Skip to main content

RuntimeAttestationEvidence

chio_autonomy::capability

Struct RuntimeAttestationEvidence

pub struct RuntimeAttestationEvidence {
    pub schema: String,
    pub verifier: String,
    pub tier: RuntimeAssuranceTier,
    pub issued_at: u64,
    pub expires_at: u64,
    pub evidence_sha256: String,
    pub runtime_identity: Option<String>,
    pub workload_identity: Option<WorkloadIdentity>,
    pub claims: Option<Value>,
}

Expand description

Normalized runtime attestation evidence carried with governed requests.

Fields§

§schema: String

Schema or format identifier of the upstream attestation statement.

§verifier: String

Attestation verifier or relying party that accepted the evidence.

§tier: RuntimeAssuranceTier

Normalized assurance tier resolved from the evidence.

§issued_at: u64

Unix timestamp (seconds) when this attestation was issued.

§expires_at: u64

Unix timestamp (seconds) when this attestation expires.

§evidence_sha256: String

Stable SHA-256 digest of the attestation evidence payload.

§runtime_identity: Option<String>

Optional runtime identity or workload identifier associated with the evidence.

§workload_identity: Option<WorkloadIdentity>

Optional normalized workload identity when the upstream verifier exposed one explicitly.

§claims: Option<Value>

Optional structured claims preserved for adapters or operator inspection.

Implementations§

impl RuntimeAttestationEvidence

pub fn is_valid_at(&self, now: u64) -> bool

pub fn normalized_workload_identity( &self, ) -> Result<Option<WorkloadIdentity>, WorkloadIdentityError>

pub fn validate_workload_identity_binding( &self, ) -> Result<(), WorkloadIdentityError>

pub fn resolve_effective_runtime_assurance( &self, policy: Option<&AttestationTrustPolicy>, now: u64, ) -> Result<ResolvedRuntimeAssurance, AttestationTrustError>

Trait Implementations§

impl Clone for RuntimeAttestationEvidence

fn clone(&self) -> RuntimeAttestationEvidence

Returns a duplicate of the value. Read more

1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more

impl Debug for RuntimeAttestationEvidence

fn fmt(&self, f: &mut Formatter<'_>) -> Result<(), Error>

Formats the value using the given formatter. Read more

impl<'de> Deserialize<'de> for RuntimeAttestationEvidence

fn deserialize<D>( deserializer: D, ) -> Result<RuntimeAttestationEvidence, <D as Deserializer<'de>>::Error>
where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer. Read more

impl PartialEq for RuntimeAttestationEvidence

fn eq(&self, other: &RuntimeAttestationEvidence) -> bool

Tests for self and other values to be equal, and is used by ==.

1.0.0 · Source§

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for RuntimeAttestationEvidence

fn serialize<S>( &self, serializer: S, ) -> Result<<S as Serializer>::Ok, <S as Serializer>::Error>
where S: Serializer,

Serialize this value into the given Serde serializer. Read more

impl StructuralPartialEq for RuntimeAttestationEvidence

Auto Trait Implementations§

impl Freeze for RuntimeAttestationEvidence

impl RefUnwindSafe for RuntimeAttestationEvidence

impl Send for RuntimeAttestationEvidence

impl Sync for RuntimeAttestationEvidence

impl Unpin for RuntimeAttestationEvidence

impl UnsafeUnpin for RuntimeAttestationEvidence

impl UnwindSafe for RuntimeAttestationEvidence

Blanket Implementations§

impl<T> Any for T
where T: 'static + ?Sized,

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more

impl<T> Borrow<T> for T
where T: ?Sized,

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more

impl<T> BorrowMut<T> for T
where T: ?Sized,

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more

impl<T> CloneToUninit for T
where T: Clone,

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)

Performs copy-assignment from self to dest. Read more

impl<T> From<T> for T

fn from(t: T) -> T

Returns the argument unchanged.

impl<T, U> Into<U> for T
where U: From<T>,

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

impl<T> Same for T

type Output = T

Should always be Self

impl<T> ToOwned for T
where T: Clone,

type Owned = T

The resulting type after obtaining ownership.

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more

impl<T, U> TryFrom<U> for T
where U: Into<T>,

type Error = Infallible

The type returned in the event of a conversion error.

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.

impl<T> DeserializeOwned for T
where T: for<'de> Deserialize<'de>,