/
Tpm12.h
2165 lines (1996 loc) · 83.9 KB
/
Tpm12.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/** @file
TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 103)
See http://trustedcomputinggroup.org for latest specification updates
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef _TPM12_H_
#define _TPM12_H_
///
/// The start of TPM return codes
///
#define TPM_BASE 0
//
// All structures MUST be packed on a byte boundary.
//
#pragma pack (1)
//
// Part 2, section 2.2.3: Helper redefinitions
//
///
/// Indicates the conditions where it is required that authorization be presented
///
typedef UINT8 TPM_AUTH_DATA_USAGE;
///
/// The information as to what the payload is in an encrypted structure
///
typedef UINT8 TPM_PAYLOAD_TYPE;
///
/// The version info breakdown
///
typedef UINT8 TPM_VERSION_BYTE;
///
/// The state of the dictionary attack mitigation logic
///
typedef UINT8 TPM_DA_STATE;
///
/// The request or response authorization type
///
typedef UINT16 TPM_TAG;
///
/// The protocol in use
///
typedef UINT16 TPM_PROTOCOL_ID;
///
/// Indicates the start state
///
typedef UINT16 TPM_STARTUP_TYPE;
///
/// The definition of the encryption scheme
///
typedef UINT16 TPM_ENC_SCHEME;
///
/// The definition of the signature scheme
///
typedef UINT16 TPM_SIG_SCHEME;
///
/// The definition of the migration scheme
///
typedef UINT16 TPM_MIGRATE_SCHEME;
///
/// Sets the state of the physical presence mechanism
///
typedef UINT16 TPM_PHYSICAL_PRESENCE;
///
/// Indicates the types of entity that are supported by the TPM
///
typedef UINT16 TPM_ENTITY_TYPE;
///
/// Indicates the permitted usage of the key
///
typedef UINT16 TPM_KEY_USAGE;
///
/// The type of asymmetric encrypted structure in use by the endorsement key
///
typedef UINT16 TPM_EK_TYPE;
///
/// The tag for the structure
///
typedef UINT16 TPM_STRUCTURE_TAG;
///
/// The platform specific spec to which the information relates to
///
typedef UINT16 TPM_PLATFORM_SPECIFIC;
///
/// The command ordinal
///
typedef UINT32 TPM_COMMAND_CODE;
///
/// Identifies a TPM capability area
///
typedef UINT32 TPM_CAPABILITY_AREA;
///
/// Indicates information regarding a key
///
typedef UINT32 TPM_KEY_FLAGS;
///
/// Indicates the type of algorithm
///
typedef UINT32 TPM_ALGORITHM_ID;
///
/// The locality modifier
///
typedef UINT32 TPM_MODIFIER_INDICATOR;
///
/// The actual number of a counter
///
typedef UINT32 TPM_ACTUAL_COUNT;
///
/// Attributes that define what options are in use for a transport session
///
typedef UINT32 TPM_TRANSPORT_ATTRIBUTES;
///
/// Handle to an authorization session
///
typedef UINT32 TPM_AUTHHANDLE;
///
/// Index to a DIR register
///
typedef UINT32 TPM_DIRINDEX;
///
/// The area where a key is held assigned by the TPM
///
typedef UINT32 TPM_KEY_HANDLE;
///
/// Index to a PCR register
///
typedef UINT32 TPM_PCRINDEX;
///
/// The return code from a function
///
typedef UINT32 TPM_RESULT;
///
/// The types of resources that a TPM may have using internal resources
///
typedef UINT32 TPM_RESOURCE_TYPE;
///
/// Allows for controlling of the key when loaded and how to handle TPM_Startup issues
///
typedef UINT32 TPM_KEY_CONTROL;
///
/// The index into the NV storage area
///
typedef UINT32 TPM_NV_INDEX;
///
/// The family ID. Family IDs are automatically assigned a sequence number by the TPM.
/// A trusted process can set the FamilyID value in an individual row to NULL, which
/// invalidates that row. The family ID resets to NULL on each change of TPM Owner.
///
typedef UINT32 TPM_FAMILY_ID;
///
/// IA value used as a label for the most recent verification of this family. Set to zero when not in use.
///
typedef UINT32 TPM_FAMILY_VERIFICATION;
///
/// How the TPM handles var
///
typedef UINT32 TPM_STARTUP_EFFECTS;
///
/// The mode of a symmetric encryption
///
typedef UINT32 TPM_SYM_MODE;
///
/// The family flags
///
typedef UINT32 TPM_FAMILY_FLAGS;
///
/// The index value for the delegate NV table
///
typedef UINT32 TPM_DELEGATE_INDEX;
///
/// The restrictions placed on delegation of CMK commands
///
typedef UINT32 TPM_CMK_DELEGATE;
///
/// The ID value of a monotonic counter
///
typedef UINT32 TPM_COUNT_ID;
///
/// A command to execute
///
typedef UINT32 TPM_REDIT_COMMAND;
///
/// A transport session handle
///
typedef UINT32 TPM_TRANSHANDLE;
///
/// A generic handle could be key, transport etc
///
typedef UINT32 TPM_HANDLE;
///
/// What operation is happening
///
typedef UINT32 TPM_FAMILY_OPERATION;
//
// Part 2, section 2.2.4: Vendor specific
// The following defines allow for the quick specification of a
// vendor specific item.
//
#define TPM_Vendor_Specific32 ((UINT32) 0x00000400)
#define TPM_Vendor_Specific8 ((UINT8) 0x80)
//
// Part 2, section 3.1: TPM_STRUCTURE_TAG
//
#define TPM_TAG_CONTEXTBLOB ((TPM_STRUCTURE_TAG) 0x0001)
#define TPM_TAG_CONTEXT_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0002)
#define TPM_TAG_CONTEXTPOINTER ((TPM_STRUCTURE_TAG) 0x0003)
#define TPM_TAG_CONTEXTLIST ((TPM_STRUCTURE_TAG) 0x0004)
#define TPM_TAG_SIGNINFO ((TPM_STRUCTURE_TAG) 0x0005)
#define TPM_TAG_PCR_INFO_LONG ((TPM_STRUCTURE_TAG) 0x0006)
#define TPM_TAG_PERSISTENT_FLAGS ((TPM_STRUCTURE_TAG) 0x0007)
#define TPM_TAG_VOLATILE_FLAGS ((TPM_STRUCTURE_TAG) 0x0008)
#define TPM_TAG_PERSISTENT_DATA ((TPM_STRUCTURE_TAG) 0x0009)
#define TPM_TAG_VOLATILE_DATA ((TPM_STRUCTURE_TAG) 0x000A)
#define TPM_TAG_SV_DATA ((TPM_STRUCTURE_TAG) 0x000B)
#define TPM_TAG_EK_BLOB ((TPM_STRUCTURE_TAG) 0x000C)
#define TPM_TAG_EK_BLOB_AUTH ((TPM_STRUCTURE_TAG) 0x000D)
#define TPM_TAG_COUNTER_VALUE ((TPM_STRUCTURE_TAG) 0x000E)
#define TPM_TAG_TRANSPORT_INTERNAL ((TPM_STRUCTURE_TAG) 0x000F)
#define TPM_TAG_TRANSPORT_LOG_IN ((TPM_STRUCTURE_TAG) 0x0010)
#define TPM_TAG_TRANSPORT_LOG_OUT ((TPM_STRUCTURE_TAG) 0x0011)
#define TPM_TAG_AUDIT_EVENT_IN ((TPM_STRUCTURE_TAG) 0x0012)
#define TPM_TAG_AUDIT_EVENT_OUT ((TPM_STRUCTURE_TAG) 0x0013)
#define TPM_TAG_CURRENT_TICKS ((TPM_STRUCTURE_TAG) 0x0014)
#define TPM_TAG_KEY ((TPM_STRUCTURE_TAG) 0x0015)
#define TPM_TAG_STORED_DATA12 ((TPM_STRUCTURE_TAG) 0x0016)
#define TPM_TAG_NV_ATTRIBUTES ((TPM_STRUCTURE_TAG) 0x0017)
#define TPM_TAG_NV_DATA_PUBLIC ((TPM_STRUCTURE_TAG) 0x0018)
#define TPM_TAG_NV_DATA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0019)
#define TPM_TAG_DELEGATIONS ((TPM_STRUCTURE_TAG) 0x001A)
#define TPM_TAG_DELEGATE_PUBLIC ((TPM_STRUCTURE_TAG) 0x001B)
#define TPM_TAG_DELEGATE_TABLE_ROW ((TPM_STRUCTURE_TAG) 0x001C)
#define TPM_TAG_TRANSPORT_AUTH ((TPM_STRUCTURE_TAG) 0x001D)
#define TPM_TAG_TRANSPORT_PUBLIC ((TPM_STRUCTURE_TAG) 0x001E)
#define TPM_TAG_PERMANENT_FLAGS ((TPM_STRUCTURE_TAG) 0x001F)
#define TPM_TAG_STCLEAR_FLAGS ((TPM_STRUCTURE_TAG) 0x0020)
#define TPM_TAG_STANY_FLAGS ((TPM_STRUCTURE_TAG) 0x0021)
#define TPM_TAG_PERMANENT_DATA ((TPM_STRUCTURE_TAG) 0x0022)
#define TPM_TAG_STCLEAR_DATA ((TPM_STRUCTURE_TAG) 0x0023)
#define TPM_TAG_STANY_DATA ((TPM_STRUCTURE_TAG) 0x0024)
#define TPM_TAG_FAMILY_TABLE_ENTRY ((TPM_STRUCTURE_TAG) 0x0025)
#define TPM_TAG_DELEGATE_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0026)
#define TPM_TAG_DELG_KEY_BLOB ((TPM_STRUCTURE_TAG) 0x0027)
#define TPM_TAG_KEY12 ((TPM_STRUCTURE_TAG) 0x0028)
#define TPM_TAG_CERTIFY_INFO2 ((TPM_STRUCTURE_TAG) 0x0029)
#define TPM_TAG_DELEGATE_OWNER_BLOB ((TPM_STRUCTURE_TAG) 0x002A)
#define TPM_TAG_EK_BLOB_ACTIVATE ((TPM_STRUCTURE_TAG) 0x002B)
#define TPM_TAG_DAA_BLOB ((TPM_STRUCTURE_TAG) 0x002C)
#define TPM_TAG_DAA_CONTEXT ((TPM_STRUCTURE_TAG) 0x002D)
#define TPM_TAG_DAA_ENFORCE ((TPM_STRUCTURE_TAG) 0x002E)
#define TPM_TAG_DAA_ISSUER ((TPM_STRUCTURE_TAG) 0x002F)
#define TPM_TAG_CAP_VERSION_INFO ((TPM_STRUCTURE_TAG) 0x0030)
#define TPM_TAG_DAA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0031)
#define TPM_TAG_DAA_TPM ((TPM_STRUCTURE_TAG) 0x0032)
#define TPM_TAG_CMK_MIGAUTH ((TPM_STRUCTURE_TAG) 0x0033)
#define TPM_TAG_CMK_SIGTICKET ((TPM_STRUCTURE_TAG) 0x0034)
#define TPM_TAG_CMK_MA_APPROVAL ((TPM_STRUCTURE_TAG) 0x0035)
#define TPM_TAG_QUOTE_INFO2 ((TPM_STRUCTURE_TAG) 0x0036)
#define TPM_TAG_DA_INFO ((TPM_STRUCTURE_TAG) 0x0037)
#define TPM_TAG_DA_LIMITED ((TPM_STRUCTURE_TAG) 0x0038)
#define TPM_TAG_DA_ACTION_TYPE ((TPM_STRUCTURE_TAG) 0x0039)
//
// Part 2, section 4: TPM Types
//
//
// Part 2, section 4.1: TPM_RESOURCE_TYPE
//
#define TPM_RT_KEY ((TPM_RESOURCE_TYPE) 0x00000001) ///< The handle is a key handle and is the result of a LoadKey type operation
#define TPM_RT_AUTH ((TPM_RESOURCE_TYPE) 0x00000002) ///< The handle is an authorization handle. Auth handles come from TPM_OIAP, TPM_OSAP and TPM_DSAP
#define TPM_RT_HASH ((TPM_RESOURCE_TYPE) 0x00000003) ///< Reserved for hashes
#define TPM_RT_TRANS ((TPM_RESOURCE_TYPE) 0x00000004) ///< The handle is for a transport session. Transport handles come from TPM_EstablishTransport
#define TPM_RT_CONTEXT ((TPM_RESOURCE_TYPE) 0x00000005) ///< Resource wrapped and held outside the TPM using the context save/restore commands
#define TPM_RT_COUNTER ((TPM_RESOURCE_TYPE) 0x00000006) ///< Reserved for counters
#define TPM_RT_DELEGATE ((TPM_RESOURCE_TYPE) 0x00000007) ///< The handle is for a delegate row. These are the internal rows held in NV storage by the TPM
#define TPM_RT_DAA_TPM ((TPM_RESOURCE_TYPE) 0x00000008) ///< The value is a DAA TPM specific blob
#define TPM_RT_DAA_V0 ((TPM_RESOURCE_TYPE) 0x00000009) ///< The value is a DAA V0 parameter
#define TPM_RT_DAA_V1 ((TPM_RESOURCE_TYPE) 0x0000000A) ///< The value is a DAA V1 parameter
//
// Part 2, section 4.2: TPM_PAYLOAD_TYPE
//
#define TPM_PT_ASYM ((TPM_PAYLOAD_TYPE) 0x01) ///< The entity is an asymmetric key
#define TPM_PT_BIND ((TPM_PAYLOAD_TYPE) 0x02) ///< The entity is bound data
#define TPM_PT_MIGRATE ((TPM_PAYLOAD_TYPE) 0x03) ///< The entity is a migration blob
#define TPM_PT_MAINT ((TPM_PAYLOAD_TYPE) 0x04) ///< The entity is a maintenance blob
#define TPM_PT_SEAL ((TPM_PAYLOAD_TYPE) 0x05) ///< The entity is sealed data
#define TPM_PT_MIGRATE_RESTRICTED ((TPM_PAYLOAD_TYPE) 0x06) ///< The entity is a restricted-migration asymmetric key
#define TPM_PT_MIGRATE_EXTERNAL ((TPM_PAYLOAD_TYPE) 0x07) ///< The entity is a external migratable key
#define TPM_PT_CMK_MIGRATE ((TPM_PAYLOAD_TYPE) 0x08) ///< The entity is a CMK migratable blob
#define TPM_PT_VENDOR_SPECIFIC ((TPM_PAYLOAD_TYPE) 0x80) ///< 0x80 - 0xFF Vendor specific payloads
//
// Part 2, section 4.3: TPM_ENTITY_TYPE
//
#define TPM_ET_KEYHANDLE ((UINT16) 0x0001) ///< The entity is a keyHandle or key
#define TPM_ET_OWNER ((UINT16) 0x0002) ///< The entity is the TPM Owner
#define TPM_ET_DATA ((UINT16) 0x0003) ///< The entity is some data
#define TPM_ET_SRK ((UINT16) 0x0004) ///< The entity is the SRK
#define TPM_ET_KEY ((UINT16) 0x0005) ///< The entity is a key or keyHandle
#define TPM_ET_REVOKE ((UINT16) 0x0006) ///< The entity is the RevokeTrust value
#define TPM_ET_DEL_OWNER_BLOB ((UINT16) 0x0007) ///< The entity is a delegate owner blob
#define TPM_ET_DEL_ROW ((UINT16) 0x0008) ///< The entity is a delegate row
#define TPM_ET_DEL_KEY_BLOB ((UINT16) 0x0009) ///< The entity is a delegate key blob
#define TPM_ET_COUNTER ((UINT16) 0x000A) ///< The entity is a counter
#define TPM_ET_NV ((UINT16) 0x000B) ///< The entity is a NV index
#define TPM_ET_OPERATOR ((UINT16) 0x000C) ///< The entity is the operator
#define TPM_ET_RESERVED_HANDLE ((UINT16) 0x0040) ///< Reserved. This value avoids collisions with the handle MSB setting.
//
// TPM_ENTITY_TYPE MSB Values: The MSB is used to indicate the ADIP encryption sheme when applicable
//
#define TPM_ET_XOR ((UINT16) 0x0000) ///< ADIP encryption scheme: XOR
#define TPM_ET_AES128 ((UINT16) 0x0006) ///< ADIP encryption scheme: AES 128 bits
//
// Part 2, section 4.4.1: Reserved Key Handles
//
#define TPM_KH_SRK ((TPM_KEY_HANDLE) 0x40000000) ///< The handle points to the SRK
#define TPM_KH_OWNER ((TPM_KEY_HANDLE) 0x40000001) ///< The handle points to the TPM Owner
#define TPM_KH_REVOKE ((TPM_KEY_HANDLE) 0x40000002) ///< The handle points to the RevokeTrust value
#define TPM_KH_TRANSPORT ((TPM_KEY_HANDLE) 0x40000003) ///< The handle points to the EstablishTransport static authorization
#define TPM_KH_OPERATOR ((TPM_KEY_HANDLE) 0x40000004) ///< The handle points to the Operator auth
#define TPM_KH_ADMIN ((TPM_KEY_HANDLE) 0x40000005) ///< The handle points to the delegation administration auth
#define TPM_KH_EK ((TPM_KEY_HANDLE) 0x40000006) ///< The handle points to the PUBEK, only usable with TPM_OwnerReadInternalPub
//
// Part 2, section 4.5: TPM_STARTUP_TYPE
//
#define TPM_ST_CLEAR ((TPM_STARTUP_TYPE) 0x0001) ///< The TPM is starting up from a clean state
#define TPM_ST_STATE ((TPM_STARTUP_TYPE) 0x0002) ///< The TPM is starting up from a saved state
#define TPM_ST_DEACTIVATED ((TPM_STARTUP_TYPE) 0x0003) ///< The TPM is to startup and set the deactivated flag to TRUE
//
// Part 2, section 4.6: TPM_STATUP_EFFECTS
// The table makeup is still an open issue.
//
//
// Part 2, section 4.7: TPM_PROTOCOL_ID
//
#define TPM_PID_OIAP ((TPM_PROTOCOL_ID) 0x0001) ///< The OIAP protocol.
#define TPM_PID_OSAP ((TPM_PROTOCOL_ID) 0x0002) ///< The OSAP protocol.
#define TPM_PID_ADIP ((TPM_PROTOCOL_ID) 0x0003) ///< The ADIP protocol.
#define TPM_PID_ADCP ((TPM_PROTOCOL_ID) 0x0004) ///< The ADCP protocol.
#define TPM_PID_OWNER ((TPM_PROTOCOL_ID) 0x0005) ///< The protocol for taking ownership of a TPM.
#define TPM_PID_DSAP ((TPM_PROTOCOL_ID) 0x0006) ///< The DSAP protocol
#define TPM_PID_TRANSPORT ((TPM_PROTOCOL_ID) 0x0007) ///< The transport protocol
//
// Part 2, section 4.8: TPM_ALGORITHM_ID
// The TPM MUST support the algorithms TPM_ALG_RSA, TPM_ALG_SHA, TPM_ALG_HMAC,
// TPM_ALG_MGF1
//
#define TPM_ALG_RSA ((TPM_ALGORITHM_ID) 0x00000001) ///< The RSA algorithm.
#define TPM_ALG_DES ((TPM_ALGORITHM_ID) 0x00000002) ///< The DES algorithm
#define TPM_ALG_3DES ((TPM_ALGORITHM_ID) 0x00000003) ///< The 3DES algorithm in EDE mode
#define TPM_ALG_SHA ((TPM_ALGORITHM_ID) 0x00000004) ///< The SHA1 algorithm
#define TPM_ALG_HMAC ((TPM_ALGORITHM_ID) 0x00000005) ///< The RFC 2104 HMAC algorithm
#define TPM_ALG_AES128 ((TPM_ALGORITHM_ID) 0x00000006) ///< The AES algorithm, key size 128
#define TPM_ALG_MGF1 ((TPM_ALGORITHM_ID) 0x00000007) ///< The XOR algorithm using MGF1 to create a string the size of the encrypted block
#define TPM_ALG_AES192 ((TPM_ALGORITHM_ID) 0x00000008) ///< AES, key size 192
#define TPM_ALG_AES256 ((TPM_ALGORITHM_ID) 0x00000009) ///< AES, key size 256
#define TPM_ALG_XOR ((TPM_ALGORITHM_ID) 0x0000000A) ///< XOR using the rolling nonces
//
// Part 2, section 4.9: TPM_PHYSICAL_PRESENCE
//
#define TPM_PHYSICAL_PRESENCE_HW_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0200) ///< Sets the physicalPresenceHWEnable to FALSE
#define TPM_PHYSICAL_PRESENCE_CMD_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0100) ///< Sets the physicalPresenceCMDEnable to FALSE
#define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0080) ///< Sets the physicalPresenceLifetimeLock to TRUE
#define TPM_PHYSICAL_PRESENCE_HW_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0040) ///< Sets the physicalPresenceHWEnable to TRUE
#define TPM_PHYSICAL_PRESENCE_CMD_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0020) ///< Sets the physicalPresenceCMDEnable to TRUE
#define TPM_PHYSICAL_PRESENCE_NOTPRESENT ((TPM_PHYSICAL_PRESENCE) 0x0010) ///< Sets PhysicalPresence = FALSE
#define TPM_PHYSICAL_PRESENCE_PRESENT ((TPM_PHYSICAL_PRESENCE) 0x0008) ///< Sets PhysicalPresence = TRUE
#define TPM_PHYSICAL_PRESENCE_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0004) ///< Sets PhysicalPresenceLock = TRUE
//
// Part 2, section 4.10: TPM_MIGRATE_SCHEME
//
#define TPM_MS_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0001) ///< A public key that can be used with all TPM migration commands other than 'ReWrap' mode.
#define TPM_MS_REWRAP ((TPM_MIGRATE_SCHEME) 0x0002) ///< A public key that can be used for the ReWrap mode of TPM_CreateMigrationBlob.
#define TPM_MS_MAINT ((TPM_MIGRATE_SCHEME) 0x0003) ///< A public key that can be used for the Maintenance commands
#define TPM_MS_RESTRICT_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0004) ///< The key is to be migrated to a Migration Authority.
#define TPM_MS_RESTRICT_APPROVE_DOUBLE ((TPM_MIGRATE_SCHEME) 0x0005) ///< The key is to be migrated to an entity approved by a Migration Authority using double wrapping
//
// Part 2, section 4.11: TPM_EK_TYPE
//
#define TPM_EK_TYPE_ACTIVATE ((TPM_EK_TYPE) 0x0001) ///< The blob MUST be TPM_EK_BLOB_ACTIVATE
#define TPM_EK_TYPE_AUTH ((TPM_EK_TYPE) 0x0002) ///< The blob MUST be TPM_EK_BLOB_AUTH
//
// Part 2, section 4.12: TPM_PLATFORM_SPECIFIC
//
#define TPM_PS_PC_11 ((TPM_PLATFORM_SPECIFIC) 0x0001) ///< PC Specific version 1.1
#define TPM_PS_PC_12 ((TPM_PLATFORM_SPECIFIC) 0x0002) ///< PC Specific version 1.2
#define TPM_PS_PDA_12 ((TPM_PLATFORM_SPECIFIC) 0x0003) ///< PDA Specific version 1.2
#define TPM_PS_Server_12 ((TPM_PLATFORM_SPECIFIC) 0x0004) ///< Server Specific version 1.2
#define TPM_PS_Mobile_12 ((TPM_PLATFORM_SPECIFIC) 0x0005) ///< Mobil Specific version 1.2
//
// Part 2, section 5: Basic Structures
//
///
/// Part 2, section 5.1: TPM_STRUCT_VER
///
typedef struct tdTPM_STRUCT_VER {
UINT8 major;
UINT8 minor;
UINT8 revMajor;
UINT8 revMinor;
} TPM_STRUCT_VER;
///
/// Part 2, section 5.3: TPM_VERSION
///
typedef struct tdTPM_VERSION {
TPM_VERSION_BYTE major;
TPM_VERSION_BYTE minor;
UINT8 revMajor;
UINT8 revMinor;
} TPM_VERSION;
#define TPM_SHA1_160_HASH_LEN 0x14
#define TPM_SHA1BASED_NONCE_LEN TPM_SHA1_160_HASH_LEN
///
/// Part 2, section 5.4: TPM_DIGEST
///
typedef struct tdTPM_DIGEST {
UINT8 digest[TPM_SHA1_160_HASH_LEN];
} TPM_DIGEST;
///
/// This SHALL be the digest of the chosen identityLabel and privacyCA for a new TPM identity
///
typedef TPM_DIGEST TPM_CHOSENID_HASH;
///
/// This SHALL be the hash of a list of PCR indexes and PCR values that a key or data is bound to
///
typedef TPM_DIGEST TPM_COMPOSITE_HASH;
///
/// This SHALL be the value of a DIR register
///
typedef TPM_DIGEST TPM_DIRVALUE;
typedef TPM_DIGEST TPM_HMAC;
///
/// The value inside of the PCR
///
typedef TPM_DIGEST TPM_PCRVALUE;
///
/// This SHALL be the value of the current internal audit state
///
typedef TPM_DIGEST TPM_AUDITDIGEST;
///
/// Part 2, section 5.5: TPM_NONCE
///
typedef struct tdTPM_NONCE {
UINT8 nonce[20];
} TPM_NONCE;
///
/// This SHALL be a random value generated by a TPM immediately after the EK is installed
/// in that TPM, whenever an EK is installed in that TPM
///
typedef TPM_NONCE TPM_DAA_TPM_SEED;
///
/// This SHALL be a random value
///
typedef TPM_NONCE TPM_DAA_CONTEXT_SEED;
//
// Part 2, section 5.6: TPM_AUTHDATA
//
///
/// The AuthData data is the information that is saved or passed to provide proof of ownership
/// 296 of an entity
///
typedef UINT8 tdTPM_AUTHDATA[20];
typedef tdTPM_AUTHDATA TPM_AUTHDATA;
///
/// A secret plaintext value used in the authorization process
///
typedef TPM_AUTHDATA TPM_SECRET;
///
/// A ciphertext (encrypted) version of AuthData data. The encryption mechanism depends on the context
///
typedef TPM_AUTHDATA TPM_ENCAUTH;
///
/// Part 2, section 5.7: TPM_KEY_HANDLE_LIST
/// Size of handle is loaded * sizeof(TPM_KEY_HANDLE)
///
typedef struct tdTPM_KEY_HANDLE_LIST {
UINT16 loaded;
TPM_KEY_HANDLE handle[1];
} TPM_KEY_HANDLE_LIST;
//
// Part 2, section 5.8: TPM_KEY_USAGE values
//
///
/// TPM_KEY_SIGNING SHALL indicate a signing key. The [private] key SHALL be
/// used for signing operations, only. This means that it MUST be a leaf of the
/// Protected Storage key hierarchy.
///
#define TPM_KEY_SIGNING ((UINT16) 0x0010)
///
/// TPM_KEY_STORAGE SHALL indicate a storage key. The key SHALL be used to wrap
/// and unwrap other keys in the Protected Storage hierarchy
///
#define TPM_KEY_STORAGE ((UINT16) 0x0011)
///
/// TPM_KEY_IDENTITY SHALL indicate an identity key. The key SHALL be used for
/// operations that require a TPM identity, only.
///
#define TPM_KEY_IDENTITY ((UINT16) 0x0012)
///
/// TPM_KEY_AUTHCHANGE SHALL indicate an ephemeral key that is in use during
/// the ChangeAuthAsym process, only.
///
#define TPM_KEY_AUTHCHANGE ((UINT16) 0x0013)
///
/// TPM_KEY_BIND SHALL indicate a key that can be used for TPM_Bind and
/// TPM_Unbind operations only.
///
#define TPM_KEY_BIND ((UINT16) 0x0014)
///
/// TPM_KEY_LEGACY SHALL indicate a key that can perform signing and binding
/// operations. The key MAY be used for both signing and binding operations.
/// The TPM_KEY_LEGACY key type is to allow for use by applications where both
/// signing and encryption operations occur with the same key. The use of this
/// key type is not recommended TPM_KEY_MIGRATE 0x0016 This SHALL indicate a
/// key in use for TPM_MigrateKey
///
#define TPM_KEY_LEGACY ((UINT16) 0x0015)
///
/// TPM_KEY_MIGRAGE SHALL indicate a key in use for TPM_MigrateKey
///
#define TPM_KEY_MIGRATE ((UINT16) 0x0016)
//
// Part 2, section 5.8.1: Mandatory Key Usage Schemes
//
#define TPM_ES_NONE ((TPM_ENC_SCHEME) 0x0001)
#define TPM_ES_RSAESPKCSv15 ((TPM_ENC_SCHEME) 0x0002)
#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((TPM_ENC_SCHEME) 0x0003)
#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004) ///< rev94 defined
#define TPM_ES_SYM_CTR ((TPM_ENC_SCHEME) 0x0004)
#define TPM_ES_SYM_OFB ((TPM_ENC_SCHEME) 0x0005)
#define TPM_SS_NONE ((TPM_SIG_SCHEME) 0x0001)
#define TPM_SS_RSASSAPKCS1v15_SHA1 ((TPM_SIG_SCHEME) 0x0002)
#define TPM_SS_RSASSAPKCS1v15_DER ((TPM_SIG_SCHEME) 0x0003)
#define TPM_SS_RSASSAPKCS1v15_INFO ((TPM_SIG_SCHEME) 0x0004)
//
// Part 2, section 5.9: TPM_AUTH_DATA_USAGE values
//
#define TPM_AUTH_NEVER ((TPM_AUTH_DATA_USAGE) 0x00)
#define TPM_AUTH_ALWAYS ((TPM_AUTH_DATA_USAGE) 0x01)
#define TPM_AUTH_PRIV_USE_ONLY ((TPM_AUTH_DATA_USAGE) 0x03)
///
/// Part 2, section 5.10: TPM_KEY_FLAGS
///
typedef enum tdTPM_KEY_FLAGS {
redirection = 0x00000001,
migratable = 0x00000002,
isVolatile = 0x00000004,
pcrIgnoredOnRead = 0x00000008,
migrateAuthority = 0x00000010
} TPM_KEY_FLAGS_BITS;
///
/// Part 2, section 5.11: TPM_CHANGEAUTH_VALIDATE
///
typedef struct tdTPM_CHANGEAUTH_VALIDATE {
TPM_SECRET newAuthSecret;
TPM_NONCE n1;
} TPM_CHANGEAUTH_VALIDATE;
///
/// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
/// declared after section 10 to catch declaration of TPM_PUBKEY
///
/// Part 2 section 10.1: TPM_KEY_PARMS
/// [size_is(parmSize)] BYTE* parms;
///
typedef struct tdTPM_KEY_PARMS {
TPM_ALGORITHM_ID algorithmID;
TPM_ENC_SCHEME encScheme;
TPM_SIG_SCHEME sigScheme;
UINT32 parmSize;
UINT8 *parms;
} TPM_KEY_PARMS;
///
/// Part 2, section 10.4: TPM_STORE_PUBKEY
///
typedef struct tdTPM_STORE_PUBKEY {
UINT32 keyLength;
UINT8 key[1];
} TPM_STORE_PUBKEY;
///
/// Part 2, section 10.5: TPM_PUBKEY
///
typedef struct tdTPM_PUBKEY {
TPM_KEY_PARMS algorithmParms;
TPM_STORE_PUBKEY pubKey;
} TPM_PUBKEY;
///
/// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH
///
typedef struct tdTPM_MIGRATIONKEYAUTH {
TPM_PUBKEY migrationKey;
TPM_MIGRATE_SCHEME migrationScheme;
TPM_DIGEST digest;
} TPM_MIGRATIONKEYAUTH;
///
/// Part 2, section 5.13: TPM_COUNTER_VALUE
///
typedef struct tdTPM_COUNTER_VALUE {
TPM_STRUCTURE_TAG tag;
UINT8 label[4];
TPM_ACTUAL_COUNT counter;
} TPM_COUNTER_VALUE;
///
/// Part 2, section 5.14: TPM_SIGN_INFO
/// Size of data indicated by dataLen
///
typedef struct tdTPM_SIGN_INFO {
TPM_STRUCTURE_TAG tag;
UINT8 fixed[4];
TPM_NONCE replay;
UINT32 dataLen;
UINT8 *data;
} TPM_SIGN_INFO;
///
/// Part 2, section 5.15: TPM_MSA_COMPOSITE
/// Number of migAuthDigest indicated by MSAlist
///
typedef struct tdTPM_MSA_COMPOSITE {
UINT32 MSAlist;
TPM_DIGEST migAuthDigest[1];
} TPM_MSA_COMPOSITE;
///
/// Part 2, section 5.16: TPM_CMK_AUTH
///
typedef struct tdTPM_CMK_AUTH {
TPM_DIGEST migrationAuthorityDigest;
TPM_DIGEST destinationKeyDigest;
TPM_DIGEST sourceKeyDigest;
} TPM_CMK_AUTH;
//
// Part 2, section 5.17: TPM_CMK_DELEGATE
//
#define TPM_CMK_DELEGATE_SIGNING ((TPM_CMK_DELEGATE) BIT31)
#define TPM_CMK_DELEGATE_STORAGE ((TPM_CMK_DELEGATE) BIT30)
#define TPM_CMK_DELEGATE_BIND ((TPM_CMK_DELEGATE) BIT29)
#define TPM_CMK_DELEGATE_LEGACY ((TPM_CMK_DELEGATE) BIT28)
#define TPM_CMK_DELEGATE_MIGRATE ((TPM_CMK_DELEGATE) BIT27)
///
/// Part 2, section 5.18: TPM_SELECT_SIZE
///
typedef struct tdTPM_SELECT_SIZE {
UINT8 major;
UINT8 minor;
UINT16 reqSize;
} TPM_SELECT_SIZE;
///
/// Part 2, section 5,19: TPM_CMK_MIGAUTH
///
typedef struct tdTPM_CMK_MIGAUTH {
TPM_STRUCTURE_TAG tag;
TPM_DIGEST msaDigest;
TPM_DIGEST pubKeyDigest;
} TPM_CMK_MIGAUTH;
///
/// Part 2, section 5.20: TPM_CMK_SIGTICKET
///
typedef struct tdTPM_CMK_SIGTICKET {
TPM_STRUCTURE_TAG tag;
TPM_DIGEST verKeyDigest;
TPM_DIGEST signedData;
} TPM_CMK_SIGTICKET;
///
/// Part 2, section 5.21: TPM_CMK_MA_APPROVAL
///
typedef struct tdTPM_CMK_MA_APPROVAL {
TPM_STRUCTURE_TAG tag;
TPM_DIGEST migrationAuthorityDigest;
} TPM_CMK_MA_APPROVAL;
//
// Part 2, section 6: Command Tags
//
#define TPM_TAG_RQU_COMMAND ((TPM_STRUCTURE_TAG) 0x00C1)
#define TPM_TAG_RQU_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C2)
#define TPM_TAG_RQU_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C3)
#define TPM_TAG_RSP_COMMAND ((TPM_STRUCTURE_TAG) 0x00C4)
#define TPM_TAG_RSP_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C5)
#define TPM_TAG_RSP_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C6)
///
/// Part 2, section 7.1: TPM_PERMANENT_FLAGS
///
typedef struct tdTPM_PERMANENT_FLAGS {
TPM_STRUCTURE_TAG tag;
BOOLEAN disable;
BOOLEAN ownership;
BOOLEAN deactivated;
BOOLEAN readPubek;
BOOLEAN disableOwnerClear;
BOOLEAN allowMaintenance;
BOOLEAN physicalPresenceLifetimeLock;
BOOLEAN physicalPresenceHWEnable;
BOOLEAN physicalPresenceCMDEnable;
BOOLEAN CEKPUsed;
BOOLEAN TPMpost;
BOOLEAN TPMpostLock;
BOOLEAN FIPS;
BOOLEAN operator;
BOOLEAN enableRevokeEK;
BOOLEAN nvLocked;
BOOLEAN readSRKPub;
BOOLEAN tpmEstablished;
BOOLEAN maintenanceDone;
BOOLEAN disableFullDALogicInfo;
} TPM_PERMANENT_FLAGS;
//
// Part 2, section 7.1.1: Flag Restrictions (of TPM_PERMANENT_FLAGS)
//
#define TPM_PF_DISABLE ((TPM_CAPABILITY_AREA) 1)
#define TPM_PF_OWNERSHIP ((TPM_CAPABILITY_AREA) 2)
#define TPM_PF_DEACTIVATED ((TPM_CAPABILITY_AREA) 3)
#define TPM_PF_READPUBEK ((TPM_CAPABILITY_AREA) 4)
#define TPM_PF_DISABLEOWNERCLEAR ((TPM_CAPABILITY_AREA) 5)
#define TPM_PF_ALLOWMAINTENANCE ((TPM_CAPABILITY_AREA) 6)
#define TPM_PF_PHYSICALPRESENCELIFETIMELOCK ((TPM_CAPABILITY_AREA) 7)
#define TPM_PF_PHYSICALPRESENCEHWENABLE ((TPM_CAPABILITY_AREA) 8)
#define TPM_PF_PHYSICALPRESENCECMDENABLE ((TPM_CAPABILITY_AREA) 9)
#define TPM_PF_CEKPUSED ((TPM_CAPABILITY_AREA) 10)
#define TPM_PF_TPMPOST ((TPM_CAPABILITY_AREA) 11)
#define TPM_PF_TPMPOSTLOCK ((TPM_CAPABILITY_AREA) 12)
#define TPM_PF_FIPS ((TPM_CAPABILITY_AREA) 13)
#define TPM_PF_OPERATOR ((TPM_CAPABILITY_AREA) 14)
#define TPM_PF_ENABLEREVOKEEK ((TPM_CAPABILITY_AREA) 15)
#define TPM_PF_NV_LOCKED ((TPM_CAPABILITY_AREA) 16)
#define TPM_PF_READSRKPUB ((TPM_CAPABILITY_AREA) 17)
#define TPM_PF_TPMESTABLISHED ((TPM_CAPABILITY_AREA) 18)
#define TPM_PF_MAINTENANCEDONE ((TPM_CAPABILITY_AREA) 19)
#define TPM_PF_DISABLEFULLDALOGICINFO ((TPM_CAPABILITY_AREA) 20)
///
/// Part 2, section 7.2: TPM_STCLEAR_FLAGS
///
typedef struct tdTPM_STCLEAR_FLAGS {
TPM_STRUCTURE_TAG tag;
BOOLEAN deactivated;
BOOLEAN disableForceClear;
BOOLEAN physicalPresence;
BOOLEAN physicalPresenceLock;
BOOLEAN bGlobalLock;
} TPM_STCLEAR_FLAGS;
//
// Part 2, section 7.2.1: Flag Restrictions (of TPM_STCLEAR_FLAGS)
//
#define TPM_SF_DEACTIVATED ((TPM_CAPABILITY_AREA) 1)
#define TPM_SF_DISABLEFORCECLEAR ((TPM_CAPABILITY_AREA) 2)
#define TPM_SF_PHYSICALPRESENCE ((TPM_CAPABILITY_AREA) 3)
#define TPM_SF_PHYSICALPRESENCELOCK ((TPM_CAPABILITY_AREA) 4)
#define TPM_SF_BGLOBALLOCK ((TPM_CAPABILITY_AREA) 5)
///
/// Part 2, section 7.3: TPM_STANY_FLAGS
///
typedef struct tdTPM_STANY_FLAGS {
TPM_STRUCTURE_TAG tag;
BOOLEAN postInitialise;
TPM_MODIFIER_INDICATOR localityModifier;
BOOLEAN transportExclusive;
BOOLEAN TOSPresent;
} TPM_STANY_FLAGS;
//
// Part 2, section 7.3.1: Flag Restrictions (of TPM_STANY_FLAGS)
//
#define TPM_AF_POSTINITIALISE ((TPM_CAPABILITY_AREA) 1)
#define TPM_AF_LOCALITYMODIFIER ((TPM_CAPABILITY_AREA) 2)
#define TPM_AF_TRANSPORTEXCLUSIVE ((TPM_CAPABILITY_AREA) 3)
#define TPM_AF_TOSPRESENT ((TPM_CAPABILITY_AREA) 4)
//
// All those structures defined in section 7.4, 7.5, 7.6 are not normative and
// thus no definitions here
//
// Part 2, section 7.4: TPM_PERMANENT_DATA
//
#define TPM_MIN_COUNTERS 4 ///< the minimum number of counters is 4
#define TPM_DELEGATE_KEY TPM_KEY
#define TPM_NUM_PCR 16
#define TPM_MAX_NV_WRITE_NOOWNER 64
//
// Part 2, section 7.4.1: PERMANENT_DATA Subcap for SetCapability
//
#define TPM_PD_REVMAJOR ((TPM_CAPABILITY_AREA) 1)
#define TPM_PD_REVMINOR ((TPM_CAPABILITY_AREA) 2)
#define TPM_PD_TPMPROOF ((TPM_CAPABILITY_AREA) 3)
#define TPM_PD_OWNERAUTH ((TPM_CAPABILITY_AREA) 4)
#define TPM_PD_OPERATORAUTH ((TPM_CAPABILITY_AREA) 5)
#define TPM_PD_MANUMAINTPUB ((TPM_CAPABILITY_AREA) 6)
#define TPM_PD_ENDORSEMENTKEY ((TPM_CAPABILITY_AREA) 7)
#define TPM_PD_SRK ((TPM_CAPABILITY_AREA) 8)
#define TPM_PD_DELEGATEKEY ((TPM_CAPABILITY_AREA) 9)
#define TPM_PD_CONTEXTKEY ((TPM_CAPABILITY_AREA) 10)
#define TPM_PD_AUDITMONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 11)
