From c8e181c487c8bee38fc17ce61a62a2df55dac293 Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Tue, 30 Jun 2026 22:21:51 +0100 Subject: [PATCH 1/3] Update Veraison repository guide --- repo-guide.md | 100 +++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 91 insertions(+), 9 deletions(-) diff --git a/repo-guide.md b/repo-guide.md index 68414c1..b86d358 100644 --- a/repo-guide.md +++ b/repo-guide.md @@ -19,8 +19,14 @@ Compilation of documentation for various Veraison projects into a reader-friendl [community](https://github.com/veraison/community) Veraison community files. Look here for introductory presentations to the project and CCC membership materials. +[veraison](https://github.com/veraison/veraison) +This repo is used for managing conversations about Veraison features. + +[.github](https://github.com/veraison/.github) +Veraison org-level files. + [veraison.github.io](https://github.com/veraison/veraison.github.io) -Currently a placeholder for veraison-project.org. +Veraison project web site. ## Client Libraries Veraison services expose REST APIs. This set of libraries provides convenient code abstractions for the API model, to be used in client verification and provisioning applications. @@ -45,12 +51,24 @@ Rust implementation of the Arm Confidential Computing Architecture (CCA) Attesta [parsec](https://github.com/veraison/parsec): Library support for handling the Parsec Key Attestation formats used in the attested TLS PoC. +[ccaguest](https://github.com/veraison/ccaguest) +A feature-rich tool for exploring CCA attestation. + +[rust-regl](https://github.com/veraison/rust-regl) +Evidence generation library in Rust. + ## Demos and Integration Examples [enact-demo](https://github.com/veraison/enact-demo): EnactTrust TPM/Veraison interop demo and related docs [keybroker-demo](https://github.com/veraison/keybroker-demo): A simple key broker protocol demonstration +[cca-coserv-demo](https://github.com/veraison/cca-coserv-demo): CoSERV & Arm CCA end-to-end demo + +[ietf-110-hackathon-demo](https://github.com/veraison/ietf-110-hackathon-demo): docker compose based Attester / Verifier environment based on veraison components + +[ietf-115-hackathon](https://github.com/veraison/ietf-115-hackathon): IETF 115 hackathon work + ## CLI tools CLI tools for illustrative interactions with attestation tokens or a Veraison service. Used for demos & integration testing. @@ -70,6 +88,18 @@ Test case generator for CoRIM-related testing and validation [cca-realm-measurements](https://github.com/veraison/cca-realm-measurements) A tool to calculate Realm Initial Measurements and Realm Extended Measurements for Arm CCA +[cocli](https://github.com/veraison/cocli) +CLI tool to manipulate CoRIM and CoMIDs + +[corim-tool](https://github.com/veraison/corim-tool) +A CLI for working with CoRIMs based on corim-rs. + +[cover](https://github.com/veraison/cover) +CoRIM Verifier + +[go-gen-ref](https://github.com/veraison/go-gen-ref) +Tool to generate reference values for the SEV-SNP scheme + ## Standards driven work The Veraison Project supports Attestation related working groups in standards bodies, in particular IETF & TCG. This set of repos provide test bed implementations for some of the standards work, as related to Veraison services. @@ -77,6 +107,9 @@ The Veraison Project supports Attestation related working groups in standards bo [eat](https://github.com/veraison/eat) Golang library for manipulating Entity Attestation Tokens (draft-ietf-rats-eat). +[da](https://github.com/veraison/da) +Golang implementation of draft-poirier-rats-eat-da. + #### EAR These libraries provide functions for working with EAR (EAT Attestation Results), an EAT/JWT serialisation of the Attestation Result for Secure Interactions (AR4SI) information model - see draft-fv-rats-ear @@ -91,15 +124,21 @@ These libraries provide functions for working with EAR (EAT Attestation Results) [ratsd](https://github.com/veraison/ratsd): A RATS conceptual message collection daemon +[coserv-rs](https://github.com/veraison/coserv-rs): Rust implementation of CoSERV data types and API bindings + #### Verifier Provisioning These libraries provide support for the standard information models used to convey data to a Verifier. -[corim](https://github.com/veraison/corim): manipulation of Concise Reference Integrity Manifest (CoRIM) and Concise Module Identifier (CoMID) tags. Also includes cocli CLI tool, that assists users creating CoRIM & CoMID tags. +[corim](https://github.com/veraison/corim): manipulation of Concise Reference Integrity Manifest (CoRIM) and Concise Module Identifier (CoMID) tags. [corim-rs](https://github.com/veraison/corim-rs): Rust implementation of CoRIM and CoMID manipulation library +[corim-store](https://github.com/veraison/corim-store): An endorsement store based on CoRIM, implemented on top of a relational DBMS. + [swid](https://github.com/veraison/swid) : SWID and CoSWID manipulation library +[endorsement-store-protobuf-test](https://github.com/veraison/endorsement-store-protobuf-test): Prototyping endorsement store interface using protobufs. + #### COSE [go-cose](https://github.com/veraison/go-cose): go library for CBOR Object Signing and Encryption (COSE) @@ -110,7 +149,7 @@ flowchart TD VR("Veraison Roles") style VR fill:#f9f,stroke:#333,stroke-width:4px LG["Logical Group \n Repository name"] -subgraph Daigram[Daigram Convention] +subgraph Diagram[Diagram Convention] VR -->| Direct Usage | LG VR -.