TPM support in Device Trust protobufs (#24518)

* Add protos for TPM enrollment ceremony

* Add modifications to Device object for TPM support

* Add new fields to the resource type

* Add "Der" prefix to tpm_attestation_key field for consistency

* Add test for conversion code

* Fix incorrect field number for proto message

* Allow empty string in resource for unspecified

Co-authored-by: Alan Parra <alan.parra@goteleport.com>

* Rename DeviceAttestationType

* Clarify ActivateCredential process

* Finish renaming to DeviceAttestationType

* Use unspecified

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>

api/gen/proto/go/teleport/devicetrust/v1/device.pb.go

@@ -35,6 +35,62 @@ const (
 	_ = protoimpl.EnforceVersion(protoimpl.MaxVersion - 20)
 )
 
+// AttestationType indicates the degree to which the device credential has
+// been attested.
+type DeviceAttestationType int32
+
+const (
+	// Bare public key which has only verified with proof of ownership.
+	// Used on macOS.
+	DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED DeviceAttestationType = 0
+	// Credential was verified through a TPM EK->AK->App key chain on enrollment.
+	DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM DeviceAttestationType = 1
+	// Credential was verified through a TPM EK->AK->App key chain on enrollment
+	// and an EKCert was present and signed by a configured approved CA.
+	DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM_EKCERT DeviceAttestationType = 2
+)
+
+// Enum value maps for DeviceAttestationType.
+var (
+	DeviceAttestationType_name = map[int32]string{
+		0: "DEVICE_ATTESTATION_TYPE_UNSPECIFIED",
+		1: "DEVICE_ATTESTATION_TYPE_TPM",
+		2: "DEVICE_ATTESTATION_TYPE_TPM_EKCERT",
+	}
+	DeviceAttestationType_value = map[string]int32{
+		"DEVICE_ATTESTATION_TYPE_UNSPECIFIED": 0,
+		"DEVICE_ATTESTATION_TYPE_TPM":         1,
+		"DEVICE_ATTESTATION_TYPE_TPM_EKCERT":  2,
+	}
+)
+
+func (x DeviceAttestationType) Enum() *DeviceAttestationType {
+	p := new(DeviceAttestationType)
+	*p = x
+	return p
+}
+
+func (x DeviceAttestationType) String() string {
+	return protoimpl.X.EnumStringOf(x.Descriptor(), protoreflect.EnumNumber(x))
+}
+
+func (DeviceAttestationType) Descriptor() protoreflect.EnumDescriptor {
+	return file_teleport_devicetrust_v1_device_proto_enumTypes[0].Descriptor()
+}
+
+func (DeviceAttestationType) Type() protoreflect.EnumType {
+	return &file_teleport_devicetrust_v1_device_proto_enumTypes[0]
+}
+
+func (x DeviceAttestationType) Number() protoreflect.EnumNumber {
+	return protoreflect.EnumNumber(x)
+}
+
+// Deprecated: Use DeviceAttestationType.Descriptor instead.
+func (DeviceAttestationType) EnumDescriptor() ([]byte, []int) {
+	return file_teleport_devicetrust_v1_device_proto_rawDescGZIP(), []int{0}
+}
+
 // DeviceEnrollStatus represents the enrollment status of a device.
 type DeviceEnrollStatus int32
 
@@ -71,11 +127,11 @@ func (x DeviceEnrollStatus) String() string {
 }
 
 func (DeviceEnrollStatus) Descriptor() protoreflect.EnumDescriptor {
-	return file_teleport_devicetrust_v1_device_proto_enumTypes[0].Descriptor()
+	return file_teleport_devicetrust_v1_device_proto_enumTypes[1].Descriptor()
 }
 
 func (DeviceEnrollStatus) Type() protoreflect.EnumType {
-	return &file_teleport_devicetrust_v1_device_proto_enumTypes[0]
+	return &file_teleport_devicetrust_v1_device_proto_enumTypes[1]
 }
 
 func (x DeviceEnrollStatus) Number() protoreflect.EnumNumber {
@@ -84,7 +140,7 @@ func (x DeviceEnrollStatus) Number() protoreflect.EnumNumber {
 
 // Deprecated: Use DeviceEnrollStatus.Descriptor instead.
 func (DeviceEnrollStatus) EnumDescriptor() ([]byte, []int) {
-	return file_teleport_devicetrust_v1_device_proto_rawDescGZIP(), []int{0}
+	return file_teleport_devicetrust_v1_device_proto_rawDescGZIP(), []int{1}
 }
 
 // Device represents a registered device.
@@ -268,7 +324,19 @@ type DeviceCredential struct {
 	// Unique identifier of the credential, defined client-side.
 	Id string `protobuf:"bytes,1,opt,name=id,proto3" json:"id,omitempty"`
 	// Device public key marshaled as a PKIX, ASN.1 DER.
+	// For TPMs, this is the public application key.
 	PublicKeyDer []byte `protobuf:"bytes,2,opt,name=public_key_der,json=publicKeyDer,proto3" json:"public_key_der,omitempty"`
+	// The degree to which the device credential is attested.
+	DeviceAttestationType DeviceAttestationType `protobuf:"varint,3,opt,name=device_attestation_type,json=deviceAttestationType,proto3,enum=teleport.devicetrust.v1.DeviceAttestationType" json:"device_attestation_type,omitempty"`
+	// If the device is a TPM device, stores the serial number from the TPM
+	// endorsement certificate.
+	// The certificate is not stored for security reasons, but the serial can be
+	// used to retrieve information about a specific unit from the manufacturer
+	// at a later date.
+	TpmSerial string `protobuf:"bytes,4,opt,name=tpm_serial,json=tpmSerial,proto3" json:"tpm_serial,omitempty"`
+	// If the device is a TPM device, stores the public AK in PKIX, ASN.1 DER
+	// form.
+	TpmAttestationKeyDer []byte `protobuf:"bytes,5,opt,name=tpm_attestation_key_der,json=tpmAttestationKeyDer,proto3" json:"tpm_attestation_key_der,omitempty"`
 }
 
 func (x *DeviceCredential) Reset() {
@@ -317,6 +385,27 @@ func (x *DeviceCredential) GetPublicKeyDer() []byte {
 	return nil
 }
 
+func (x *DeviceCredential) GetDeviceAttestationType() DeviceAttestationType {
+	if x != nil {
+		return x.DeviceAttestationType
+	}
+	return DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED
+}
+
+func (x *DeviceCredential) GetTpmSerial() string {
+	if x != nil {
+		return x.TpmSerial
+	}
+	return ""
+}
+
+func (x *DeviceCredential) GetTpmAttestationKeyDer() []byte {
+	if x != nil {
+		return x.TpmAttestationKeyDer
+	}
+	return nil
+}
+
 var File_teleport_devicetrust_v1_device_proto protoreflect.FileDescriptor
 
 var file_teleport_devicetrust_v1_device_proto_rawDesc = []byte{
@@ -385,26 +474,47 @@ var file_teleport_devicetrust_v1_device_proto_rawDesc = []byte{
 	0x6c, 0x65, 0x18, 0x0c, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x26, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70,
 	0x6f, 0x72, 0x74, 0x2e, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e,
 	0x76, 0x31, 0x2e, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65,
-	0x52, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x48, 0x0a, 0x10, 0x44, 0x65, 0x76,
-	0x69, 0x63, 0x65, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x12, 0x0e, 0x0a,
-	0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x24, 0x0a,
-	0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x64, 0x65, 0x72, 0x18,
-	0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65, 0x79,
-	0x44, 0x65, 0x72, 0x2a, 0x84, 0x01, 0x0a, 0x12, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x45, 0x6e,
-	0x72, 0x6f, 0x6c, 0x6c, 0x53, 0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x24, 0x0a, 0x20, 0x44, 0x45,
-	0x56, 0x49, 0x43, 0x45, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x5f, 0x53, 0x54, 0x41, 0x54,
-	0x55, 0x53, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00,
-	0x12, 0x25, 0x0a, 0x21, 0x44, 0x45, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c,
-	0x4c, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x45, 0x4e, 0x52,
-	0x4f, 0x4c, 0x4c, 0x45, 0x44, 0x10, 0x01, 0x12, 0x21, 0x0a, 0x1d, 0x44, 0x45, 0x56, 0x49, 0x43,
-	0x45, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f,
-	0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x45, 0x44, 0x10, 0x02, 0x42, 0x5a, 0x5a, 0x58, 0x67, 0x69,
-	0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, 0x74, 0x61,
-	0x74, 0x69, 0x6f, 0x6e, 0x61, 0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f,
-	0x61, 0x70, 0x69, 0x2f, 0x67, 0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f,
-	0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65,
-	0x74, 0x72, 0x75, 0x73, 0x74, 0x2f, 0x76, 0x31, 0x3b, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x74,
-	0x72, 0x75, 0x73, 0x74, 0x76, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x52, 0x07, 0x70, 0x72, 0x6f, 0x66, 0x69, 0x6c, 0x65, 0x22, 0x86, 0x02, 0x0a, 0x10, 0x44, 0x65,
+	0x76, 0x69, 0x63, 0x65, 0x43, 0x72, 0x65, 0x64, 0x65, 0x6e, 0x74, 0x69, 0x61, 0x6c, 0x12, 0x0e,
+	0x0a, 0x02, 0x69, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x02, 0x69, 0x64, 0x12, 0x24,
+	0x0a, 0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x5f, 0x6b, 0x65, 0x79, 0x5f, 0x64, 0x65, 0x72,
+	0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x0c, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x4b, 0x65,
+	0x79, 0x44, 0x65, 0x72, 0x12, 0x66, 0x0a, 0x17, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x5f, 0x61,
+	0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x74, 0x79, 0x70, 0x65, 0x18,
+	0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x2e, 0x2e, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74,
+	0x2e, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x2e, 0x76, 0x31, 0x2e,
+	0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f,
+	0x6e, 0x54, 0x79, 0x70, 0x65, 0x52, 0x15, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x74, 0x74,
+	0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x1d, 0x0a, 0x0a,
+	0x74, 0x70, 0x6d, 0x5f, 0x73, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x09, 0x74, 0x70, 0x6d, 0x53, 0x65, 0x72, 0x69, 0x61, 0x6c, 0x12, 0x35, 0x0a, 0x17, 0x74,
+	0x70, 0x6d, 0x5f, 0x61, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x5f, 0x6b,
+	0x65, 0x79, 0x5f, 0x64, 0x65, 0x72, 0x18, 0x05, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x14, 0x74, 0x70,
+	0x6d, 0x41, 0x74, 0x74, 0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x4b, 0x65, 0x79, 0x44,
+	0x65, 0x72, 0x2a, 0x89, 0x01, 0x0a, 0x15, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x41, 0x74, 0x74,
+	0x65, 0x73, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x54, 0x79, 0x70, 0x65, 0x12, 0x27, 0x0a, 0x23,
+	0x44, 0x45, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x41, 0x54, 0x49,
+	0x4f, 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43, 0x49, 0x46,
+	0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x1f, 0x0a, 0x1b, 0x44, 0x45, 0x56, 0x49, 0x43, 0x45, 0x5f,
+	0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x59, 0x50, 0x45,
+	0x5f, 0x54, 0x50, 0x4d, 0x10, 0x01, 0x12, 0x26, 0x0a, 0x22, 0x44, 0x45, 0x56, 0x49, 0x43, 0x45,
+	0x5f, 0x41, 0x54, 0x54, 0x45, 0x53, 0x54, 0x41, 0x54, 0x49, 0x4f, 0x4e, 0x5f, 0x54, 0x59, 0x50,
+	0x45, 0x5f, 0x54, 0x50, 0x4d, 0x5f, 0x45, 0x4b, 0x43, 0x45, 0x52, 0x54, 0x10, 0x02, 0x2a, 0x84,
+	0x01, 0x0a, 0x12, 0x44, 0x65, 0x76, 0x69, 0x63, 0x65, 0x45, 0x6e, 0x72, 0x6f, 0x6c, 0x6c, 0x53,
+	0x74, 0x61, 0x74, 0x75, 0x73, 0x12, 0x24, 0x0a, 0x20, 0x44, 0x45, 0x56, 0x49, 0x43, 0x45, 0x5f,
+	0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x55, 0x4e,
+	0x53, 0x50, 0x45, 0x43, 0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x25, 0x0a, 0x21, 0x44,
+	0x45, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x5f, 0x53, 0x54, 0x41,
+	0x54, 0x55, 0x53, 0x5f, 0x4e, 0x4f, 0x54, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c, 0x4c, 0x45, 0x44,
+	0x10, 0x01, 0x12, 0x21, 0x0a, 0x1d, 0x44, 0x45, 0x56, 0x49, 0x43, 0x45, 0x5f, 0x45, 0x4e, 0x52,
+	0x4f, 0x4c, 0x4c, 0x5f, 0x53, 0x54, 0x41, 0x54, 0x55, 0x53, 0x5f, 0x45, 0x4e, 0x52, 0x4f, 0x4c,
+	0x4c, 0x45, 0x44, 0x10, 0x02, 0x42, 0x5a, 0x5a, 0x58, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
+	0x63, 0x6f, 0x6d, 0x2f, 0x67, 0x72, 0x61, 0x76, 0x69, 0x74, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x61,
+	0x6c, 0x2f, 0x74, 0x65, 0x6c, 0x65, 0x70, 0x6f, 0x72, 0x74, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x67,
+	0x65, 0x6e, 0x2f, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x2f, 0x67, 0x6f, 0x2f, 0x74, 0x65, 0x6c, 0x65,
+	0x70, 0x6f, 0x72, 0x74, 0x2f, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74,
+	0x2f, 0x76, 0x31, 0x3b, 0x64, 0x65, 0x76, 0x69, 0x63, 0x65, 0x74, 0x72, 0x75, 0x73, 0x74, 0x76,
+	0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }
 
 var (
@@ -419,34 +529,36 @@ func file_teleport_devicetrust_v1_device_proto_rawDescGZIP() []byte {
 	return file_teleport_devicetrust_v1_device_proto_rawDescData
 }
 
