go-tpm-tools

go-tpm-tools copied to clipboard

Tdx rtmr for test purpose

1

yawangwang

[launcher] add IPv6 support when opening ports

7

Previous iptables operation only operates on IPv4 traffic. Adding the support to allow IPv6 traffic by using ip6tables.

jkl73

Key.Attest is suppose to be TPM pcr based. Trying to add other tee quotes may cause confusion and mistake.

jkl73

Generate image that prints everything in verifyAttestation

1

Do not submit

JoshuaKrstic

In server/verify.go

jkl73

Remove the x86 build/test from the CI.

3

Remove the x86 build/test from the CI from the CI for the following reasons. 1. Our CVMs only support x86-64. 2. Some dependency libraries (go-tdx-guest, go-sev-guest) are only tested with...

qinkunbao

Add server.GRUB to verifyOpts for verify cmd cli

1

Adding `server.GRUB` to `server.verifyOpts` for verify cmd line. The intention is to align with what GAV (Google Attestation Verifier) does when doing attestation verification.

yawangwang

Use recommended crypto library to create ECC seed

2

Per discussions from https://github.com/google/go-tpm-tools/pull/471#discussion_r1725944593, remove curve P224 as it is not supported by crypto/ecdh

yawangwang

znley

[launcher] Add DA lockout params when launching

3

Log TPM dictionary attack related info for debugging. Also update the TPM lockout params: max tries : 3 -> 32 interval : 1000 seconds -> 0x1C20 (120 mins) lockout recovery...

jkl73