Skip to content

Commit f51cb2e

Browse files
salrashid123salrashid123
authored
Update README.md
1 parent da1a054 commit f51cb2e

File tree

1 file changed

+7
-12
lines changed

1 file changed

+7
-12
lines changed

README.md

Lines changed: 7 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -2,9 +2,9 @@
22

33
where private keys as embedded inside `Trusted Platform Module (TPM)`
44

5-
Basically, you will get a `crypto.Signer` interface where the private keys are saved on those platform.
5+
Basically, you will get a [crypto.Signer](https://pkg.go.dev/crypto#Signer) interface for the private key..
66

7-
Use the signer to create a TLS session, sign CA/CSRs, generate signed url or just sign anything.
7+
Use the signer to create a TLS session, sign CA/CSRs, or just sign anything.
88

99
For example, you can use this to sign data or to generate certificates/csr or for mTLS.
1010

@@ -26,9 +26,10 @@ Initialize a signer and directly use `.sign()` as shown in this below and in the
2626
```golang
2727
import (
2828
saltpm "github.com/salrashid123/signer/tpm"
29+
"github.com/google/go-tpm/tpmutil"
2930
)
3031

31-
rwc, err := simulator.Get()
32+
rwc, err := tpmutil.OpenTPM(path)
3233

3334
stringToSign := []byte("foo")
3435

@@ -133,13 +134,7 @@ example usage generates a new TPM unrestricted RSA key and sign,verify some data
133134

134135
You can create the persistent handles using go-tpm or using `tpm2_tools` and make it persistent,
135136

136-
First install latest `tpm2_tools`
137-
138-
```bash
139-
## install latest tpm2-tools:
140-
#### https://github.com/salrashid123/tpm2/tree/master?tab=readme-ov-file#installing-tpm2_tools-golang
141-
#### https://tpm2-tools.readthedocs.io/en/latest/INSTALL/
142-
```
137+
First install latest [tpm2_tools](https://tpm2-tools.readthedocs.io/en/latest/INSTALL/)
143138

144139
```bash
145140
cd example/
@@ -149,7 +144,7 @@ cd example/
149144
# swtpm socket --tpmstate dir=/tmp/myvtpm --tpm2 --server type=tcp,port=2321 --ctrl type=tcp,port=2322 --flags not-need-init,startup-clear
150145

151146
## then specify "127.0.0.1:2321" as the TPM device path in the examples
152-
## then for tpm2_tools, export the following var
147+
## and for tpm2_tools, export the following var
153148
# export TPM2TOOLS_TCTI="swtpm:port=2321"
154149

155150
## note if you want, the primary can be the "H2" profile from https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html#name-parent
@@ -254,7 +249,7 @@ type Session interface {
254249
}
255250
```
256251

257-
for example, for a PCR and [AuthPolicy](https://github.com/google/go-tpm/pull/359) enforcement (eg, a PCR and password), you can define a custom session callback
252+
for example, for a PCR and [AuthPolicy](https://github.com/google/go-tpm/pull/359) enforcement (eg, a PCR and password), you can define a custom session callback.
258253

259254
```golang
260255
type MyPCRAndPolicyAuthValueSession struct {

0 commit comments

Comments
 (0)