{"id":13641044,"url":"https://github.com/google/go-tpm-tools","last_synced_at":"2026-03-14T01:10:56.174Z","repository":{"id":34059528,"uuid":"161976966","full_name":"google/go-tpm-tools","owner":"google","description":"Go packages built on go-tpm providing a high-level API for using TPMs","archived":false,"fork":false,"pushed_at":"2024-10-19T00:41:09.000Z","size":6138,"stargazers_count":226,"open_issues_count":54,"forks_count":71,"subscribers_count":18,"default_branch":"main","last_synced_at":"2024-10-19T14:50:32.235Z","etag":null,"topics":["go","golang","remote-attestation","security","tpm","tpm2"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/google.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-12-16T07:10:09.000Z","updated_at":"2024-10-18T19:45:41.000Z","dependencies_parsed_at":"2023-02-17T13:31:25.239Z","dependency_job_id":"ef782f15-aabe-4dff-a7b1-c08a1a436c68","html_url":"https://github.com/google/go-tpm-tools","commit_stats":null,"previous_names":[],"tags_count":40,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fgo-tpm-tools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fgo-tpm-tools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fgo-tpm-tools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/google%2Fgo-tpm-tools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/google","download_url":"https://codeload.github.com/google/go-tpm-tools/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223822011,"owners_count":17208785,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","golang","remote-attestation","security","tpm","tpm2"],"created_at":"2024-08-02T01:01:17.202Z","updated_at":"2025-10-21T04:49:28.368Z","avatar_url":"https://github.com/google.png","language":"C","funding_links":[],"categories":["C","Code Repositories"],"sub_categories":["Go"],"readme":"# Go-TPM tools [![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/google/go-tpm-tools)](https://github.com/google/go-tpm-tools/releases)\n\n[![Build Status](https://github.com/google/go-tpm-tools/workflows/CI/badge.svg)](https://github.com/google/go-tpm-tools/actions?query=workflow%3ACI)\n[![Go Reference](https://pkg.go.dev/badge/github.com/google/go-tpm-tools.svg)](https://pkg.go.dev/github.com/google/go-tpm-tools)\n![GitHub go.mod Go version](https://img.shields.io/github/go-mod/go-version/google/go-tpm-tools)\n[![Go Report Card](https://goreportcard.com/badge/github.com/google/go-tpm-tools)](https://goreportcard.com/report/github.com/google/go-tpm-tools)\n[![License](https://img.shields.io/badge/LICENSE-Apache2.0-ff69b4.svg)](http://www.apache.org/licenses/LICENSE-2.0.html)\n\nThe `go-tpm-tools` module is a [TPM 2.0](https://trustedcomputinggroup.org/resource/trusted-platform-module-2-0-a-brief-introduction/) support library designed to complement [Go-TPM](https://github.com/google/go-tpm).\n\nIt contains the following public packages:\n  - [`client`](https://pkg.go.dev/github.com/google/go-tpm-tools/client):\n    A Go package providing simplified abstractions and utility functions for interacting with a TPM 2.0, including:\n      - Signing\n      - Attestation\n      - Reading PCRs\n      - Sealing/Unsealing data\n      - Importing Data and Keys\n      - Reading NVData\n      - Getting the TCG Event Log\n  - [`server`](https://pkg.go.dev/github.com/google/go-tpm-tools/server):\n    A Go package providing functionality for a remote server to send, receive, and interpret TPM 2.0 data. None of the commands in this package issue TPM commands, but instead handle:\n      - TCG Event Log parsing\n      - Attestation verification\n      - Creating data for Importing into a TPM\n  - [`proto`](https://pkg.go.dev/github.com/google/go-tpm-tools/proto):\n    Common [Protocol Buffer](https://developers.google.com/protocol-buffers) messages that are exchanged between the `client` and `server` libraries. This package also contains helper methods for validating these messages.\n  - [`simulator`](https://pkg.go.dev/github.com/google/go-tpm-tools/simulator):\n    Go bindings to the Microsoft's [TPM 2.0 simulator](https://github.com/Microsoft/ms-tpm-20-ref/).\n\nThis repository also contains `gotpm`, a command line tool for using the TPM.\nRun `gotpm --help` and `gotpm \u003ccommand\u003e --help` for more documentation.\n\n### Use prebuilt `gotpm` binary\n\nYou can download the binary from a [release](https://github.com/google/go-tpm-tools/releases) directly.