ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-18 20:47:57 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Internal change

Browse Source 
PiperOrigin-RevId: 380881515
This commit is contained in:
Go-Attestation Team 2021-06-22 20:33:15 +00:00 committed by Brandon Weeks
parent 1b4849d2c3
commit 20a9e4b381
19 changed files with 24 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/codeql-analysis.yml vendored
View File

@ -23,7 +23,7 @@ jobs:
uses: actions/checkout@v2 uses: actions/checkout@v2
with: with:
fetch-depth: 2 fetch-depth: 2
- run: git checkout HEAD^2 - run: git checkout HEAD^2
if: ${{ github.event_name == 'pull_request' }} if: ${{ github.event_name == 'pull_request' }}

3
attest/application_key_test.go
View File

@ -26,10 +26,11 @@ import (
"crypto/elliptic" "crypto/elliptic"
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/x509"
"encoding/asn1" "encoding/asn1"
"math/big" "math/big"
"testing" "testing"
"github.com/google/certificate-transparency-go/x509"
) )
func TestSimTPM20KeyCreateAndLoad(t *testing.T) { func TestSimTPM20KeyCreateAndLoad(t *testing.T) {

2
attest/attest-tool/attest-tool.go
View File

@ -15,9 +15,9 @@ import (
"io/ioutil" "io/ioutil"
"os" "os"
"github.com/google/certificate-transparency-go/x509"
"github.com/google/go-attestation/attest" "github.com/google/go-attestation/attest"
"github.com/google/go-attestation/attest/attest-tool/internal" "github.com/google/go-attestation/attest/attest-tool/internal"
"github.com/google/certificate-transparency-go/x509"
) )
var ( var (

3
attest/challenge_test.go
View File

@ -4,8 +4,9 @@ import (
"bytes" "bytes"
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/x509"
"testing" "testing"
"github.com/google/certificate-transparency-go/x509"
) )
func TestMakeActivationBlob(t *testing.T) { func TestMakeActivationBlob(t *testing.T) {

2
attest/eventlog.go
View File

@ -348,7 +348,7 @@ func (a *AKPublic) validate20Quote(quote Quote, pcrs []PCR, nonce []byte) error
return fmt.Errorf("attestation isn't a quote, tag of type 0x%x", att.Type) return fmt.Errorf("attestation isn't a quote, tag of type 0x%x", att.Type)
} }
if !bytes.Equal([]byte(att.ExtraData), nonce) { if !bytes.Equal([]byte(att.ExtraData), nonce) {
return fmt.Errorf("nonce didn't match: %v", err) return fmt.Errorf("nonce = %#v, want %#v", []byte(att.ExtraData), nonce)
} }
pcrByIndex := map[int][]byte{} pcrByIndex := map[int][]byte{}

4
attest/pcp_windows.go
View File

@ -26,9 +26,9 @@ import (
"github.com/google/certificate-transparency-go/x509" "github.com/google/certificate-transparency-go/x509"
"github.com/google/go-tpm/tpmutil"
tpmtbs "github.com/google/go-tpm/tpmutil/tbs"
"golang.org/x/sys/windows" "golang.org/x/sys/windows"
tpmtbs "github.com/google/go-tpm/tpmutil/tbs"
"github.com/google/go-tpm/tpmutil"
) )
const ( const (

2
attest/secureboot.go
View File

@ -19,8 +19,8 @@ import (
"errors" "errors"
"fmt" "fmt"
"github.com/google/certificate-transparency-go/x509"
"github.com/google/go-attestation/attest/internal" "github.com/google/go-attestation/attest/internal"
"github.com/google/certificate-transparency-go/x509"
) )
// SecurebootState describes the secure boot status of a machine, as determined // SecurebootState describes the secure boot status of a machine, as determined

4
attest/tpm12_linux.go
View File

@ -24,8 +24,8 @@ import (
"github.com/google/certificate-transparency-go/x509" "github.com/google/certificate-transparency-go/x509"
"github.com/google/go-tspi/attestation" "github.com/google/go-tspi/attestation"
"github.com/google/go-tspi/tspi" "github.com/Comcast/gotspi/tspi"
"github.com/google/go-tspi/tspiconst" "github.com/Comcast/gotspi/tspiconst"
) )
func init() { func init() {

3
attest/tpm_test.go
View File

@ -2,10 +2,11 @@ package attest
import ( import (
"crypto/rsa" "crypto/rsa"
"crypto/x509"
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"testing" "testing"
"github.com/google/certificate-transparency-go/x509"
) )
// Generated using the following command: // Generated using the following command:

2
attest/tpm_windows.go
View File

@ -28,9 +28,9 @@ import (
"io" "io"
"math/big" "math/big"
"golang.org/x/sys/windows"
tpm1 "github.com/google/go-tpm/tpm" tpm1 "github.com/google/go-tpm/tpm"
tpmtbs "github.com/google/go-tpm/tpmutil/tbs" tpmtbs "github.com/google/go-tpm/tpmutil/tbs"
"golang.org/x/sys/windows"
) )
var wellKnownAuth [20]byte var wellKnownAuth [20]byte

6
attributecert/attributecert.go
View File

@ -9,15 +9,15 @@ package attributecert
import ( import (
"bytes" "bytes"
"crypto" "crypto"
"crypto/x509"
"crypto/x509/pkix"
"encoding/asn1"
"errors" "errors"
"fmt" "fmt"
"math/big" "math/big"
"time" "time"
"github.com/google/go-attestation/oid" "github.com/google/go-attestation/oid"
"github.com/google/certificate-transparency-go/asn1"
"github.com/google/certificate-transparency-go/x509/pkix"
"github.com/google/certificate-transparency-go/x509"
) )
var ( var (

5
attributecert/attributecert_test.go
View File

@ -15,12 +15,13 @@
package attributecert package attributecert
import ( import (
"crypto/x509"
"encoding/json" "encoding/json"
"io/ioutil" "io/ioutil"
"reflect" "reflect"
"strings" "strings"
"testing" "testing"
"github.com/google/certificate-transparency-go/x509"
) )
func TestVerifyAttributeCert(t *testing.T) { func TestVerifyAttributeCert(t *testing.T) {
@ -38,7 +39,7 @@ func TestVerifyAttributeCert(t *testing.T) {
t.Fatalf("failed to parse Intel intermediate certificate: %v", err) t.Fatalf("failed to parse Intel intermediate certificate: %v", err)
} }
for _, filename := range(testfiles) { for _, filename := range testfiles {
data, err = ioutil.ReadFile(filename) data, err = ioutil.ReadFile(filename)
if err != nil { if err != nil {
t.Fatalf("failed to read %s: %v", filename, err) t.Fatalf("failed to read %s: %v", filename, err)

0
attributecert/testdata/Intel_pc2.cer vendored Executable file → Normal file
View File

0
attributecert/testdata/Intel_pc3.cer vendored Executable file → Normal file
View File

5
ci/gen_ekcert.go
View File

@ -3,8 +3,6 @@ package main
import ( import (
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/x509"
"crypto/x509/pkix"
"encoding/binary" "encoding/binary"
"encoding/hex" "encoding/hex"
"flag" "flag"
@ -14,6 +12,9 @@ import (
"os/exec" "os/exec"
"strings" "strings"
"time" "time"
"github.com/google/certificate-transparency-go/x509/pkix"
"github.com/google/certificate-transparency-go/x509"
) )
var simulatorStatePath = flag.String("state_path", "/tmp/sim/NVRAM/00.permall", "Path to ibmswtpm state file") var simulatorStatePath = flag.String("state_path", "/tmp/sim/NVRAM/00.permall", "Path to ibmswtpm state file")

0
ci/setup_tests_fs.sh Executable file → Normal file
View File

0
ci/setup_tpm12_simulator.sh Executable file → Normal file
View File

0
ci/shutdown_tpm12_simulator.sh Executable file → Normal file
View File

1
oid/oid.go
View File

@ -59,4 +59,3 @@ var (
var ( var (
CloudComputeInstanceIdentifier = []int{1, 3, 6, 1, 4, 1, 11129, 2, 1, 21} CloudComputeInstanceIdentifier = []int{1, 3, 6, 1, 4, 1, 11129, 2, 1, 21}
) )