Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove libtspi dependancy #109

Closed
josephlr opened this issue Jun 21, 2021 · 1 comment
Closed

Remove libtspi dependancy #109

josephlr opened this issue Jun 21, 2021 · 1 comment
Assignees
@josephlr

Comments

@josephlr
Copy link
Member

Right now, building the server library requires libtspi (a Trousers TPM 1.2 library) to be installed.

This is because go-attestation's attest package depends on it for TPM 1.2 support. As we don't need TPM 1.2 support, this dependency is unnecessary.

To fix this we should:

  • Move the eventlog parsing/processsing to a separate package (either in this repo or go-attestation)
  • Have go-attestation/attest depend on this separate package
  • Have go-tpm-tools/server depend on this separate package
@josephlr josephlr self-assigned this Jun 21, 2021
copybara-service bot pushed a commit to GoogleCloudPlatform/stet that referenced this issue Nov 9, 2021
@iKevinY
Verify attestations in reference server
e24b8b3 
This commit uses the new server.VerifyAttestation method added in
go-tpm-tools v0.3.0 to add verification of vTPM attestations to
the reference server implementation.

Installing libtspi is temporarily necessary in order to build STET
due to a temporary dependency being tracked by go-tpm-tools [1].

The Gazelle dependency was updated to v0.24.0 to work around a bug in
Gazelle v0.23.0 with including files via the go:embed directive [2].

Tested:
 - Ran securesession binary against server on a Confidential VM to
   produce a vTPM attestation, and confirmed the server successfully
   verifies the attestation (and validates the expected nonce).

[1]: google/go-tpm-tools#109
[2]: bazelbuild/bazel-gazelle#1013

PiperOrigin-RevId: 408682519
Change-Id: I601aeaba598fd04b413f1d0c42a1f2a7444c7262
@josephlr
Copy link
Member Author

Fixed in #163

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@josephlr josephlr

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@josephlr