Rule.java

/*
 * Copyright (C) 2012 Intel Corporation
 * All rights reserved.
 */
package com.intel.mtwilson.policy;

import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonTypeInfo;

/**
 * A TrustPolicy defines which PCRs must have what values. It is different
 * than simply defining a PcrManifest because, in addition to allowing for
 * a variety of expected values, it produces a report that details the compliance
 * or non-compliance of a given PcrManifest with the policy.
 * 
 * The contract of any implementation of TrustPolicy is that it be reusable.
 * That is, it should be possible to call apply() repeatedly on different
 * HostReport instances and get a correct report for each one. The TrustPolicy
 * instance itself should NOT maintain any state regarding the last instance 
 * checked - the entire result set of apply() must be returned via the TrustReport.
 * 
 * @since 1.2
 * @author jbuhacoff
 */
@JsonInclude(JsonInclude.Include.NON_EMPTY)
@JsonIgnoreProperties(ignoreUnknown=true)
@JsonTypeInfo(use=JsonTypeInfo.Id.CLASS, property="rule_name")
public interface Rule {
    RuleResult apply(HostReport hostReport); // applies the trust policy to the given host report and returns the resulting trust report
    String[] getMarkers(); // indicate the purpose of this policy; read like this "policy indicates that [markers] are trusted" where markers can be "bios", "vmm", "location", or user-defined;  BUT the trust is actually defined by "AND" of all policies that declare a marker... so "vmm" only trusted if all policies that include "vmm" in their markers list reported "trusted"
}