ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-18 20:47:57 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Rename AIK to AK everywhere

Browse Source 
AIK is the terminology used as part of the TPM 1.2 specifications.
This commit is contained in:
Brandon Weeks 2019-10-03 12:32:50 -07:00
parent a0b6fcfd38
commit 73020b971b
22 changed files with 256 additions and 256 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
attest/activation.go
View File

@ -46,7 +46,7 @@ func cryptoHash(h tpm2.Algorithm) (crypto.Hash, error) {
}
}
// ActivationParameters encapsulates the inputs for activating an AIK.
// ActivationParameters encapsulates the inputs for activating an AK.
type ActivationParameters struct {
// TPMVersion holds the version of the TPM, either 1.2 or 2.0.
TPMVersion TPMVersion
@ -55,17 +55,17 @@ type ActivationParameters struct {
// private key is permenantly bound to the TPM.
//
// Activation will verify that the provided EK is held on the same
// TPM as the AIK. However, it is the callers responsibility to
// TPM as the AK. However, it is the callers responsibility to
// ensure the EK they provide corresponds to the the device which
// they are trying to associate the AIK with.
// they are trying to associate the AK with.
EK crypto.PublicKey
// AIK, the Attestation Identity Key, describes the properties of
// AK, the Attestation Key, describes the properties of
// an asymmetric key (managed by the TPM) which signs attestation
// structures.
// The values from this structure can be obtained by calling
// Parameters() on an attest.AIK.
AIK AttestationParameters
// Parameters() on an attest.AK.
AK AttestationParameters
// Rand is a source of randomness to generate a seed and secret for the
// challenge.
@ -74,26 +74,26 @@ type ActivationParameters struct {
Rand io.Reader
}
// checkAIKParameters examines properties of an AIK and a creation
// checkAKParameters examines properties of an AK and a creation
// attestation, to determine if it is suitable for use as an attestation key.
func (p *ActivationParameters) checkAIKParameters() error {
func (p *ActivationParameters) checkAKParameters() error {
switch p.TPMVersion {
case TPMVersion12:
return p.checkTPM12AIKParameters()
return p.checkTPM12AKParameters()
case TPMVersion20:
return p.checkTPM20AIKParameters()
return p.checkTPM20AKParameters()
default:
return fmt.Errorf("TPM version %d not supported", p.TPMVersion)
}
}
func (p *ActivationParameters) checkTPM12AIKParameters() error {
func (p *ActivationParameters) checkTPM12AKParameters() error {
// TODO(jsonp): Implement helper to parse public blobs, ie:
// func ParsePublic(publicBlob []byte) (crypto.Public, error)
pub, err := tpm1.UnmarshalPubRSAPublicKey(p.AIK.Public)
pub, err := tpm1.UnmarshalPubRSAPublicKey(p.AK.Public)
if err != nil {
return fmt.Errorf("unmarshalling public key: %v", err)
}
@ -103,20 +103,20 @@ func (p *ActivationParameters) checkTPM12AIKParameters() error {
return nil
}
func (p *ActivationParameters) checkTPM20AIKParameters() error {
if len(p.AIK.CreateSignature) < 8 {
return fmt.Errorf("signature is too short to be valid: only %d bytes", len(p.AIK.CreateSignature))
func (p *ActivationParameters) checkTPM20AKParameters() error {
if len(p.AK.CreateSignature) < 8 {
return fmt.Errorf("signature is too short to be valid: only %d bytes", len(p.AK.CreateSignature))
}
pub, err := tpm2.DecodePublic(p.AIK.Public)
pub, err := tpm2.DecodePublic(p.AK.Public)
if err != nil {
return fmt.Errorf("DecodePublic() failed: %v", err)
}
_, err = tpm2.DecodeCreationData(p.AIK.CreateData)
_, err = tpm2.DecodeCreationData(p.AK.CreateData)
if err != nil {
return fmt.Errorf("DecodeCreationData() failed: %v", err)
}
att, err := tpm2.DecodeAttestationData(p.AIK.CreateAttestation)
att, err := tpm2.DecodeAttestationData(p.AK.CreateAttestation)
if err != nil {
return fmt.Errorf("DecodeAttestationData() failed: %v", err)
}
@ -124,7 +124,7 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
return fmt.Errorf("attestation does not apply to creation data, got tag %x", att.Type)
}
// TODO: Support ECC AIKs.
// TODO: Support ECC AKs.
switch pub.Type {
case tpm2.AlgRSA:
if pub.RSAParameters.KeyBits < minRSABits {
@ -141,12 +141,12 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
return fmt.Errorf("HashConstructor() failed: %v", err)
}
h := nameHashConstructor()
h.Write(p.AIK.CreateData)
h.Write(p.AK.CreateData)
if !bytes.Equal(att.AttestedCreationInfo.OpaqueDigest, h.Sum(nil)) {
return errors.New("attestation refers to different public key")
}
// Make sure the AIK has sane key parameters (Attestation can be faked if an AIK
// Make sure the AK has sane key parameters (Attestation can be faked if an AK
// can be used for arbitrary signatures).
// We verify the following:
// - Key is TPM backed.
@ -158,7 +158,7 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
return errors.New("creation attestation was not produced by a TPM")
}
if (pub.Attributes & tpm2.FlagFixedTPM) == 0 {
return errors.New("AIK is exportable")
return errors.New("AK is exportable")
}
if ((pub.Attributes & tpm2.FlagRestricted) == 0) || ((pub.Attributes & tpm2.FlagFixedParent) == 0) || ((pub.Attributes & tpm2.FlagSensitiveDataOrigin) == 0) {
return errors.New("provided key is not limited to attestation")
@ -181,17 +181,17 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
return err
}
hsh := signHashConstructor()
hsh.Write(p.AIK.CreateAttestation)
hsh.Write(p.AK.CreateAttestation)
verifyHash, err := cryptoHash(pub.RSAParameters.Sign.Hash)
if err != nil {
return err
}
if len(p.AIK.CreateSignature) < 8 {
return fmt.Errorf("signature invalid: length of %d is shorter than 8", len(p.AIK.CreateSignature))
if len(p.AK.CreateSignature) < 8 {
return fmt.Errorf("signature invalid: length of %d is shorter than 8", len(p.AK.CreateSignature))
}
sig, err := tpm2.DecodeSignature(bytes.NewBuffer(p.AIK.CreateSignature))
sig, err := tpm2.DecodeSignature(bytes.NewBuffer(p.AK.CreateSignature))
if err != nil {
return fmt.Errorf("DecodeSignature() failed: %v", err)
}
@ -204,7 +204,7 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
}
// Generate returns a credential activation challenge, which can be provided
// to the TPM to verify the AIK parameters given are authentic & the AIK
// to the TPM to verify the AK parameters given are authentic & the AK
// is present on the same TPM as the EK.
//
// The caller is expected to verify the secret returned from the TPM as
@ -212,7 +212,7 @@ func (p *ActivationParameters) checkTPM20AIKParameters() error {
// The caller should use subtle.ConstantTimeCompare to avoid potential
// timing attack vectors.
func (p *ActivationParameters) Generate() (secret []byte, ec *EncryptedCredential, err error) {
if err := p.checkAIKParameters(); err != nil {
if err := p.checkAKParameters(); err != nil {
return nil, nil, err
}
@ -244,7 +244,7 @@ func (p *ActivationParameters) Generate() (secret []byte, ec *EncryptedCredentia
}
func (p *ActivationParameters) generateChallengeTPM20(secret []byte) (*EncryptedCredential, error) {
att, err := tpm2.DecodeAttestationData(p.AIK.CreateAttestation)
att, err := tpm2.DecodeAttestationData(p.AK.CreateAttestation)
if err != nil {
return nil, fmt.Errorf("DecodeAttestationData() failed: %v", err)
}
@ -269,10 +269,10 @@ func (p *ActivationParameters) generateChallengeTPM12(rand io.Reader, secret []b
cred, encSecret []byte
err error
)
if p.AIK.UseTCSDActivationFormat {
cred, encSecret, err = verification.GenerateChallengeEx(pk, p.AIK.Public, secret)
if p.AK.UseTCSDActivationFormat {
cred, encSecret, err = verification.GenerateChallengeEx(pk, p.AK.Public, secret)
} else {
cred, encSecret, err = generateChallenge12(rand, pk, p.AIK.Public, secret)
cred, encSecret, err = generateChallenge12(rand, pk, p.AK.Public, secret)
}
if err != nil {

4
attest/activation_test.go
View File

@ -43,10 +43,10 @@ func TestActivationTPM20(t *testing.T) {
priv := ekCertSigner(t)
rand := rand.New(rand.NewSource(123456))
// These parameters represent an AIK generated on a real-world, infineon TPM.
// These parameters represent an AK generated on a real-world, infineon TPM.
params := ActivationParameters{
TPMVersion: TPMVersion20,
AIK: AttestationParameters{
AK: AttestationParameters{
Public: decodeBase64("AAEACwAFBHIAIJ3/y/NsODrmmfuYaNxty4nXFTiEvigDkiwSQVi/rSKuABAAFAAECAAAAAAAAQC/08gj/04z4xGMIVTmr02lzhI5epufXgU831xEpf2qpXfvtNGUfqTcgWF2EUux2HDPqgcj59dtXRobQdlr4uCGNzfZIGAej4JusLa4MjpG6W2DtJPot6F1Mry63talzJ36U47niy9Iesd34CO2p9Xk3+86ZmBnQ6PQ2roUNK3l7bKz6cFLM9drOLwCqU0AUl6pHvzYPPz+xXsPl3iaA2cM97oneUiJNmJM7wtR9OcaKyIA4wVlX5TndB9NwWq5Iuj8q2Sp40Dg0noXXGSPliAtVD8flkXtAcuI9UHkQbzu9cGPRdSJPMn743GONg3bYalFtcgh2VpACXkPbXB32J7B", t),
CreateData: decodeBase64("AAAAAAAg47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFUBAAsAIgALWI9hwDRB3zYSkannqM5z0J1coQNA1Jz/oCRxJQwTaNwAIgALmyFYBhHeIU3FUKIAPgXFD3NXyasP3siQviDEyH7avu4AAA==", t),
CreateAttestation: decodeBase64("/1RDR4AaACIAC41+jhmEOue1MZhJjIk79ENar6i15rBvamXLpQnGTBCOAAAAAAAAD3GRNfU4syzJ1jQGATDCDteFC5C4ACIAC3ToMYGy9GXxcf8A0HvOuLOHbU7HPEppM47C7CMcU8TtACBDmJFUFO1f5+BYevaYdd3VtfMCsxIuHhoTZJczzLP2BA==", t),

18
attest/attest-tool/attest-tool.go
View File

@ -21,7 +21,7 @@ import (
)
var (
keyPath = flag.String("key", "aik.json", "Path to the key file")
keyPath = flag.String("key", "ak.json", "Path to the key file")
nonceHex = flag.String("nonce", "", "Hex string to use as nonce when quoting")
randomNonce = flag.Bool("random-nonce", false, "Generate a random nonce instead of using one provided")
useSHA256 = flag.Bool("sha256", false, "Use SHA256 for quote operatons")
@ -63,10 +63,10 @@ func runCommand(tpm *attest.TPM) error {
fmt.Printf("VendorInfo: %x\n", info.VendorInfo)
fmt.Printf("Manufactorer: %v\n", info.Manufacturer)
case "make-aik":
k, err := tpm.NewAIK(nil)
case "make-ak", "make-aik":
k, err := tpm.NewAK(nil)
if err != nil {
return fmt.Errorf("failed to mint an AIK: %v", err)
return fmt.Errorf("failed to mint an AK: %v", err)
}
defer k.Close(tpm)
b, err := k.Marshal()
@ -80,9 +80,9 @@ func runCommand(tpm *attest.TPM) error {
if err != nil {
return err
}
k, err := tpm.LoadAIK(b)
k, err := tpm.LoadAK(b)
if err != nil {
return fmt.Errorf("failed to load AIK: %v", err)
return fmt.Errorf("failed to load AK: %v", err)
}
defer k.Close(tpm)
@ -186,12 +186,12 @@ func runDump(tpm *attest.TPM) (*internal.Dump, error) {
return nil, err
}
k, err := tpm.NewAIK(nil)
k, err := tpm.NewAK(nil)
if err != nil {
return nil, fmt.Errorf("failed to mint an AIK: %v", err)
return nil, fmt.Errorf("failed to mint an AK: %v", err)
}
defer k.Close(tpm)
out.AIK = k.AttestationParameters()
out.AK = k.AttestationParameters()
// Get a quote.
if out.Quote.Nonce, err = hex.DecodeString(*nonceHex); err != nil {

6
attest/attest-tool/internal/eventlog/secureboot_test.go
View File

@ -33,11 +33,11 @@ func parseEvents(t *testing.T, testdata string) []attest.Event {
t.Fatalf("parsing test data: %v", err)
}
aik, err := attest.ParseAIKPublic(dump.Static.TPMVersion, dump.AIK.Public)
ak, err := attest.ParseAKPublic(dump.Static.TPMVersion, dump.AK.Public)
if err != nil {
t.Fatalf("parsing AIK: %v", err)
t.Fatalf("parsing AK: %v", err)
}
if err := aik.Verify(attest.Quote{
if err := ak.Verify(attest.Quote{
Version: dump.Static.TPMVersion,
Quote: dump.Quote.Quote,
Signature: dump.Quote.Signature,

2
attest/attest-tool/internal/internal.go
View File

@ -13,7 +13,7 @@ type Dump struct {
EKPem []byte
}
AIK attest.AttestationParameters
AK attest.AttestationParameters
Quote struct {
Nonce []byte

