Class: TPM::KeyAttestation

Inherits:
Object
  • Object
show all
Defined in:
lib/tpm/key_attestation.rb,
lib/tpm/key_attestation/version.rb

Defined Under Namespace

Classes: Error

Constant Summary collapse

TRUSTED_CERTIFICATES =

docs.microsoft.com/en-us/windows-server/security/guarded-fabric-shielded-vm/guarded-fabric-install-trusted-tpm-root-certificates

begin
  pattern = File.expand_path(File.join(__dir__, "certificates", "*", "RootCA", "*.*"))
  Dir.glob(pattern).map do |filename|
    File.open(filename) { |file| OpenSSL::X509::Certificate.new(file) }
  end
end
VERSION = 
"0.12.0"

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(certify_info, signature, certified_key, certificates, qualifying_data, signature_algorithm: ALG_RSASSA, hash_algorithm: ALG_SHA256, trusted_certificates: TRUSTED_CERTIFICATES) ⇒ KeyAttestation

Returns a new instance of KeyAttestation.



35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/tpm/key_attestation.rb', line 35

def initialize(
  certify_info,
  signature,
  certified_key,
  certificates,
  qualifying_data,
  signature_algorithm: ALG_RSASSA,
  hash_algorithm: ALG_SHA256,
  trusted_certificates: TRUSTED_CERTIFICATES
)
  @certify_info = certify_info
  @signature = signature

  @certified_key = certified_key
  @certificates = certificates
  @signature_algorithm = signature_algorithm
  @hash_algorithm = hash_algorithm
  @qualifying_data = qualifying_data
  @trusted_certificates = trusted_certificates
end

Instance Attribute Details

#certificatesObject (readonly)

Returns the value of attribute certificates.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def certificates
  @certificates
end

#certified_keyObject (readonly)

Returns the value of attribute certified_key.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def certified_key
  @certified_key
end

#certify_infoObject (readonly)

Returns the value of attribute certify_info.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def certify_info
  @certify_info
end

#hash_algorithmObject (readonly)

Returns the value of attribute hash_algorithm.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def hash_algorithm
  @hash_algorithm
end

#qualifying_dataObject (readonly)

Returns the value of attribute qualifying_data.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def qualifying_data
  @qualifying_data
end

#signatureObject (readonly)

Returns the value of attribute signature.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def signature
  @signature
end

#signature_algorithmObject (readonly)

Returns the value of attribute signature_algorithm.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def signature_algorithm
  @signature_algorithm
end

#trusted_certificatesObject (readonly)

Returns the value of attribute trusted_certificates.



24
25
26
 
# File 'lib/tpm/key_attestation.rb', line 24

def trusted_certificates
  @trusted_certificates
end

Instance Method Details

#keyObject 



56
57
58
59
60
 
# File 'lib/tpm/key_attestation.rb', line 56

def key
  if valid?
    public_area.key
  end
end

#valid?Boolean

Returns:

  • (Boolean) 


62
63
64
65
66
 
# File 'lib/tpm/key_attestation.rb', line 62

def valid?
  certify_validator.valid?(aik_certificate.public_key) &&
    aik_certificate.conformant? &&
    trustworthy?
end