Documentation
¶
Overview ¶
Trusted Launch ¶
Use Azure's trusted launch vTPM to enable a TPM based measure boot Constellation.
Issuer ¶
Generates a TPM attestation using an attestation key saved in the TPM. Additionally an endorsement certificate of the key, and corresponding CA certificate chain are added to the attestation document.
Validator ¶
Verifies the TPM attestation statement using the public key of the endorsement certificate. The certificate is verified by first verifying its CA certificate chain.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Issuer ¶
type Issuer struct {
variant.AzureTrustedLaunch
*vtpm.Issuer
// contains filtered or unexported fields
}
Issuer for Azure trusted launch TPM attestation.
func NewIssuer ¶
func NewIssuer(log attestation.Logger) *Issuer
NewIssuer initializes a new Azure Issuer.
type Validator ¶
type Validator struct {
variant.AzureTrustedLaunch
*vtpm.Validator
// contains filtered or unexported fields
}
Validator for Azure trusted launch VM attestation.
func NewValidator ¶
func NewValidator(cfg *config.AzureTrustedLaunch, log attestation.Logger) *Validator
NewValidator initializes a new Azure validator with the provided PCR values.
Source Files
Click to show internal directories.
Click to hide internal directories.