Add example for AIKPublic.Verify (#89)

2025-04-12 13:47:50 +00:00 · 2019-08-29 11:26:42 -07:00 · 2019-08-29 11:26:42 -07:00 · 07feb34890
commit 07feb34890
parent 0f580b1efd
1 changed files with 45 additions and 0 deletions
--- a/attest/example_test.go
+++ b/attest/example_test.go
@ -129,3 +129,48 @@ func TestExampleAIK(t *testing.T) {
 	ExampleAIK_credentialActivation()
 	ExampleAIK_quote()
 }
+
+func ExampleAIKPublic_Verify() {
+	tpm, err := attest.OpenTPM(nil)
+	if err != nil {
+		log.Fatalf("Failed to open TPM: %v", err)
+	}
+	defer tpm.Close()
+
+	// Create a new AIK.
+	aik, err := tpm.NewAIK(nil)
+	if err != nil {
+		log.Fatalf("Failed to create AIK: %v", err)
+	}
+	defer aik.Close(tpm)
+
+	// The nonce would typically be provided by the server.
+	nonce := []byte{1, 2, 3, 4, 5, 6, 7, 8}
+
+	// Perform the quote & gather information necessary to verify it.
+	quote, err := aik.Quote(tpm, nonce, attest.HashSHA256)
+	if err != nil {
+		log.Fatalf("Failed to generate quote: %v", err)
+	}
+	pcrs, err := tpm.PCRs(attest.HashSHA256)
+	if err != nil {
+		log.Fatalf("Failed to collect PCR values: %v", err)
+	}
+
+	// Construct an AIKPublic struct from the parameters of the key.
+	pub, err := attest.ParseAIKPublic(tpm.Version(), aik.AttestationParameters().Public)
+	if err != nil {
+		log.Fatalf("Failed to parse AIK public: %v", err)
+	}
+
+	if err := pub.Verify(*quote, pcrs, nonce); err != nil {
+		log.Fatalf("Verification failed: %v", err)
+	}
+}
+
+func TestExampleAIKPublic(t *testing.T) {
+	if !*testExamples {
+		t.SkipNow()
+	}
+	ExampleAIKPublic_Verify()
+}