vtpm

package
v2.2.0-pre Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 10, 2022 License: AGPL-3.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// PCRIndexOwnerID is a PCR we extend to mark the node as initialized.
	// The value used to extend is derived from Constellation's master key.
	PCRIndexOwnerID = tpmutil.Handle(11)
	// PCRIndexClusterID is a PCR we extend to mark the node as initialized.
	// The value used to extend is a random generated 32 Byte value.
	PCRIndexClusterID = tpmutil.Handle(12)
)

Variables

View Source
var (
	// AzurePCRSelection are the PCR values verified for Azure Constellations.
	// PCR[0] is excluded due to changing rarely, but unpredictably.
	// PCR[6] is excluded due to being different for any 2 VMs. See: https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf#%5B%7B%22num%22%3A157%2C%22gen%22%3A0%7D%2C%7B%22name%22%3A%22XYZ%22%7D%2C33%2C400%2C0%5D
	// PCR[10] is excluded since its value is derived from a digest of PCR[0-7]. See: https://sourceforge.net/p/linux-ima/wiki/Home/#ima-measurement-list
	AzurePCRSelection = tpm2.PCRSelection{
		Hash: tpm2.AlgSHA256,
		PCRs: []int{1, 2, 3, 4, 5, 7, 8, 9, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23},
	}
	// GCPPCRSelection are the PCR values verified for GCP Constellations.
	// On GCP firmware and other host controlled systems are static. This results in the same PCRs for any 2 VMs using the same image.
	GCPPCRSelection = tpmClient.FullPcrSel(tpm2.AlgSHA256)
	// QEMUPCRSelection are the PCR values verified for QEMU based Contellations.
	// PCR[1] is excluded. See: https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_PFP_r1p05_v23_pub.pdf#%5B%7B%22num%22:157,%22gen%22:0%7D,%7B%22name%22:%22XYZ%22%7D,33,400,0%5D
	// PCR[10] is excluded since its value is derived from a digest of PCR[0-7]. See: https://sourceforge.net/p/linux-ima/wiki/Home/#ima-measurement-list
	QEMUPCRSelection = tpm2.PCRSelection{
		Hash: tpm2.AlgSHA256,
		PCRs: []int{0, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23},
	}
)

Functions

func GetSHA256QuoteIndex

func GetSHA256QuoteIndex(quotes []*tpmProto.Quote) (int, error)

GetSHA256QuoteIndex performs safety checks and returns the index for SHA256 PCR quotes.

func GetSelectedPCRs

func GetSelectedPCRs(open TPMOpenFunc, selection tpm2.PCRSelection) (map[uint32][]byte, error)

GetSelectedPCRs returns a map of the selected PCR hashes.

func IsNodeBootstrapped

func IsNodeBootstrapped(openTPM TPMOpenFunc) (bool, error)

IsNodeBootstrapped checks if a node is already bootstrapped by reading PCRs.

func MarkNodeAsBootstrapped

func MarkNodeAsBootstrapped(openTPM TPMOpenFunc, clusterID []byte) error

MarkNodeAsBootstrapped marks a node as initialized by extending PCRs.

func OpenNOPTPM

func OpenNOPTPM() (io.ReadWriteCloser, error)

OpenNOPTPM returns a NOP io.ReadWriteCloser that can be used as a TPM.

func OpenVTPM

func OpenVTPM() (io.ReadWriteCloser, error)

OpenVTPM opens the vTPM at `TPMPath`.

func VerifyPKCS1v15

func VerifyPKCS1v15(pub crypto.PublicKey, hash crypto.Hash, hashed, sig []byte) error

VerifyPKCS1v15 is a convenience function to call rsa.VerifyPKCS1v15.

Types

type AttestationDocument

type AttestationDocument struct {
	// Attestation contains the TPM event log, PCR values and quotes, and public key of the key used to sign the attestation.
	Attestation *attest.Attestation
	// InstanceInfo is used to verify the provided public key.
	InstanceInfo []byte
	// arbitrary data, signed by the TPM.
	UserData          []byte
	UserDataSignature []byte
}

AttestationDocument contains the TPM attestation with signed user data.

type GetInstanceInfo

type GetInstanceInfo func(tpm io.ReadWriteCloser) ([]byte, error)

GetInstanceInfo returns VM metdata.

type GetTPMAttestationKey

type GetTPMAttestationKey func(tpm io.ReadWriter) (*tpmClient.Key, error)

GetTPMAttestationKey loads a TPM key to perform attestation.

type GetTPMTrustedAttestationPublicKey

type GetTPMTrustedAttestationPublicKey func(akPub []byte, instanceInfo []byte) (crypto.PublicKey, error)

GetTPMTrustedAttestationPublicKey verifies and returns the attestation public key.

type Issuer

type Issuer struct {
	// contains filtered or unexported fields
}

Issuer handles issuing of TPM based attestation documents.

func NewIssuer

func NewIssuer(openTPM TPMOpenFunc, getAttestationKey GetTPMAttestationKey, getInstanceInfo GetInstanceInfo) *Issuer

NewIssuer returns a new Issuer.

func (*Issuer) Issue

func (i *Issuer) Issue(userData []byte, nonce []byte) ([]byte, error)

Issue generates an attestation document using a TPM.

type TPMOpenFunc

type TPMOpenFunc func() (io.ReadWriteCloser, error)

TPMOpenFunc opens a TPM device.

type ValidateCVM

type ValidateCVM func(attestation AttestationDocument) error

ValidateCVM validates confidential computing capabilities of the instance issuing the attestation.

type Validator

type Validator struct {
	// contains filtered or unexported fields
}

Validator handles validation of TPM based attestation.

func NewValidator

func NewValidator(expectedPCRs map[uint32][]byte, enforcedPCRs []uint32,
	getTrustedKey GetTPMTrustedAttestationPublicKey, validateCVM ValidateCVM, verifyUserData VerifyUserData, log WarnLogger,
) *Validator

NewValidator returns a new Validator.

func (*Validator) Validate

func (v *Validator) Validate(attDocRaw []byte, nonce []byte) ([]byte, error)

Validate a TPM based attestation.

type VerifyUserData

type VerifyUserData func(pub crypto.PublicKey, hash crypto.Hash, hashed, sig []byte) error

VerifyUserData verifies signed user data.

type WarnLogger

type WarnLogger interface {
	Warnf(format string, args ...interface{})
}

WarnLogger is a logger used to print warnings during attestation validation.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL