eventlog

package
v0.0.0-...-9f6392c Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 9, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

Package eventlog provides functions for reading PC Client event logs and various EventData they can carry.

Index

Constants

View Source 
const (
	// RIMLocationRaw specifies that the location data is the data itself.
	RIMLocationRaw uint32 = iota
	// RIMLocationURI specifies that the location data is a URI for where to fetch the data.
	RIMLocationURI
	// RIMLocationLocal specifies that the location data is a local UEFI device path.
	RIMLocationLocal
	// RIMLocationVariable specifies that the location data is a UEFI variable name in 16-byte EFIGUID
	// followed by '\0\0'-terminated CHAR16 string of the variable name.
	RIMLocationVariable
)
View Source 
const (

	// EvNoAction is an EventType indicating the event is not measured to any PCR.
	EvNoAction = 3
)
View Source 
const (
	// EventSignatureSize is the size of the signature header for a TCG event log's EventData payload.
	EventSignatureSize = 16
)

Variables

View Source 
var (
	// TcgSP800155Event3Signature is the Canonical Event Log event signature for an unmeasured
	// informational event that directs the reader to reference measurements for the firmware and
	// platform.
	TcgSP800155Event3Signature = [...]byte{
		'S', 'P', '8', '0', '0', '-', '1', '5', '5', ' ', 'E', 'v', 'e', 'n', 't', '3'}
)

Functions

This section is empty.

Types

type ByteSizedArray 

type ByteSizedArray struct {
	Data []byte
}

ByteSizedArray represents an array of bytes no longer than 255 entries that is serialized first with a single byte specifying the array size.

func (*ByteSizedArray) Create 

func (*ByteSizedArray) Create() Serializable

Create creates a new ByteSizedArray.

func (*ByteSizedArray) Marshal 

func (b *ByteSizedArray) Marshal(w io.Writer) error

Marshal writes an array of bytes no longer than 255 entries with an initial byte noting the array length, and then each byte of the array afterwards.

func (*ByteSizedArray) Unmarshal 

func (b *ByteSizedArray) Unmarshal(r io.Reader) error

Unmarshal reads an array of bytes no longer than 255 entries that is serialized first with a single byte specifying the array size.

type CryptoAgileLog 

type CryptoAgileLog struct {
	Header TCGPCClientPCREvent
	Events []*TCGPCREvent2
}

CryptoAgileLog represents events parsed from a TCG crypto agile log formatted document.

func (*CryptoAgileLog) Marshal 

func (cel *CryptoAgileLog) Marshal(w io.Writer) error

Marshal writes a CryptoAgileLog to the given writer

func (*CryptoAgileLog) Unmarshal 

func (cel *CryptoAgileLog) Unmarshal(r io.Reader) error

Unmarshal reads a CryptoAgileLog from the given reader.

type EfiGUID 

type EfiGUID struct {
	UUID uuid.UUID
}

EfiGUID represents a UUID that is marshalled as an EFI_GUID.

func (*EfiGUID) Create 

func (*EfiGUID) Create() Serializable

Create creates a new EfiGUID.

func (*EfiGUID) Marshal 

func (g *EfiGUID) Marshal(w io.Writer) error

Marshal writes an EFI_GUID field.

func (*EfiGUID) Unmarshal 

func (g *EfiGUID) Unmarshal(r io.Reader) error

Unmarshal reads an EFI_GUID field.

type Marshallable 

type Marshallable interface {
	Marshal(io.Writer) error
}

Marshallable is an interface for writing an object as a stream of bytes to a writer.

type SP800155Event3 

type SP800155Event3 struct {
	PlatformManufacturerID  uint32
	ReferenceManifestGUID   EfiGUID
	PlatformManufacturerStr ByteSizedArray
	PlatformModel           ByteSizedArray
	PlatformVersion         ByteSizedArray
	FirmwareManufacturerStr ByteSizedArray
	FirmwareManufacturerID  uint32
	FirmwareVersion         ByteSizedArray
	RIMLocatorType          uint32
	RIMLocator              Uint32SizedArray
	PlatformCertLocatorType uint32
	PlatformCertLocator     Uint32SizedArray
}

SP800155Event3 represents a TCG SP 800-155 Event3 event specified in the PC Client Platform Firmware Profile.

func (*SP800155Event3) MarshalToBytes 

func (evt *SP800155Event3) MarshalToBytes() ([]byte, error)

MarshalToBytes writes the SP800155Event3 structure to its binary form and returns the byte array.

func (*SP800155Event3) UnmarshalFromBytes 

func (evt *SP800155Event3) UnmarshalFromBytes(data []byte) error

UnmarshalFromBytes reads a TCG SP 800-155 Event3 event from the whole of the input slice.

type Serializable 

type Serializable interface {
	Unmarshal(io.Reader) error
	Marshal(io.Writer) error
	Create() Serializable
}

Serializable is an interface for populating the object by unmarshalling data, or marshalling the object to bytes.

type SerializableFromBytes 

type SerializableFromBytes interface {
	// UnmarshalFromBytes populates the current object from the totality of the given data or errors.
	UnmarshalFromBytes(data []byte) error
	// MarshalToBytes writes the object to a byte array, including its 16 byte signature.
	MarshalToBytes() ([]byte, error)
}

