Documentation ¶
Index ¶
- Variables
- type Credential
- type KeyType
- type ProvisioningAuthority
- type ProvisioningConf
- type TPMSimulator
- func (s *TPMSimulator) GenerateDevID(p *ProvisioningAuthority, keyType KeyType, keyPassword string) (*Credential, error)
- func (s *TPMSimulator) GetEKRoot() *x509.Certificate
- func (s *TPMSimulator) OpenTPM(path ...string) (io.ReadWriteCloser, error)
- func (s *TPMSimulator) SetEndorsementCertificate(ekCert []byte) error
Constants ¶
This section is empty.
Variables ¶
var (
ErrUsingClosedSimulator = simulator.ErrUsingClosedSimulator
)
Functions ¶
This section is empty.
Types ¶
type Credential ¶
type Credential struct { Certificate *x509.Certificate Intermediates []*x509.Certificate PrivateBlob []byte PublicBlob []byte }
func (*Credential) Chain ¶
func (c *Credential) Chain() [][]byte
Chain returns the leaf and intermediate certificates in DER format
func (*Credential) ChainPem ¶
func (c *Credential) ChainPem() []byte
ChainPem returns the leaf and intermediate certificates in PEM format
type ProvisioningAuthority ¶
type ProvisioningAuthority struct { RootCert *x509.Certificate RootKey *rsa.PrivateKey IntermediateCert *x509.Certificate IntermediateKey *rsa.PrivateKey }
func NewProvisioningCA ¶
func NewProvisioningCA(c *ProvisioningConf) (*ProvisioningAuthority, error)
NewProvisioningCA creates a new provisioning authority to issue DevIDs certificate. If root certificate and key are not provided, a new, self-signed certificate and key are generated.
type ProvisioningConf ¶
type ProvisioningConf struct { NoIntermediates bool RootCertificate *x509.Certificate RootKey *rsa.PrivateKey }
type TPMSimulator ¶
func New ¶
func New(endorsementHierarchyPassword, ownerHierarchyPassword string) (*TPMSimulator, error)
New creates a new TPM simulator and sets an RSA endorsement certificate.
func (*TPMSimulator) GenerateDevID ¶
func (s *TPMSimulator) GenerateDevID(p *ProvisioningAuthority, keyType KeyType, keyPassword string) (*Credential, error)
GenerateDevID generates a new DevID credential using the given provisioning authority and key type. DevIDs generated using this function are for test only. There is not guarantee that the identities generated by this method are compliant with the TCG/IEEE specification.
func (*TPMSimulator) GetEKRoot ¶
func (s *TPMSimulator) GetEKRoot() *x509.Certificate
GetEKRoot returns the manufacturer CA used to sign the endorsement certificate
func (*TPMSimulator) OpenTPM ¶
func (s *TPMSimulator) OpenTPM(path ...string) (io.ReadWriteCloser, error)
func (*TPMSimulator) SetEndorsementCertificate ¶
func (s *TPMSimulator) SetEndorsementCertificate(ekCert []byte) error