Documentation
¶
Index ¶
- Constants
- type TestVerifier
- func (t *TestVerifier) EKFingerprint(ekCertDER []byte) string
- func (t *TestVerifier) ExtractEKPublicKey(ekCertDER []byte) (crypto.PublicKey, error)
- func (t *TestVerifier) MakeCredential(ekPubKey crypto.PublicKey, akName []byte, secret []byte) ([]byte, error)
- func (t *TestVerifier) ParseAKPublic(akParams []byte) ([]byte, []byte, error)
- func (t *TestVerifier) ParseEKCert(ekCertDER []byte) (*x509.Certificate, error)
- func (t *TestVerifier) VerifyEKCert(ekCertDER []byte) (string, crypto.PublicKey, error)
- func (t *TestVerifier) VerifyQuote(akPubKeyDER []byte, nonce string, quoteB64 string) error
- type Verifier
Constants ¶
View Source
const ( IdentityClassHardwareTPM = "hardware_tpm" IdentityClassSoftwareTPM = "software_tpm" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type TestVerifier ¶
type TestVerifier struct {
VerifyEKCertFn func(ekCertDER []byte) (string, crypto.PublicKey, error)
VerifyQuoteFn func(akPubKeyDER []byte, nonce string, quoteB64 string) error
MakeCredentialFn func(ekPubKey crypto.PublicKey, akName []byte, secret []byte) ([]byte, error)
ParseAKPublicFn func(akParams []byte) ([]byte, []byte, error)
ExtractEKPubKeyFn func(ekCertDER []byte) (crypto.PublicKey, error)
EKFingerprintFn func(ekCertDER []byte) string
ParseEKCertFn func(ekCertDER []byte) (*x509.Certificate, error)
}
TestVerifier is a mock TPM verifier for testing.
func (*TestVerifier) EKFingerprint ¶
func (t *TestVerifier) EKFingerprint(ekCertDER []byte) string
func (*TestVerifier) ExtractEKPublicKey ¶
func (t *TestVerifier) ExtractEKPublicKey(ekCertDER []byte) (crypto.PublicKey, error)
func (*TestVerifier) MakeCredential ¶
func (*TestVerifier) ParseAKPublic ¶
func (t *TestVerifier) ParseAKPublic(akParams []byte) ([]byte, []byte, error)
func (*TestVerifier) ParseEKCert ¶
func (t *TestVerifier) ParseEKCert(ekCertDER []byte) (*x509.Certificate, error)
func (*TestVerifier) VerifyEKCert ¶
func (*TestVerifier) VerifyQuote ¶
func (t *TestVerifier) VerifyQuote(akPubKeyDER []byte, nonce string, quoteB64 string) error
type Verifier ¶
type Verifier interface {
// VerifyEKCert verifies an EK certificate and returns the identity class.
VerifyEKCert(ekCertDER []byte) (identityClass string, ekPubKey crypto.PublicKey, err error)
// VerifyQuote verifies a TPM quote signed by the given AK public key.
VerifyQuote(akPubKeyDER []byte, nonce string, quoteB64 string) error
// MakeCredential creates an encrypted credential challenge for the TPM.
MakeCredential(ekPubKey crypto.PublicKey, akName []byte, secret []byte) ([]byte, error)
// ParseAKPublic parses AK parameters and returns the AK public key DER and AK name.
ParseAKPublic(akParams []byte) (akPubKeyDER []byte, akName []byte, err error)
// ExtractEKPublicKey extracts the public key from an EK certificate.
ExtractEKPublicKey(ekCertDER []byte) (crypto.PublicKey, error)
// EKFingerprint computes SHA-256 fingerprint of an EK certificate.
EKFingerprint(ekCertDER []byte) string
// ParseEKCert parses a DER-encoded EK certificate.
ParseEKCert(ekCertDER []byte) (*x509.Certificate, error)
}
Verifier defines the TPM verification interface.
Source Files
Click to show internal directories.
Click to hide internal directories.