Documentation
¶
Index ¶
- Constants
- func TpmExists() bool
- func ValidateTpmVersion2() error
- type TPM
- func (t *TPM) Close() error
- func (t *TPM) CreateLAK() (*client.Key, error)
- func (t *TPM) GetAttestation(nonce []byte, ak *client.Key) (*pbattest.Attestation, error)
- func (t *TPM) GetPCRValues(measurements map[string]string) error
- func (t *TPM) GetQuote(nonce []byte, ak *client.Key, pcr_selection *tpm2.PCRSelection) (*pbtpm.Quote, error)
- func (t *TPM) GetTpmVendorInfo() ([]byte, error)
Constants ¶
View Source
const ( MinNonceLength = 8 TpmSystemPath = "/dev/tpm0" TpmVersionInfoPath = "/sys/class/tpm/tpm0/tpm_version_major" )
Variables ¶
This section is empty.
Functions ¶
func TpmExists ¶ added in v0.7.0
func TpmExists() bool
Note: this may be a hardware TPM or a software or emulated TPM available to the system
func ValidateTpmVersion2 ¶ added in v0.7.0
func ValidateTpmVersion2() error
Types ¶
type TPM ¶
type TPM struct {
// contains filtered or unexported fields
}
func (*TPM) CreateLAK ¶ added in v0.7.0
The local attestation key (LAK) is an asymmetric key that persists for the device's lifecycle (but not lifetime) and can be zeroized if needed when the device transfers ownership. (The IAK by contrast persists for the device's lifetime across uses and owners.) This key can only be used to sign TPM-internal data, ex. attestations. This is considered a Restricted signing key by the TPM. Key attributes: Restricted: yes Sign: yes Decrypt: no FixedTPM: yes (cannot migrate or be duplicated) SensitiveDataOrigin: yes (was created in the TPM)
func (*TPM) GetAttestation ¶ added in v0.7.0
func (*TPM) GetTpmVendorInfo ¶ added in v0.7.0
Source Files
Click to show internal directories.
Click to hide internal directories.