notinternal

package

v0.3.11 Latest Latest Go to latest Published: Nov 18, 2021 License: Apache-2.0, BSD-3-Clause Imports: 10 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/ThalesIgnite/go-tpm-tools

Links

Open Source Insights

Documentation ¶

Overview ¶

Package notinternal contains private helper functions needed in client and server

Index ¶

func CheckSubset(subset, superset *pb.PCRs) error
func FormatPCRs(w io.Writer, p *pb.PCRs) error
func PCRDigest(p *pb.PCRs, hashAlg crypto.Hash) []byte
func PCRSelection(p *pb.PCRs) tpm2.PCRSelection
func PCRSessionAuth(p *pb.PCRs, hashAlg crypto.Hash) []byte
func SamePCRSelection(p *pb.PCRs, sel tpm2.PCRSelection) bool
func VerifyQuote(q *pb.Quote, trustedPub crypto.PublicKey, extraData []byte) error

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func CheckSubset ¶

func CheckSubset(subset, superset *pb.PCRs) error

CheckSubset verifies if the pcrs PCRs are a valid "subset" of the provided "superset" of PCRs. The PCR values must match (if present), and all PCRs must be present in the superset. This function will return an error containing the first missing or mismatched PCR number.

func FormatPCRs ¶

func FormatPCRs(w io.Writer, p *pb.PCRs) error

FormatPCRs writes a multiline representation of the PCR values to w.

func PCRDigest ¶

func PCRDigest(p *pb.PCRs, hashAlg crypto.Hash) []byte

PCRDigest computes the digest of the Pcrs. Note that the digest hash algorithm may differ from the PCRs' hash (which denotes the PCR bank).

func PCRSelection ¶

func PCRSelection(p *pb.PCRs) tpm2.PCRSelection

PCRSelection returns the corresponding tpm2.PCRSelection for the PCR data.

func PCRSessionAuth ¶

func PCRSessionAuth(p *pb.PCRs, hashAlg crypto.Hash) []byte

PCRSessionAuth calculates the authorization value for the given PCRs.

func SamePCRSelection ¶

func SamePCRSelection(p *pb.PCRs, sel tpm2.PCRSelection) bool

SamePCRSelection checks if the Pcrs has the same PCRSelection as the provided given tpm2.PCRSelection (including the hash algorithm).

func VerifyQuote ¶

func VerifyQuote(q *pb.Quote, trustedPub crypto.PublicKey, extraData []byte) error

VerifyQuote performs the following checks to validate a Quote:

the provided signature is generated by the trusted AK public key
the signature signs the provided quote data
the quote data starts with TPM_GENERATED_VALUE
the quote data is a valid TPMS_QUOTE_INFO
the quote data was taken over the provided PCRs
the provided PCR values match the quote data notinternal digest
the provided extraData matches that in the quote data

Note that the caller must have already established trust in the provided public key before validating the Quote.

VerifyQuote supports ECDSA and RSASSA signature verification.

Types ¶

This section is empty.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
test Package test provides helper methods for testing.	Package test provides helper methods for testing.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL