maa

package
v0.0.0-...-05f8770 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 13, 2024 License: MIT Imports: 25 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Attest

func Attest(ctx context.Context, nonce []byte, maaURL string, httpClient HttpClient) (string, error)

Attest requests a JWT token from MAA for the current machine.

This function combines NewParameters, GetEncryptedToken, and DecryptToken.

func DecryptToken

func DecryptToken(token string, tpmHandle io.ReadWriter) (string, error)

DecryptToken decrypts a token received from MAA.

This function uses the TPM for decryption and thus it must be called on the same machine that created the attestation parameters via NewParameters. The PCR state must still be the same.

Optionally pass an opened TPM. If tpmHandle is nil, the default TPM will be opened.

func GetEncryptedToken

func GetEncryptedToken(ctx context.Context, params Parameters, nonce []byte, maaURL string, httpClient HttpClient) (string, error)

GetEncryptedToken requests a token from MAA, which will be encrypted.

func GetKeySet

func GetKeySet(ctx context.Context, maaURL string, httpClient HttpClient) ([]byte, error)

GetKeySet gets the key set required to validate an MAA token.

func ValidateToken

func ValidateToken(token string, keySet []byte) (map[string]interface{}, error)

ValidateToken validates an MAA token and returns the claims.

Types

type Attestation

type Attestation = attest.Attestation

type HttpClient

type HttpClient interface {
	Do(*http.Request) (*http.Response, error)
}

type Parameters

type Parameters struct {
	SNPReport         []byte
	RuntimeData       []byte
	VcekCert          []byte
	VcekChain         []byte
	Attestation       *Attestation
	EncKey            []byte
	EncKeyCertInfo    []byte
	EncKeyCertInfoSig []byte
}

func NewParameters

func NewParameters(ctx context.Context, nonce []byte, httpClient HttpClient, tpmHandle io.ReadWriter) (Parameters, error)

NewParameters collects all data that the MAA requires from the issuer's system.

Optionally pass an opened TPM. If tpmHandle is nil, the default TPM will be opened.

type Quote

type Quote = ptpm.Quote

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL