Tags

Tags give the ability to mark specific points in history as being important

v0.9.2

25048c90 · stabilized the current solution a bit. Cleaned up. · Jan 30, 2026

Implemented the Verifier and put the Auditor in Firewall mode. The changes are as follows:

- Implemented and tested the Verifier application.
- Renamed `createConfig` -> `setupTools` and grouped commands into three command classes (tpm, key-exchange, config).
  Added kyber-based key-exchange.
  Added pcr-extend and pcr-reset commands.
- The Prover can now attest and send extradata and the eventlog over network.
  Both the Auditor and the Verifier assume that this data has been extended into one of the Provers PCRs.
  `setupTool` can extend the Provers TPM accordingly.
- Both the Verifier and the Auditor contribute enough nonce to the attestation that freshness is guaranteed.
- Enhanced the stability.
- Refactored datatype.PCRs and introduced additional wrapper classes to enhance type-safety and readability.
- Extended the codes documentation and wrote proper setup/how-to guides. Moved the documentation into root.
- Introduced api.Outbound and api.Inbound connections.
- Replaced tpm2.TPMIAlgHash with the new type `cryptoutil.Hash`.
- Upgraded to go 1.25.6.

v0.9.1

6cf6197b · Refactored the entire code basis and the codes documentation. The changes are as follows: · Jan 15, 2026
v0.9.0

f30fb810 · final commit of my thesis · Nov 13, 2025
```
Submission version thesis
```
v0.8.2

e9c72bdf · Unfertiger zwischenstand - da ich elektronisch bis 23:59 abgeben darf · Nov 12, 2025
```
Layout und Arbeit bis Kapitel 4 ungefähr fertig. Fettes TODO: Kapitel 5-6
```

v0.8.1

1cd68a49 · moved unused files into old · Nov 10, 2025

Resolved most of styling issues. Added final changes to all chapters except of 4-5. Security analysis makes progress. TODO: Chapter 4-5

v0.8.0

dcec38be · fixed minor errors. · Nov 09, 2025

Finished section 1, 2, 3 and 6- for the most parts. TODO: rewrite section 4 and 5.

v0.7.4

9a50d22e · implemented the verification of a transcript · Nov 06, 2025

Refactored large portions of the code and introduced a transcript which can be verified by an external party - the verifier. Introduced the new architecture in my thesis, extended the security analysis and added an explanation of my implementation.

v0.7.3

995ed1fc · provided some documentation for the configuration parser. · Oct 30, 2025

Exported and refactored configReader. Refactored cryptoutil completely and moved the computation of object names into the PublicKeyContext. Extended documentation, but it is not readable yet.

v0.7.2

05706b1a · most functions do accept PublicKeyContext, where it is sensible. · Oct 23, 2025
```
Refactored large portions of the code, introduced countless improvements in the thesis.
```
v0.7.1

cfff43c6 · fixed the most problematic styling issues. Tables and graphics are now marked... · Oct 13, 2025
```
Added Glossary. Introduced the most relevant terms. Fixed a lot of the styling issues.
```

v0.7.0

6689753b · fixed spelling error · Oct 07, 2025

early draft of my thesis. It contains all relevant background information, and a security analysis with an attack model, scope, and stakeholders. In addition, it contains a rough description of the implementation details, and architecture. Large portions of the text are not proofread. Documentation has been boiled down to the installation, and description of configuration options. Added a section about forward compatibility. Added untested, and as of yet unused portions to the code.

v0.6.0

6602897a · fixed makeCredentials · Jul 20, 2025

Implemented basic MakeCredential command for ECDSA-keys. Added tamper-detection features to mkII code. Moved (L1/L2 + exception)-tables into the internal RAM

v0.5.5

b9c90ade · minor renaming · Jul 15, 2025

Replaced SigScheme with KeyScheme. KeyScheme does not only specifiy the algorithm type, but also a selection of TPMAObject flags, SymKeyParameters, and an Authorization Policy. Refactored large parts of the code, including the verifier code. MakeCredential and AuditPCR are not fully functional yet.

v0.5.4

7dac1a43 · final commit · Jun 29, 2025

Moved embed:config into top-level. config files are now read from build/config. Makefile supports custom-configs stored in config/YourConfig. Added proper compilation of the documentation via just build-all.

v0.5.3

e87e155c · refactored large parts of the code. Removed old hostDemo. Moved apihelper to... · Jun 25, 2025

added proper support for rsassa-keys. Added support for alternative hashing algos. cleaned up and extended tests. refactored code.

v0.5.2

fb3ce2f1 · split package config into multiple files for readability · Jun 14, 2025

Added embedded config file support to cmd/mkII. Completed refactoring of verifier and moved it to internal/nethelper

v0.5.1

498eeb80 · REMOTE-ATTESTATION TESTED ON THE TPM2! · Jun 11, 2025

remote attestation tested on the usb armory mkII. Refactored host and verifier. However the token only supports listening mode for now...

v0.5.0

11547212 · added REALWORLD flag to host application · Jun 10, 2025

First Milestone: Implemented basic remote-attestation between an emulated token and the host.\n Added mkII application files to the project. Makefile can generate host and token files which are placed in the build/ directory. However the token cannot open connections to the host yet, presumably due to missing entries in the routing table?

v0.4.2

98209f23 · minor simplification · Jun 09, 2025

Cleaned up code basis. Support for proper remote attestation. Quote verification is now properly implemented. Verification of key and quote is supported. Quote verification is done against pcrReference entries which are set in human-readable form at initialization.

v0.4.1

32addf36 · added details to comment · May 31, 2025

cleaned code basis. Added proof of concept CertifyAk verification, however it is incomplete. Details see comment in tpmhelper_test.