76
attest/attest.go
View File

@ -84,7 +84,7 @@ const (
keyEncodingParameterized
)
type aik interface {
type ak interface {
close(*platformTPM) error
marshal() ([]byte, error)
activateCredential(tpm *platformTPM, in EncryptedCredential) ([]byte, error)
@ -92,49 +92,49 @@ type aik interface {
attestationParameters() AttestationParameters
}
// AIK represents a key which can be used for attestation.
type AIK struct {
aik aik
// AK represents a key which can be used for attestation.
type AK struct {
ak ak
}
// Close unloads the AIK from the system.
func (k *AIK) Close(t *TPM) error {
return k.aik.close(t.tpm)
// Close unloads the AK from the system.
func (k *AK) Close(t *TPM) error {
return k.ak.close(t.tpm)
}
// Marshal encodes the AIK in a format that can be reloaded with tpm.LoadAIK().
// Marshal encodes the AK in a format that can be reloaded with tpm.LoadAK().
// This method exists to allow consumers to store the key persistently and load
// it as a later time. Users SHOULD NOT attempt to interpret or extract values
// from this blob.
func (k *AIK) Marshal() ([]byte, error) {
return k.aik.marshal()
func (k *AK) Marshal() ([]byte, error) {
return k.ak.marshal()
}
// ActivateCredential decrypts the secret using the key to prove that the AIK
// ActivateCredential decrypts the secret using the key to prove that the AK
// was generated on the same TPM as the EK.
//
// This operation is synonymous with TPM2_ActivateCredential.
func (k *AIK) ActivateCredential(tpm *TPM, in EncryptedCredential) (secret []byte, err error) {
return k.aik.activateCredential(tpm.tpm, in)
func (k *AK) ActivateCredential(tpm *TPM, in EncryptedCredential) (secret []byte, err error) {
return k.ak.activateCredential(tpm.tpm, in)
}
// Quote returns a quote over the platform state, signed by the AIK.
// Quote returns a quote over the platform state, signed by the AK.
//
// This is a low-level API. Consumers seeking to attest the state of the
// platform should use tpm.AttestPlatform() instead.
func (k *AIK) Quote(tpm *TPM, nonce []byte, alg HashAlg) (*Quote, error) {
return k.aik.quote(tpm.tpm, nonce, alg)
func (k *AK) Quote(tpm *TPM, nonce []byte, alg HashAlg) (*Quote, error) {
return k.ak.quote(tpm.tpm, nonce, alg)
}
// AttestationParameters returns information about the AIK, typically used to
// AttestationParameters returns information about the AK, typically used to
// generate a credential activation challenge.
func (k *AIK) AttestationParameters() AttestationParameters {
return k.aik.attestationParameters()
func (k *AK) AttestationParameters() AttestationParameters {
return k.ak.attestationParameters()
}
// AIKConfig encapsulates parameters for minting keys. This type is defined
// AKConfig encapsulates parameters for minting keys. This type is defined
// now (despite being empty) for future interface compatibility.
type AIKConfig struct {
type AKConfig struct {
}
// EncryptedCredential represents encrypted parameters which must be activated
@ -177,11 +177,11 @@ type EK struct {
// AttestationParameters describes information about a key which is necessary
// for verifying its properties remotely.
type AttestationParameters struct {
// Public represents the AIK's canonical encoding. This blob includes the
// Public represents the AK's canonical encoding. This blob includes the
// public key, as well as signing parameters such as the hash algorithm
// used to generate quotes.
//
// Use ParseAIKPublic to access the key's data.
// Use ParseAKPublic to access the key's data.
Public []byte
// For TPM 2.0 devices, Public is encoded as a TPMT_PUBLIC structure.
// For TPM 1.2 devices, Public is a TPM_PUBKEY structure, as defined in
@ -193,7 +193,7 @@ type AttestationParameters struct {
// indicates that activation challenges should use the TCSD-specific format.
UseTCSDActivationFormat bool
// Subsequent fields are only populated for AIKs generated on a TPM
// Subsequent fields are only populated for AKs generated on a TPM
// implementing version 2.0 of the specification. The specific structures
// referenced for each field are defined in the TPM Revision 2, Part 2 -
// Structures specification, available here:
@ -210,25 +210,25 @@ type AttestationParameters struct {
CreateSignature []byte
}
// AIKPublic holds structured information about an AIK's public key.
type AIKPublic struct {
// Public is the public part of the AIK. This can either be an *rsa.PublicKey or
// AKPublic holds structured information about an AK's public key.
type AKPublic struct {
// Public is the public part of the AK. This can either be an *rsa.PublicKey or
// and *ecdsa.PublicKey.
Public crypto.PublicKey
// Hash is the hashing algorithm the AIK will use when signing quotes.
// Hash is the hashing algorithm the AK will use when signing quotes.
Hash crypto.Hash
}
// ParseAIKPublic parses the Public blob from the AttestationParameters,
// ParseAKPublic parses the Public blob from the AttestationParameters,
// returning the public key and signing parameters for the key.
func ParseAIKPublic(version TPMVersion, public []byte) (*AIKPublic, error) {
func ParseAKPublic(version TPMVersion, public []byte) (*AKPublic, error) {
switch version {
case TPMVersion12:
rsaPub, err := tpm.UnmarshalPubRSAPublicKey(public)
if err != nil {
return nil, fmt.Errorf("parsing public key: %v", err)
}
return &AIKPublic{Public: rsaPub, Hash: crypto.SHA1}, nil
return &AKPublic{Public: rsaPub, Hash: crypto.SHA1}, nil
case TPMVersion20:
pub, err := tpm2.DecodePublic(public)
if err != nil {
@ -250,21 +250,21 @@ func ParseAIKPublic(version TPMVersion, public []byte) (*AIKPublic, error) {
if err != nil {
return nil, fmt.Errorf("invalid public key hash: %v", err)
}
return &AIKPublic{Public: pubKey, Hash: h}, nil
return &AKPublic{Public: pubKey, Hash: h}, nil
default:
return nil, fmt.Errorf("unknown tpm version 0x%x", version)
}
}
// Verify is used to prove authenticity of the PCR measurements. It ensures that
// the quote was signed by the AIK, and that its contents matches the PCR and
// the quote was signed by the AK, and that its contents matches the PCR and
// nonce combination.
//
// The nonce is used to prevent replays of Quote and PCRs and is signed by the
// quote. Some TPMs don't support nonces longer than 20 bytes, and if the
// nonce is used to tie additional data to the quote, the additional data should be
// hashed to construct the nonce.
func (a *AIKPublic) Verify(quote Quote, pcrs []PCR, nonce []byte) error {
func (a *AKPublic) Verify(quote Quote, pcrs []PCR, nonce []byte) error {
switch quote.Version {
case TPMVersion12:
return a.validate12Quote(quote, pcrs, nonce)
@ -319,15 +319,15 @@ func (a HashAlg) String() string {
// the booted state of the machine the TPM is attached to.
//
// The digests contained in the event log can be considered authentic if:
// - The AIK public corresponds to the known AIK for that platform.
// - All quotes are verified with AIKPublic.Verify(), and return no errors.
// - The AK public corresponds to the known AK for that platform.
// - All quotes are verified with AKPublic.Verify(), and return no errors.
// - The event log parsed successfully using ParseEventLog(), and a call
// to EventLog.Verify() with the full set of PCRs returned no error.
type PlatformParameters struct {
// The version of the TPM which generated this attestation.
TPMVersion TPMVersion
// The public blob of the AIK which endorsed the platform state. This can
// be decoded to verify the adjacent quotes using ParseAIKPublic().
// The public blob of the AK which endorsed the platform state. This can
// be decoded to verify the adjacent quotes using ParseAKPublic().
Public []byte
// The set of quotes which endorse the state of the PCRs.
Quotes []Quote

76
attest/attest_simulated_tpm20_test.go
View File

@ -63,34 +63,34 @@ func TestSimTPM20Info(t *testing.T) {
}
}
func TestSimTPM20AIKCreateAndLoad(t *testing.T) {
func TestSimTPM20AKCreateAndLoad(t *testing.T) {
sim, tpm := setupSimulatedTPM(t)
defer sim.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
enc, err := aik.Marshal()
enc, err := ak.Marshal()
if err != nil {
aik.Close(tpm)
t.Fatalf("aik.Marshal() failed: %v", err)
ak.Close(tpm)
t.Fatalf("ak.Marshal() failed: %v", err)
}
if err := aik.Close(tpm); err != nil {
t.Fatalf("aik.Close() failed: %v", err)
if err := ak.Close(tpm); err != nil {
t.Fatalf("ak.Close() failed: %v", err)
}
loaded, err := tpm.LoadAIK(enc)
loaded, err := tpm.LoadAK(enc)
if err != nil {
t.Fatalf("LoadKey() failed: %v", err)
}
defer loaded.Close(tpm)
k1, k2 := aik.aik.(*key20), loaded.aik.(*key20)
k1, k2 := ak.ak.(*key20), loaded.ak.(*key20)
if !bytes.Equal(k1.public, k2.public) {
t.Error("Original & loaded AIK public blobs did not match.")
t.Error("Original & loaded AK public blobs did not match.")
t.Logf("Original = %v", k1.public)
t.Logf("Loaded = %v", k2.public)
}
@ -100,11 +100,11 @@ func TestSimTPM20ActivateCredential(t *testing.T) {
sim, tpm := setupSimulatedTPM(t)
defer sim.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
defer aik.Close(tpm)
defer ak.Close(tpm)
EKs, err := tpm.EKs()
if err != nil {
@ -114,7 +114,7 @@ func TestSimTPM20ActivateCredential(t *testing.T) {
ap := ActivationParameters{
TPMVersion: TPMVersion20,
AIK: aik.AttestationParameters(),
AK: ak.AttestationParameters(),
EK: ek,
}
secret, challenge, err := ap.Generate()
@ -122,9 +122,9 @@ func TestSimTPM20ActivateCredential(t *testing.T) {
t.Fatalf("Generate() failed: %v", err)
}
decryptedSecret, err := aik.ActivateCredential(tpm, *challenge)
decryptedSecret, err := ak.ActivateCredential(tpm, *challenge)
if err != nil {
t.Errorf("aik.ActivateCredential() failed: %v", err)
t.Errorf("ak.ActivateCredential() failed: %v", err)
}
if !bytes.Equal(secret, decryptedSecret) {
t.Error("secret does not match decrypted secret")
@ -133,18 +133,18 @@ func TestSimTPM20ActivateCredential(t *testing.T) {
}
}
func TestParseAIKPublic20(t *testing.T) {
func TestParseAKPublic20(t *testing.T) {
sim, tpm := setupSimulatedTPM(t)
defer sim.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
defer aik.Close(tpm)
params := aik.AttestationParameters()
if _, err := ParseAIKPublic(TPMVersion20, params.Public); err != nil {
t.Errorf("parsing AIK public blob: %v", err)
defer ak.Close(tpm)
params := ak.AttestationParameters()
if _, err := ParseAKPublic(TPMVersion20, params.Public); err != nil {
t.Errorf("parsing AK public blob: %v", err)
}
}
@ -152,19 +152,19 @@ func TestSimTPM20QuoteAndVerify(t *testing.T) {
sim, tpm := setupSimulatedTPM(t)
defer sim.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
defer aik.Close(tpm)
defer ak.Close(tpm)
nonce := []byte{1, 2, 3, 4, 5, 6, 7, 8}
quote, err := aik.Quote(tpm, nonce, HashSHA256)
quote, err := ak.Quote(tpm, nonce, HashSHA256)
if err != nil {
t.Fatalf("aik.Quote() failed: %v", err)
t.Fatalf("ak.Quote() failed: %v", err)
}
// Providing both PCR banks to AIKPublic.Verify() ensures we can handle
// Providing both PCR banks to AKPublic.Verify() ensures we can handle
// the case where extra PCRs of a different digest algorithm are provided.
var pcrs []PCR
for _, alg := range []HashAlg{HashSHA256, HashSHA1} {
@ -175,9 +175,9 @@ func TestSimTPM20QuoteAndVerify(t *testing.T) {
pcrs = append(pcrs, p...)
}
pub, err := ParseAIKPublic(tpm.Version(), aik.AttestationParameters().Public)
pub, err := ParseAKPublic(tpm.Version(), ak.AttestationParameters().Public)
if err != nil {
t.Fatalf("ParseAIKPublic() failed: %v", err)
t.Fatalf("ParseAKPublic() failed: %v", err)
}
if err := pub.Verify(*quote, pcrs, nonce); err != nil {
t.Errorf("quote verification failed: %v", err)
@ -188,21 +188,21 @@ func TestSimTPM20AttestPlatform(t *testing.T) {
sim, tpm := setupSimulatedTPM(t)
defer sim.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
defer aik.Close(tpm)
defer ak.Close(tpm)
nonce := []byte{1, 2, 3, 4, 5, 6, 7, 8}
attestation, err := tpm.attestPlatform(aik, nonce, nil)
attestation, err := tpm.attestPlatform(ak, nonce, nil)
if err != nil {
t.Fatalf("AttestPlatform() failed: %v", err)
}
pub, err := ParseAIKPublic(attestation.TPMVersion, attestation.Public)
pub, err := ParseAKPublic(attestation.TPMVersion, attestation.Public)
if err != nil {
t.Fatalf("ParseAIKPublic() failed: %v", err)
t.Fatalf("ParseAKPublic() failed: %v", err)
}
for i, q := range attestation.Quotes {
if err := pub.Verify(q, attestation.PCRs, nonce); err != nil {

22
attest/attest_test.go
View File

@ -78,7 +78,7 @@ func TestEKs(t *testing.T) {
}
}
func TestAIKCreateAndLoad(t *testing.T) {
func TestAKCreateAndLoad(t *testing.T) {
if !*testLocal {
t.SkipNow()
}
@ -88,30 +88,30 @@ func TestAIKCreateAndLoad(t *testing.T) {
}
defer tpm.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
enc, err := aik.Marshal()
enc, err := ak.Marshal()
if err != nil {
aik.Close(tpm)
t.Fatalf("aik.Marshal() failed: %v", err)
ak.Close(tpm)
t.Fatalf("ak.Marshal() failed: %v", err)
}
if err := aik.Close(tpm); err != nil {
t.Fatalf("aik.Close() failed: %v", err)
if err := ak.Close(tpm); err != nil {
t.Fatalf("ak.Close() failed: %v", err)
}
loaded, err := tpm.LoadAIK(enc)
loaded, err := tpm.LoadAK(enc)
if err != nil {
t.Fatalf("LoadKey() failed: %v", err)
}
defer loaded.Close(tpm)
k1, k2 := aik.aik.(*key20), loaded.aik.(*key20)
k1, k2 := ak.ak.(*key20), loaded.ak.(*key20)
if !bytes.Equal(k1.public, k2.public) {
t.Error("Original & loaded AIK public blobs did not match.")
t.Error("Original & loaded AK public blobs did not match.")
t.Logf("Original = %v", k1.public)
t.Logf("Loaded = %v", k2.public)
}

