Documentation
¶
Overview ¶
Package server contains functions to be ran on a server (no TPM needed), as oppose to a client (with TPM).
Index ¶
- func CreateEKPublicAreaFromKey(k crypto.PublicKey) (tpm2.Public, error)
- func CreateImportBlob(ekPub crypto.PublicKey, sensitive []byte, pcrs *tpmpb.Pcrs) (*tpmpb.ImportBlob, error)
- func CreateSigningKeyImportBlob(ekPub crypto.PublicKey, signingKey crypto.PrivateKey, pcrs *tpmpb.Pcrs) (*tpmpb.ImportBlob, error)
- func Verify(pubKey crypto.PublicKey, quote *tpmpb.Quote, pcrs *tpmpb.Pcrs, ...) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CreateEKPublicAreaFromKey ¶
CreateEKPublicAreaFromKey creates a public area from a go interface PublicKey. Supports RSA and ECC keys.
func CreateImportBlob ¶
func CreateImportBlob(ekPub crypto.PublicKey, sensitive []byte, pcrs *tpmpb.Pcrs) (*tpmpb.ImportBlob, error)
CreateImportBlob uses the provided public EK to encrypt the sensitive data. The returned ImportBlob can then be decrypted and imported using the client Key.Import() method. A non-nil pcrs parameter adds a requirement that the TPM must have specific PCR values for Import() to succeed.
func CreateSigningKeyImportBlob ¶
func CreateSigningKeyImportBlob(ekPub crypto.PublicKey, signingKey crypto.PrivateKey, pcrs *tpmpb.Pcrs) (*tpmpb.ImportBlob, error)
CreateSigningKeyImportBlob uses the provided public EK to encrypt the signing key into import blob format. The returned import blob can be used to import the signing key into the TPM associated with the provided EK without exposing the private area to the TPM's OS using the client Key.ImportSigningKey() method. A non-nil pcrs parameter adds a requirement that the TPM must have specific PCR values to use the signing key.
Types ¶
This section is empty.
Source Files