Commit Graph

15 Commits

Author SHA1 Message Date
Tom D
ebb0b62d80
Split linuxTPM -> {trousersTPM,wrappedTPM20}, implement CommandChannel
* Split linuxTPM -> {trousersTPM,wrappedTPM20} + prefix windows key type with windows

* Address feedback, implement CommandChannel
2020-05-05 16:56:57 -07:00
Tom D
25ce56400c
Fix linter errors, go fmt (#130) 2019-10-10 14:29:46 -07:00
Brandon Weeks
73020b971b Rename AIK to AK everywhere
AIK is the terminology used as part of the TPM 1.2 specifications.
2019-10-09 08:56:19 +11:00
Eric Chiang
39d2f6efff attest: don't define exported API in files with build tags
It's best practice to define as much code, especially exported API, in
files that can build on any platform. With as little code as possible in
OS specific files.

Ensure files with build tags don't contain any exported APIs. This helps
us not accidentally define API that only works on one platform, or have
incompatible method defintions between OSes.

TODO: follow up with an "unsupported" implementation so this builds on
Mac or without CGO (e.g. for servers)?
2019-09-19 13:50:38 -07:00
Eric Chiang
e688ff6d7f attest: rename MintAIK and MintOptions to NewAIK and AIKConfig
This helps the godoc read better and is more inline with Go's naming
scheme. No functional changes made, just naming.
2019-08-28 09:25:14 -07:00
Eric Chiang
bfcbe8f1e2 attest: re-work EK API (#79)
This PR adds:
* Renames 'PlatformEK' to 'EK'
* More consistant support of EKs without certificates
* Removes HTTP GET to Intel EK certificate service
* Always populates EK.Public
2019-08-21 10:26:55 -07:00
Tom D
6e2e8693ad
75: Make PCRs() take the digest algorithm (#77) 2019-08-20 11:52:12 -07:00
Eric Chiang
7d7676beda attest: move public key parsing server side
Event log parsing requires knowning both the public key and signing
parameters. Symmantically, this information should be from an attested
public key blob, not additional data passed by the client.

Introduce a new method for parsing an AIK's public key blob, returning
a new AIKPublic struct.
2019-08-06 11:09:20 -07:00
Tom D
8f4f17e679
Implement credential activation API (#56) 2019-07-23 15:22:53 -07:00
Tom D
90e37eacce
Refactor part 1: Refactor logic for keys into structs for each TPM/platform invariant. (#53)
* Refactor serialized keys into own structure, in preparation for making Key an interface.

* Refactor key logic into separate structures for each platform/TPMversion invariant.

* Implement review feedback
2019-07-19 13:05:18 -07:00
Tom D
063d2bdf7e
Implement full coverage for TPM 1.2 tests. (#7)
* Generate and store a fake EK certificate in TPM 1.2 test setup.

* Fix run of gen_ekcert.go

* Write out NVRAM cert header when generating ek cert

* Remove build flag gating tpm12 tests.
2019-04-04 15:33:00 -07:00
Tom D
790d3ba149
Script setup of fake filesystem objects for tpm12 tests, fix build of tpm12 tests. (#5) 2019-04-03 12:19:25 -07:00
Tom
f3ea38462e Make package a Go module, add build tags for tests that need special system setup 2019-04-01 11:06:07 -07:00
Tom
ca33c04742 Validate secret in attest_tpm12_test, fix godoc 2019-03-28 13:29:24 -07:00
Tom
21c2bfd1dc Initial commit. 2019-03-28 13:21:16 -07:00