34
attest/attest_tpm12_test.go
View File

@ -87,12 +87,12 @@ func TestTPM12EKs(t *testing.T) {
}
}
func TestNewAIK(t *testing.T) {
func TestNewAK(t *testing.T) {
tpm := openTPM12(t)
defer tpm.Close()
if _, err := tpm.NewAIK(nil); err != nil {
t.Fatalf("NewAIK failed: %v", err)
if _, err := tpm.NewAK(nil); err != nil {
t.Fatalf("NewAK failed: %v", err)
}
}
@ -105,12 +105,12 @@ func TestTPMQuote(t *testing.T) {
t.Fatalf("reading nonce: %v", err)
}
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK failed: %v", err)
t.Fatalf("NewAK failed: %v", err)
}
quote, err := aik.Quote(tpm, nonce, HashSHA1)
quote, err := ak.Quote(tpm, nonce, HashSHA1)
if err != nil {
t.Fatalf("Quote failed: %v", err)
}
@ -118,18 +118,18 @@ func TestTPMQuote(t *testing.T) {
t.Logf("Quote{version: %v, quote: %x, signature: %x}\n", quote.Version, quote.Quote, quote.Signature)
}
func TestParseAIKPublic12(t *testing.T) {
func TestParseAKPublic12(t *testing.T) {
tpm := openTPM12(t)
defer tpm.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK() failed: %v", err)
t.Fatalf("NewAK() failed: %v", err)
}
defer aik.Close(tpm)
params := aik.AttestationParameters()
if _, err := ParseAIKPublic(TPMVersion12, params.Public); err != nil {
t.Errorf("parsing AIK public blob: %v", err)
defer ak.Close(tpm)
params := ak.AttestationParameters()
if _, err := ParseAKPublic(TPMVersion12, params.Public); err != nil {
t.Errorf("parsing AK public blob: %v", err)
}
}
@ -137,9 +137,9 @@ func TestTPMActivateCredential(t *testing.T) {
tpm := openTPM12(t)
defer tpm.Close()
aik, err := tpm.NewAIK(nil)
ak, err := tpm.NewAK(nil)
if err != nil {
t.Fatalf("NewAIK failed: %v", err)
t.Fatalf("NewAK failed: %v", err)
}
EKs, err := tpm.EKs()
@ -150,7 +150,7 @@ func TestTPMActivateCredential(t *testing.T) {
ap := ActivationParameters{
TPMVersion: TPMVersion12,
AIK: aik.AttestationParameters(),
AK: ak.AttestationParameters(),
EK: ek,
}
secret, challenge, err := ap.Generate()
@ -158,7 +158,7 @@ func TestTPMActivateCredential(t *testing.T) {
t.Fatalf("Generate() failed: %v", err)
}
validation, err := aik.ActivateCredential(tpm, *challenge)
validation, err := ak.ActivateCredential(tpm, *challenge)
if err != nil {
t.Fatalf("ActivateCredential failed: %v", err)
}

10
attest/challenge.go
View File

@ -41,8 +41,8 @@ func makeEmptyPCRInfo() []byte {
return b.Bytes()
}
func makeActivationBlob(symKey, aikpub []byte) (blob []byte, err error) {
aikHash := sha1.Sum(aikpub)
func makeActivationBlob(symKey, akpub []byte) (blob []byte, err error) {
akHash := sha1.Sum(akpub)
var out bytes.Buffer
if err := binary.Write(&out, binary.BigEndian, activationBlobHeader{
@ -57,7 +57,7 @@ func makeActivationBlob(symKey, aikpub []byte) (blob []byte, err error) {
}
out.Write(symKey)
out.Write(aikHash[:])
out.Write(akHash[:])
out.Write(makeEmptyPCRInfo())
return out.Bytes(), nil
}
@ -102,7 +102,7 @@ func pad(plaintext []byte, bsize int) []byte {
// the secret encrypted with the session key credential contained in asymenc.
// To use this, pass asymenc as the input to the TPM_ActivateIdentity command.
// Use the returned credential as the aes key to decode the secret in symenc.
func generateChallenge12(rand io.Reader, pubkey *rsa.PublicKey, aikpub, secret []byte) (asymenc []byte, symenc []byte, err error) {
func generateChallenge12(rand io.Reader, pubkey *rsa.PublicKey, akpub, secret []byte) (asymenc []byte, symenc []byte, err error) {
aeskey := make([]byte, 16)
iv := make([]byte, 16)
if _, err = io.ReadFull(rand, aeskey); err != nil {
@ -112,7 +112,7 @@ func generateChallenge12(rand io.Reader, pubkey *rsa.PublicKey, aikpub, secret [
return nil, nil, err
}
activationBlob, err := makeActivationBlob(aeskey, aikpub)
activationBlob, err := makeActivationBlob(aeskey, akpub)
if err != nil {
return nil, nil, err
}

2
attest/challenge_test.go
View File

@ -30,7 +30,7 @@ func TestMakeActivationBlob(t *testing.T) {
t.Errorf("symKey = %v, want %v", got, want)
}
if got, want := blob[15:35], []byte{133, 217, 101, 29, 154, 57, 154, 103, 224, 21, 208, 71, 253, 158, 106, 148, 30, 107, 32, 187}; !bytes.Equal(got, want) {
t.Errorf("aik digest = %v, want %v", got, want)
t.Errorf("ak digest = %v, want %v", got, want)
}
if got, want := blob[35:37], []byte{0, 3}; !bytes.Equal(got, want) {
t.Errorf("size of select = %v, want %v", got, want)

4
attest/eventlog.go
View File

@ -118,7 +118,7 @@ type rawPCRComposite struct {
Values tpmutil.U32Bytes
}
func (a *AIKPublic) validate12Quote(quote Quote, pcrs []PCR, nonce []byte) error {
func (a *AKPublic) validate12Quote(quote Quote, pcrs []PCR, nonce []byte) error {
pub, ok := a.Public.(*rsa.PublicKey)
if !ok {
return fmt.Errorf("unsupported public key type: %T", a.Public)
@ -163,7 +163,7 @@ func (a *AIKPublic) validate12Quote(quote Quote, pcrs []PCR, nonce []byte) error
return nil
}
func (a *AIKPublic) validate20Quote(quote Quote, pcrs []PCR, nonce []byte) error {
func (a *AKPublic) validate20Quote(quote Quote, pcrs []PCR, nonce []byte) error {
sig, err := tpm2.DecodeSignature(bytes.NewBuffer(quote.Signature))
if err != nil {
return fmt.Errorf("parse quote signature: %v", err)

8
attest/eventlog_test.go
View File

@ -29,7 +29,7 @@ type Dump struct {
EKPem []byte
}
AIK AttestationParameters
AK AttestationParameters
Quote struct {
Nonce []byte
@ -95,11 +95,11 @@ func testEventLog(t *testing.T, testdata string) {
t.Fatalf("parsing test data: %v", err)
}
aik, err := ParseAIKPublic(dump.Static.TPMVersion, dump.AIK.Public)
ak, err := ParseAKPublic(dump.Static.TPMVersion, dump.AK.Public)
if err != nil {
t.Fatalf("parsing AIK: %v", err)
t.Fatalf("parsing AK: %v", err)
}
if err := aik.Verify(Quote{
if err := ak.Verify(Quote{
Version: dump.Static.TPMVersion,
Quote: dump.Quote.Quote,
Signature: dump.Quote.Signature,