SerializableFromBytes is an interface for populating the object by interpreting all given bytes as representing the object, and writing the object as a string of bytes.

type TCGEventData 

type TCGEventData struct {
	Event SerializableFromBytes
}

TCGEventData represents data that may be in an event log's EventData payload. Expects the input data to have a 16 byte header specifying the event type.

func (*TCGEventData) Marshal 

func (d *TCGEventData) Marshal(w io.Writer) error

Marshal write a TCGEventData to the given writer.

func (*TCGEventData) Unmarshal 

func (d *TCGEventData) Unmarshal(r io.Reader) error

Unmarshal reads a Uint32 sized, UnmarshallableToBytes from the given reader.

type TCGPCClientPCREvent 

type TCGPCClientPCREvent struct {
	PCRIndex   uint32
	EventType  uint32
	SHA1Digest [20]byte
	EventData  TCGEventData
}

TCGPCClientPCREvent represents a TCG_PCClientPCREvent structure as specified in the PC Client Platform Firmware Profile.

func (*TCGPCClientPCREvent) Marshal 

func (e *TCGPCClientPCREvent) Marshal(w io.Writer) error

Marshal writes a TCGPCClientPCREvent to the given writer.

func (*TCGPCClientPCREvent) Unmarshal 

func (e *TCGPCClientPCREvent) Unmarshal(r io.Reader) error

Unmarshal reads a TCGPCClientPCREvent from the given reader.

type TCGPCREvent2 

type TCGPCREvent2 struct {
	PCRIndex  uint32
	EventType uint32
	Digests   Uint32SizedArrayT[*TaggedDigest]
	EventData TCGEventData
}

TCGPCREvent2 represents a TCG_PCR_EVENT2 structure as specified in the PC Client Platform Firmware Profile.

func (*TCGPCREvent2) Create 

func (*TCGPCREvent2) Create() Serializable

Create creates a TCGPCREvent2.

func (*TCGPCREvent2) Marshal 

func (e *TCGPCREvent2) Marshal(w io.Writer) error

Marshal writes a TCGPCREvent2 to the given writer.

func (*TCGPCREvent2) Unmarshal 

func (e *TCGPCREvent2) Unmarshal(r io.Reader) error

Unmarshal reads a TCGPCREvent2 from the given reader.

type TaggedDigest 

type TaggedDigest struct {
	AlgID  uint16
	Digest []byte
}

TaggedDigest represents a digest interpreted as tagged by the TPM_ALG_ID.

func (*TaggedDigest) Create 

func (*TaggedDigest) Create() Serializable

Create creates a TaggedDigest.

func (*TaggedDigest) Marshal 

func (d *TaggedDigest) Marshal(w io.Writer) error

Marshal outputs a TaggedDigest as its binary encoding.

func (*TaggedDigest) Unmarshal 

func (d *TaggedDigest) Unmarshal(r io.Reader) error

Unmarshal populates the self TaggedDigest from the given reader.

type Uint32SizedArray 

type Uint32SizedArray struct {
	Data []byte
}

Uint32SizedArray represents an array of bytes no longer than 2^32 - 1 entries that is serialized first with a little endian uint32 specifying the array size.

func (*Uint32SizedArray) Create 

func (*Uint32SizedArray) Create() Serializable

Create creates a new Uint32SizedArray.

func (*Uint32SizedArray) Marshal 

func (b *Uint32SizedArray) Marshal(w io.Writer) error

Marshal writes an array of bytes with a initial 4 bytes in little endian noting the array length, and then each byte of the array afterwards.

func (*Uint32SizedArray) Unmarshal 

func (b *Uint32SizedArray) Unmarshal(r io.Reader) error

Unmarshal reads an array of bytes no longer than 2^32 - 1 entries that is serialized first with a little endian uint32 specifying the array size.

type Uint32SizedArrayT 

type Uint32SizedArrayT[T Serializable] struct {
	Array []T
}

Uint32SizedArrayT represents a uint32 sized array of a given type, with elements that are serializable.

func (*Uint32SizedArrayT[T]) Create 

func (*Uint32SizedArrayT[T]) Create() Serializable

Create creates a Uint32SizedArrayT.

func (*Uint32SizedArrayT[T]) Marshal 

func (d *Uint32SizedArrayT[T]) Marshal(w io.Writer) error

Marshal writes a uint32 sized array of T to the given writer.

func (*Uint32SizedArrayT[T]) Unmarshal 

func (d *Uint32SizedArrayT[T]) Unmarshal(r io.Reader) error

Unmarshal reads a uint32 sized array of T into a Uint32SizedArrayT[T] from the given reader.

type UnknownEvent 

type UnknownEvent struct {
	Data []byte
}

UnknownEvent is a catch-all for EventData with unknown signature.

func (*UnknownEvent) MarshalToBytes 

func (e *UnknownEvent) MarshalToBytes() ([]byte, error)

MarshalToBytes returns the stored data.

func (*UnknownEvent) UnmarshalFromBytes 

func (e *UnknownEvent) UnmarshalFromBytes(data []byte) error

UnmarshalFromBytes stores the given data is the object's representation.

type Unmarshallable 

type Unmarshallable interface {
	Unmarshal(io.Reader) error
}

Unmarshallable is an interface for populating the object by unmarshalling data.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.