Package client (in testing) allows tests to get a fake or real sev-guest device.

CreateRawReport creates simple raw attestation report with the given configurable data in options.

CustomExtensions returns an array of extensions following the KDS specification for the given values.

DefaultAmdKeys returns a key set for ARK, ASK, and VCEK with the expected key type and size.

DefaultArk returns a new RSA key with the expected size for an ARK.

DefaultAsk returns a new RSA key with the expected size for an ASK.

DefaultAsvk returns a new RSA key with the expected size for an ASVK.

DefaultTestOnlyCertChain creates a test-only certificate chain for a fake attestation signer.

DefaultVcek returns a new ECDSA key on the expected curve for a VCEK.

DefaultVlek returns a new ECDSA key on the expected curve for a VLEK.

DerivedKeyRequestToString translates a DerivedKeyReqABI into a map key string representation.

FakeKDSFromFile returns a FakeKDS from a path to a serialized fakekds.Certificates message.

FakeKDSFromSigner returns a FakeKDS that produces the fake signer's certificates following the AMD KDS REST API expectations.

FindChipTcbCerts returns the TcbCerts associated with the given chipID in the database if they exist.

GetKDS returns an HTTPSGetter that can produce the expected certificates for a given URL in the test environment.

GetProduct returns the expected product for validation.

GetProductLine returns the actual or inferred value of --product.

GetProductName returns the --product_name flag value or a valid Default.

Match returns true iff both errors match expectations closely enough.

SimpleGetter constructs a static server from url -> body responses.

TcDevice returns a mock device populated from test cases' inputs and expected outputs.

TcQuoteProvider returns a mock quote provider populated from test cases' inputs and expected outputs.

TestCases returns common test cases for get_report.

TestRawReport creates simple raw attestation report with the given REPORT_DATA.

TestUseKDS returns whether tests should use the network to connect the live AMD Key Distribution service.

KeyChoiceVcek represents the default choice of the VCEK signing the report.

KeyChoiceVlek represents the choice of the VLEK signing the report.

Product decides the expected product for attestation report validation.

ProductName decides the fake certificates' product name.

AmdKeys encapsulates the key chain of ARK through ASK down to VCEK.

AmdSigner encapsulates a key and certificate chain following the format of AMD-SP's VCEK for signing attestation reports.

AmdSignerBuilder represents toggleable configurations of the VCEK certificate chain.

CertOverride encapsulates certificate aspects that can be overridden when creating a certificate chain.

Device represents a sev-guest driver implementation with pre-programmed responses to commands.

DeviceOptions specifies customizations for a fake sev-guest device.

FakeKDS implements the verify.HTTPSGetter interface to provide certificates like AMD KDS, but with certificates cached in a protobuf.

GetReportResponse represents a mocked response to a command request.

GetResponse controls how often (Occurrences) a certain response should be provided.

Getter is a mock for HTTPSGetter interface that sequentially returns the configured responses for the provided URL.

QuoteProvider represents a SEV-SNP backed configfs-tsm with pre-programmed responses to attestations.

RootBundle represents the two different CA bundles that the KDS can return.

TestCase represents a get_report input/output test case.

TestReportOptions represents a few configurables for generating fake reports from particular inputs.

KeyChoice represents which key is expected to have signed the report.