70
attest/example_test.go
View File

@ -13,51 +13,51 @@ var (
testExamples = flag.Bool("test-examples", false, "Enable tests for examples.")
)
func ExampleAIK() {
func ExampleAK() {
tpm, err := attest.OpenTPM(nil)
if err != nil {
log.Fatalf("Failed to open the TPM: %v", err)
}
defer tpm.Close()
// Create a new AIK.
aik, err := tpm.NewAIK(nil)
// Create a new AK.
ak, err := tpm.NewAK(nil)
if err != nil {
log.Fatalf("Failed to create AIK: %v", err)
log.Fatalf("Failed to create AK: %v", err)
}
// Save a re-loadable representation to blob.
blob, err := aik.Marshal()
blob, err := ak.Marshal()
if err != nil {
log.Fatalf("Failed to marshal AIK: %v", err)
log.Fatalf("Failed to marshal AK: %v", err)
}
// Close our handle to the AIK.
if err := aik.Close(tpm); err != nil {
log.Fatalf("Failed to close AIK: %v", err)
// Close our handle to the AK.
if err := ak.Close(tpm); err != nil {
log.Fatalf("Failed to close AK: %v", err)
}
// Re-load the created AIK from the blob.
aik, err = tpm.LoadAIK(blob)
// Re-load the created AK from the blob.
ak, err = tpm.LoadAK(blob)
if err != nil {
log.Fatalf("Failed to load AIK: %v", err)
log.Fatalf("Failed to load AK: %v", err)
}
if err := aik.Close(tpm); err != nil {
log.Fatalf("Failed to close AIK: %v", err)
if err := ak.Close(tpm); err != nil {
log.Fatalf("Failed to close AK: %v", err)
}
}
func ExampleAIK_credentialActivation() {
func ExampleAK_credentialActivation() {
tpm, err := attest.OpenTPM(nil)
if err != nil {
log.Fatalf("Failed to open TPM: %v", err)
}
defer tpm.Close()
// Create a new AIK.
aik, err := tpm.NewAIK(nil)
// Create a new AK.
ak, err := tpm.NewAK(nil)
if err != nil {
log.Fatalf("Failed to create AIK: %v", err)
log.Fatalf("Failed to create AK: %v", err)
}
defer aik.Close(tpm)
defer ak.Close(tpm)
// Read the EK.
ek, err := tpm.EKs()
@ -66,37 +66,37 @@ func ExampleAIK_credentialActivation() {
}
// Read parameters necessary to generate a challenge.
ap := aik.AttestationParameters()
ap := ak.AttestationParameters()
// Generate a credential activation challenge (usually done on the server).
activation := attest.ActivationParameters{
TPMVersion: tpm.Version(),
EK: ek[0].Public,
AIK: ap,
AK: ap,
}
secret, challenge, err := activation.Generate()
if err != nil {
log.Fatalf("Failed to generate activation challenge: %v", err)
}
// Challenge the AIK & EK properties to recieve the decrypted secret.
decrypted, err := aik.ActivateCredential(tpm, *challenge)
// Challenge the AK & EK properties to recieve the decrypted secret.
decrypted, err := ak.ActivateCredential(tpm, *challenge)
if err != nil {
log.Fatalf("Failed to activate credential: %v", err)
}
// Check that the AIK completed the challenge (usually done on the server).
// Check that the AK completed the challenge (usually done on the server).
if subtle.ConstantTimeCompare(secret, decrypted) == 0 {
log.Fatal("Activation response did not match secret")
}
}
func TestExampleAIK(t *testing.T) {
func TestExampleAK(t *testing.T) {
if !*testExamples {
t.SkipNow()
}
ExampleAIK()
ExampleAIK_credentialActivation()
ExampleAK()
ExampleAK_credentialActivation()
}
func TestExampleTPM(t *testing.T) {
@ -113,12 +113,12 @@ func ExampleTPM_AttestPlatform() {
}
defer tpm.Close()
// Create a new AIK.
aik, err := tpm.NewAIK(nil)
// Create a new AK.
ak, err := tpm.NewAK(nil)
if err != nil {
log.Fatalf("Failed to create AIK: %v", err)
log.Fatalf("Failed to create AK: %v", err)
}
defer aik.Close(tpm)
defer ak.Close(tpm)
// The nonce would typically be provided by the server.
nonce := []byte{1, 2, 3, 4, 5, 6, 7, 8}
@ -127,18 +127,18 @@ func ExampleTPM_AttestPlatform() {
// would pass a nil config, and the event log would be read from the
// platform. To ensure this example runs on platforms without event logs,
// we pass a fake EventLog value.
att, err := tpm.AttestPlatform(aik, nonce, &attest.PlatformAttestConfig{
att, err := tpm.AttestPlatform(ak, nonce, &attest.PlatformAttestConfig{
EventLog: []byte{0},
})
if err != nil {
log.Fatalf("Failed to attest the platform state: %v", err)
}
// Construct an AIKPublic struct from the parameters of the key. This
// Construct an AKPublic struct from the parameters of the key. This
// will be used to verify the quote signatures.
pub, err := attest.ParseAIKPublic(tpm.Version(), aik.AttestationParameters().Public)
pub, err := attest.ParseAKPublic(tpm.Version(), ak.AttestationParameters().Public)
if err != nil {
log.Fatalf("Failed to parse AIK public: %v", err)
log.Fatalf("Failed to parse AK public: %v", err)
}
for i, q := range att.Quotes {

6
attest/key_linux.go
View File

@ -30,7 +30,7 @@ type key12 struct {
public []byte
}
func newKey12(blob, public []byte) aik {
func newKey12(blob, public []byte) ak {
return &key12{
blob: blob,
public: public,
@ -56,7 +56,7 @@ func (k *key12) close(tpm *platformTPM) error {
func (k *key12) activateCredential(t *platformTPM, in EncryptedCredential) ([]byte, error) {
cred, err := attestation.AIKChallengeResponse(t.ctx, k.blob, in.Credential, in.Secret)
if err != nil {
return nil, fmt.Errorf("failed to activate aik: %v", err)
return nil, fmt.Errorf("failed to activate ak: %v", err)
}
return cred, nil
}
@ -96,7 +96,7 @@ type key20 struct {
createSignature []byte
}
func newKey20(hnd tpmutil.Handle, blob, public, createData, createAttestation, createSig []byte) aik {
func newKey20(hnd tpmutil.Handle, blob, public, createData, createAttestation, createSig []byte) ak {
return &key20{
hnd: hnd,
blob: blob,

4
attest/key_windows.go
View File

@ -29,7 +29,7 @@ type key12 struct {
public []byte
}
func newKey12(hnd uintptr, pcpKeyName string, public []byte) aik {
func newKey12(hnd uintptr, pcpKeyName string, public []byte) ak {
return &key12{
hnd: hnd,
pcpKeyName: pcpKeyName,
@ -114,7 +114,7 @@ type key20 struct {
createSignature []byte
}
func newKey20(hnd uintptr, pcpKeyName string, public, createData, createAttest, createSig []byte) aik {
func newKey20(hnd uintptr, pcpKeyName string, public, createData, createAttest, createSig []byte) ak {
return &key20{
hnd: hnd,
pcpKeyName: pcpKeyName,

