Documentation ¶
Index ¶
- Variables
- func ModulusFromBlob(blob []byte) []byte
- type Context
- func (context *Context) Close() error
- func (context *Context) Connect() error
- func (context *Context) CreateHash(hash crypto.Hash) (*Hash, error)
- func (context *Context) CreateKey(flags int) (*Key, error)
- func (context *Context) CreateNV() (*NV, error)
- func (context *Context) CreatePCRs(flags int) (*PCRs, error)
- func (context *Context) CreatePolicy(flags int) (*Policy, error)
- func (context *Context) GetCapability(capa int, subcaplen uint, subcap uint8) ([]byte, error)
- func (context *Context) GetTPM() *TPM
- func (context *Context) LoadKeyByBlob(parent *Key, blob []byte) (*Key, error)
- func (context *Context) LoadKeyByUUID(storetype int, uuid C.TSS_UUID) (*Key, error)
- type Hash
- type Key
- func (key *Key) AssignPolicy(policy *Policy) error
- func (key *Key) Bind(data []byte) ([]byte, error)
- func (key *Key) Certify(certifykey *Key, challenge []byte) ([]byte, []byte, error)
- func (key *Key) Close() error
- func (key *Key) GenerateKey(wrapkey *Key) (err error)
- func (key *Key) GetExponent() (uint32, error)
- func (key *Key) GetKeyBlob() ([]byte, error)
- func (key *Key) GetModulus() (modulus []byte, err error)
- func (key *Key) GetPolicy(poltype int) (*Policy, error)
- func (key *Key) GetPubKeyBlob() (pubkey []byte, err error)
- func (key *Key) GetPublicKey() (*rsa.PublicKey, error)
- func (key *Key) Seal(data []byte, pcrs *PCRs) ([]byte, error)
- func (key *Key) SetModulus(n []byte) error
- func (key *Key) SetSignatureScheme(scheme int) error
- func (key *Key) Unbind(data []byte) ([]byte, error)
- func (key *Key) Unseal(data []byte) ([]byte, error)
- type NV
- type PCRs
- type Policy
- type TPM
- func (tpm *TPM) ActivateIdentity(aik *Key, asymblob []byte, symblob []byte) (secret []byte, err error)
- func (tpm *TPM) AssignPolicy(policy *Policy) error
- func (tpm *TPM) Close() error
- func (tpm *TPM) CollateIdentityRequest(srk *Key, pubkey *Key, aik *Key) ([]byte, error)
- func (tpm *TPM) ExtendPCR(pcr int, data []byte, eventtype int, event []byte) error
- func (tpm *TPM) GetEventLog() ([]tspiconst.Log, error)
- func (tpm *TPM) GetPCRValues() ([][]byte, error)
- func (tpm *TPM) GetPolicy(poltype int) (*Policy, error)
- func (tpm *TPM) GetQuote(aik *Key, pcrs *PCRs, challenge []byte) ([]byte, []byte, error)
- func (tpm *TPM) TakeOwnership(srk *Key) error
Constants ¶
This section is empty.
Variables ¶
var TSS_UUID_CRK = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_RK = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_SK = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_SRK = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK1 = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK2 = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK3 = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK4 = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK5 = C.TSS_UUID{ // contains filtered or unexported fields }
var TSS_UUID_USK6 = C.TSS_UUID{ // contains filtered or unexported fields }
Functions ¶
func ModulusFromBlob ¶
ModulusFromBlob provides the modulus of a provided TSS key blob
Types ¶
type Context ¶
type Context struct {
// contains filtered or unexported fields
}
Context is a TSS context
func (*Context) Close ¶
Close closes the connection between the context and the TSS daemon. It returns an error on failure.
func (*Context) Connect ¶
Connect opens a connection between the context and the TSS daemon. It returns an error on failure.
func (*Context) CreateHash ¶ added in v0.2.0
CreateHash creates a Hash object for the given hash algorithm. If using an algorithm other than crypto.SHA1 and if you are signing with this hash then make sure the key is created with signing algorithm TSS_SS_RSASSAPKCS1V15_DER.
func (*Context) CreateKey ¶
CreateKey creates a TSS object referring to a TPM key. It returns a reference to the object and any error.
func (*Context) CreateNV ¶
CreateNV creates a TSS object referring to a TPM NVRAM area. It returns a reference to the object and any error.
func (*Context) CreatePCRs ¶
CreatePCRs creates an object referring to a TSS PCR composite. It returns a reference to the object plus any error.
func (*Context) CreatePolicy ¶
CreatePolicy creates an object referring to a TSS policy. It returns a reference to the object plus any error.
