From 97d50a1edc58e03485d3dfb062fa1619d4dee06e Mon Sep 17 00:00:00 2001 From: DenisKarch <47127526+DenisKarch@users.noreply.github.com> Date: Wed, 24 Apr 2019 13:55:44 -0700 Subject: [PATCH] Use go-tpm NewQuoteInfo (#18) --- attest/tpm_windows.go | 32 +------------------------------- go.mod | 2 +- go.sum | 6 ++++-- 3 files changed, 6 insertions(+), 34 deletions(-) diff --git a/attest/tpm_windows.go b/attest/tpm_windows.go index 61bfb6a..c3bb167 100644 --- a/attest/tpm_windows.go +++ b/attest/tpm_windows.go @@ -19,7 +19,6 @@ package attest import ( "crypto" "crypto/rand" - "crypto/sha1" "encoding/base64" "encoding/binary" "encoding/json" @@ -266,35 +265,6 @@ func (k *Key) ActivateCredential(tpm *TPM, in EncryptedCredential) ([]byte, erro } } -func constructQuote(data, nonce []byte) ([]byte, error) { - composite := struct { - Mask tpmutil.U16Bytes - Data tpmutil.U32Bytes - }{ - Mask: []byte{0xff, 0xff, 0xff}, - Data: data, - } - compositeBytes, err := tpmutil.Pack(composite) - if err != nil { - return nil, fmt.Errorf("failed to pack TPM_PCR_COMPOSITE: %v", err) - } - - version := [4]byte{0x01, 0x01, 0x00, 0x00} - QUOT := [4]byte{'Q', 'U', 'O', 'T'} - info := struct { - Version [4]byte - QUOT [4]byte - Digest [20]byte - Nonce [20]byte - }{ - version, - QUOT, - sha1.Sum(compositeBytes), - sha1.Sum(nonce), - } - return tpmutil.Pack(info) -} - func (k *Key) quote12(tpm io.ReadWriter, nonce []byte) (*Quote, error) { selectedPCRs := make([]int, 24) for pcr, _ := range selectedPCRs { @@ -308,7 +278,7 @@ func (k *Key) quote12(tpm io.ReadWriter, nonce []byte) (*Quote, error) { // Construct and return TPM_QUOTE_INFO // Returning TPM_QUOTE_INFO allows us to verify the Quote at a higher resolution // and matches what go-tspi returns. - quote, err := constructQuote(pcrc, nonce) + quote, err := tpm1.NewQuoteInfo(pcrc, nonce) if err != nil { return nil, fmt.Errorf("failed to construct Quote Info: %v", err) } diff --git a/go.mod b/go.mod index be534ee..3c39ac9 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.12 require ( github.com/google/certificate-transparency-go v1.0.22-0.20190403155334-84853901c6b8 - github.com/google/go-tpm v0.1.2-0.20190419233512-b3f77a535648 + github.com/google/go-tpm v0.1.2-0.20190410172553-e84d59d0589e github.com/google/go-tpm-tools v0.0.0-20190328013357-5d2fd7f4b3e5 github.com/google/go-tspi v0.2.0 golang.org/x/crypto v0.0.0-20190422183909-d864b10871cd // indirect diff --git a/go.sum b/go.sum index 7f3b17d..a84202a 100644 --- a/go.sum +++ b/go.sum @@ -2,8 +2,10 @@ github.com/google/certificate-transparency-go v1.0.21 h1:Yf1aXowfZ2nuboBsg7iYGLm github.com/google/certificate-transparency-go v1.0.21/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg= github.com/google/certificate-transparency-go v1.0.22-0.20190403155334-84853901c6b8 h1:pZtGL2P6rU7wOnemTcvTgoH9s+QB646LB5dBcZ1w5yE= github.com/google/certificate-transparency-go v1.0.22-0.20190403155334-84853901c6b8/go.mod h1:QeJfpSbVSfYc7RgB3gJFj9cbuQMMchQxrWXz8Ruopmg= -github.com/google/go-tpm v0.1.2-0.20190419233512-b3f77a535648 h1:LiQYdZM/B/5OQj6eZO7drYaP7LCth3/1Ohd/F4exPFY= -github.com/google/go-tpm v0.1.2-0.20190419233512-b3f77a535648/go.mod h1:70+xJCEPKoR1UFyG62ftF/qOTka+OVFVQpNcWmByY0g= +github.com/google/go-tpm v0.1.1 h1:Qwvy1ZQsQElHIb/7PCqE4OpiBwDRMMHpu2a2q16S2hI= +github.com/google/go-tpm v0.1.1/go.mod h1:OGEdc1XfzTyNEQyahgeXVq+E0lMq3Vu/Y3bT9EfpRnE= +github.com/google/go-tpm v0.1.2-0.20190410172553-e84d59d0589e h1:cbbVm1AQhiczA2kTjpROSbTZf2XVSS/DrnSjrqOo2wo= +github.com/google/go-tpm v0.1.2-0.20190410172553-e84d59d0589e/go.mod h1:OGEdc1XfzTyNEQyahgeXVq+E0lMq3Vu/Y3bT9EfpRnE= github.com/google/go-tpm-tools v0.0.0-20190328013357-5d2fd7f4b3e5 h1:/moKuMi+BJ+OEva3jTms88ruyRkxaZn+f9EIZoGpQeY= github.com/google/go-tpm-tools v0.0.0-20190328013357-5d2fd7f4b3e5/go.mod h1:ApmLTU8fd5JJJ4J67y9sV16nOTR00GW2OabMwk7kSnE= github.com/google/go-tspi v0.2.0 h1:PMrHThARFgHtsCF6B8YNjLlnnGMDdFjVHZnxaqkcbzQ=