": "BQKP52840678",
"Revision": "1.0",
"ManufacturerID": 12110025430499884,
"FieldReplaceable": true,
"Addresses": [
{
"AddressType": [
2,
23,
133,
5,
1,
6
],
"AddressValue": "2.23.133.5.1.6"
}
]
}
],
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
}
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
}

14
attributecert/testdata/plat_cert2.cer.json vendored
View File

@ -193,5 +193,19 @@
"NoticeNumbers": null
},
"ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
}
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
}

14
attributecert/testdata/plat_cert3.cer.json vendored
View File

@ -171,5 +171,19 @@
"NoticeNumbers": null
},
"ExplicitText": ""
},
"Components": null,
"Properties": [
{
"PropertyName": "vPro",
"PropertyValue": "true",
"Status": 0
},
{
"PropertyName": "AMT",
"PropertyValue": "true",
"Status": 0
}
],
"PropertiesURI": "https://www.intel.com/platformproperties.xml"
}