tcg

package
v2.1.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 8, 2021 License: MIT Imports: 25 Imported by: 0

Documentation

Index

Constants

View Source 
const DefaultTPMDevice = "/dev/tpm0"
View Source 
const (
	SoftwareAnchorStateType = "software-anchor/1"
)

Variables

View Source 
var ErrInvalid = errors.New("invalid arg")

Functions

func CapabilityAlgorithms 

func CapabilityAlgorithms(conn io.ReadWriteCloser) (algs []tpm2.AlgorithmDescription, err error)

func CapabilityPCRs 

func CapabilityPCRs(conn io.ReadWriteCloser) (pcrs []tpm2.PCRSelection, err error)

func ComputeName 

func ComputeName(path ...interface{}) (tpm2.Name, error)

Comptes the TCG Name and Qualified Name of TPM 2.0 entities.

func FlushTransientHandles 

func FlushTransientHandles(conn io.ReadWriteCloser) error

func GenerateAuthValue 

func GenerateAuthValue() (string, error)

Generates a string with at least 128 bits of entrophy

func GetTPM2FamilyIndicator 

func GetTPM2FamilyIndicator(conn io.ReadWriteCloser) (uint32, error)

func NewSimulator 

func NewSimulator() (io.ReadWriteCloser, error)

func OpenTPM 

func OpenTPM(tpmPath string) (io.ReadWriteCloser, error)

OpenTPM opens a connection to the TPM.

func Property 

func Property(conn io.ReadWriteCloser, prop uint32) (uint32, error)

Types

type Handle 

type Handle interface {
	Flush(owner TrustAnchor)
}

type Simulator 

type Simulator struct {
	// contains filtered or unexported fields
}

func (Simulator) Close 

func (s Simulator) Close() error

func (*Simulator) Read 

func (s *Simulator) Read(p []byte) (n int, err error)

func (*Simulator) Write 

func (s *Simulator) Write(p []byte) (n int, err error)

type SoftwareAnchor 

type SoftwareAnchor struct {
	// contains filtered or unexported fields
}

func (*SoftwareAnchor) ActivateDeviceKey 

func (s *SoftwareAnchor) ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

func (*SoftwareAnchor) Close 

func (s *SoftwareAnchor) Close()

func (*SoftwareAnchor) CreateAndCertifyDeviceKey 

func (s *SoftwareAnchor) CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)

func (*SoftwareAnchor) CreateAndLoadRoot 

func (s *SoftwareAnchor) CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)

func (*SoftwareAnchor) FlushAllHandles 

func (s *SoftwareAnchor) FlushAllHandles()

func (*SoftwareAnchor) GetEndorsementKey 

func (s *SoftwareAnchor) GetEndorsementKey() (Handle, tpm2.Public, error)

func (*SoftwareAnchor) LoadDeviceKey 

func (s *SoftwareAnchor) LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)

func (*SoftwareAnchor) PCRValues 

func (s *SoftwareAnchor) PCRValues(bank tpm2.Algorithm, pcrs []int) (map[string]api.Buffer, error)

func (*SoftwareAnchor) Quote 

func (a *SoftwareAnchor) Quote(aikHandle Handle, aikAuth string, additional api.Buffer, bank tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

func (*SoftwareAnchor) ReadEKCertificate 

func (s *SoftwareAnchor) ReadEKCertificate() (*x509.Certificate, error)

func (*SoftwareAnchor) Store 

func (s *SoftwareAnchor) Store() (*state.StubState, error)

type SoftwareHandle 

type SoftwareHandle struct {
	// contains filtered or unexported fields
}

func (*SoftwareHandle) Flush 

func (*SoftwareHandle) Flush(TrustAnchor)

type TCGAnchor 

type TCGAnchor struct {
	Conn io.ReadWriteCloser
}

func (*TCGAnchor) ActivateDeviceKey 

func (a *TCGAnchor) ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

func (*TCGAnchor) Close 

func (a *TCGAnchor) Close()

func (*TCGAnchor) CreateAndCertifyDeviceKey 

func (a *TCGAnchor) CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)

Create and load a new key under `parent` based on `template`. Certifies the binding between outsideInfo and the key. "template" must allow signing.

func (*TCGAnchor) CreateAndLoadRoot 

func (a *TCGAnchor) CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)

Expects Public and Auth to be set

func (*TCGAnchor) FlushAllHandles 

func (a *TCGAnchor) FlushAllHandles()

func (*TCGAnchor) GetEndorsementKey 

func (a *TCGAnchor) GetEndorsementKey() (Handle, tpm2.Public, error)

func (*TCGAnchor) LoadDeviceKey 

func (a *TCGAnchor) LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)

func (*TCGAnchor) PCRValues 

func (a *TCGAnchor) PCRValues(bank tpm2.Algorithm, pcrsel []int) (map[string]api.Buffer, error)

func (*TCGAnchor) Quote 

func (a *TCGAnchor) Quote(aikHandle Handle, aikAuth string, additional api.Buffer, bank tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

func (*TCGAnchor) ReadEKCertificate 

func (a *TCGAnchor) ReadEKCertificate() (*x509.Certificate, error)

type TCGHandle 

type TCGHandle struct {
	Handle tpmutil.Handle
}

func (*TCGHandle) Flush 

func (h *TCGHandle) Flush(a TrustAnchor)

type TrustAnchor 

type TrustAnchor interface {
	// Expects Public and Auth to be set
	CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)
	// Create and load a new key under `parent` based on `template`. Certifies the
	// binding between outsideInfo and the key. "template" must allow signing.
	CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)
	LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)
	ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

	ReadEKCertificate() (*x509.Certificate, error)
	GetEndorsementKey() (Handle, tpm2.Public, error)

	PCRValues(tpm2.Algorithm, []int) (map[string]api.Buffer, error)
	Quote(aikHandle Handle, aikAuth string, additional api.Buffer, bank tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

	FlushAllHandles()
	Close()
}

func LoadSoftwareAnchor 

func LoadSoftwareAnchor(state *state.StubState) (TrustAnchor, error)

func NewSoftwareAnchor 

func NewSoftwareAnchor() (TrustAnchor, error)

func NewTCGAnchor 

func NewTCGAnchor(conn io.ReadWriteCloser) TrustAnchor

Source Files

View all Source files

Directories

Path Synopsis
This package implements the Microsoft simulator TPM2 on SGX Transmission Interface The Microsoft simulator TPM Command Transmission Interface (TCTI) is a remote procedure interface donated to the TPM2 Specification by Microsoft.
 This package implements the Microsoft simulator TPM2 on SGX Transmission Interface The Microsoft simulator TPM Command Transmission Interface (TCTI) is a remote procedure interface donated to the TPM2 Specification by Microsoft.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.