refactor: move out of package dir

tinfoilanalytics · Jan 31, 2025 · 813dec9 · 813dec9
1 parent 0469e24
commit 813dec9
Show file tree

Hide file tree

Showing 18 changed files with 46 additions and 5 deletions.
diff --git a/pkg/attestation/attestation.go → attestation/attestation.go b/pkg/attestation/attestation.go → attestation/attestation.go
diff --git a/pkg/attestation/attestation_test.go → attestation/attestation_test.go b/pkg/attestation/attestation_test.go → attestation/attestation_test.go
diff --git a/pkg/attestation/nitro.go → attestation/nitro.go b/pkg/attestation/nitro.go → attestation/nitro.go
diff --git a/pkg/attestation/nitro_test.go → attestation/nitro_test.go b/pkg/attestation/nitro_test.go → attestation/nitro_test.go
@@ -47,3 +47,24 @@ func TestNitroVerify(t *testing.T) {
 	assert.Empty(t, userData)
 	assert.Nil(t, attestation.Equals(expectedMeasurement))
 }
+
+func TestNitroVerifyInvalidPayload(t *testing.T) {
+	undo := mockNitroVerifier()
+	defer undo()
+
+	_, _, err := VerifyAttestationJSON([]byte(`{
+		"format": "https://tinfoil.sh/predicate/aws-nitro-enclave/v1",
+		"body": "invalid"
+	}`))
+	assert.NotNil(t, err)
+}
+
+func TestNitroVerifyExpiredAttestation(t *testing.T) {
+	payload := `{
+		"format": "https://tinfoil.sh/predicate/aws-nitro-enclave/v1",
+		"body": "hEShATgioFkQ/6lpbW9kdWxlX2lkeCdpLTA4NGVlNTIxZDVmOTIxMDk2LWVuYzAxOTM2OTdkZjhlNDcwNjNmZGlnZXN0ZlNIQTM4NGl0aW1lc3RhbXAbAAABlE5MLItkcGNyc7AAWDBEBqggqpahA/zWQPqijfY4TjNZPThn2EzFnat6rM6oiXR01AWKMXRm6vEjSlbMII4BWDBLTVs2YbPvwSkgkAyA4Sbkzng8Ui3mwCoqW/evOiuTJ7hndvGI5L4cHEBKEp29pJMCWDDBHp3xYXzzMFM+Rcdcr8LaJLBN9OsKhmhIGxZp0x30ppDor2h4VTGPszX7K71Zb/sDWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEWDDM5N5yesCUnVB1HrTnLihT3IzVWB8CbCUa7Zb7u2461AdTQ9WN6naoGN2rWMuzlRYFWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPWDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABrY2VydGlmaWNhdGVZAn4wggJ6MIICAaADAgECAhABk2l9+ORwYwAAAABngIqeMAoGCCqGSM49BAMDMIGOMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEPMA0GA1UECgwGQW1hem9uMQwwCgYDVQQLDANBV1MxOTA3BgNVBAMMMGktMDg0ZWU1MjFkNWY5MjEwOTYudXMtZWFzdC0yLmF3cy5uaXRyby1lbmNsYXZlczAeFw0yNTAxMTAwMjQ4NTlaFw0yNTAxMTAwNTQ5MDJaMIGTMQswCQYDVQQGEwJVUzETMBEGA1UECAwKV2FzaGluZ3RvbjEQMA4GA1UEBwwHU2VhdHRsZTEPMA0GA1UECgwGQW1hem9uMQwwCgYDVQQLDANBV1MxPjA8BgNVBAMMNWktMDg0ZWU1MjFkNWY5MjEwOTYtZW5jMDE5MzY5N2RmOGU0NzA2My51cy1lYXN0LTIuYXdzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAENZ7QlD3uDtte2sQpncHzHfhzht8VF5ttgV5jCbgVus9ZKxBAcSOy+swgQ9Zi5g0QnKtQpCYk2PXbNwDLcKkjk6xG8UqsC61jpinP+dm2nVKbTFsQdTrJ4wuTn9vdRLwoox0wGzAMBgNVHRMBAf8EAjAAMAsGA1UdDwQEAwIGwDAKBggqhkjOPQQDAwNnADBkAjAWSk/kLXGsznhi0vVNMXWf3WJMDqia6+1YT1RDY9b2jxza0dP6L3z8/MmyWGrlAtMCMHtZMOiL7rVe+EpNHt4hePtcHxxzqlrOmUTGIj8qO/fAX9q/dCX585TlfkTCfsL2G2hjYWJ1bmRsZYRZAhUwggIRMIIBlqADAgECAhEA+TF1aBuQr+EdRsy05Of4VjAKBggqhkjOPQQDAzBJMQswCQYDVQQGEwJVUzEPMA0GA1UECgwGQW1hem9uMQwwCgYDVQQLDANBV1MxGzAZBgNVBAMMEmF3cy5uaXRyby1lbmNsYXZlczAeFw0xOTEwMjgxMzI4MDVaFw00OTEwMjgxNDI4MDVaMEkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKDAZBbWF6b24xDDAKBgNVBAsMA0FXUzEbMBkGA1UEAwwSYXdzLm5pdHJvLWVuY2xhdmVzMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/AJU66YIwfNocOKa2pC+RjgyknNuiUv/9nLZiURLUFHlNKSx9tvjwLxYGjK3sXYHDt4S1po/6iEbZudSz33R3QlfbxNw9BcIQ9ncEAEh5M9jASgJZkSHyXlihDBNxT/0o0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSQJbUN2QVH55bDlvpync+Zqd9LljAOBgNVHQ8BAf8EBAMCAYYwCgYIKoZIzj0EAwMDaQAwZgIxAKN/L5Ghyb1e57hifBaY0lUDjh8DQ/lbY6lijD05gJVFoR68vy47Vdiu7nG0w9at8wIxAKLzmxYFsnAopd1LoGm1AW5ltPvej+AGHWpTGX+c2vXZQ7xh/CvrA8tv7o0jAvPf9lkCwzCCAr8wggJFoAMCAQICEQC7dmR+8/QopRY/WpD3qdM3MAoGCCqGSM49BAMDMEkxCzAJBgNVBAYTAlVTMQ8wDQYDVQQKDAZBbWF6b24xDDAKBgNVBAsMA0FXUzEbMBkGA1UEAwwSYXdzLm5pdHJvLWVuY2xhdmVzMB4XDTI1MDEwNjEyNDgwN1oXDTI1MDEyNjEzNDgwN1owZDELMAkGA1UEBhMCVVMxDzANBgNVBAoMBkFtYXpvbjEMMAoGA1UECwwDQVdTMTYwNAYDVQQDDC02OTM3Nzc5ZmJiZGZlMGJiLnVzLWVhc3QtMi5hd3Mubml0cm8tZW5jbGF2ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQZnJS6l5kwgVgd3zA/+epSkC1cCHhBSehnwJrrDLJCAoIj2JJpTC5aqUWsV9b+hekthKynSnbwAVev1pLi3eOU0ocri4WNtOioUhx/fvImddCYPEM9tVPndGLYJbTqYwKjgdUwgdIwEgYDVR0TAQH/BAgwBgEB/wIBAjAfBgNVHSMEGDAWgBSQJbUN2QVH55bDlvpync+Zqd9LljAdBgNVHQ4EFgQUWz7jWsnEIRpAEH4gaSxtpfSYtq0wDgYDVR0PAQH/BAQDAgGGMGwGA1UdHwRlMGMwYaBfoF2GW2h0dHA6Ly9hd3Mtbml0cm8tZW5jbGF2ZXMtY3JsLnMzLmFtYXpvbmF3cy5jb20vY3JsL2FiNDk2MGNjLTdkNjMtNDJiZC05ZTlmLTU5MzM4Y2I2N2Y4NC5jcmwwCgYIKoZIzj0EAwMDaAAwZQIwfk16wxkpCrFQhwPJZwV0vGKiUJSuhNIooQuethG2HFRub5xreF9ugLXp3LQ5bBSRAjEAhJrWG2MsNxSeQh2itah0P7jrRF2ImZzMAeEPDDoaMrwf6H4gVqaJUZaXpxloYJc8WQMYMIIDFDCCApugAwIBAgIRALUiUwAWe48SgNSDjJ9uP+0wCgYIKoZIzj0EAwMwZDELMAkGA1UEBhMCVVMxDzANBgNVBAoMBkFtYXpvbjEMMAoGA1UECwwDQVdTMTYwNAYDVQQDDC02OTM3Nzc5ZmJiZGZlMGJiLnVzLWVhc3QtMi5hd3Mubml0cm8tZW5jbGF2ZXMwHhcNMjUwMTA5MDY1ODA1WhcNMjUwMTE0MjI1ODA1WjCBiTE8MDoGA1UEAwwzMmZiMDQ3ZjA2NWEyNTgwNC56b25hbC51cy1lYXN0LTIuYXdzLm5pdHJvLWVuY2xhdmVzMQwwCgYDVQQLDANBV1MxDzANBgNVBAoMBkFtYXpvbjELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAldBMRAwDgYDVQQHDAdTZWF0dGxlMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAE/CELSfGz5Qmt59L/V5wn4/hYAYVO7CV4OwOSzefUchv4LM2p3/cKQ8TdCLu6jbbxgrZfZ7QCQi8rSztmxUBhwUV+vlo6RSBgxbVZtppyYR7Xoq3bFaGutpyweSMv5mZCo4HqMIHnMBIGA1UdEwEB/wQIMAYBAf8CAQEwHwYDVR0jBBgwFoAUWz7jWsnEIRpAEH4gaSxtpfSYtq0wHQYDVR0OBBYEFDXH18QDavT6zs7CZc6AAQoxrl+zMA4GA1UdDwEB/wQEAwIBhjCBgAYDVR0fBHkwdzB1oHOgcYZvaHR0cDovL2NybC11cy1lYXN0LTItYXdzLW5pdHJvLWVuY2xhdmVzLnMzLnVzLWVhc3QtMi5hbWF6b25hd3MuY29tL2NybC9iYWYyNWJlZC1kNWFmLTQ4OGQtODQ0ZC04Y2VhOWExNmU1Y2QuY3JsMAoGCCqGSM49BAMDA2cAMGQCMCT2jjs/qWCKm+nXffD82eDe+EhWAgxsQigrif6tyrVxIW/5st7gFE38Wal8fBpCfQIwVO63+eLm6CSLvjgYYzuX49U1ZN7zQnBPxgtgPAgD80t1ln7j+hgcQ4EiZY4frujOWQLDMIICvzCCAkWgAwIBAgIVAJlfeeaIxs37YSDIAh9gyAmvX0jtMAoGCCqGSM49BAMDMIGJMTwwOgYDVQQDDDMyZmIwNDdmMDY1YTI1ODA0LnpvbmFsLnVzLWVhc3QtMi5hd3Mubml0cm8tZW5jbGF2ZXMxDDAKBgNVBAsMA0FXUzEPMA0GA1UECgwGQW1hem9uMQswCQYDVQQGEwJVUzELMAkGA1UECAwCV0ExEDAOBgNVBAcMB1NlYXR0bGUwHhcNMjUwMTA5MTYyMDQ0WhcNMjUwMTEwMTYyMDQ0WjCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCldhc2hpbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxDzANBgNVBAoMBkFtYXpvbjEMMAoGA1UECwwDQVdTMTkwNwYDVQQDDDBpLTA4NGVlNTIxZDVmOTIxMDk2LnVzLWVhc3QtMi5hd3Mubml0cm8tZW5jbGF2ZXMwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAASm6jRWRmZsKWV3gz8w99hrO0C0tyCKIri+4duo37r/r8Y/ODJf54sbvVU3o1BO9EcM/iOtPmre57qlYziMMorSl1NC/isUA3694XLRg3rBG5F1DfBIibhHk+OuY0SCShWjZjBkMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQVeqBm82IKX6mNBq8eEsqYX4lPmzAfBgNVHSMEGDAWgBQ1x9fEA2r0+s7OwmXOgAEKMa5fszAKBggqhkjOPQQDAwNoADBlAjAUUr7SWXmsYpuh4u9HsEnj9jXiIzQsEiKp5TUirDMAMD+EzZDEq2g7hWhkhqxj/5wCMQC/EoFi7JoD70rrf8hr50W+gul+QcGShsIDQ6GMbMOMXC0oIncopLINc5DVcPKhXwFqcHVibGljX2tlefZpdXNlcl9kYXRh9mVub25jZfZYYKyfchEsQ43Iq5aEasXCc5MvGGZ2aiWgWacnaT7CbG4Ac+Z/05zHjJemTGHd4U46Ms7LZO7+M2Mt04vxWs9F153/g4bZgjBjYqZpirp4NyI+mbDW0OAa5t9BldElnx6DVg=="
+	}`
+
+	_, _, err := VerifyAttestationJSON([]byte(payload))
+	assert.NotNil(t, err)
+}
diff --git a/pkg/attestation/provider.go → attestation/provider.go b/pkg/attestation/provider.go → attestation/provider.go
diff --git a/pkg/attestation/sev.go → attestation/sev.go b/pkg/attestation/sev.go → attestation/sev.go
@@ -10,7 +10,7 @@ import (
 	"github.com/google/go-sev-guest/verify"
 	"google.golang.org/protobuf/types/known/wrapperspb"
 
