ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2025-05-31 06:21:05 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Return error from AttestPlatform() if the event log returned from the system is too short to be valid (#151)

Browse Source
This commit is contained in:
Tom D 2020-01-30 14:39:59 -08:00 committed by GitHub
parent e9e2656545
commit fe41cef1db
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
attest/tpm.go
View File

@ -302,7 +302,17 @@ func (t *TPM) LoadAK(opaqueBlob []byte) (*AK, error) {
// This is a low-level API. Consumers seeking to attest the state of the // This is a low-level API. Consumers seeking to attest the state of the
// platform should use tpm.AttestPlatform() instead. // platform should use tpm.AttestPlatform() instead.
func (t *TPM) MeasurementLog() ([]byte, error) { func (t *TPM) MeasurementLog() ([]byte, error) {
return t.tpm.measurementLog() el, err := t.tpm.measurementLog()
if err != nil {
return nil, err
}
// A valid event log contains at least one SpecID event header (28 bytes).
// For TPM 1.2, we would expect at least an event header (32 bytes).
if minValidSize := 28; len(el) < minValidSize {
return nil, fmt.Errorf("event log too short: %d < %d", len(el), minValidSize)
}
return el, nil
} }
// NewAK creates an attestation key. // NewAK creates an attestation key.