Review comments for TPM attestation
Lots of comments and an updated boot test. Generously increase the timeout to eliminate random CI failures.
Test Plan: Boot test works
Bug: T499
X-Origin-Diff: phab/D319
GitOrigin-RevId: cf17fe7c599f670ff8b6f0ac60486f2a04f13a5a
diff --git a/core/pkg/tpm/credactivation_compat.go b/core/pkg/tpm/credactivation_compat.go
index 0a848d2..039f8d5 100644
--- a/core/pkg/tpm/credactivation_compat.go
+++ b/core/pkg/tpm/credactivation_compat.go
@@ -18,9 +18,11 @@
// This file is adapted from github.com/google/go-tpm/tpm2/credactivation which outputs broken
// challenges for unknown reasons. They use u16 length-delimited outputs for the challenge blobs
-// which is incorrect.
+// which is incorrect. Rather than rewriting the routine, we only applied minimal fixes to it
+// and skip the ECC part of the issue (because we would rather trust the proprietary RSA implementation).
+//
// TODO(lorenz): I'll eventually deal with this upstream, but for now just fix it here (it's not that)
-// much code after all.
+// much code after all (https://github.com/google/go-tpm/issues/121)
import (
"crypto/aes"
diff --git a/core/pkg/tpm/tpm.go b/core/pkg/tpm/tpm.go
index bb92289..d659d3a 100644
--- a/core/pkg/tpm/tpm.go
+++ b/core/pkg/tpm/tpm.go
@@ -265,7 +265,7 @@
func loadAK() error {
var err error
- // Rationale: The AK is a EK-equivalent key and used only for attestation. Using a non-primary
+ // Rationale: The AK is an EK-equivalent key and used only for attestation. Using a non-primary
// key here would require us to store the wrapped version somewhere, which is inconvenient.
// This being a primary key in the Endorsement hierarchy means that it can always be recreated
// and can never be "destroyed". Under our security model this is of no concern since we identify