func (*Context) GetCapability ¶ added in v0.2.0
GetCapability reads the requested capability and subcapability from the TPM. A list of capabilities and subcapabilities can be found under tspiconst/tpsiconst. For usage information see Section 21.1 of the TPM1.2 main specification-part2.
func (*Context) LoadKeyByBlob ¶
LoadKeyByBlob takes an encrypted key blob and reads it into the TPM. It takes a reference to the parent key and the key blob, and returns a reference to the key and any error.
func (*Context) LoadKeyByUUID ¶
LoadKeyByUUID loads the key referenced by UUID. The storetype argument indicates whether the key should be obtained from the system or user stores. It returns a reference to the key and any error.
type Hash ¶
type Hash struct {
// contains filtered or unexported fields
}
Hash is a TSS hash
type Key ¶
type Key struct {
// contains filtered or unexported fields
}
Key is a TSS key
func (*Key) AssignPolicy ¶ added in v0.2.0
AssignPolicy assigns a TSS policy to the key.
func (*Key) GenerateKey ¶
GenerateKey generates a key pair on the TPM, wrapping it with the provided key
func (*Key) GetExponent ¶ added in v0.2.0
GetExponent returns the exponent of the public key
func (*Key) GetKeyBlob ¶
GetKeyBlob returns an encrypted blob containing the public and private halves of the key
func (*Key) GetModulus ¶
GetModulus returns the modulus of the public key
func (*Key) GetPubKeyBlob ¶
GetPubKeyBlob returns the public half of the key in TPM blob format
func (*Key) GetPublicKey ¶ added in v0.2.0
GetPublicKey returns a go-native *rsa.PublicKey instance of this key's public key
func (*Key) Seal ¶
Seal encrypts the data using the TPM such that it can only be decrypted when the TPM's PCR values match the values set on the provided PCRs object. If pcrs is nil, the data will be sealed to the TPM but may be decrypted regardless of platform state.
func (*Key) SetModulus ¶
SetModulus sets the modulus of a public key to the provided value
func (*Key) SetSignatureScheme ¶ added in v0.2.0
SetSignatureScheme sets the signature scheme on a newly created key. The scheme parameter should be one of tspiconst.TSS_SS_RSASSAPKCS1V15_SHA1 or tspiconst.TSS_SS_RSASSAPKCS1V15_DER
type NV ¶
type NV struct {
// contains filtered or unexported fields
}
NV is a TSS NV object
func (*NV) AssignPolicy ¶
AssignPolicy assigns a policy to the TPM NVRAM region
type PCRs ¶
type PCRs struct {
// contains filtered or unexported fields
}
PCRs is a structure representing a PCR object and the PCR values
func (*PCRs) GetPCRValues ¶
GetPCRValues obtains the PCR values for any PCRs that have been set.
type Policy ¶
type Policy struct {
// contains filtered or unexported fields
}
Policy is a TSS policy object
type TPM ¶
type TPM struct {
// contains filtered or unexported fields
}
TPM is a TSS TPM object
func (*TPM) ActivateIdentity ¶
func (tpm *TPM) ActivateIdentity(aik *Key, asymblob []byte, symblob []byte) (secret []byte, err error)
ActivateIdentity accepts an encrypted key blob representing the AIK and two blobs representing the asymmetric and symmetric challenges associated with the AIK. If the TPM is able to decrypt the challenges and the challenges correspond to the AIK, the TPM will return the original challenge secret.
func (*TPM) AssignPolicy ¶
AssignPolicy assigns a TSS policy to the TPM.
func (*TPM) CollateIdentityRequest ¶
CollateIdentityRequest creates a signing request for the provided AIKq
func (*TPM) ExtendPCR ¶
ExtendPCR extends a pcr. If event is nil, data must be pre-hashed with SHA1. If event is not nil, event is used to populate the TSS event log. If both data and event are provided, both will be used to create the extend hash.
func (*TPM) GetEventLog ¶
GetEventLog returns an array of structures representing the contents of the TSS event log
func (*TPM) GetPCRValues ¶ added in v0.2.0
GetPCRValues obtains the PCR values from the TPM.
func (*TPM) GetQuote ¶
GetQuote takes an encrypted key blob representing the AIK, a set of PCRs and a challenge and returns a blob containing a hash of the PCR hashes and the challenge, and a validation blob signed by the AIK.
func (*TPM) TakeOwnership ¶
TakeOwnership transitions a TPM from unowned state to owned, installing the encrypted key blob as the SRK.