\n\n```bash\n# VERSION: 0.4.4 ARCH: Linux_x86_64\ncurl -L https://github.com/google/go-tpm-tools/releases/download/[VERSION]/go-tpm-tools_[ARCH].tar.gz -o go-tpm-tools.tar.gz\ntar xvf go-tpm-tools.tar.gz\n# You may need to copy the binary to a directory with executable permissions.\n# NOTE: on Container-Optimized OS, /var/lib/google/ is executable\n./gotpm --help\n```\n\n### Building and Installing `gotpm`\n\n`gotpm` can be directly installed from this repo by running:\n```bash\ngo install github.com/google/go-tpm-tools/cmd/gotpm@latest\n# gotpm will be installed to $GOBIN\ngotpm --help\n```\nAlternatively, to build `gotpm` from a cloned version of this repo, run:\n```bash\ncd /my/path/to/cloned/go-tpm-tools/cmd/gotpm\ngo build\n# gotpm will be in the cmd/gotpm subdirectory of the repo\n./gotpm --help\n```\n\n## Minimum Required Go Version\n\nThis project currently requires Go 1.20 or newer. Any update to the minimum required Go version will be released as a **minor** version update.\n\n## `openssl` errors when building `simulator`\n\nSimilarly, when building the `simulator` library (or tests), you may get an error that looks like:\n```\nfatal error: openssl/aes.h: No such file or directory\n   47 | // #include \u003copenssl/aes.h\u003e\n      |           ^~~~~~~~~~~~~~~~\ncompilation terminated.\n```\nThis is because the `simulator` library depends on having the [OpenSSL](https://www.openssl.org/) headers installed. To fix this error, install the appropriate header package:\n\n### Linux\n\n```bash\n# Ubuntu/Debian based systems\nsudo apt install libssl-dev\n# Redhat/Centos based systems\nsudo yum install openssl-devel\n# Arch Linux (headers/library in the same package)\nsudo pacman -S openssl\n```\n\n### macOS\n\nFirst, install [Homebrew](https://brew.sh/). Then run:\n```bash\nbrew install openssl\n```\n\n### Windows\n\nFirst, install [Chocolatey](https://chocolatey.org/). Then run:\n```bash\nchoco install openssl\n```\n\n### Custom install location\n\nIf you want to use a different installation of OpenSSL, or you are getting\nlinker errors like `ld: library not found for -lcrypto`, you can directly\npoint Go your installation. We will assume your installation is located at\n`$OPENSSL_PATH` (with `lib` and `include` subdirectories).\n\n#### Add OpenSSL to the include and library path at the command line\nThis solution does not require modifying go-tpm-tools code and is useful when\nworking on other projects that depend on go-tpm-tools/simulator.\n```\nC_INCLUDE_PATH=\"$OPENSSL_PATH/include\" LIBRARY_PATH=\"$OPENSSL_PATH/lib\" go test ...\n```\n\n#### Add OpenSSL to the include and library path in the code\nThis solution modifies your local copy of the go-tpm-tools simulator source\nand removes the need to provide the paths on the command line.\n\nModify the `CFLAGS`/`LDFLAGS` options beginning with `#cgo darwin` or\n`#cgo windows` in `simulator/internal/internal.go` to point at your\ninstallation. This could look something like:\n```diff\n// #cgo darwin CFLAGS: -I $OPENSSL_PATH/include\n// #cgo darwin LDFLAGS: -L $OPENSSL_PATH/lib\n```\nRemember to revert your modifications to `simulator/internal/internal.go`\nbefore committing your changes.\n\n## No TPM 1.2 support\n\nUnlike [Go-TPM](https://github.com/google/go-tpm) (which supports TPM 1.2 and TPM 2.0), this module explicitly only supports TPM 2.0. Users should avoid use of TPM 1.2 due to the inherent reliance on SHA1 (which is [quite broken](https://sha-mbles.github.io/)).\n\n## Confidential VMs with Intel TDX\nFor Ubuntu image, the `tdx_guest` module was moved to linux-modules-extra\npackage in the 1016 and newer kernels. You should be able to install the module,\nand either manually load the module or reboot.\n\nTo install the linux-modules-extra package, run:\n\n```console\nsudo apt-get install linux-modules-extra-gcp\n```\n\nTo manually load the module, run:\n\n```console\nsudo modprobe tdx_guest\n```\n\n## Legal\n\nCopyright 2018 Google Inc. under the\n[Apache 2.0 License](https://www.apache.org/licenses/LICENSE-2.0). Microsoft's TPM simulator\ncode is licensed under a [3-clause BSD license](https://opensource.org/licenses/BSD-3-Clause) and the [TCG software license](https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf). See the [`LICENSE`](LICENSE) file for more information.\n\nThis is not an official Google product.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fgo-tpm-tools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgoogle%2Fgo-tpm-tools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgoogle%2Fgo-tpm-tools/lists"}