-var file_teleport_devicetrust_v1_device_proto_enumTypes = make([]protoimpl.EnumInfo, 1)
+var file_teleport_devicetrust_v1_device_proto_enumTypes = make([]protoimpl.EnumInfo, 2)
 var file_teleport_devicetrust_v1_device_proto_msgTypes = make([]protoimpl.MessageInfo, 2)
 var file_teleport_devicetrust_v1_device_proto_goTypes = []interface{}{
-	(DeviceEnrollStatus)(0),       // 0: teleport.devicetrust.v1.DeviceEnrollStatus
-	(*Device)(nil),                // 1: teleport.devicetrust.v1.Device
-	(*DeviceCredential)(nil),      // 2: teleport.devicetrust.v1.DeviceCredential
-	(OSType)(0),                   // 3: teleport.devicetrust.v1.OSType
-	(*timestamppb.Timestamp)(nil), // 4: google.protobuf.Timestamp
-	(*DeviceEnrollToken)(nil),     // 5: teleport.devicetrust.v1.DeviceEnrollToken
-	(*DeviceCollectedData)(nil),   // 6: teleport.devicetrust.v1.DeviceCollectedData
-	(*DeviceSource)(nil),          // 7: teleport.devicetrust.v1.DeviceSource
-	(*DeviceProfile)(nil),         // 8: teleport.devicetrust.v1.DeviceProfile
+	(DeviceAttestationType)(0),    // 0: teleport.devicetrust.v1.DeviceAttestationType
+	(DeviceEnrollStatus)(0),       // 1: teleport.devicetrust.v1.DeviceEnrollStatus
+	(*Device)(nil),                // 2: teleport.devicetrust.v1.Device
+	(*DeviceCredential)(nil),      // 3: teleport.devicetrust.v1.DeviceCredential
+	(OSType)(0),                   // 4: teleport.devicetrust.v1.OSType
+	(*timestamppb.Timestamp)(nil), // 5: google.protobuf.Timestamp
+	(*DeviceEnrollToken)(nil),     // 6: teleport.devicetrust.v1.DeviceEnrollToken
+	(*DeviceCollectedData)(nil),   // 7: teleport.devicetrust.v1.DeviceCollectedData
+	(*DeviceSource)(nil),          // 8: teleport.devicetrust.v1.DeviceSource
+	(*DeviceProfile)(nil),         // 9: teleport.devicetrust.v1.DeviceProfile
 }
 var file_teleport_devicetrust_v1_device_proto_depIdxs = []int32{
-	3, // 0: teleport.devicetrust.v1.Device.os_type:type_name -> teleport.devicetrust.v1.OSType
-	4, // 1: teleport.devicetrust.v1.Device.create_time:type_name -> google.protobuf.Timestamp
-	4, // 2: teleport.devicetrust.v1.Device.update_time:type_name -> google.protobuf.Timestamp
-	5, // 3: teleport.devicetrust.v1.Device.enroll_token:type_name -> teleport.devicetrust.v1.DeviceEnrollToken
-	0, // 4: teleport.devicetrust.v1.Device.enroll_status:type_name -> teleport.devicetrust.v1.DeviceEnrollStatus
-	2, // 5: teleport.devicetrust.v1.Device.credential:type_name -> teleport.devicetrust.v1.DeviceCredential
-	6, // 6: teleport.devicetrust.v1.Device.collected_data:type_name -> teleport.devicetrust.v1.DeviceCollectedData
-	7, // 7: teleport.devicetrust.v1.Device.source:type_name -> teleport.devicetrust.v1.DeviceSource
-	8, // 8: teleport.devicetrust.v1.Device.profile:type_name -> teleport.devicetrust.v1.DeviceProfile
-	9, // [9:9] is the sub-list for method output_type
-	9, // [9:9] is the sub-list for method input_type
-	9, // [9:9] is the sub-list for extension type_name
-	9, // [9:9] is the sub-list for extension extendee
-	0, // [0:9] is the sub-list for field type_name
+	4,  // 0: teleport.devicetrust.v1.Device.os_type:type_name -> teleport.devicetrust.v1.OSType
+	5,  // 1: teleport.devicetrust.v1.Device.create_time:type_name -> google.protobuf.Timestamp
+	5,  // 2: teleport.devicetrust.v1.Device.update_time:type_name -> google.protobuf.Timestamp
+	6,  // 3: teleport.devicetrust.v1.Device.enroll_token:type_name -> teleport.devicetrust.v1.DeviceEnrollToken
+	1,  // 4: teleport.devicetrust.v1.Device.enroll_status:type_name -> teleport.devicetrust.v1.DeviceEnrollStatus
+	3,  // 5: teleport.devicetrust.v1.Device.credential:type_name -> teleport.devicetrust.v1.DeviceCredential
+	7,  // 6: teleport.devicetrust.v1.Device.collected_data:type_name -> teleport.devicetrust.v1.DeviceCollectedData
+	8,  // 7: teleport.devicetrust.v1.Device.source:type_name -> teleport.devicetrust.v1.DeviceSource
+	9,  // 8: teleport.devicetrust.v1.Device.profile:type_name -> teleport.devicetrust.v1.DeviceProfile
+	0,  // 9: teleport.devicetrust.v1.DeviceCredential.device_attestation_type:type_name -> teleport.devicetrust.v1.DeviceAttestationType
+	10, // [10:10] is the sub-list for method output_type
+	10, // [10:10] is the sub-list for method input_type
+	10, // [10:10] is the sub-list for extension type_name
+	10, // [10:10] is the sub-list for extension extendee
+	0,  // [0:10] is the sub-list for field type_name
 }
 
 func init() { file_teleport_devicetrust_v1_device_proto_init() }
@@ -490,7 +602,7 @@ func file_teleport_devicetrust_v1_device_proto_init() {
 		File: protoimpl.DescBuilder{
 			GoPackagePath: reflect.TypeOf(x{}).PkgPath(),
 			RawDescriptor: file_teleport_devicetrust_v1_device_proto_rawDesc,
-			NumEnums:      1,
+			NumEnums:      2,
 			NumMessages:   2,
 			NumExtensions: 0,
 			NumServices:   0,

api/gen/proto/go/teleport/devicetrust/v1/devicetrust_service_grpc.pb.go

@@ -105,6 +105,18 @@ type DeviceTrustServiceClient interface {
 	// An enrolled device is allowed, via AuthenticateDevice, to acquire
 	// certificates containing device extensions, thus gaining access to
 	// device-aware actions.
+	//
+	// macOS enrollment flow:
+	// -> EnrollDeviceInit (client)
+	// <- MacOSEnrollChallenge (server)
+	// -> MacOSEnrollChallengeResponse
+	// <- EnrollDeviceSuccess
+	//
+	// TPM enrollment flow:
+	// -> EnrollDeviceInit (client)
+	// <- TPMEnrollChallenge (server)
+	// -> TPMEnrollChallengeResponse
+	// <- EnrollDeviceSuccess
 	EnrollDevice(ctx context.Context, opts ...grpc.CallOption) (DeviceTrustService_EnrollDeviceClient, error)
 	// AuthenticateDevice performs the device authentication ceremony.
 	//
@@ -362,6 +374,18 @@ type DeviceTrustServiceServer interface {
 	// An enrolled device is allowed, via AuthenticateDevice, to acquire
 	// certificates containing device extensions, thus gaining access to
 	// device-aware actions.
+	//
+	// macOS enrollment flow:
+	// -> EnrollDeviceInit (client)
+	// <- MacOSEnrollChallenge (server)
+	// -> MacOSEnrollChallengeResponse
+	// <- EnrollDeviceSuccess
+	//
+	// TPM enrollment flow:
+	// -> EnrollDeviceInit (client)
+	// <- TPMEnrollChallenge (server)
+	// -> TPMEnrollChallengeResponse
+	// <- EnrollDeviceSuccess
 	EnrollDevice(DeviceTrustService_EnrollDeviceServer) error
 	// AuthenticateDevice performs the device authentication ceremony.
 	//

api/proto/teleport/devicetrust/v1/device.proto

@@ -93,7 +93,32 @@ message DeviceCredential {
   // Unique identifier of the credential, defined client-side.
   string id = 1;
   // Device public key marshaled as a PKIX, ASN.1 DER.
+  // For TPMs, this is the public application key.
   bytes public_key_der = 2;
+  // The degree to which the device credential is attested.
+  DeviceAttestationType device_attestation_type = 3;
+  // If the device is a TPM device, stores the serial number from the TPM
+  // endorsement certificate.
+  // The certificate is not stored for security reasons, but the serial can be
+  // used to retrieve information about a specific unit from the manufacturer
+  // at a later date.
+  string tpm_serial = 4;
+  // If the device is a TPM device, stores the public AK in PKIX, ASN.1 DER
+  // form.
+  bytes tpm_attestation_key_der = 5;
+}
+
+// AttestationType indicates the degree to which the device credential has
+// been attested.
+enum DeviceAttestationType {
+  // Bare public key which has only verified with proof of ownership.
+  // Used on macOS.
+  DEVICE_ATTESTATION_TYPE_UNSPECIFIED = 0;
+  // Credential was verified through a TPM EK->AK->App key chain on enrollment.
+  DEVICE_ATTESTATION_TYPE_TPM = 1;
+  // Credential was verified through a TPM EK->AK->App key chain on enrollment
+  // and an EKCert was present and signed by a configured approved CA.
+  DEVICE_ATTESTATION_TYPE_TPM_EKCERT = 2;
 }
 
 // DeviceEnrollStatus represents the enrollment status of a device.

api/proto/teleport/devicetrust/v1/devicetrust_service.proto

@@ -111,6 +111,18 @@ service DeviceTrustService {
   // An enrolled device is allowed, via AuthenticateDevice, to acquire
   // certificates containing device extensions, thus gaining access to
   // device-aware actions.
+  //
+  // macOS enrollment flow:
+  // -> EnrollDeviceInit (client)
+  // <- MacOSEnrollChallenge (server)
+  // -> MacOSEnrollChallengeResponse
+  // <- EnrollDeviceSuccess
+  //
+  // TPM enrollment flow:
+  // -> EnrollDeviceInit (client)
+  // <- TPMEnrollChallenge (server)
+  // -> TPMEnrollChallengeResponse
+  // <- EnrollDeviceSuccess
   rpc EnrollDevice(stream EnrollDeviceRequest) returns (stream EnrollDeviceResponse);
 
   // AuthenticateDevice performs the device authentication ceremony.
@@ -284,18 +296,11 @@ message CreateDeviceEnrollTokenRequest {
 }
 
 // Request for EnrollDevice.
-//
-// macOS enrollment flow:
-// -> EnrollDeviceInit (client)
-// <- MacOSEnrollChallenge (server)
-// -> MacOSEnrollChallengeResponse
-// <- EnrollDeviceSuccess
-//
-// Only macOS enrollments are supported at the moment.
 message EnrollDeviceRequest {
   oneof payload {
     EnrollDeviceInit init = 1;
     MacOSEnrollChallengeResponse macos_challenge_response = 2;
+    TPMEnrollChallengeResponse tpm_challenge_response = 3;
   }
 }
 
@@ -304,6 +309,7 @@ message EnrollDeviceResponse {
   oneof payload {
     EnrollDeviceSuccess success = 1;
     MacOSEnrollChallenge macos_challenge = 2;
+    TPMEnrollChallenge tpm_challenge = 3;
   }
 }
 
@@ -323,6 +329,9 @@ message EnrollDeviceInit {
 
   // Payload for macOS-specific data.
   MacOSEnrollPayload macos = 4;
+
+  // Payload for TPM-specific data. Used for Windows/Linux.
+  TPMEnrollPayload tpm = 5;
 }
 
 // EnrollDeviceSuccess marks a successful device enrollment ceremony.
@@ -349,6 +358,91 @@ message MacOSEnrollChallengeResponse {
   bytes signature = 2;
 }
 
+// The payload containing TPM specific information required on device
+// enrollment.
+message TPMEnrollPayload {
+  oneof ek {
+    // The device's endorsement certificate in X509, ASN.1 DER form. This
+    // certificate contains the public key of the endorsement key. This is
+    // preferred to ek_key.
+    bytes ek_cert = 1;
+    // The device's public endorsement key in PKIX, ASN.1 DER form. This is
+    // used when a TPM does not contain any endorsement certificates.
+    bytes ek_key = 2;
+  }
+  // The attestation key and the parameters necessary to remotely verify it as
+  // related to the endorsement key.
+  TPMAttestationParameters attestation_parameters = 3;
+  // The application key and the parameters necessary to remotely certify it as
+  // related to the attestation key.
+  TPMCertificationParameters application_certification_parameters = 4;
+}
+
+// The attestation key and the parameters necessary to remotely verify it as
+// related to the endorsement key.
+// See https://pkg.go.dev/github.com/google/go-attestation/attest#AttestationParameters.
+// This message excludes the `UseTCSDActivationFormat` field from the link above
+// as it is TMP 1.x specific and always false.
+message TPMAttestationParameters {
+  // The encoded TPMT_PUBLIC structure containing the attestation public key
+  // and signing parameters.
+  bytes public = 1;
+  // The properties of the attestation key, encoded as a TPMS_CREATION_DATA
+  // structure.
+  bytes create_data = 2;
+  // An assertion as to the details of the key, encoded as a TPMS_ATTEST
+  // structure.
+  bytes create_attestation = 3;
+  // A signature of create_attestation, encoded as a TPMT_SIGNATURE structure.
+  bytes create_signature = 4;
+}
+
+// The application key and the parameters necessary to remotely certify it as
+// related to the attestation key.
+// See https://pkg.go.dev/github.com/google/go-attestation/attest#CertificationParameters
+message TPMCertificationParameters {
+  // The encoded TPMT_PUBLIC structure containing the application public key
+  // and signing parameters.
+  bytes public = 1;
+  // The properties of the application key, encoded as a TPMS_CREATION_DATA
+  // structure.
+  bytes create_data = 2;
+  // An assertion as to the details of the key, encoded as a TPMS_ATTEST
+  // structure.
+  bytes create_attestation = 3;
+  // A signature of create_attestation, encoded as a TPMT_SIGNATURE structure.
+  bytes create_signature = 4;
+}
+
+// The enrollment challenge sent to the client by the server in order to
+// validate it has possession of the EK and AK.
+//
+// These values are used by the TPM2.0 `ActivateCredential` command to produce
+// the solution which proves possession.
+//
+// For a more in-depth description see:
+// - https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_code_pub.pdf (Heading 12.5.1 "TPM2_ActivateCredential" "General Description")
+// - https://github.com/google/go-attestation/blob/v0.4.3/attest/activation.go#L199
+// - https://github.com/google/go-tpm/blob/v0.3.3/tpm2/credactivation/credential_activation.go#L61
+message TPMEnrollChallenge {
+  // The `credential_blob` parameter to be used with the `ActivateCredential`
+  // command. This is used with the decrypted value of `secret` in a
+  // cryptographic process to decrypt the solution.
+  bytes credential_blob = 1;
+  // The `secret` parameter to be used with `ActivateCredential`. This is a
+  // seed which can be decrypted with the EK. The decrypted seed is then used
+  // when decrypting `credential_blob`.
+  bytes secret = 2;
+}
+
+// The enrollment challenge response containing the solution returned by
+// calling the TPM2.0 `ActivateCredential` command on the client with the
+// parameters provided in `TPMEnrollChallenge`.
+message TPMEnrollChallengeResponse {
+  // The proof of possession of both the EK and AK.
+  bytes solution = 1;
+}
+
 // Request for AuthenticateDevice.
 //
 // Authentication ceremony flow:

api/proto/teleport/legacy/types/device.proto

@@ -66,6 +66,9 @@ message DeviceSpec {
 message DeviceCredential {
   string id = 1 [(gogoproto.jsontag) = "id"];
   bytes public_key_der = 2 [(gogoproto.jsontag) = "public_key_der"];
+  string device_attestation_type = 3 [(gogoproto.jsontag) = "device_attestation_type"];
+  string tpm_serial = 4 [(gogoproto.jsontag) = "tpm_serial"];
+  bytes tpm_attestation_key_der = 5 [(gogoproto.jsontag) = "tpm_attestation_key_der"];
 }
 