-> | Possible Usage | LG @@ -121,7 +160,7 @@ end ```mermaid flowchart TD -subgraph Veraison["Core Structure Core Structure "] style Veraison stroke:#333,stroke-width:4px SP("Supply Chain") @@ -133,28 +172,40 @@ style ATT fill:#f9f,stroke:#333,stroke-width:4px COCLI["Endorsement Manipulation CLI Tool cocli"] -GEN-CORIM["Endorsement creation from Evidence CLI Tool +GENCORIM["Endorsement creation from Evidence CLI Tool gen-corim"] +GENREF["Reference Value Generation Tool + go-gen-ref"] + VPF["Verifier Provisioning Formats corim corim-rs - coswid"] + swid + coserv-rs"] COCLI ---> VPF +GENCORIM ---> VPF +GENREF ---> VPF CL["Common Libraries go-cose"] VPF ---> CL +ESTORE["Endorsement Stores + corim-store + endorsement-store-protobuf-test"] +ESTORE ---> VPF + EF["Evidence Formats dice eat psatoken ccatoken rust-ccatoken - enacttrust-tpm - parsec (tpm, cca)"] + parsec (tpm) + rust-regl + da"] EF ---> CL SD["Core Verifier repositories @@ -183,10 +234,13 @@ Verifier ---> AR Verifier ---> VPF +Verifier ---> ESTORE Verifier ---> CL Verifier ---> EF SP ---> COCLI +SP ---> GENCORIM +SP ---> GENREF API["API CLIENT LIBRARIES apiclient @@ -197,12 +251,24 @@ SP -.-> API EVCLI["Evidence Manipulation CLI Tool \n evcli "] EVCLI ---> API +CCATOOLS["CCA Tools + ccaguest + cca-realm-measurements"] +CCATOOLS ---> EF + +CORIMTOOLS["CoRIM CLI Tools + corim-tool + cover"] +CORIMTOOLS ---> VPF + CMW["CONCEPTUAL MESSAGE WRAPPER cmw - rust-cmw"] + rust-cmw + coserv-rs"] ATT --->EF ATT -.-> EVCLI +ATT -.-> CCATOOLS EVCLI ---> EF API ---> CMW Verifier ---> CMW @@ -222,10 +288,26 @@ end ```mermaid flowchart TD VA[" + .github community + veraison veraison.github.io"] subgraph Veraison["Administrative Repositories"] VA end ``` + +```mermaid +flowchart TD +VD[" + cca-coserv-demo + enact-demo + ietf-110-hackathon-demo + ietf-115-hackathon + keybroker-demo"] +subgraph Veraison["Demos and Integration Examples"] +VD +end + +``` From 3dc5d0f28c63d53160137b996deb697b56533f16 Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Tue, 30 Jun 2026 22:33:17 +0100 Subject: [PATCH 2/3] Apply suggestions from code review Co-authored-by: Yogesh Deshpande --- repo-guide.md | 11 +---------- 1 file changed, 1 insertion(+), 10 deletions(-) diff --git a/repo-guide.md b/repo-guide.md index b86d358..83e635c 100644 --- a/repo-guide.md +++ b/repo-guide.md @@ -65,11 +65,6 @@ Evidence generation library in Rust. [cca-coserv-demo](https://github.com/veraison/cca-coserv-demo): CoSERV & Arm CCA end-to-end demo -[ietf-110-hackathon-demo](https://github.com/veraison/ietf-110-hackathon-demo): docker compose based Attester / Verifier environment based on veraison components - -[ietf-115-hackathon](https://github.com/veraison/ietf-115-hackathon): IETF 115 hackathon work - - ## CLI tools CLI tools for illustrative interactions with attestation tokens or a Veraison service. Used for demos & integration testing. @@ -137,8 +132,6 @@ These libraries provide support for the standard information models used to conv [swid](https://github.com/veraison/swid) : SWID and CoSWID manipulation library -[endorsement-store-protobuf-test](https://github.com/veraison/endorsement-store-protobuf-test): Prototyping endorsement store interface using protobufs. - #### COSE [go-cose](https://github.com/veraison/go-cose): go library for CBOR Object Signing and Encryption (COSE) @@ -194,7 +187,7 @@ VPF ---> CL ESTORE["Endorsement Stores corim-store - endorsement-store-protobuf-test"] + "] ESTORE ---> VPF EF["Evidence Formats @@ -303,8 +296,6 @@ flowchart TD VD[" cca-coserv-demo enact-demo - ietf-110-hackathon-demo - ietf-115-hackathon keybroker-demo"] subgraph Veraison["Demos and Integration Examples"] VD From 4d9981079b3dd4598acb52d768be9f58d96af5be Mon Sep 17 00:00:00 2001 From: Yogesh Deshpande Date: Tue, 30 Jun 2026 22:33:32 +0100 Subject: [PATCH 3/3] Apply suggestions from code review Co-authored-by: Yogesh Deshpande --- repo-guide.md | 6 ------ 1 file changed, 6 deletions(-) diff --git a/repo-guide.md b/repo-guide.md index 83e635c..e18069c 100644 --- a/repo-guide.md +++ b/repo-guide.md @@ -19,12 +19,6 @@ Compilation of documentation for various Veraison projects into a reader-friendl [community](https://github.com/veraison/community) Veraison community files. Look here for introductory presentations to the project and CCC membership materials. -[veraison](https://github.com/veraison/veraison) -This repo is used for managing conversations about Veraison features. - -[.github](https://github.com/veraison/.github) -Veraison org-level files. - [veraison.github.io](https://github.com/veraison/veraison.github.io) Veraison project web site.