AKTemplateECC returns a potential Attestation Key (AK) template.

AKTemplateRSA returns a potential Attestation Key (AK) template.

AttestationKeyECC generates and loads a key from AKTemplateECC in the Owner hierarchy.

AttestationKeyRSA generates and loads a key from AKTemplateRSA in the Owner hierarchy.

CheckedClose closes the simulator and asserts that there were no leaked handles.

CreateSevSnpDevice opens the SEV-SNP attestation driver and wraps it with behavior that allows it to add an attestation report to pb.Attestation.

CreateTdxDevice opens the TDX attestation driver and wraps it with behavior that allows it to add an attestation quote to pb.Attestation.

CreateTdxQuoteProvider creates the TDX quote provider and wraps it with behavior that allows it to add an attestation quote to pb.Attestation.

DefaultEKTemplateECC returns the default Endorsement Key (EK) template as specified in Credential_Profile_EK_V2.0, section 2.1.5.2 - authPolicy.

DefaultEKTemplateRSA returns the default Endorsement Key (EK) template as specified in Credential_Profile_EK_V2.0, section 2.1.5.1 - authPolicy.

EndorsementKeyECC generates and loads a key from DefaultEKTemplateECC.

EndorsementKeyFromNvIndex generates and loads an endorsement key using the template stored at the provided nvdata index.

EndorsementKeyRSA generates and loads a key from DefaultEKTemplateRSA.

FullPcrSel will return a full PCR selection based on the total PCR number of the TPM with the given hash algo.

GceAttestationKeyECC generates and loads the GCE ECC AK.

GceAttestationKeyRSA generates and loads the GCE RSA AK.

GetEventLog grabs the crypto-agile TCG event log for the system.

Handles returns a slice of tpmutil.Handle objects of all handles within the TPM rw of type handleType.

KeyFromNvIndex generates and loads a key under the provided parent (possibly a hierarchy root tpm2.Handle{Owner|Endorsement|Platform|Null}) using the template stored at the provided nvdata index.

LoadCachedKey loads a key from cachedHandle.

NewCachedKey is almost identical to NewKey, except that it initially tries to see if the a key matching the provided template is at cachedHandle.

NewEKSession creates a new EKSession.

NewKey generates a key from the template and loads that key into the TPM under the specified parent.

NewPCRSession creates a new PCRSession.

ReadAllPCRs fetches all the PCR values from all implemented PCR banks.

ReadPCRs fetches all the PCR values specified in sel, making multiple calls to the TPM if necessary.

SRKTemplateECC returns a standard Storage Root Key (SRK) template.

SRKTemplateRSA returns a standard Storage Root Key (SRK) template.

StorageRootKeyECC generates and loads a key from SRKTemplateECC.

StorageRootKeyRSA generates and loads a key from SRKTemplateRSA.

CertifyHashAlgTpm is the hard-coded algorithm used in certify PCRs.

Picked available handles from TPM 2.0 Handles and Localities 2.3.1 - Table 11 go-tpm-tools will use handles in the range from 0x81008F00 to 0x81008FFF.

Picked available handles from TPM 2.0 Handles and Localities 2.3.1 - Table 11 go-tpm-tools will use handles in the range from 0x81008F00 to 0x81008FFF.

ECC P256 EK Cert.

RSA 2048 EK Cert.

Reserved Handles from "TCG TPM v2.0 Provisioning Guidance" - v1r1 - Table 2.

Reserved Handles from "TCG TPM v2.0 Provisioning Guidance" - v1r1 - Table 2.

ECC P256 AK.

RSA 2048 AK.

GCE Attestation Key NV Indices.

GCE Attestation Key NV Indices.

NumPCRs is set to the spec minimum of 24, as that's all go-tpm supports.

We hard-code SHA256 as the policy session hash algorithms.

We hard-code SHA256 as the policy session hash algorithms.

Reserved Handles from "TCG TPM v2.0 Provisioning Guidance" - v1r1 - Table 2.

Reserved Handles from "TCG TPM v2.0 Provisioning Guidance" - v1r1 - Table 2.

AttestOpts allows for customizing the functionality of Attest.

EKSession is a TPM session that is bound to the EK.

Key wraps an active asymmetric TPM2 key.

NullSession is a TPM session that is not bound to anything.

PCRSession is a TPM session that is bound to a set of PCRs.

SealOpts specifies the PCR values that should be used for Seal().

SevSnpDevice encapsulates the SEV-SNP attestation device to add its attestation report to a pb.Attestation.

TdxDevice encapsulates the TDX attestation device to add its attestation quote to a pb.Attestation.

TdxQuoteProvider encapsulates the TDX attestation device to add its attestation quote to a pb.Attestation.

UnsealOpts specifies the options that should be used for Unseal().

EventLogGetter allows a TPM (io.ReadWriter) to specify a particular implementation for GetEventLog().

Session is an interface for TPM sessions.

TEEDevice is an interface to add an attestation report from a TEE technology's attestation driver or quote provider.