README
¶
Go-TPM
Go-TPM is a Go library that communicates directly with a TPM device on Linux or Windows machines.
The libraries don't implement the entire spec for neither 1.2 nor 2.0. If you need a command that's missing, contributions are welcome!
Please note that this is not an official Google product.
Structure
The tpm directory contains TPM 1.2 client library. This library is in
"maintenance mode".
The tpm2 directory contains TPM 2.0 client library.
The examples directory contains some simple examples for both versions of the
spec.
The direct directory contains the prototype "TPMDirect" TPM 2.0 API, which is
intended to (eventually) be 1:1 with the TPM 2.0 spec. Please report issues,
complaints, or suggestions using the label
https://github.com/google/go-tpm/labels/tpmdirect.
TPM 1.2
TPM 1.2 support currently has no maintainer. None of the TPM 2.0 maintainers have expertise on 1.2 either.
As such, TPM 1.2 library is in "maintenance" mode - all PRs with new functionality or non-critical fixes will be rejected.
If you'd like to volunteer to maintain the TPM 1.2 library, you can do so via an issue. You don't have to be a Googler to volunteer.
Directories
¶
| Path | Synopsis |
|---|---|
|
examples
|
|
|
tpm-keys
Package main implements a program to clear key handles from a TPM.
|
Package main implements a program to clear key handles from a TPM. |
|
tpm2-ekcert
Binary tpm2-ekcert reads an x509 certificate from a specific NVRAM index.
|
Binary tpm2-ekcert reads an x509 certificate from a specific NVRAM index. |
|
tpm2-nvread
Binary tpm2-nvread reads data from NVRAM at a specified index.
|
Binary tpm2-nvread reads data from NVRAM at a specified index. |
|
tpm2-seal-unseal
Command tpm2-seal-unseal illustrates utilizing the TPM2 API to seal and unseal data.
|
Command tpm2-seal-unseal illustrates utilizing the TPM2 API to seal and unseal data. |
|
legacy
|
|
|
tpm2
Package tpm2 supports direct communication with a TPM 2.0 device under Linux.
|
Package tpm2 supports direct communication with a TPM 2.0 device under Linux. |
|
tpm2/credactivation
Package credactivation implements generation of data blobs to be used when invoking the ActivateCredential command, on a TPM.
|
Package credactivation implements generation of data blobs to be used when invoking the ActivateCredential command, on a TPM. |
|
Package tpm supports direct communication with a tpm device under Linux.
|
Package tpm supports direct communication with a tpm device under Linux. |
|
Package tpm2 provides 1:1 mapping to TPM 2.0 APIs.
|
Package tpm2 provides 1:1 mapping to TPM 2.0 APIs. |
|
transport
Package transport implements types for physically talking to TPMs.
|
Package transport implements types for physically talking to TPMs. |
|
transport/simulator
Package simulator provides access to a local simulator for TPM testing.
|
Package simulator provides access to a local simulator for TPM testing. |
|
Package tpmutil provides common utility functions for both TPM 1.2 and TPM 2.0 devices.
|
Package tpmutil provides common utility functions for both TPM 1.2 and TPM 2.0 devices. |
|
mssim
Package mssim implements the Microsoft simulator TPM2 Transmission Interface
|
Package mssim implements the Microsoft simulator TPM2 Transmission Interface |
|
tbs
Package tbs provides an low-level interface directly mapping to Windows Tbs.dll system library commands: https://docs.microsoft.com/en-us/windows/desktop/TBS/tpm-base-services-portal Public field descriptions contain links to the high-level Windows documentation.
|
Package tbs provides an low-level interface directly mapping to Windows Tbs.dll system library commands: https://docs.microsoft.com/en-us/windows/desktop/TBS/tpm-base-services-portal Public field descriptions contain links to the high-level Windows documentation. |