Intial D10 code - DO NOT USE

nokia · Aug 13, 2023 · 0cb3406 · 0cb3406
1 parent 651c7e4
commit 0cb3406
Show file tree

Hide file tree

Showing 8 changed files with 308 additions and 0 deletions.
diff --git a/ga10/services/d10/attscript.yamlschema b/ga10/services/d10/attscript.yamlschema
@@ -0,0 +1,71 @@
+name: Atteststion Script v1
+version: 0.1
+description: >
+   This is a description 
+   This is the second line
+evaluations:
+    -   name: x86 Machines
+        apply: Atteststion template 1
+        include:
+            names:
+                -
+                -
+            tags:
+                -
+                -
+            itemids:
+                -
+                -
+        exclude:
+            names:
+                -
+                -
+            tags:
+                -
+                -
+            itemids:
+                -
+                -
+templates:
+    -   name: Atteststion template 1
+        decision:  v1 || v2 => v3           
+        attestations:
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+    -   name: Atteststion template 2
+        decision:  v1 || v2 => v3           
+        attestations:
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1                        
diff --git a/ga10/services/d10/atttype.go b/ga10/services/d10/atttype.go
@@ -0,0 +1,51 @@
+package main
+
+//
+// Attestation Script Structure
+//
+
+type AttestationScript struct {
+	Name			string           	`yaml:"name"`
+	Description  	string           	`yaml:"description"`
+	Collections		[]Collection		`yaml:"collections"`
+	Templates		[]Template			`yaml:"templates"`
+}
+
+//
+// Collection Structure
+//
+
+type Collection struct {
+	Name			string           	`yaml:"name"`
+	Apply			string 				`yaml:"apply"`
+	Include			ElementSelector   	`yaml:"include"`
+	Exclude			ElementSelector   	`yaml:"exclude"`
+}
+
+type ElementSelector struct {
+   Names        	[]string            `yaml:"names"`
+   Tags         	[]string            `yaml:"tags"`
+   ItemIDs      	[]string            `yaml:"itemids"`
+}
+
+//
+// Template Structure
+//
+
+type Template struct {
+   Name            string            	`yaml:"name"`
+   Decision        string           	`yaml:"decision"`
+   Attestations    []Attestation   		`yaml:"attestations"`
+}
+
+type Attestation struct {
+   Policy            string            	`yaml:"policy"`
+   Parameters        string            	`yaml:"parameters"`
+   Verifications     []VerificationStr  `yaml:"verifications"`
+}
+
+type VerificationStr struct {
+   Rule              string            `yaml:"rule"`
+   Parameters        string            `yaml:"parameters"`
+   Out    			 string            `yaml:"out"`
+}
diff --git a/ga10/services/d10/d10.go b/ga10/services/d10/d10.go
@@ -0,0 +1,68 @@
+// Attestation Engine A10
+// Golang version v0.1
+// The main package starts the various interfaces: REST, MQTT and links to the database system
+package main
+
+import (
+   "fmt"
+   "io/ioutil"
+
+   "gopkg.in/yaml.v3"
+)
+
+var attscripts = make(map[string]AttestationScript)
+
+
+
+
+func load(f string) {
+   var ATSCR *AttestationScript
+
+   fmt.Println("Atteststion script file location: ",f)
+
+   ef, err := ioutil.ReadFile(f)
+   if err != nil {
+      panic(fmt.Sprintf("Atteststion script missing. Exiting with error %w",err))
+   }
+
+   err = yaml.Unmarshal(ef,&ATSCR)
+   if err != nil {
+      panic(fmt.Sprintf("Unable to parse Atteststion script. Exiting with error %w",err))
+   }
+
+   fmt.Println("Atteststion script read complete")
+
+   attscripts[ATSCR.Name] = *ATSCR
+}
+
+
+func list() {
+   fmt.Printf("There are %v scripts\n",len(attscripts))
+}
+
+
+
+
+func exec(a AttestationScript) {
+   fmt.Printf("Executing %v\n%v",a.Name,a.Description)
+   fmt.Printf(" %v collections, %v templates\n", len(a.Collections),len(a.Templates))
+
+   for i,c := range a.Collections {
+      fmt.Printf("%v - %v", i,c.Name)
+   }
+}
+
+
+
+
+
+
+
+
+func main() {
+   fmt.Println("d10")
+   load("./t.attscript")
+   list()
+   exec( attscripts["Atteststion Script v1"] )
+
+}
diff --git a/ga10/services/d10/go.mod b/ga10/services/d10/go.mod
@@ -0,0 +1,5 @@
+module d10
+
+go 1.20
+
+require gopkg.in/yaml.v3 v3.0.1 // indirect
diff --git a/ga10/services/d10/go.sum b/ga10/services/d10/go.sum
@@ -0,0 +1,3 @@
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/ga10/services/d10/t.att b/ga10/services/d10/t.att
@@ -0,0 +1,13 @@
+name: Atteststion template 1
+attestations:
+   - policy: fred
+     parameters: '{ "j":"k" }'
+     verifications:
+        - rule: tpm2/blob
+          parameters: '{ "z":"b", "cob":"luso" }'
+          out:  v1
+        - rule: tpm2/blob
+          parameters:  '{ "z":"b", "cob":"luso" }'
+          out:  v2
+
+decision:  v1 || v2 => v3        
diff --git a/ga10/services/d10/t.attscript b/ga10/services/d10/t.attscript
@@ -0,0 +1,70 @@
+name: Atteststion Script v1
+description: >
+   This is a description 
+   This is the second line
+collections:
+    -   name: x86 Machines
+        apply: Atteststion template 1
+        include:
+            names:
+                - a
+                - b
+            tags:
+                - c
+                - d
+            itemids:
+                - e
+                - f
+        exclude:
+            names:
+                - g
+                - h
+            tags:
+                - i
+                - j
+            itemids:
+                - k
+                - l
+templates:
+    -   name: Atteststion template 1
+        decision:  v1 || v2 => v3           
+        attestations:
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+    -   name: Atteststion template 2
+        decision:  v1 || v2 => v3           
+        attestations:
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+            -   policy: fred
+                parameters: '{ "j":"k" }'
+                verifications:
+                    -   rule: tpm2/blob
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1
+                    -   rule: tpm2/foobar
+                        parameters: '{ "z":"b", "cob":"luso" }'
+                        out:  v1                        
diff --git a/ga10/services/d10/t.eva b/ga10/services/d10/t.eva
@@ -0,0 +1,27 @@
+name: Eva Template 1
+include:
+   names:
+       - a
+       - b
+       - c
+   tags:
+       - a
+       - b
+       - c       
+   itemids:
+       - a
+       - b
+       - c       
+exclude:
+   names:
+       - a
+       - b
+       - c
+   tags:
+       - a
+       - b
+       - c       
+   itemids:
+       - a
+       - b
+       - c