ExternalVendorCode/go-attestation
1
0
Fork 0
mirror of https://github.com/google/go-attestation.git synced 2024-12-20 21:43:16 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
309 Commits 3 Branches 15 Tags 4.6 MiB
f203ad3090
Commit Graph

27 Commits

Author SHA1 Message Date
Brandon Weeks
438907edb0
Fix lints; run gofmt (#293) 
$ gofmt -s -w .
 2022-11-01 12:19:57 -07:00
Joe Richey
03018e6828 Remove certificate-transparency-go dependancy 
Signed-off-by: Joe Richey <joerichey@google.com>
 2022-04-04 13:48:39 -07:00
Tom D
82f2c9c2c7
Merge pull request from GHSA-99cg-575x-774p 
* AKPublic.Verify: Return an error if a provided PCR of the correct
   digest was not included in the quote.
 * AKPublic.VerifyAll: Implement VerifyAll method, which can cross-check
   that provided PCRs were covered by quotes across PCR banks.
 * PCR.QuoteVerified(): Introduce getter method to expose whether a
   PCR value was covered during quote verification.
 2022-01-31 09:10:07 -08:00
Brandon Weeks
be496f1149 Internal change 
PiperOrigin-RevId: 394330027
 2021-09-01 15:39:03 -07:00
Tom D
cc52e2d143
Handle EFI_ACTION events signalling DMA protection is disabled. (#235) 2021-08-23 14:03:58 -07:00
Go-Attestation Team
20a9e4b381 Internal change 
PiperOrigin-RevId: 380881515
 2021-06-22 20:41:11 +00:00
Deepika Rajani
2f809d0330
Deepikarajani24 patch 1 (#193) 
* tbs.dll to not initialize on start up
so that it's not initialized when tpm support is not required

Changed author to my google.com user

* initialize tbs.dll and proc Tbsi_GetDeviceInfo during probeSystemTPMs

initialization is done in probeSystemTPMs as it's called before openTPM which requires support of the dll
changed author to my google.com user

* tbs.dll to load once

Changed the author to my google.com email

* Tbsi_GetDeviceInfo check to happen once
changed the author of the commit
 2020-12-02 11:09:22 -08:00
Brandon Weeks
73020b971b Rename AIK to AK everywhere 
AIK is the terminology used as part of the TPM 1.2 specifications.
 2019-10-09 08:56:19 +11:00
Eric Chiang
e688ff6d7f attest: rename MintAIK and MintOptions to NewAIK and AIKConfig 
This helps the godoc read better and is more inline with Go's naming
scheme. No functional changes made, just naming.
 2019-08-28 09:25:14 -07:00
Eric Chiang
bfcbe8f1e2 attest: re-work EK API (#79) 
This PR adds:
* Renames 'PlatformEK' to 'EK'
* More consistant support of EKs without certificates
* Removes HTTP GET to Intel EK certificate service
* Always populates EK.Public
 2019-08-21 10:26:55 -07:00
Tom D'Netto
da446762c0 Implement fetch from ekcert server if no EKs are found, and the TPM is from intel. 2019-07-17 15:15:29 -07:00
Tom D
372fcf25d0
Try reading the EKCert from PCP_EKNVCERT (#46) 2019-06-25 15:19:12 -07:00
Tom D
7c3baced09
Fix typos. (#40) 2019-06-12 10:15:42 -07:00
Tom D
8ac2846c80
Attempt fix for EKCert parsing errors when falling back to NVRAM (#38) 
* Fix parsing errors for EKCert when falling back to NVRAM
 2019-06-11 10:52:49 -07:00
Tom D
7f17046a60
Fix broken build on windows. (#36) 
* Attempt to read the EK from NVRAM if the system cert store cannot provide it.

* Fix broken build on windows.
 2019-06-06 13:15:55 -07:00
Tom D
3dc8a7d841
Attempt to read the EK from NVRAM if the system cert store cannot provide it. (#35) 2019-06-06 13:11:40 -07:00
Tom D
70c839779d
Moar error codes (#32) 2019-05-15 12:57:08 -07:00
Tom D
dbbcfcc4b8
Fix conversion to more specific windows error messages. (#31) 2019-05-15 12:27:19 -07:00
Tom D
7b5f790215
Fix broken DLL MustFindProc. (#29) 2019-05-14 14:44:33 -07:00
Tom D
55ce06b8f2
Decode windows TPM/PCP errors to more specific descriptions. (#28) 2019-05-14 11:42:44 -07:00
Tom D
ac78180218
Implement key deletion on Windows (#27) 
* Implement key deletion on Windows

* Dont forget 2nd parameter in call to NCryptDeleteKey
 2019-05-13 14:41:55 -07:00
Tom D
2ff4e84fcb
Check the state of the TPM before opening it on windows (#26) 
* Check the state of the TPM before opening it on windows
 2019-05-13 14:13:16 -07:00
Tom D
2da0098d9d
Switch over to trying the PCP provider for TPM 1.2, to mitigate missing ownerauth. (#25) 
* Implement decoding for TPM 1.2 PCP AIK properties

* Switch all TPM 1.2 methods that rely on ownerAuth to use the PCP API.
 2019-05-03 13:27:48 -07:00
Tom D
8e4a5ce762
Ignore slightly malformed EKs so attestation can continue. (#24) 2019-05-02 13:43:50 -07:00
Tom
7e37dd3701 go fmt 2019-03-28 14:00:07 -07:00
Tom
ca33c04742 Validate secret in attest_tpm12_test, fix godoc 2019-03-28 13:29:24 -07:00
Tom
21c2bfd1dc Initial commit. 2019-03-28 13:21:16 -07:00