File: example_test.go

package info (click to toggle)
golang-github-google-go-tpm-tools 0.4.7-2
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 7,644 kB
  • sloc: ansic: 51,865; sh: 862; makefile: 25
file content (47 lines) | stat: -rw-r--r-- 1,010 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
package server

import (
	"crypto"
	"fmt"
	"log"

	"github.com/google/go-tpm-tools/client"
	"github.com/google/go-tpm-tools/simulator"
)

func ExampleVerifyAttestation() {
	// On client machine, generate the TPM quote.
	// TODO: use real TPM.
	simulator, err := simulator.Get()
	if err != nil {
		log.Fatalf("failed to initialize simulator: %v", err)
	}
	defer simulator.Close()

	ak, err := client.AttestationKeyRSA(simulator)
	if err != nil {
		log.Fatalf("failed to generate AK: %v", err)
	}
	defer ak.Close()

	nonce := []byte("super secret nonce")
	attestation, err := ak.Attest(client.AttestOpts{Nonce: nonce})
	if err != nil {
		log.Fatalf("failed to attest: %v", err)
	}

	// TODO: send Attestation proto to verifier

	// verify the attesation proto
	opts := VerifyOpts{
		Nonce:      nonce,
		TrustedAKs: []crypto.PublicKey{ak.PublicKey()},
		AllowSHA1:  true,
	}
	state, err := VerifyAttestation(attestation, opts)
	if err != nil {
		log.Fatalf("failed to verify: %v", err)
	}

	fmt.Println(state)
}