 // DeviceCollectedData is the resource representation of

api/types/device.go

@@ -36,6 +36,7 @@ func (d *DeviceV1) CheckAndSetDefaults() error {
 	// - Kind = device
 	// - Metadata.Name = UUID
 	// - Spec.EnrollStatus = unspecified
+	// - Spec.Credential.AttestationType = unspecified
 	if d.Kind == "" {
 		d.Kind = KindDevice
 	} else if d.Kind != KindDevice { // sanity check
@@ -47,6 +48,9 @@ func (d *DeviceV1) CheckAndSetDefaults() error {
 	if d.Spec.EnrollStatus == "" {
 		d.Spec.EnrollStatus = ResourceEnrollStatusToString(devicepb.DeviceEnrollStatus_DEVICE_ENROLL_STATUS_UNSPECIFIED)
 	}
+	if d.Spec.Credential != nil && d.Spec.Credential.DeviceAttestationType == "" {
+		d.Spec.Credential.DeviceAttestationType = ResourceDeviceAttestationTypeToString(devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED)
+	}
 
 	// Validate Header/Metadata.
 	if err := d.ResourceHeader.CheckAndSetDefaults(); err != nil {
@@ -68,6 +72,11 @@ func (d *DeviceV1) CheckAndSetDefaults() error {
 	if _, err := ResourceEnrollStatusFromString(d.Spec.EnrollStatus); err != nil {
 		return trace.Wrap(err)
 	}
+	if d.Spec.Credential != nil {
+		if _, err := ResourceDeviceAttestationTypeFromString(d.Spec.Credential.DeviceAttestationType); err != nil {
+			return trace.Wrap(err)
+		}
+	}
 
 	return nil
 }
@@ -106,9 +115,18 @@ func DeviceFromResource(res *DeviceV1) (*devicepb.Device, error) {
 
 	var cred *devicepb.DeviceCredential
 	if res.Spec.Credential != nil {
+		attestationType, err := ResourceDeviceAttestationTypeFromString(
+			res.Spec.Credential.DeviceAttestationType,
+		)
+		if err != nil {
+			return nil, trace.Wrap(err)
+		}
 		cred = &devicepb.DeviceCredential{
-			Id:           res.Spec.Credential.Id,
-			PublicKeyDer: res.Spec.Credential.PublicKeyDer,
+			Id:                    res.Spec.Credential.Id,
+			PublicKeyDer:          res.Spec.Credential.PublicKeyDer,
+			DeviceAttestationType: attestationType,
+			TpmSerial:             res.Spec.Credential.TpmSerial,
+			TpmAttestationKeyDer:  res.Spec.Credential.TpmAttestationKeyDer,
 		}
 	}
 
@@ -160,6 +178,11 @@ func DeviceToResource(dev *devicepb.Device) *DeviceV1 {
 		cred = &DeviceCredential{
 			Id:           dev.Credential.Id,
 			PublicKeyDer: dev.Credential.PublicKeyDer,
+			DeviceAttestationType: ResourceDeviceAttestationTypeToString(
+				dev.Credential.DeviceAttestationType,
+			),
+			TpmSerial:            dev.Credential.TpmSerial,
+			TpmAttestationKeyDer: dev.Credential.TpmAttestationKeyDer,
 		}
 	}
 
@@ -257,3 +280,33 @@ func ResourceEnrollStatusFromString(enrollStatus string) (devicepb.DeviceEnrollS
 		return devicepb.DeviceEnrollStatus_DEVICE_ENROLL_STATUS_UNSPECIFIED, trace.BadParameter("unknown enroll status %q", enrollStatus)
 	}
 }
+
+func ResourceDeviceAttestationTypeToString(
+	attestationType devicepb.DeviceAttestationType,
+) string {
+	switch attestationType {
+	case devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED:
+		return "unspecified"
+	case devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM:
+		return "tpm"
+	case devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM_EKCERT:
+		return "tpm_ekcert"
+	default:
+		return attestationType.String()
+	}
+}
+
+func ResourceDeviceAttestationTypeFromString(
+	attestationType string,
+) (devicepb.DeviceAttestationType, error) {
+	switch attestationType {
+	case "unspecified", "":
+		return devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED, nil
+	case "tpm":
+		return devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM, nil
+	case "tpm_ekcert":
+		return devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_TPM_EKCERT, nil
+	default:
+		return devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED, trace.BadParameter("unknown attestation type %q", attestationType)
+	}
+}

api/types/device.pb.go

@@ -128,11 +128,14 @@ var xxx_messageInfo_DeviceSpec proto.InternalMessageInfo
 // DeviceCredential is the resource representation of
 // teleport.devicetrust.v1.DeviceCredential.
 type DeviceCredential struct {
-	Id                   string   `protobuf:"bytes,1,opt,name=id,proto3" json:"id"`
-	PublicKeyDer         []byte   `protobuf:"bytes,2,opt,name=public_key_der,json=publicKeyDer,proto3" json:"public_key_der"`
-	XXX_NoUnkeyedLiteral struct{} `json:"-"`
-	XXX_unrecognized     []byte   `json:"-"`
-	XXX_sizecache        int32    `json:"-"`
+	Id                    string   `protobuf:"bytes,1,opt,name=id,proto3" json:"id"`
+	PublicKeyDer          []byte   `protobuf:"bytes,2,opt,name=public_key_der,json=publicKeyDer,proto3" json:"public_key_der"`
+	DeviceAttestationType string   `protobuf:"bytes,3,opt,name=device_attestation_type,json=deviceAttestationType,proto3" json:"device_attestation_type"`
+	TpmSerial             string   `protobuf:"bytes,4,opt,name=tpm_serial,json=tpmSerial,proto3" json:"tpm_serial"`
+	TpmAttestationKeyDer  []byte   `protobuf:"bytes,5,opt,name=tpm_attestation_key_der,json=tpmAttestationKeyDer,proto3" json:"tpm_attestation_key_der"`
+	XXX_NoUnkeyedLiteral  struct{} `json:"-"`
+	XXX_unrecognized      []byte   `json:"-"`
+	XXX_sizecache         int32    `json:"-"`
 }
 
 func (m *DeviceCredential) Reset()         { *m = DeviceCredential{} }
@@ -225,46 +228,51 @@ func init() {
 }
 
 var fileDescriptor_aceaef1b58496e7d = []byte{
-	// 615 bytes of a gzipped FileDescriptorProto
-	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x54, 0xd1, 0x6e, 0xd3, 0x30,
-	0x14, 0x5d, 0xda, 0xad, 0x5b, 0xdd, 0x76, 0x62, 0xde, 0x60, 0xd1, 0x40, 0xf5, 0xa8, 0x78, 0x40,
-	0x80, 0x1a, 0x01, 0x12, 0x42, 0x42, 0x48, 0x28, 0xec, 0x01, 0x09, 0x09, 0x41, 0x36, 0xf1, 0xc0,
-	0x4b, 0xe4, 0x3a, 0x97, 0x60, 0x91, 0xd6, 0x91, 0xe3, 0x4c, 0xf4, 0x2f, 0xf8, 0x08, 0x3e, 0x66,
-	0x8f, 0xfb, 0x02, 0x03, 0x7b, 0xf4, 0x03, 0xdf, 0x80, 0x62, 0xb7, 0x5b, 0x32, 0x0d, 0xb1, 0x97,
-	0x28, 0xf7, 0xdc, 0x73, 0x8e, 0x6f, 0xee, 0xbd, 0x31, 0x1a, 0x29, 0xc8, 0x20, 0x17, 0x52, 0x05,
-	0x19, 0xa4, 0x94, 0xcd, 0x03, 0x35, 0xcf, 0xa1, 0x08, 0x12, 0x38, 0xe6, 0x0c, 0xc6, 0xb9, 0x14,
-	0x4a, 0xe0, 0x35, 0x8b, 0xed, 0xed, 0xa4, 0x22, 0x15, 0x16, 0x09, 0xaa, 0x37, 0x97, 0xdc, 0x23,
-	0xa9, 0x10, 0x69, 0x06, 0x81, 0x8d, 0x26, 0xe5, 0xe7, 0x40, 0xf1, 0x29, 0x14, 0x8a, 0x4e, 0xf3,
-	0x05, 0xe1, 0xee, 0xd5, 0x27, 0xd8, 0xa7, 0xa3, 0x8c, 0xbe, 0xa1, 0x8d, 0x03, 0x7b, 0xe0, 0xc7,
-	0xc7, 0xf8, 0x05, 0xea, 0xbc, 0x01, 0x9a, 0x80, 0xf4, 0xbd, 0x7d, 0xef, 0x7e, 0xef, 0xc9, 0xcd,
-	0xb1, 0x63, 0x46, 0x50, 0x88, 0x52, 0x32, 0x70, 0xc9, 0xb0, 0x7f, 0xa2, 0xc9, 0xca, 0xa9, 0x26,
-	0x9e, 0xd1, 0x64, 0x25, 0x5a, 0x48, 0x70, 0x80, 0x56, 0x8b, 0x1c, 0x98, 0xbf, 0x66, 0xa5, 0x5b,
-	0x0b, 0xa9, 0xf3, 0x3e, 0xcc, 0x81, 0x85, 0x1b, 0x46, 0x13, 0x4b, 0x89, 0xec, 0x73, 0xf4, 0xa7,
-	0x8d, 0xd0, 0x45, 0x1a, 0xdf, 0x43, 0xeb, 0xa2, 0x88, 0x2b, 0x95, 0x3d, 0xbd, 0x1b, 0xf6, 0x8c,
-	0x26, 0x4b, 0x28, 0xea, 0x88, 0xe2, 0x68, 0x9e, 0x03, 0x7e, 0x80, 0xba, 0xb4, 0x28, 0x40, 0xc5,
-	0x8a, 0xa6, 0x7e, 0xcb, 0xf2, 0x06, 0x46, 0x93, 0x0b, 0x30, 0xda, 0xb0, 0xaf, 0x47, 0x34, 0xc5,
-	0xef, 0x51, 0x8f, 0x49, 0xa0, 0x0a, 0xe2, 0xaa, 0x2f, 0x7e, 0xdb, 0x16, 0xb6, 0x37, 0x76, 0x4d,
-	0x1b, 0x2f, 0x9b, 0x36, 0x3e, 0x5a, 0x36, 0x2d, 0xdc, 0x36, 0x9a, 0xd4, 0x25, 0xdf, 0x7f, 0x12,
-	0x2f, 0x42, 0x0e, 0xa8, 0x58, 0x95, 0x63, 0x99, 0x27, 0xe7, 0x8e, 0xab, 0xd7, 0x73, 0xac, 0x49,
-	0x9c, 0xa3, 0x03, 0xac, 0xe3, 0x33, 0x34, 0x80, 0x99, 0x14, 0x59, 0x16, 0x17, 0x8a, 0xaa, 0xb2,
-	0xb0, 0xed, 0xeb, 0x86, 0x5b, 0x46, 0x93, 0x66, 0x22, 0xea, 0xbb, 0xf0, 0xd0, 0x46, 0xf8, 0x03,
-	0xaa, 0xea, 0x4a, 0x60, 0xa6, 0x38, 0xcd, 0xfc, 0x8e, 0x2d, 0x64, 0xb7, 0xd1, 0xf3, 0xd7, 0xe7,
-	0xe9, 0xd0, 0x37, 0x9a, 0xec, 0x5c, 0xd0, 0x1f, 0x89, 0x29, 0x57, 0x30, 0xcd, 0xd5, 0x3c, 0xaa,
-	0x99, 0xe0, 0x18, 0x6d, 0x32, 0x91, 0x65, 0xc0, 0x14, 0x24, 0x71, 0x42, 0x15, 0xf5, 0xd7, 0xf7,
-	0xdb, 0xf6, 0xfb, 0x1a, 0xb6, 0x4b, 0xca, 0x01, 0x55, 0x34, 0xbc, 0x63, 0x34, 0xf1, 0x9b, 0xaa,
-	0x9a, 0xfb, 0x80, 0xd5, 0xc9, 0xa3, 0x04, 0xdd, 0xb8, 0x5c, 0x1a, 0xbe, 0x85, 0x5a, 0x3c, 0x59,
-	0x0c, 0xbc, 0x63, 0x34, 0x69, 0xf1, 0x24, 0x6a, 0xf1, 0x04, 0x3f, 0x47, 0x9b, 0x79, 0x39, 0xc9,
-	0x38, 0x8b, 0xbf, 0xc2, 0x3c, 0xae, 0x56, 0xb2, 0x1a, 0x76, 0x3f, 0xc4, 0x46, 0x93, 0x4b, 0x99,
-	0xa8, 0xef, 0xe2, 0xb7, 0x30, 0x3f, 0x00, 0x39, 0xfa, 0xd1, 0x42, 0xdb, 0x57, 0x94, 0x8a, 0x0f,
-	0x51, 0x7f, 0x51, 0x8e, 0x1b, 0x9e, 0xf7, 0xdf, 0xe1, 0xed, 0x18, 0x4d, 0x1a, 0x1a, 0x3b, 0xbd,
-	0xde, 0x02, 0x59, 0x2e, 0x84, 0x04, 0x26, 0x64, 0xe2, 0x3c, 0x5b, 0xd7, 0x5b, 0x88, 0x9a, 0xc4,
-	0x2d, 0x84, 0x03, 0xac, 0x63, 0xed, 0x37, 0x68, 0xff, 0xfb, 0x37, 0x78, 0x85, 0x06, 0x05, 0x48,
-	0x4e, 0xb3, 0x78, 0x56, 0x4e, 0x27, 0x20, 0xed, 0x2a, 0x76, 0xc3, 0xdb, 0x46, 0x93, 0xdd, 0x46,
-	0xa2, 0x36, 0x8d, 0xbe, 0x4b, 0xbc, 0xb3, 0x78, 0xf8, 0xf2, 0xe4, 0xf7, 0x70, 0xe5, 0xe4, 0x6c,
-	0xe8, 0x9d, 0x9e, 0x0d, 0xbd, 0x5f, 0x67, 0x43, 0xef, 0xd3, 0xc3, 0x94, 0xab, 0x2f, 0xe5, 0x64,
-	0xcc, 0xc4, 0x34, 0x48, 0x25, 0x3d, 0xe6, 0x8a, 0x2a, 0x2e, 0x66, 0x34, 0x0b, 0xce, 0x6f, 0x11,
-	0x9a, 0x73, 0x77, 0x79, 0x4c, 0x3a, 0xf6, 0xdb, 0x9e, 0xfe, 0x0d, 0x00, 0x00, 0xff, 0xff, 0x8b,
-	0x1a, 0x20, 0x63, 0xc4, 0x04, 0x00, 0x00,
+	// 692 bytes of a gzipped FileDescriptorProto
+	0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x8c, 0x54, 0xcd, 0x6e, 0xd3, 0x4a,
+	0x14, 0xae, 0x93, 0x36, 0x6d, 0x26, 0x49, 0x75, 0xeb, 0xa6, 0xb7, 0x56, 0xef, 0x55, 0xa6, 0x37,
+	0xba, 0x0b, 0xc4, 0x4f, 0x2c, 0x40, 0x42, 0x48, 0x08, 0x09, 0x4c, 0x17, 0x48, 0x48, 0x08, 0x26,
+	0x15, 0x0b, 0x36, 0xd6, 0xc4, 0x3e, 0x18, 0x0b, 0x3b, 0x33, 0xb2, 0x27, 0x15, 0x79, 0x0b, 0x1e,
+	0x82, 0xc7, 0xe0, 0x01, 0xba, 0xec, 0x13, 0x0c, 0xd0, 0xa5, 0x17, 0x3c, 0x03, 0xf2, 0x19, 0xa7,
+	0x71, 0xaa, 0x56, 0x74, 0x63, 0xcd, 0x7c, 0xe7, 0x3b, 0xdf, 0x9c, 0xf3, 0xcd, 0x19, 0x93, 0xa1,
+	0x82, 0x04, 0xa4, 0xc8, 0x94, 0x9b, 0x40, 0xc4, 0x83, 0xb9, 0xab, 0xe6, 0x12, 0x72, 0x37, 0x84,
+	0x93, 0x38, 0x80, 0x91, 0xcc, 0x84, 0x12, 0xf6, 0x06, 0x62, 0x07, 0xfd, 0x48, 0x44, 0x02, 0x11,
+	0xb7, 0x5c, 0x99, 0xe0, 0x01, 0x8d, 0x84, 0x88, 0x12, 0x70, 0x71, 0x37, 0x99, 0x7d, 0x70, 0x55,
+	0x9c, 0x42, 0xae, 0x78, 0x2a, 0x2b, 0xc2, 0x7f, 0x57, 0x9f, 0x80, 0x5f, 0x43, 0x19, 0x7e, 0x26,
+	0x5b, 0x47, 0x78, 0xe0, 0xbb, 0xfb, 0xf6, 0x13, 0xd2, 0x7a, 0x09, 0x3c, 0x84, 0xcc, 0xb1, 0x0e,
+	0xad, 0x5b, 0x9d, 0x07, 0x7b, 0x23, 0xc3, 0x64, 0x90, 0x8b, 0x59, 0x16, 0x80, 0x09, 0x7a, 0xdd,
+	0x53, 0x4d, 0xd7, 0xce, 0x34, 0xb5, 0x0a, 0x4d, 0xd7, 0x58, 0x95, 0x62, 0xbb, 0x64, 0x3d, 0x97,
+	0x10, 0x38, 0x1b, 0x98, 0xba, 0x53, 0xa5, 0x1a, 0xed, 0xb1, 0x84, 0xc0, 0xdb, 0x2a, 0x34, 0x45,
+	0x0a, 0xc3, 0xef, 0xf0, 0x57, 0x93, 0x90, 0x65, 0xd8, 0xfe, 0x9f, 0x6c, 0x8a, 0xdc, 0x2f, 0xb3,
+	0xf0, 0xf4, 0xb6, 0xd7, 0x29, 0x34, 0x5d, 0x40, 0xac, 0x25, 0xf2, 0xe3, 0xb9, 0x04, 0xfb, 0x36,
+	0x69, 0xf3, 0x3c, 0x07, 0xe5, 0x2b, 0x1e, 0x39, 0x0d, 0xe4, 0xf5, 0x0a, 0x4d, 0x97, 0x20, 0xdb,
+	0xc2, 0xe5, 0x31, 0x8f, 0xec, 0x37, 0xa4, 0x13, 0x64, 0xc0, 0x15, 0xf8, 0xa5, 0x2f, 0x4e, 0x13,
+	0x0b, 0x3b, 0x18, 0x19, 0xd3, 0x46, 0x0b, 0xd3, 0x46, 0xc7, 0x0b, 0xd3, 0xbc, 0xdd, 0x42, 0xd3,
+	0x7a, 0xca, 0x97, 0xef, 0xd4, 0x62, 0xc4, 0x00, 0x25, 0xab, 0x54, 0x9c, 0xc9, 0xf0, 0x42, 0x71,
+	0xfd, 0x66, 0x8a, 0xb5, 0x14, 0xa3, 0x68, 0x00, 0x54, 0x7c, 0x44, 0x7a, 0x30, 0xcd, 0x44, 0x92,
+	0xf8, 0xb9, 0xe2, 0x6a, 0x96, 0xa3, 0x7d, 0x6d, 0x6f, 0xa7, 0xd0, 0x74, 0x35, 0xc0, 0xba, 0x66,
+	0x3b, 0xc6, 0x9d, 0xfd, 0x96, 0x94, 0x75, 0x85, 0x30, 0x55, 0x31, 0x4f, 0x9c, 0x16, 0x16, 0xb2,
+	0xbf, 0xe2, 0xf9, 0x8b, 0x8b, 0xb0, 0xe7, 0x14, 0x9a, 0xf6, 0x97, 0xf4, 0xbb, 0x22, 0x8d, 0x15,
+	0xa4, 0x52, 0xcd, 0x59, 0x4d, 0xc4, 0xf6, 0xc9, 0x76, 0x20, 0x92, 0x04, 0x02, 0x05, 0xa1, 0x1f,
+	0x72, 0xc5, 0x9d, 0xcd, 0xc3, 0x26, 0xf6, 0xb7, 0x22, 0xbb, 0xa0, 0x1c, 0x71, 0xc5, 0xbd, 0x7f,
+	0x0b, 0x4d, 0x9d, 0xd5, 0xac, 0x9a, 0x7a, 0x2f, 0xa8, 0x93, 0x87, 0xdf, 0x1a, 0xe4, 0xaf, 0xcb,
+	0xb5, 0xd9, 0x7f, 0x93, 0x46, 0x1c, 0x56, 0x37, 0xde, 0x2a, 0x34, 0x6d, 0xc4, 0x21, 0x6b, 0xc4,
+	0xa1, 0xfd, 0x98, 0x6c, 0xcb, 0xd9, 0x24, 0x89, 0x03, 0xff, 0x13, 0xcc, 0xfd, 0x72, 0x26, 0xcb,
+	0xdb, 0xee, 0x7a, 0x76, 0xa1, 0xe9, 0xa5, 0x08, 0xeb, 0x9a, 0xfd, 0x2b, 0x98, 0x1f, 0x41, 0x66,
+	0x8f, 0xc9, 0xbe, 0x79, 0x42, 0x3e, 0x57, 0xaa, 0xbc, 0x07, 0x15, 0x8b, 0xa9, 0x19, 0xac, 0x26,
+	0x1e, 0xf3, 0x4f, 0xa1, 0xe9, 0x75, 0x14, 0xb6, 0x67, 0x02, 0xcf, 0x97, 0x38, 0xce, 0xdd, 0x3d,
+	0x42, 0x94, 0x4c, 0xfd, 0x1c, 0xb2, 0xd2, 0xef, 0x75, 0xd4, 0xd9, 0x2e, 0x34, 0xad, 0xa1, 0xac,
+	0xad, 0x64, 0x3a, 0xc6, 0xa5, 0xcd, 0xc8, 0x7e, 0x19, 0xa8, 0xab, 0x2f, 0xda, 0xd8, 0xc0, 0x36,
+	0xb0, 0x86, 0x6b, 0x28, 0xac, 0xaf, 0x64, 0x5a, 0x2b, 0xc0, 0xf4, 0x35, 0xfc, 0xda, 0x20, 0xbb,
+	0x57, 0xdc, 0x81, 0x3d, 0x26, 0xdd, 0xca, 0x67, 0x33, 0x95, 0xd6, 0x1f, 0xa7, 0xb2, 0x5f, 0x68,
+	0xba, 0x92, 0x83, 0x63, 0xd9, 0xa9, 0x90, 0xc5, 0xa4, 0x67, 0x10, 0x88, 0x2c, 0x34, 0x9a, 0x8d,
+	0x9b, 0x4d, 0x7a, 0x2d, 0xc5, 0x4c, 0xba, 0x01, 0x50, 0xb1, 0xf6, 0xbe, 0x9b, 0xd7, 0xbf, 0xef,
+	0x67, 0xa4, 0x67, 0xdc, 0xf4, 0xa7, 0xb3, 0x74, 0x02, 0x59, 0x65, 0x35, 0xda, 0xb5, 0x12, 0xa8,
+	0x8d, 0x59, 0xd7, 0x04, 0x5e, 0x23, 0xee, 0x3d, 0x3d, 0xfd, 0x39, 0x58, 0x3b, 0x3d, 0x1f, 0x58,
+	0x67, 0xe7, 0x03, 0xeb, 0xc7, 0xf9, 0xc0, 0x7a, 0x7f, 0x27, 0x8a, 0xd5, 0xc7, 0xd9, 0x64, 0x14,
+	0x88, 0xd4, 0x8d, 0x32, 0x7e, 0x12, 0x1b, 0x5b, 0x79, 0xe2, 0x5e, 0xfc, 0x1e, 0xb9, 0x8c, 0xcd,
+	0x5f, 0x71, 0xd2, 0xc2, 0xde, 0x1e, 0xfe, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x70, 0xb5, 0x84, 0xbb,
+	0x9d, 0x05, 0x00, 0x00,
 }
 
 func (m *DeviceV1) Marshal() (dAtA []byte, err error) {
@@ -434,6 +442,27 @@ func (m *DeviceCredential) MarshalToSizedBuffer(dAtA []byte) (int, error) {
 		i -= len(m.XXX_unrecognized)
 		copy(dAtA[i:], m.XXX_unrecognized)
 	}
+	if len(m.TpmAttestationKeyDer) > 0 {
+		i -= len(m.TpmAttestationKeyDer)
+		copy(dAtA[i:], m.TpmAttestationKeyDer)
+		i = encodeVarintDevice(dAtA, i, uint64(len(m.TpmAttestationKeyDer)))
+		i--
+		dAtA[i] = 0x2a
+	}
+	if len(m.TpmSerial) > 0 {
+		i -= len(m.TpmSerial)
+		copy(dAtA[i:], m.TpmSerial)
+		i = encodeVarintDevice(dAtA, i, uint64(len(m.TpmSerial)))
+		i--
+		dAtA[i] = 0x22
+	}
+	if len(m.DeviceAttestationType) > 0 {
+		i -= len(m.DeviceAttestationType)
+		copy(dAtA[i:], m.DeviceAttestationType)
+		i = encodeVarintDevice(dAtA, i, uint64(len(m.DeviceAttestationType)))
+		i--
+		dAtA[i] = 0x1a
+	}
 	if len(m.PublicKeyDer) > 0 {
 		i -= len(m.PublicKeyDer)
 		copy(dAtA[i:], m.PublicKeyDer)
@@ -597,6 +626,18 @@ func (m *DeviceCredential) Size() (n int) {
 	if l > 0 {
 		n += 1 + l + sovDevice(uint64(l))
 	}
+	l = len(m.DeviceAttestationType)
+	if l > 0 {
+		n += 1 + l + sovDevice(uint64(l))
+	}
+	l = len(m.TpmSerial)
+	if l > 0 {
+		n += 1 + l + sovDevice(uint64(l))
+	}
+	l = len(m.TpmAttestationKeyDer)
+	if l > 0 {
+		n += 1 + l + sovDevice(uint64(l))
+	}
 	if m.XXX_unrecognized != nil {
 		n += len(m.XXX_unrecognized)
 	}
@@ -1141,6 +1182,104 @@ func (m *DeviceCredential) Unmarshal(dAtA []byte) error {
 				m.PublicKeyDer = []byte{}
 			}
 			iNdEx = postIndex
+		case 3:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field DeviceAttestationType", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowDevice
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthDevice
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthDevice
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.DeviceAttestationType = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 4:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TpmSerial", wireType)
+			}
+			var stringLen uint64
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowDevice
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				stringLen |= uint64(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			intStringLen := int(stringLen)
+			if intStringLen < 0 {
+				return ErrInvalidLengthDevice
+			}
+			postIndex := iNdEx + intStringLen
+			if postIndex < 0 {
+				return ErrInvalidLengthDevice
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.TpmSerial = string(dAtA[iNdEx:postIndex])
+			iNdEx = postIndex
+		case 5:
+			if wireType != 2 {
+				return fmt.Errorf("proto: wrong wireType = %d for field TpmAttestationKeyDer", wireType)
+			}
+			var byteLen int
+			for shift := uint(0); ; shift += 7 {
+				if shift >= 64 {
+					return ErrIntOverflowDevice
+				}
+				if iNdEx >= l {
+					return io.ErrUnexpectedEOF
+				}
+				b := dAtA[iNdEx]
+				iNdEx++
+				byteLen |= int(b&0x7F) << shift
+				if b < 0x80 {
+					break
+				}
+			}
+			if byteLen < 0 {
+				return ErrInvalidLengthDevice
+			}
+			postIndex := iNdEx + byteLen
+			if postIndex < 0 {
+				return ErrInvalidLengthDevice
+			}
+			if postIndex > l {
+				return io.ErrUnexpectedEOF
+			}
+			m.TpmAttestationKeyDer = append(m.TpmAttestationKeyDer[:0], dAtA[iNdEx:postIndex]...)
+			if m.TpmAttestationKeyDer == nil {
+				m.TpmAttestationKeyDer = []byte{}
+			}
+			iNdEx = postIndex
 		default:
 			iNdEx = preIndex
 			skippy, err := skipDevice(dAtA[iNdEx:])

api/types/device_test.go

@@ -115,8 +115,11 @@ func TestDeviceConversions_toAndFrom(t *testing.T) {
 		UpdateTime:   timestamppb.New(t2),
 		EnrollStatus: devicepb.DeviceEnrollStatus_DEVICE_ENROLL_STATUS_ENROLLED,
 		Credential: &devicepb.DeviceCredential{
-			Id:           "557762f0-4cd4-4b75-aaee-575c57237c0b",
-			PublicKeyDer: []byte("insert public key here"),
+			Id:                    "557762f0-4cd4-4b75-aaee-575c57237c0b",
+			PublicKeyDer:          []byte("insert public key here"),
+			DeviceAttestationType: devicepb.DeviceAttestationType_DEVICE_ATTESTATION_TYPE_UNSPECIFIED,
+			TpmSerial:             "1234-5678",
+			TpmAttestationKeyDer:  []byte("insert public key here"),
 		},
 		CollectedData: []*devicepb.DeviceCollectedData{
 			{
@@ -148,3 +151,36 @@ func TestDeviceConversions_toAndFrom(t *testing.T) {
 		t.Errorf("DeviceFromResource mismatch (-want +got)\n%s", diff)
 	}
 }
+
+func TestResourceAttestationType_toAndFrom(t *testing.T) {
+	t.Parallel()
+	tests := []struct {
+		attestationType string
+		errorContains   string
+	}{
+		{
+			attestationType: "unspecified",
+		},
+		{
+			attestationType: "tpm",
+		},
+		{
+			attestationType: "tpm_ekcert",
+		},
+		{
+			attestationType: "quantum_entanglement",
+			errorContains:   "unknown attestation type",
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.attestationType, func(t *testing.T) {
+			asEnum, err := ResourceDeviceAttestationTypeFromString(tt.attestationType)
+			if tt.errorContains != "" {
+				require.ErrorContains(t, err, tt.errorContains)
+				return
+			}
+			got := ResourceDeviceAttestationTypeToString(asEnum)
+			require.Equal(t, tt.attestationType, got)
+		})
+	}
+}