32
attest/pcp_windows.go
View File

@ -38,7 +38,7 @@ const (
// The below is documented in this Microsoft whitepaper:
// https://github.com/Microsoft/TSS.MSR/blob/master/PCPTool.v11/Using%20the%20Windows%208%20Platform%20Crypto%20Provider%20and%20Associated%20TPM%20Functionality.pdf
ncryptOverwriteKeyFlag = 0x80
// Key usage value for AIKs.
// Key usage value for AKs.
nCryptPropertyPCPKeyUsagePolicyIdentity = 0x8
)
@ -452,8 +452,8 @@ func getPCPCerts(hProv uintptr, propertyName string) ([][]byte, error) {
return out, nil
}
// NewAIK creates a persistent attestation key of the specified name.
func (h *winPCP) NewAIK(name string) (uintptr, error) {
// NewAK creates a persistent attestation key of the specified name.
func (h *winPCP) NewAK(name string) (uintptr, error) {
var kh uintptr
utf16Name, err := windows.UTF16FromString(name)
if err != nil {
@ -516,17 +516,17 @@ func (h *winPCP) EKPub() ([]byte, error) {
return getNCryptBufferProperty(h.hProv, "PCP_EKPUB")
}
type aikProps struct {
type akProps struct {
RawPublic []byte
RawCreationData []byte
RawAttest []byte
RawSignature []byte
}
// AIKProperties returns the binding properties of the given attestation
// AKProperties returns the binding properties of the given attestation
// key. Note that it is only valid to call this function with the same
// winPCP handle within which the AIK was created.
func (h *winPCP) AIKProperties(kh uintptr) (*aikProps, error) {
// winPCP handle within which the AK was created.
func (h *winPCP) AKProperties(kh uintptr) (*akProps, error) {
idBlob, err := getNCryptBufferProperty(kh, "PCP_TPM12_IDBINDING")
if err != nil {
return nil, err
@ -535,16 +535,16 @@ func (h *winPCP) AIKProperties(kh uintptr) (*aikProps, error) {
// Because the TPM 1.2 blob leads with a version tag,
// we can switch decoding logic based on it.
if bytes.Equal(idBlob[0:4], []byte{1, 1, 0, 0}) {
return decodeAIKProps12(r)
return decodeAKProps12(r)
}
return decodeAIKProps20(r)
return decodeAKProps20(r)
}
// decodeAIKProps12 separates the single TPM 1.2 blob from the PCP property
// decodeAKProps12 separates the single TPM 1.2 blob from the PCP property
// into its constituents, returning information about the public key
// of the AIK.
func decodeAIKProps12(r *bytes.Reader) (*aikProps, error) {
var out aikProps
// of the AK.
func decodeAKProps12(r *bytes.Reader) (*akProps, error) {
var out akProps
// Skip over fixed-size fields in TPM_IDENTITY_CONTENTS which
// we don't need to read.
// Specifically: ver, ordinal, & labelPrivCADigest.
@ -592,12 +592,12 @@ func decodeAIKProps12(r *bytes.Reader) (*aikProps, error) {
return &out, nil
}
// decodeAIKProps20 separates the single TPM 2.0 blob from the PCP property
// decodeAKProps20 separates the single TPM 2.0 blob from the PCP property
// into its constituents. For TPM 2.0 devices, these are bytes representing
// the following structures: TPM2B_PUBLIC, TPM2B_CREATION_DATA, TPM2B_ATTEST,
// and TPMT_SIGNATURE.
func decodeAIKProps20(r *bytes.Reader) (*aikProps, error) {
var out aikProps
func decodeAKProps20(r *bytes.Reader) (*akProps, error) {
var out akProps
var publicSize uint16
if err := binary.Read(r, binary.BigEndian, &publicSize); err != nil {

2
attest/testdata/linux_tpm12.json vendored
View File

File diff suppressed because one or more lines are too long

2
attest/testdata/windows_gcp_shielded_vm.json vendored
View File

File diff suppressed because one or more lines are too long

34
attest/tpm.go
View File

@ -45,7 +45,7 @@ const (
)
var (
aikTemplate = tpm2.Public{
akTemplate = tpm2.Public{
Type: tpm2.AlgRSA,
NameAlg: tpm2.AlgSHA256,
Attributes: tpm2.FlagSignerDefault,
@ -209,14 +209,14 @@ func readEKCertFromNVRAM20(tpm io.ReadWriter) (*x509.Certificate, error) {
return ParseEKCertificate(ekCert)
}
func quote20(tpm io.ReadWriter, aikHandle tpmutil.Handle, hashAlg tpm2.Algorithm, nonce []byte) (*Quote, error) {
func quote20(tpm io.ReadWriter, akHandle tpmutil.Handle, hashAlg tpm2.Algorithm, nonce []byte) (*Quote, error) {
sel := tpm2.PCRSelection{Hash: hashAlg}
numPCRs := 24
for pcr := 0; pcr < numPCRs; pcr++ {
sel.PCRs = append(sel.PCRs, pcr)
}
quote, sig, err := tpm2.Quote(tpm, aikHandle, "", "", nonce, sel, tpm2.AlgNull)
quote, sig, err := tpm2.Quote(tpm, akHandle, "", "", nonce, sel, tpm2.AlgNull)
if err != nil {
return nil, err
}
@ -289,12 +289,12 @@ func (t *TPM) Info() (*TPMInfo, error) {
return t.tpm.info()
}
// LoadAIK loads a previously-created aik into the TPM for use.
// LoadAK loads a previously-created ak into the TPM for use.
// A key loaded via this function needs to be closed with .Close().
// Only blobs generated by calling AIK.Serialize() are valid parameters
// Only blobs generated by calling AK.Serialize() are valid parameters
// to this function.
func (t *TPM) LoadAIK(opaqueBlob []byte) (*AIK, error) {
return t.tpm.loadAIK(opaqueBlob)
func (t *TPM) LoadAK(opaqueBlob []byte) (*AK, error) {
return t.tpm.loadAK(opaqueBlob)
}
// MeasurementLog returns the present value of the System Measurement Log.
@ -305,9 +305,9 @@ func (t *TPM) MeasurementLog() ([]byte, error) {
return t.tpm.measurementLog()
}
// NewAIK creates an attestation key.
func (t *TPM) NewAIK(opts *AIKConfig) (*AIK, error) {
return t.tpm.newAIK(opts)
// NewAK creates an attestation key.
func (t *TPM) NewAK(opts *AKConfig) (*AK, error) {
return t.tpm.newAK(opts)
}
// PCRs returns the present value of Platform Configuration Registers with
@ -319,22 +319,22 @@ func (t *TPM) PCRs(alg HashAlg) ([]PCR, error) {
return t.tpm.pcrs(alg)
}
func (t *TPM) attestPCRs(aik *AIK, nonce []byte, alg HashAlg) (*Quote, []PCR, error) {
func (t *TPM) attestPCRs(ak *AK, nonce []byte, alg HashAlg) (*Quote, []PCR, error) {
pcrs, err := t.PCRs(alg)
if err != nil {
return nil, nil, fmt.Errorf("failed to read %v PCRs: %v", alg, err)
}
quote, err := aik.Quote(t, nonce, alg)
quote, err := ak.Quote(t, nonce, alg)
if err != nil {
return nil, nil, fmt.Errorf("failed to quote using %v: %v", alg, err)
}
return quote, pcrs, nil
}
func (t *TPM) attestPlatform(aik *AIK, nonce []byte, eventLog []byte) (*PlatformParameters, error) {
func (t *TPM) attestPlatform(ak *AK, nonce []byte, eventLog []byte) (*PlatformParameters, error) {
out := PlatformParameters{
TPMVersion: t.Version(),
Public: aik.AttestationParameters().Public,
Public: ak.AttestationParameters().Public,
EventLog: eventLog,
}
@ -345,7 +345,7 @@ func (t *TPM) attestPlatform(aik *AIK, nonce []byte, eventLog []byte) (*Platform
var lastErr error
for _, alg := range algs {
quote, pcrs, err := t.attestPCRs(aik, nonce, alg)
quote, pcrs, err := t.attestPCRs(ak, nonce, alg)
if err != nil {
lastErr = err
continue
@ -375,7 +375,7 @@ type PlatformAttestConfig struct {
// using the other.
// The provided config, if not nil, can be used to configure aspects of the
// platform attestation.
func (t *TPM) AttestPlatform(aik *AIK, nonce []byte, config *PlatformAttestConfig) (*PlatformParameters, error) {
func (t *TPM) AttestPlatform(ak *AK, nonce []byte, config *PlatformAttestConfig) (*PlatformParameters, error) {
if config == nil {
config = &PlatformAttestConfig{}
}
@ -390,7 +390,7 @@ func (t *TPM) AttestPlatform(aik *AIK, nonce []byte, config *PlatformAttestConfi
}
}
return t.attestPlatform(aik, nonce, el)
return t.attestPlatform(ak, nonce, el)
}
// Version returns the version of the TPM.

18
attest/tpm_linux.go
View File

@ -267,14 +267,14 @@ func (t *platformTPM) eks() ([]EK, error) {
}
}
func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
func (t *platformTPM) newAK(opts *AKConfig) (*AK, error) {
switch t.version {
case TPMVersion12:
pub, blob, err := attestation.CreateAIK(t.ctx)
if err != nil {
return nil, fmt.Errorf("CreateAIK failed: %v", err)
}
return &AIK{aik: newKey12(blob, pub)}, nil
return &AK{ak: newKey12(blob, pub)}, nil
case TPMVersion20:
// TODO(jsonp): Abstract choice of hierarchy & parent.
srk, _, err := t.getPrimaryKeyHandle(commonSrkEquivalentHandle)
@ -282,7 +282,7 @@ func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
return nil, fmt.Errorf("failed to get SRK handle: %v", err)
}
blob, pub, creationData, creationHash, tix, err := tpm2.CreateKey(t.rwc, srk, tpm2.PCRSelection{}, "", "", aikTemplate)
blob, pub, creationData, creationHash, tix, err := tpm2.CreateKey(t.rwc, srk, tpm2.PCRSelection{}, "", "", akTemplate)
if err != nil {
return nil, fmt.Errorf("CreateKeyEx() failed: %v", err)
}
@ -290,7 +290,7 @@ func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
if err != nil {
return nil, fmt.Errorf("Load() failed: %v", err)
}
// If any errors occur, free the AIK's handle.
// If any errors occur, free the AK's handle.
defer func() {
if err != nil {
tpm2.FlushContext(t.rwc, keyHandle)
@ -307,13 +307,13 @@ func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
if err != nil {
return nil, fmt.Errorf("failed to pack TPMT_SIGNATURE: %v", err)
}
return &AIK{aik: newKey20(keyHandle, blob, pub, creationData, attestation, signature)}, nil
return &AK{ak: newKey20(keyHandle, blob, pub, creationData, attestation, signature)}, nil
default:
return nil, fmt.Errorf("unsupported TPM version: %x", t.version)
}
}
func (t *platformTPM) loadAIK(opaqueBlob []byte) (*AIK, error) {
func (t *platformTPM) loadAK(opaqueBlob []byte) (*AK, error) {
sKey, err := deserializeKey(opaqueBlob, t.version)
if err != nil {
return nil, fmt.Errorf("deserializeKey() failed: %v", err)
@ -324,7 +324,7 @@ func (t *platformTPM) loadAIK(opaqueBlob []byte) (*AIK, error) {
switch sKey.TPMVersion {
case TPMVersion12:
return &AIK{aik: newKey12(sKey.Blob, sKey.Public)}, nil
return &AK{ak: newKey12(sKey.Blob, sKey.Public)}, nil
case TPMVersion20:
srk, _, err := t.getPrimaryKeyHandle(commonSrkEquivalentHandle)
if err != nil {
@ -334,9 +334,9 @@ func (t *platformTPM) loadAIK(opaqueBlob []byte) (*AIK, error) {
if hnd, _, err = tpm2.Load(t.rwc, srk, "", sKey.Public, sKey.Blob); err != nil {
return nil, fmt.Errorf("Load() failed: %v", err)
}
return &AIK{aik: newKey20(hnd, sKey.Blob, sKey.Public, sKey.CreateData, sKey.CreateAttestation, sKey.CreateSignature)}, nil
return &AK{ak: newKey20(hnd, sKey.Blob, sKey.Public, sKey.CreateData, sKey.CreateAttestation, sKey.CreateSignature)}, nil
default:
return nil, fmt.Errorf("cannot load AIK with TPM version: %v", sKey.TPMVersion)
return nil, fmt.Errorf("cannot load AK with TPM version: %v", sKey.TPMVersion)
}
}

18
attest/tpm_windows.go
View File

@ -264,18 +264,18 @@ func decryptCredential(secretKey, blob []byte) ([]byte, error) {
return secret, nil
}
func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
func (t *platformTPM) newAK(opts *AKConfig) (*AK, error) {
nameHex := make([]byte, 5)
if n, err := rand.Read(nameHex); err != nil || n != len(nameHex) {
return nil, fmt.Errorf("rand.Read() failed with %d/%d bytes read and error: %v", n, len(nameHex), err)
}
name := fmt.Sprintf("aik-%x", nameHex)
name := fmt.Sprintf("ak-%x", nameHex)
kh, err := t.pcp.NewAIK(name)
kh, err := t.pcp.NewAK(name)
if err != nil {
return nil, fmt.Errorf("pcp failed to mint attestation key: %v", err)
}
props, err := t.pcp.AIKProperties(kh)
props, err := t.pcp.AKProperties(kh)
if err != nil {
closeNCryptObject(kh)
return nil, fmt.Errorf("pcp failed to read attestation key properties: %v", err)
@ -283,15 +283,15 @@ func (t *platformTPM) newAIK(opts *AIKConfig) (*AIK, error) {
switch t.version {
case TPMVersion12:
return &AIK{aik: newKey12(kh, name, props.RawPublic)}, nil
return &AK{ak: newKey12(kh, name, props.RawPublic)}, nil
case TPMVersion20:
return &AIK{aik: newKey20(kh, name, props.RawPublic, props.RawCreationData, props.RawAttest, props.RawSignature)}, nil
return &AK{ak: newKey20(kh, name, props.RawPublic, props.RawCreationData, props.RawAttest, props.RawSignature)}, nil
default:
return nil, fmt.Errorf("cannot handle TPM version: %v", t.version)
}
}
func (t *platformTPM) loadAIK(opaqueBlob []byte) (*AIK, error) {
func (t *platformTPM) loadAK(opaqueBlob []byte) (*AK, error) {
sKey, err := deserializeKey(opaqueBlob, t.version)
if err != nil {
return nil, fmt.Errorf("deserializeKey() failed: %v", err)
@ -307,9 +307,9 @@ func (t *platformTPM) loadAIK(opaqueBlob []byte) (*AIK, error) {
switch t.version {
case TPMVersion12:
return &AIK{aik: newKey12(hnd, sKey.Name, sKey.Public)}, nil
return &AK{ak: newKey12(hnd, sKey.Name, sKey.Public)}, nil
case TPMVersion20:
return &AIK{aik: newKey20(hnd, sKey.Name, sKey.Public, sKey.CreateData, sKey.CreateAttestation, sKey.CreateSignature)}, nil
return &AK{ak: newKey20(hnd, sKey.Name, sKey.Public, sKey.CreateData, sKey.CreateAttestation, sKey.CreateSignature)}, nil
default:
return nil, fmt.Errorf("cannot handle TPM version: %v", t.version)
}