Add Verification Policy template

Bug: 356629119

Change-Id: Iff766185dfefbf85c1f447a5df8de84d5d36abf9

oak_attestation_verification/src/lib.rs

@@ -21,6 +21,7 @@ extern crate alloc;
 
 pub mod amd;
 pub mod endorsement;
+pub mod policy;
 pub mod rekor;
 pub mod util;
 pub mod verifier;

oak_attestation_verification/src/policy.rs

@@ -0,0 +1,44 @@
+//
+// Copyright 2024 The Project Oak Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+//! Contains code related to attestation verification policies.
+
+use oak_proto_rust::oak::attestation::v1::{
+    AttestationResults, Endorsements, EventAttestationResults, EventLog,
+};
+
+/// Verification Policy that takes an EventLog and corresponding Event
+/// Endorsements and performs attestation verification.
+///
+/// Verification Policy correspond to the "Appraisal Policy for Evidence"
+/// provided by the RATS standard.
+/// <https://datatracker.ietf.org/doc/html/rfc9334#section-8.5>
+pub trait Policy {
+    fn verify(
+        event_log: &EventLog,
+        endorsements: &Endorsements,
+    ) -> anyhow::Result<AttestationResults>;
+}
+
+/// Verification Policy that takes a serialized Event and a serialized Event
+/// Endorsement and performs attestation verification for this specific Event.
+pub trait EventPolicy {
+    fn verify(
+        &self,
+        serialized_event: &[u8],
+        serialized_event_endorsements: &[u8],
+    ) -> anyhow::Result<EventAttestationResults>;
+}

oak_proto_rust/generated/oak.attestation.v1.rs

@@ -971,6 +971,9 @@ pub struct AttestationResults {
     /// Contains the evidence values whenever the status indicates success.
     #[prost(message, optional, tag = "5")]
     pub extracted_evidence: ::core::option::Option<ExtractedEvidence>,
+    /// Detailed attestation verification results each event.
+    #[prost(message, repeated, tag = "6")]
+    pub event_attestation_results: ::prost::alloc::vec::Vec<EventAttestationResults>,
 }
 /// Nested message and enum types in `AttestationResults`.
 pub mod attestation_results {
@@ -1014,6 +1017,11 @@ pub mod attestation_results {
         }
     }
 }
+/// Attestation verification results for an individual event.
+/// TODO: b/366419879 - Implement descriptive per-event attestation results.
+#[allow(clippy::derive_partial_eq_without_eq)]
+#[derive(Clone, PartialEq, ::prost_derive::Message)]
+pub struct EventAttestationResults {}
 /// Evidence values extracted from attestation evidence during verification.
 #[allow(clippy::derive_partial_eq_without_eq)]
 #[derive(Clone, PartialEq, ::prost_derive::Message)]

proto/attestation/verification.proto

@@ -59,8 +59,15 @@ message AttestationResults {
 
   // Contains the evidence values whenever the status indicates success.
   ExtractedEvidence extracted_evidence = 5;
+
+  // Detailed attestation verification results each event.
+  repeated EventAttestationResults event_attestation_results = 6;
 }
 
+// Attestation verification results for an individual event.
+// TODO: b/366419879 - Implement descriptive per-event attestation results.
+message EventAttestationResults {}
+
 // Evidence values extracted from attestation evidence during verification.
 message ExtractedEvidence {
   oneof evidence_values {