https://github.com/kioubit/tpm2-quote-attest

Verify and print TPM2.0 Quotes (Attestation)
https://github.com/kioubit/tpm2-quote-attest

attestation remote-attestation tpm2

Last synced: about 2 months ago
JSON representation

Verify and print TPM2.0 Quotes (Attestation)

• Host: GitHub
• URL: https://github.com/kioubit/tpm2-quote-attest
• Owner: Kioubit
• Created: 2022-01-05T20:22:15.000Z (about 3 years ago)
• Default Branch: master
• Last Pushed: 2024-11-12T00:23:15.000Z (2 months ago)
• Last Synced: 2024-11-12T01:21:17.383Z (2 months ago)
• Topics: attestation, remote-attestation, tpm2
• Language: Go
• Homepage:
• Size: 18.6 KB
• Stars: 2
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

        
# Verify and print TPM2.0 Quotes

Useful for performing remote or local attestation of devices to verify system integrity.

- Supports verifying RSA and ECDSA signatures of tpm quotes

- Validation of the nonce

- Outputs parsed tpm quote in JSON format

- Can be used as a library including in mobile operating systems using Gomobile

## Generating TPM quotes

The ``create-quote.sh`` script shows how to create the required keys and how to perform the actual quote generation process.

## Demo

```

user@host:~$ tpm2_quote_attest -message-file data/quote.out -pcr-file data/quote.pcr -pubKey-file data/ak_public.pem -signature-file data/quote.sig -nonce-file data/quote.nonce

{

    "TPMData": {

        "AttestationType": "TPM_ST_ATTEST_QUOTE",

        "QualifiedSigner": {

            "Name": "AAtjsxXkcLNro2xtN3I9Cn2p0a0mXGV001zs0v4svOX7Pw=="

        },

        "ExtraData": {

            "Data": ""

        },

        "ClockInfo": {

            "Clock": 1XXXXXXX9,

            "ResetCount": 12,

            "RestartCount": 0,

            "Safe": true

        },

        "FirmwareVersion": XXXXXXXXXXXXXXX,

        "Attested": {

            "Quote": {

                "PcrSelect": {

                    "Count": 1,

                    "PcrSelections": [

                        {

                            "HashAlgorithm": "TPM_ALG_SHA256",

                            "PcrSelect": [

                                1,

                                2,

                                3,

                                4,

                                5,

                                6,

                                7,

                                8,

                                9

                            ]

                        }

                    ]

                },

                "PcrDigest": {

                    "Buffer": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K="

                }

            }

        }

    },

    "PCRValues": {

        "1": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "2": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "3": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "4": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "5": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "6": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "7": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "8": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K",

        "9": "ZXhhbXBsZWV4YW1wbGVleGFtcGxlZXhhbXBsZWV4YW0K"

    }

}

```