Claims schema#
This is the schema of the claims generated by the nvat_attest_system().
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://nvidia.com/schemas/attestation-claims.json",
"title": "NVIDIA Attestation Claims",
"description": "Schema for NVIDIA GPU and Switch attestation claims",
"type": "array",
"$defs": {
"measuresClaim": {
"type": "string",
"enum": ["Success", "Failure"],
"description": "Measurement validation result"
},
"certChainClaims": {
"type": "object",
"description": "Certificate chain validation claims",
"additionalProperties": true
},
"mismatchedMeasurement": {
"type": "object",
"description": "Details about mismatched measurements",
"additionalProperties": true
},
"gpuClaims": {
"type": "object",
"properties": {
"measres": {
"$ref": "#/$defs/measuresClaim"
},
"secboot": {
"oneOf": [
{ "type": "boolean" },
{ "type": "null" }
],
"description": "Secure boot status (optional)"
},
"dbgstat": {
"oneOf": [
{ "type": "string" },
{ "type": "null" }
],
"description": "Debug status (optional)"
},
"x-nvidia-device-type": {
"type": "string",
"const": "gpu",
"description": "Type of NVIDIA device"
},
"x-nvidia-mismatch-measurement-records": {
"oneOf": [
{
"type": "array",
"items": { "$ref": "#/$defs/mismatchedMeasurement" }
},
{ "type": "null" }
],
"description": "Records of mismatched measurements (optional)"
},
"x-nvidia-gpu-arch-check": {
"type": "boolean",
"description": "GPU architecture validation result"
},
"x-nvidia-gpu-driver-version": {
"type": "string",
"description": "GPU driver version"
},
"x-nvidia-gpu-vbios-version": {
"type": "string",
"description": "GPU VBIOS version"
},
"x-nvidia-gpu-attestation-report-cert-chain": {
"$ref": "#/$defs/certChainClaims"
},
"x-nvidia-gpu-attestation-report-cert-chain-fwid-match": {
"type": "boolean"
},
"x-nvidia-gpu-attestation-report-parsed": {
"type": "boolean"
},
"x-nvidia-gpu-attestation-report-nonce-match": {
"type": "boolean"
},
"x-nvidia-gpu-attestation-report-signature-verified": {
"type": "boolean"
},
"x-nvidia-gpu-driver-rim-fetched": {
"type": "boolean"
},
"x-nvidia-gpu-driver-rim-schema-validated": {
"type": "boolean"
},
"x-nvidia-gpu-driver-rim-cert-chain": {
"$ref": "#/$defs/certChainClaims"
},
"x-nvidia-gpu-driver-rim-signature-verified": {
"type": "boolean"
},
"x-nvidia-gpu-driver-rim-version-match": {
"type": "boolean"
},
"x-nvidia-gpu-driver-rim-measurements-available": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-rim-fetched": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-rim-schema-validated": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-rim-cert-chain": {
"$ref": "#/$defs/certChainClaims"
},
"x-nvidia-gpu-vbios-rim-version-match": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-rim-signature-verified": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-rim-measurements-available": {
"type": "boolean"
},
"x-nvidia-gpu-vbios-index-no-conflict": {
"type": "boolean"
}
},
"required": [
"measres",
"x-nvidia-device-type",
"x-nvidia-gpu-arch-check",
"x-nvidia-gpu-driver-version",
"x-nvidia-gpu-vbios-version",
"x-nvidia-gpu-attestation-report-cert-chain",
"x-nvidia-gpu-attestation-report-cert-chain-fwid-match",
"x-nvidia-gpu-attestation-report-parsed",
"x-nvidia-gpu-attestation-report-nonce-match",
"x-nvidia-gpu-attestation-report-signature-verified",
"x-nvidia-gpu-driver-rim-fetched",
"x-nvidia-gpu-driver-rim-schema-validated",
"x-nvidia-gpu-driver-rim-cert-chain",
"x-nvidia-gpu-driver-rim-signature-verified",
"x-nvidia-gpu-driver-rim-version-match",
"x-nvidia-gpu-driver-rim-measurements-available",
"x-nvidia-gpu-vbios-rim-fetched",
"x-nvidia-gpu-vbios-rim-schema-validated",
"x-nvidia-gpu-vbios-rim-cert-chain",
"x-nvidia-gpu-vbios-rim-version-match",
"x-nvidia-gpu-vbios-rim-signature-verified",
"x-nvidia-gpu-vbios-rim-measurements-available",
"x-nvidia-gpu-vbios-index-no-conflict"
],
"additionalProperties": false
},
"switchClaims": {
"type": "object",
"properties": {
"measres": {
"$ref": "#/$defs/measuresClaim"
},
"secboot": {
"oneOf": [
{ "type": "boolean" },
{ "type": "null" }
],
"description": "Secure boot status (optional)"
},
"dbgstat": {
"oneOf": [
{ "type": "string" },
{ "type": "null" }
],
"description": "Debug status (optional)"
},
"x-nvidia-device-type": {
"type": "string",
"const": "nvswitch",
"description": "Type of NVIDIA device"
},
"x-nvidia-mismatch-measurement-records": {
"oneOf": [
{
"type": "array",
"items": { "$ref": "#/$defs/mismatchedMeasurement" }
},
{ "type": "null" }
],
"description": "Records of mismatched measurements (optional)"
},
"x-nvidia-switch-arch-check": {
"type": "boolean",
"description": "Switch architecture validation result"
},
"x-nvidia-switch-bios-version": {
"type": "string",
"description": "Switch BIOS version"
},
"x-nvidia-switch-attestation-report-cert-chain": {
"$ref": "#/$defs/certChainClaims"
},
"x-nvidia-switch-attestation-report-cert-chain-fwid-match": {
"type": "boolean"
},
"x-nvidia-switch-attestation-report-parsed": {
"type": "boolean"
},
"x-nvidia-switch-attestation-report-nonce-match": {
"type": "boolean"
},
"x-nvidia-switch-attestation-report-signature-verified": {
"type": "boolean"
},
"x-nvidia-switch-bios-rim-fetched": {
"type": "boolean"
},
"x-nvidia-switch-bios-rim-cert-chain": {
"$ref": "#/$defs/certChainClaims"
},
"x-nvidia-switch-bios-rim-signature-verified": {
"type": "boolean"
},
"x-nvidia-switch-bios-rim-version-match": {
"type": "boolean"
},
"x-nvidia-switch-bios-rim-measurements-available": {
"type": "boolean"
}
},
"required": [
"measres",
"x-nvidia-device-type",
"x-nvidia-switch-arch-check",
"x-nvidia-switch-bios-version",
"x-nvidia-switch-attestation-report-cert-chain",
"x-nvidia-switch-attestation-report-cert-chain-fwid-match",
"x-nvidia-switch-attestation-report-parsed",
"x-nvidia-switch-attestation-report-nonce-match",
"x-nvidia-switch-attestation-report-signature-verified",
"x-nvidia-switch-bios-rim-fetched",
"x-nvidia-switch-bios-rim-cert-chain",
"x-nvidia-switch-bios-rim-signature-verified",
"x-nvidia-switch-bios-rim-version-match",
"x-nvidia-switch-bios-rim-measurements-available"
],
"additionalProperties": false
}
},
"items": {
"oneOf": [
{ "$ref": "#/$defs/gpuClaims" },
{ "$ref": "#/$defs/switchClaims" }
]
},
"minItems": 1,
"additionalItems": false
}