-
Notifications
You must be signed in to change notification settings - Fork 32
Expand file tree
/
Copy pathcheckconfig.proto
More file actions
89 lines (75 loc) · 3.39 KB
/
checkconfig.proto
File metadata and controls
89 lines (75 loc) · 3.39 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
// Copyright 2023 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
// Package checkconfig represents an attestation validation policy.
package checkconfig;
option go_package = "github.com/google/go-tdx-guest/proto/checkconfig";
// Policy is a representation of an attestation quote validation policy.
// Each field corresponds to a field on validate.Options. This format
// is useful for providing programmatic inputs to the `check` CLI tool.
message Policy {
// HeaderPolicy is representation of Header of an attestation quote validation
// policy.
HeaderPolicy header_policy = 1; // should be 20 bytes
// TDQuoteBodyPolicy is representation of TdQuoteBody of an attestation quote
// validation policy.
TDQuoteBodyPolicy td_quote_body_policy = 2; // should be 528 bytes
}
message HeaderPolicy {
uint32 minimum_qe_svn = 1; // should not exceed uint16 max
uint32 minimum_pce_svn = 2; // should not exceed uint16 max
// Unique vendor id of QE vendor
bytes qe_vendor_id = 3; // should be 16 bytes
}
message TDQuoteBodyPolicy {
bytes minimum_tee_tcb_svn = 1; // should be 16 bytes
bytes mr_seam = 2; // should be 48 bytes
bytes td_attributes = 3; // should be 8 bytes
bytes xfam = 4; // should be 8 bytes
bytes mr_td = 5; // should be 48 bytes
bytes mr_config_id = 6; // should be 48 bytes
bytes mr_owner = 7; // should be 48 bytes
bytes mr_owner_config = 8; // should be 48 bytes
repeated bytes rtmrs = 9; // should be 48 * rtmrsCount
bytes report_data = 10; // should be 64 bytes
repeated bytes any_mr_td = 11; // each should be 48 bytes.
bool enable_td_debug_check = 12; // if true, check that the DEBUG bit is 0 in TDAttributes.
bytes minimum_tee_tcb_svn2 = 13; // should be 16 bytes
bytes mr_service_td = 14; // should be 48 bytes
}
// RootOfTrust represents configuration for which hardware root of trust
// certificates to use for verifying attestation quote.
message RootOfTrust {
// Paths to CA bundles for the Intel TDX.
// Must be in PEM format.
// If empty, uses the verification library's embedded certificates from Intel.
repeated string cabundle_paths = 1;
// PEM format CA bundles for Intel TDX. Combined with contents of
// cabundle_paths.
repeated string cabundles = 2;
// If true, download and check the CRL for revoked certificates.
bool check_crl = 3;
// If true, then check is not permitted to download necessary files for
// verification.
bool get_collateral = 4;
}
// Config is the overall message input for the check tool. This provides all
// the flags that configure the tool, including the validation policy.
message Config {
// The report validation policy.
Policy policy = 1;
// Configures which hardware keys to trust. Default uses library-embedded
// certificate.
RootOfTrust root_of_trust = 2;
}