tcg

package
v3.13.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 4, 2023 License: MIT Imports: 28 Imported by: 0

Documentation

Index

Constants

View Source 
const SoftwareAnchorStateType = "software-anchor/1"

Variables

View Source 
var (
	ErrTpmV12Unsupported   = errors.New("TPM1.2 is not supported")
	ErrTpmSelectionInvalid = errors.New("invalid TPM selection")
)
View Source 
var ErrInvalid = errors.New("invalid arg")
View Source 
var StubIdentifier = "immune GmbH " + SoftwareAnchorStateType

Functions

func CapabilityAlgorithms 

func CapabilityAlgorithms(conn io.ReadWriteCloser) (algs []tpm2.AlgorithmDescription, err error)

func CapabilityPCRs 

func CapabilityPCRs(conn io.ReadWriteCloser) (pcrs []tpm2.PCRSelection, err error)

func ComputeName 

func ComputeName(path ...interface{}) (tpm2.Name, error)

Comptes the TCG Name and Qualified Name of TPM 2.0 entities.

func GenerateAuthValue 

func GenerateAuthValue() (string, error)

Generates a string with at least 128 bits of entrophy

func GetTPM2FamilyIndicator 

func GetTPM2FamilyIndicator(conn io.ReadWriteCloser) (uint32, error)

func Property 

func Property(conn io.ReadWriteCloser, prop uint32) (uint32, error)

Types

type Handle 

type Handle interface {
	Flush(owner TrustAnchor)
}

type SoftwareAnchor 

type SoftwareAnchor struct {
	// contains filtered or unexported fields
}

func (*SoftwareAnchor) ActivateDeviceKey 

func (s *SoftwareAnchor) ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

func (*SoftwareAnchor) AllPCRValues 

func (s *SoftwareAnchor) AllPCRValues() (map[string]map[string]api.Buffer, error)

func (*SoftwareAnchor) Close 

func (s *SoftwareAnchor) Close()

func (*SoftwareAnchor) CreateAndCertifyDeviceKey 

func (s *SoftwareAnchor) CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)

func (*SoftwareAnchor) CreateAndLoadRoot 

func (s *SoftwareAnchor) CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)

func (*SoftwareAnchor) FlushAllHandles 

func (s *SoftwareAnchor) FlushAllHandles()

func (*SoftwareAnchor) GetEndorsementKey 

func (s *SoftwareAnchor) GetEndorsementKey() (Handle, tpm2.Public, error)

func (*SoftwareAnchor) LoadDeviceKey 

func (s *SoftwareAnchor) LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)

func (*SoftwareAnchor) PCRValues 

func (s *SoftwareAnchor) PCRValues(bank tpm2.Algorithm, pcrs []int) (map[string]api.Buffer, error)

func (*SoftwareAnchor) Quote 

func (a *SoftwareAnchor) Quote(aikHandle Handle, aikAuth string, additional api.Buffer, banks []tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

func (*SoftwareAnchor) ReadEKCertificate 

func (s *SoftwareAnchor) ReadEKCertificate() (*x509.Certificate, error)

func (*SoftwareAnchor) Store 

func (s *SoftwareAnchor) Store() (*state.StubState, error)

type SoftwareHandle 

type SoftwareHandle struct {
	// contains filtered or unexported fields
}

func (*SoftwareHandle) Flush 

func (*SoftwareHandle) Flush(TrustAnchor)

type TCGAnchor 

type TCGAnchor struct {
	Conn io.ReadWriteCloser
}

func (*TCGAnchor) ActivateDeviceKey 

func (a *TCGAnchor) ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

func (*TCGAnchor) AllPCRValues 

func (a *TCGAnchor) AllPCRValues() (map[string]map[string]api.Buffer, error)

func (*TCGAnchor) Close 

func (a *TCGAnchor) Close()

func (*TCGAnchor) CreateAndCertifyDeviceKey 

func (a *TCGAnchor) CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)

Create and load a new key under `parent` based on `template`. Certifies the binding between outsideInfo and the key. "template" must allow signing.

func (*TCGAnchor) CreateAndLoadRoot 

func (a *TCGAnchor) CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)

Expects Public and Auth to be set

func (*TCGAnchor) FlushAllHandles 

func (a *TCGAnchor) FlushAllHandles()

func (*TCGAnchor) GetEndorsementKey 

func (a *TCGAnchor) GetEndorsementKey() (Handle, tpm2.Public, error)

func (*TCGAnchor) LoadDeviceKey 

func (a *TCGAnchor) LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)

func (*TCGAnchor) PCRValues 

func (a *TCGAnchor) PCRValues(bank tpm2.Algorithm, pcrsel []int) (map[string]api.Buffer, error)

func (*TCGAnchor) Quote 

func (a *TCGAnchor) Quote(aikHandle Handle, aikAuth string, additional api.Buffer, banks []tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

func (*TCGAnchor) ReadEKCertificate 

func (a *TCGAnchor) ReadEKCertificate() (*x509.Certificate, error)

type TCGHandle 

type TCGHandle struct {
	Handle tpmutil.Handle
}

func (*TCGHandle) Flush 

func (h *TCGHandle) Flush(a TrustAnchor)

type TrustAnchor 

type TrustAnchor interface {
	// Expects Public and Auth to be set
	CreateAndLoadRoot(endorsementAuth string, rootAuth string, tmpl *api.PublicKey) (Handle, api.PublicKey, error)
	// Create and load a new key under `parent` based on `template`. Certifies the
	// binding between outsideInfo and the key. "template" must allow signing.
	CreateAndCertifyDeviceKey(rootHandle Handle, rootAuth string, template api.KeyTemplate, authValue string) (api.Key, api.Buffer, error)
	LoadDeviceKey(rootHandle Handle, rootAuth string, public api.PublicKey, private api.Buffer) (Handle, error)
	ActivateDeviceKey(cred api.EncryptedCredential, endorsementAuth string, auth string, keyHandle Handle, ekHandle Handle, state *state.State) (string, error)

	ReadEKCertificate() (*x509.Certificate, error)
	GetEndorsementKey() (Handle, tpm2.Public, error)

	PCRValues(tpm2.Algorithm, []int) (map[string]api.Buffer, error)
	AllPCRValues() (map[string]map[string]api.Buffer, error)
	Quote(aikHandle Handle, aikAuth string, additional api.Buffer, banks []tpm2.Algorithm, pcrs []int) (api.Attest, api.Signature, error)

	FlushAllHandles()
	Close()
}

func LoadSoftwareAnchor 

func LoadSoftwareAnchor(state *state.StubState) (TrustAnchor, error)

func NewSoftwareAnchor 

func NewSoftwareAnchor() (TrustAnchor, error)

func NewTCGAnchor 

func NewTCGAnchor(conn io.ReadWriteCloser) TrustAnchor

func OpenTPM 

func OpenTPM(tpmPath string, stubState *state.StubState) (anchor TrustAnchor, err error)

OpenTPM opens a trust anchor

Source Files

View all Source files

Directories

Path Synopsis
This package implements the Microsoft simulator TPM2 on SGX Transmission Interface
 This package implements the Microsoft simulator TPM2 on SGX Transmission Interface

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.