Class: TPM::KeyAttestation

Inherits:
Object
  • Object
show all
Defined in:
lib/tpm/key_attestation.rb,
lib/tpm/key_attestation/version.rb

Defined Under Namespace

Classes: Error

Constant Summary collapse

TRUSTED_CERTIFICATES =

docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-install-trusted-tpm-root-certificates

begin
  pattern = File.expand_path(File.join(__dir__, "certificates", "*", "RootCA", "*.*"))
  Dir.glob(pattern).map do |filename|
    file = File.binread(filename)
    OpenSSL::X509::Certificate.new(file)
  end
end
VERSION = 
"0.12.1"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(certify_info, signature, certified_key, certificates, qualifying_data, signature_algorithm: ALG_RSASSA, hash_algorithm: ALG_SHA256, trusted_certificates: TRUSTED_CERTIFICATES) ⇒ KeyAttestation

Returns a new instance of KeyAttestation.



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/tpm/key_attestation.rb', line 36

def initialize(
  certify_info,
  signature,
  certified_key,
  certificates,
  qualifying_data,
  signature_algorithm: ALG_RSASSA,
  hash_algorithm: ALG_SHA256,
  trusted_certificates: TRUSTED_CERTIFICATES
)
  @certify_info = certify_info
  @signature = signature

  @certified_key = certified_key
  @certificates = certificates
  @signature_algorithm = signature_algorithm
  @hash_algorithm = hash_algorithm
  @qualifying_data = qualifying_data
  @trusted_certificates = trusted_certificates
end

Instance Attribute Details

#certificatesObject (readonly)

Returns the value of attribute certificates.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def certificates
  @certificates
end

#certified_keyObject (readonly)

Returns the value of attribute certified_key.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def certified_key
  @certified_key
end

#certify_infoObject (readonly)

Returns the value of attribute certify_info.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def certify_info
  @certify_info
end

#hash_algorithmObject (readonly)

Returns the value of attribute hash_algorithm.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def hash_algorithm
  @hash_algorithm
end

#qualifying_dataObject (readonly)

Returns the value of attribute qualifying_data.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def qualifying_data
  @qualifying_data
end

#signatureObject (readonly)

Returns the value of attribute signature.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def signature
  @signature
end

#signature_algorithmObject (readonly)

Returns the value of attribute signature_algorithm.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def signature_algorithm
  @signature_algorithm
end

#trusted_certificatesObject (readonly)

Returns the value of attribute trusted_certificates.



25
26
27
 
# File 'lib/tpm/key_attestation.rb', line 25

def trusted_certificates
  @trusted_certificates
end

Instance Method Details

#keyObject 



57
58
59
60
61
 
# File 'lib/tpm/key_attestation.rb', line 57

def key
  if valid?
    public_area.key
  end
end

#valid?Boolean

Returns:

  • (Boolean) 


63
64
65
66
67
 
# File 'lib/tpm/key_attestation.rb', line 63

def valid?
  certify_validator.valid?(aik_certificate.public_key) &&
    aik_certificate.conformant? &&
    trustworthy?
end