ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-30 09:48:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Fix quote generation on windows TPM 1.2 devices (#34)

Browse Source
This commit is contained in:
Tom D 2019-05-20 12:34:17 -07:00 committed by GitHub
parent 5b7e00554a
commit 1611c5ab72
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
attest/tpm_windows.go
View File

@ -164,7 +164,6 @@ func (t *TPM) EKs() ([]PlatformEK, error) {
// Key represents a key bound to the TPM. // Key represents a key bound to the TPM.
type Key struct { type Key struct {
hnd uintptr hnd uintptr
hnd12 tpmutil.Handle
KeyEncoding KeyEncoding KeyEncoding KeyEncoding
TPMVersion TPMVersion TPMVersion TPMVersion
Purpose KeyPurpose Purpose KeyPurpose
@ -244,13 +243,13 @@ func (k *Key) ActivateCredential(tpm *TPM, in EncryptedCredential) ([]byte, erro
} }
} }
func (k *Key) quote12(tpm io.ReadWriter, nonce []byte) (*Quote, error) { func (k *Key) quote12(tpm io.ReadWriter, hnd tpmutil.Handle, nonce []byte) (*Quote, error) {
selectedPCRs := make([]int, 24) selectedPCRs := make([]int, 24)
for pcr, _ := range selectedPCRs { for pcr, _ := range selectedPCRs {
selectedPCRs[pcr] = pcr selectedPCRs[pcr] = pcr
} }
sig, pcrc, err := tpm1.Quote(tpm, k.hnd12, nonce, selectedPCRs[:], wellKnownAuth[:]) sig, pcrc, err := tpm1.Quote(tpm, hnd, nonce, selectedPCRs[:], wellKnownAuth[:])
if err != nil { if err != nil {
return nil, fmt.Errorf("Quote() failed: %v", err) return nil, fmt.Errorf("Quote() failed: %v", err)
} }
@ -269,23 +268,24 @@ func (k *Key) quote12(tpm io.ReadWriter, nonce []byte) (*Quote, error) {
// Quote returns a quote over the platform state, signed by the key. // Quote returns a quote over the platform state, signed by the key.
func (k *Key) Quote(t *TPM, nonce []byte, alg tpm2.Algorithm) (*Quote, error) { func (k *Key) Quote(t *TPM, nonce []byte, alg tpm2.Algorithm) (*Quote, error) {
tpmKeyHnd, err := t.pcp.TPMKeyHandle(k.hnd)
if err != nil {
return nil, fmt.Errorf("TPMKeyHandle() failed: %v", err)
}
switch t.version { switch t.version {
case TPMVersion12: case TPMVersion12:
tpm, err := t.pcp.TPMCommandInterface() tpm, err := t.pcp.TPMCommandInterface()
if err != nil { if err != nil {
return nil, fmt.Errorf("TPMCommandInterface() failed: %v", err) return nil, fmt.Errorf("TPMCommandInterface() failed: %v", err)
} }
return k.quote12(tpm, nonce) return k.quote12(tpm, tpmKeyHnd, nonce)
case TPMVersion20: case TPMVersion20:
tpm, err := t.pcp.TPMCommandInterface() tpm, err := t.pcp.TPMCommandInterface()
if err != nil { if err != nil {
return nil, fmt.Errorf("TPMCommandInterface() failed: %v", err) return nil, fmt.Errorf("TPMCommandInterface() failed: %v", err)
} }
tpmKeyHnd, err := t.pcp.TPMKeyHandle(k.hnd)
if err != nil {
return nil, fmt.Errorf("TPMKeyHandle() failed: %v", err)
}
return quote20(tpm, tpmKeyHnd, alg, nonce) return quote20(tpm, tpmKeyHnd, alg, nonce)
default: default: