ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2025-06-24 01:28:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
923-refactor-controller-classes-to-reduce-code-complexity
HIRS/HIRS_Provisioner.NET
History
5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 436b0482c4
Some checks are pending
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (ubuntu-20.04) (push) Waiting to run
Details
Dotnet Provisioner Unit Tests / Restore and Run Unit Tests (windows-2022) (push) Waiting to run
Details
Dotnet Provisioner Unit Tests / Evaluate Tests (push) Blocked by required conditions
Details
HIRS Build and Unit Test / ACA_Provisioner_Unit_Tests (push) Waiting to run
Details
HIRS System Tests / DockerTests (push) Waiting to run
Details
Provisioner to use updated registry libraries (#914) 
* Registry libraries 0.7.5

* Update reference
2025-04-09 07:15:51 -04:00
..
hirs
Provisioner to use updated registry libraries (#914)
2025-04-09 07:15:51 -04:00
hirsTest
Improve output for ACA-signed certificates (#859)
2024-10-24 20:14:10 +00:00
tools/pcrextend
Xfer HIRS_Provisioner.NET to main (#663)
2024-01-22 16:18:01 -05:00
.editorconfig
Xfer HIRS_Provisioner.NET to main (#663)
2024-01-22 16:18:01 -05:00
hirs.sln
Xfer HIRS_Provisioner.NET to main (#663)
2024-01-22 16:18:01 -05:00
README.md
Updated README.md and VERSION files
2024-08-22 16:40:03 -04:00

README.md

HIRS Provisioner.NET

The HIRS Provisioner.NET is an application that can leverage a machine and its TPM to:

  • verify system attributes (as chosen in the ACA policy)
  • request and store an Attestation Identity Certificate and/or a LDevID Certificate

The HIRS Provisioner.NET application, along with the HIRS ACA, will perform the following high level tasks during the provision process. Please refer to appendix B for further details: • The HIRS Provisioner retrieves the EK Certificate from the TPMs NVRAM. • The HIRS Provisioner retrieves the Platform Certificate from the EFI partition, if present. • The HIRS Provisioner retrieves the Reference Integrity Manifest (RIM) from the EFI partition, if present. • The HIRS Provisioner retrieves the TPM Event Log. • The HIRS Provisioner retrieves Component data from the device. • An Attestation Identity Key is generated on the TPM, if one is not already present. • The HIRS Provisioner forwards the collected data and sends it to the ACA. • The HIRS ACA (Policy based) validates the Endorsement Credential. • The HIRS ACA (Policy based) validates the Platform Credential(s). • The HIRS ACA (Policy based) validates and new RIM(s) • The performs credential validation according to its policy • If validation is successful, the ACA issues an Attestation Identity Credential or LocalDevID (Policy based) to the device.

For installation, setep, and usage please refer to the HIRS_Provisioner.NET Readme