-	"github.com/tinfoilanalytics/verifier/pkg/util"
+	"github.com/tinfoilanalytics/verifier/util"
 )
 
 func verifySevAttestation(attestationDoc string) (*Measurement, []byte, error) {

diff --git a/pkg/attestation/sev_test.go → attestation/sev_test.go b/pkg/attestation/sev_test.go → attestation/sev_test.go
diff --git a/pkg/client/client.go → client/client.go b/pkg/client/client.go → client/client.go
@@ -5,9 +5,9 @@ import (
 	"fmt"
 	"net/http"
 
-	"github.com/tinfoilanalytics/verifier/pkg/attestation"
-	"github.com/tinfoilanalytics/verifier/pkg/github"
-	"github.com/tinfoilanalytics/verifier/pkg/sigstore"
+	"github.com/tinfoilanalytics/verifier/attestation"
+	"github.com/tinfoilanalytics/verifier/github"
+	"github.com/tinfoilanalytics/verifier/sigstore"
 )
 
 type EnclaveState struct {

diff --git a/pkg/client/http.go → client/http.go b/pkg/client/http.go → client/http.go
diff --git a/pkg/client/roundtrip.go → client/roundtrip.go b/pkg/client/roundtrip.go → client/roundtrip.go
diff --git a/pkg/config/config.go → config/config.go b/pkg/config/config.go → config/config.go
diff --git a/pkg/config/config_test.go → config/config_test.go b/pkg/config/config_test.go → config/config_test.go
diff --git a/gen/main.go b/gen/main.go
@@ -0,0 +1,20 @@
+package main
+
+import (
+	"fmt"
+	sevpb "github.com/google/go-sev-guest/proto/sevsnp"
+	"google.golang.org/protobuf/types/known/wrapperspb"
+)
+
+var products = []*sevpb.SevProduct{
+	{
+		Name:            sevpb.SevProduct_SEV_PRODUCT_GENOA,
+		MachineStepping: &wrapperspb.UInt32Value{Value: uint32(0)},
+	},
+}
+
+func main() {
+	for _, product := range products {
+		fmt.Printf("%+v", product)
+	}
+}
diff --git a/pkg/github/github.go → github/github.go b/pkg/github/github.go → github/github.go
diff --git a/pkg/sigstore/sigstore.go → sigstore/sigstore.go b/pkg/sigstore/sigstore.go → sigstore/sigstore.go
@@ -11,7 +11,7 @@ import (
 	"github.com/sigstore/sigstore-go/pkg/tuf"
 	"github.com/sigstore/sigstore-go/pkg/verify"
 
-	"github.com/tinfoilanalytics/verifier/pkg/attestation"
+	"github.com/tinfoilanalytics/verifier/attestation"
 )
 
 const (

diff --git a/pkg/util/fetch.go → util/fetch.go b/pkg/util/fetch.go → util/fetch.go
diff --git a/pkg/util/fetch_other.go → util/fetch_other.go b/pkg/util/fetch_other.go → util/fetch_other.go
diff --git a/pkg/util/fetch_wasm.go → util/fetch_wasm.go b/pkg/util/fetch_wasm.go → util/fetch_wasm.go