Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 8 commits
- 11 files changed
- 7 contributors
Commits on Dec 20, 2024
-
Tolerate differences in RSA private key libraries (#383)
* Tolerate differences in RSA private key libraries * simplify slice comparison
Commits on Jan 23, 2025
-
Add TPM2_HMAC implementation (#385)
- See definition in Part 3, Commands, section 15.4
-
Improve TPMUSymKeyBits and TPMUSymMode (#384)
* Improve TPMUSymKeyBits and TPMUSymMode * Add Deprecated comments * Small corrections * Add Deprecated comments
Commits on Feb 3, 2025
-
Implement TCP TPM protocol (#387)
* Implement TCP TPM protocol This change implements the basic TCP TPM protocol, which is useful for connecting to a running TPM simulator. It also introduces some tests which are skipped if the --cmd_addr or --plat_addr flags aren't provided. A number of TCP commands aren't implemented and left for a future change. Tested against a recent build of the TCG TPM simulator from https://github.com/trustedcomputinggroup/tpm use the closeTPM helper, caught by linter Co-authored-by: anamendes23 <anamendes@google.com> * Fix issues raised in PR --------- Co-authored-by: anamendes23 <anamendes@google.com>
Commits on Mar 28, 2025
-
tpm2: Fix typo in MakeCredential cmd (#391)
Signed-off-by: loicsikidi <loic.sikidi@gmail.com>
Commits on Apr 17, 2025
-
TPM2_PCR_Allocate support (#394)
* An improved check whether the "sel" argument of encodeTPMLPCRSelection() is a default PCRSelection{} object (whose fields are unset). While encodeTPMLPCRSelection() already correctly returns tpmutil.Pack(uint32(0)) in case "sel" is a default PCRSelection{} object, we are planning to add support for TPM2_PCR_Allocate command, and then the following "sel" value may be used with TPM2_PCR_Allocate command: [ {Hash: tpm2.AlgSHA1, PCRs: []int{}}, {Hash: tpm2.AlgSHA256, PCRs: []int{0,1,2,...,23}}, ]" The existing code with the "len(s.PCRs) == 0" check would produce an incorrect result with this "sel". An example from section "22.5 TPM2_PCR_Allocate" of the spec https://trustedcomputinggroup.org/wp-content/uploads/Trusted-Platform-Module-2.0-Library-Part-3-Version-184_pub.pdf "To change the allocation of a TPM from 24 SHA1 PCR and no SHA256 PCR to 24 SHA256 PCR and no SHA1 PCR, the pcrAllocation would have to have two selections: one for the empty SHA1 bank and one for the SHA256 bank with 24 PCR." * tpm2: Add TPM2_PCR_Allocate support.
Commits on Apr 25, 2025
-
Check for padding bytes in EK cert (#397)
Some TPM chips "pad" the EK cert that is stored in the TPM to completely fill up the NV index. Most TPM chips do NOT do this. If we try to parse the certificate with this extra padding, the x509.ParseCertificate function will return an "trailing bytes" error. Before trying to parse the certificate, we need to identify how many bytes should be stripped from bytes that were read from the TPM. To do this, we can use the ASN.1 Unmarshal function to get the "padding" bytes. From there, we can use the length of the padding bytes and remove those bytes from the bytes we send to the x509.ParseCertificate function so it will parse correctly.
Commits on Apr 28, 2025
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v0.9.3...v0.9.4