You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit uses the new server.VerifyAttestation method added in
go-tpm-tools v0.3.0 to add verification of vTPM attestations to
the reference server implementation.
Installing libtspi is temporarily necessary in order to build STET
due to a temporary dependency being tracked by go-tpm-tools [1].
The Gazelle dependency was updated to v0.24.0 to work around a bug in
Gazelle v0.23.0 with including files via the go:embed directive [2].
Tested:
- Ran securesession binary against server on a Confidential VM to
produce a vTPM attestation, and confirmed the server successfully
verifies the attestation (and validates the expected nonce).
[1]: google/go-tpm-tools#109
[2]: bazelbuild/bazel-gazelle#1013
PiperOrigin-RevId: 408682519
Change-Id: I601aeaba598fd04b413f1d0c42a1f2a7444c7262
Right now, building the
server
library requireslibtspi
(a Trousers TPM 1.2 library) to be installed.This is because go-attestation's
attest
package depends on it for TPM 1.2 support. As we don't need TPM 1.2 support, this dependency is unnecessary.To fix this we should:
go-attestation/attest
depend on this separate packagego-tpm-tools/server
depend on this separate packageThe text was updated successfully, but these errors were encountered: