atlas-rs 0.2.0

attested TLS (aTLS) core library for verifying TEE attestations over TLS connections
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41

//! Generic TDX configuration types.

use serde::{Deserialize, Serialize};

/// Expected bootchain measurements for verification.
///
/// These measurements represent the known-good values for the TDX bootchain
/// components that should be verified during attestation.
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ExpectedBootchain {
    /// MRTD - Initial TD memory contents (TDVF/firmware).
    ///
    /// This is the hash of the initial TD memory layout, including the
    /// firmware/TDVF that runs before the OS kernel.
    pub mrtd: String,

    /// RTMR0 - Virtual hardware environment.
    ///
    /// Measures the virtual hardware configuration and TD configuration.
    pub rtmr0: String,

    /// RTMR1 - Linux kernel.
    ///
    /// Measures the Linux kernel that is loaded into the TD.
    pub rtmr1: String,

    /// RTMR2 - Kernel cmdline + initramfs.
    ///
    /// Measures the kernel command line parameters and initial ramdisk.
    pub rtmr2: String,
}

/// Known TCB status values from Intel DCAP.
pub const TCB_STATUS_LIST: &[&str] = &[
    "UpToDate",
    "OutOfDate",
    "ConfigurationNeeded",
    "TDRelaunchAdvised",
    "SWHardeningNeeded",
    "Revoked",
];