Rust RSI is a library containing functions/helpers to perform RSI ioctl operations as implemented by the linux-rsi kernel module here, as well as generic functions to parse/verify/print RSI attestation tokens.
It has initially been implemeneted as part of rsictl tool but as more applications needed similar functionality it has been split into this library.
The library contains following functionalities:
- low level (unsafe) Rust bindings to RSI ioctl operations as implemented here (currently not exported)
- high level (safe) functions for the above bindings that make it easy to perform RSI operations from the user space
- low level RSI attestation token parser and verifier (as COSE object) into claims
- high level RSI attestation token parser into more humand readable structs of platform and realm tokens
The library is currently used by the following applications:
- rsictl: command line tool for performing RSI operations
- ratls: library implementing RaTLS protocol
- realm-verifier: a realm verifier library for RaTLS
- realm-manager: application provisioning framework