Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/9elements/converged-security-suite

Converged Security Suite for Intel & AMD platform security features
https://github.com/9elements/converged-security-suite

bootguard calculate calculation cbnt firmware golang intel offline pcr0 prov reproduce security-tools tpm tpm2 trusted-computing txt

Last synced: about 1 month ago
JSON representation

Converged Security Suite for Intel & AMD platform security features

Awesome Lists containing this project

README

        

![image](assets/logo.png)

The Converged Security Suite implements all necessary tools for Intel platform security features.

| Technology | Testsuite | Provisioning |
| --- | --- | --- |
| Intel Trusted Execution Technology | Supported | Supported |
| Intel Trusted Execution Technology CBnT Extension | Missing | Supported |
| Intel Boot Guard 1.0 | Supported | Supported |
| Intel Boot Guard 2.0 | Supported | Supported |
| Intel Platform Firmware Resilience | N/A | Partly Supported |

Documentation
-------------
[Intel Manifest](https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/resources/key-usage-in-integrated-firmware-images.html)

Build Status
------------
![Build and Test](https://github.com/9elements/converged-security-suite/actions/workflows/build.yml/badge.svg)

Tooling & API
-------------

* [Intel TXT Test Suite](cmd/txt-suite) - Test Suite for Intel Trusted Execution Technology validation.
* [Intel TXT Provisioning](cmd/txt-prov) - Provisioning of Trusted Platform Module for Intel Trusted Execution Technology usage.
* [Intel BtG/CBnT Test Suite](cmd/bg-suite) - Test Suite for Intel Boot Guard validation.
* [Intel BtG/CBnT Provisioning](cmd/bg-prov) - Provisioning of all BootGuard versions and Trusted Execution Technology (CBnT) usage.
* [Intel/AMD pcr0tool](cmd/pcr0tool) - [PCR0](https://security.stackexchange.com/questions/127224/what-does-crtm-refer-to) diagnostics tool.

Developer notes
---------------

If you need to update a Boot Policy Manifest or a Key Manifest then please
read an
[instruction](https://github.com/linuxboot/fiano/blob/main/pkg/intel/metadata/README.md).

Funding
--------------



         

This project was partially funded through the [NGI Assure](https://nlnet.nl/assure) Fund, a fund established by [NLnet](https://nlnet.nl/) with financial support from the European Commission's [Next Generation Internet](https://ngi.eu/) programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 957073.