#define TPM_PD_MONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 12)
#define TPM_PD_PCRATTRIB ((TPM_CAPABILITY_AREA) 13)
#define TPM_PD_ORDINALAUDITSTATUS ((TPM_CAPABILITY_AREA) 14)
#define TPM_PD_AUTHDIR ((TPM_CAPABILITY_AREA) 15)
#define TPM_PD_RNGSTATE ((TPM_CAPABILITY_AREA) 16)
#define TPM_PD_FAMILYTABLE ((TPM_CAPABILITY_AREA) 17)
#define TPM_DELEGATETABLE ((TPM_CAPABILITY_AREA) 18)
#define TPM_PD_EKRESET ((TPM_CAPABILITY_AREA) 19)
#define TPM_PD_MAXNVBUFSIZE ((TPM_CAPABILITY_AREA) 20)
#define TPM_PD_LASTFAMILYID ((TPM_CAPABILITY_AREA) 21)
#define TPM_PD_NOOWNERNVWRITE ((TPM_CAPABILITY_AREA) 22)
#define TPM_PD_RESTRICTDELEGATE ((TPM_CAPABILITY_AREA) 23)
#define TPM_PD_TPMDAASEED ((TPM_CAPABILITY_AREA) 24)
#define TPM_PD_DAAPROOF ((TPM_CAPABILITY_AREA) 25)
///
/// Part 2, section 7.5: TPM_STCLEAR_DATA
/// available inside TPM only
///
typedef struct tdTPM_STCLEAR_DATA {
TPM_STRUCTURE_TAG tag;
TPM_NONCE contextNonceKey;
TPM_COUNT_ID countID;
UINT32 ownerReference;
BOOLEAN disableResetLock;
TPM_PCRVALUE PCR[TPM_NUM_PCR];
UINT32 deferredPhysicalPresence;
} TPM_STCLEAR_DATA;
//
// Part 2, section 7.5.1: STCLEAR_DATA Subcap for SetCapability
//
#define TPM_SD_CONTEXTNONCEKEY ((TPM_CAPABILITY_AREA)0x00000001)
#define TPM_SD_COUNTID ((TPM_CAPABILITY_AREA)0x00000002)
#define TPM_SD_OWNERREFERENCE ((TPM_CAPABILITY_AREA)0x00000003)
#define TPM_SD_DISABLERESETLOCK ((TPM_CAPABILITY_AREA)0x00000004)
#define TPM_SD_PCR ((TPM_CAPABILITY_AREA)0x00000005)
#define TPM_SD_DEFERREDPHYSICALPRESENCE ((TPM_CAPABILITY_AREA)0x00000006)
//
// Part 2, section 7.6.1: STANY_DATA Subcap for SetCapability
//
#define TPM_AD_CONTEXTNONCESESSION ((TPM_CAPABILITY_AREA) 1)
#define TPM_AD_AUDITDIGEST ((TPM_CAPABILITY_AREA) 2)
#define TPM_AD_CURRENTTICKS ((TPM_CAPABILITY_AREA) 3)
#define TPM_AD_CONTEXTCOUNT ((TPM_CAPABILITY_AREA) 4)
#define TPM_AD_CONTEXTLIST ((TPM_CAPABILITY_AREA) 5)
#define TPM_AD_SESSIONS ((TPM_CAPABILITY_AREA) 6)
//
// Part 2, section 8: PCR Structures
//
///
/// Part 2, section 8.1: TPM_PCR_SELECTION
/// Size of pcrSelect[] indicated by sizeOfSelect
///
typedef struct tdTPM_PCR_SELECTION {
UINT16 sizeOfSelect;
UINT8 pcrSelect[1];
} TPM_PCR_SELECTION;
///
/// Part 2, section 8.2: TPM_PCR_COMPOSITE
/// Size of pcrValue[] indicated by valueSize
///
typedef struct tdTPM_PCR_COMPOSITE {
TPM_PCR_SELECTION select;
UINT32 valueSize;
TPM_PCRVALUE pcrValue[1];
} TPM_PCR_COMPOSITE;
///
/// Part 2, section 8.3: TPM_PCR_INFO
///
typedef struct tdTPM_PCR_INFO {
TPM_PCR_SELECTION pcrSelection;
TPM_COMPOSITE_HASH digestAtRelease;
TPM_COMPOSITE_HASH digestAtCreation;
} TPM_PCR_INFO;
///
/// Part 2, section 8.6: TPM_LOCALITY_SELECTION
///
typedef UINT8 TPM_LOCALITY_SELECTION;
#define TPM_LOC_FOUR ((UINT8) 0x10)
#define TPM_LOC_THREE ((UINT8) 0x08)
#define TPM_LOC_TWO ((UINT8) 0x04)
#define TPM_LOC_ONE ((UINT8) 0x02)
#define TPM_LOC_ZERO ((UINT8) 0x01)
///
/// Part 2, section 8.4: TPM_PCR_INFO_LONG
///
typedef struct tdTPM_PCR_INFO_LONG {
TPM_STRUCTURE_TAG tag;
TPM_LOCALITY_SELECTION localityAtCreation;
TPM_LOCALITY_SELECTION localityAtRelease;
TPM_PCR_SELECTION creationPCRSelection;
TPM_PCR_SELECTION releasePCRSelection;
TPM_COMPOSITE_HASH digestAtCreation;
TPM_COMPOSITE_HASH digestAtRelease;
} TPM_PCR_INFO_LONG;
///
/// Part 2, section 8.5: TPM_PCR_INFO_SHORT
///
typedef struct tdTPM_PCR_INFO_SHORT {
TPM_PCR_SELECTION pcrSelection;
TPM_LOCALITY_SELECTION localityAtRelease;
TPM_COMPOSITE_HASH digestAtRelease;
} TPM_PCR_INFO_SHORT;
///
/// Part 2, section 8.8: TPM_PCR_ATTRIBUTES
///
typedef struct tdTPM_PCR_ATTRIBUTES {
BOOLEAN pcrReset;
TPM_LOCALITY_SELECTION pcrExtendLocal;
TPM_LOCALITY_SELECTION pcrResetLocal;
} TPM_PCR_ATTRIBUTES;
//
// Part 2, section 9: Storage Structures
//
///
/// Part 2, section 9.1: TPM_STORED_DATA
/// [size_is(sealInfoSize)] BYTE* sealInfo;
/// [size_is(encDataSize)] BYTE* encData;
///
typedef struct tdTPM_STORED_DATA {
TPM_STRUCT_VER ver;
UINT32 sealInfoSize;
UINT8 *sealInfo;
UINT32 encDataSize;
UINT8 *encData;
} TPM_STORED_DATA;
///
/// Part 2, section 9.2: TPM_STORED_DATA12
/// [size_is(sealInfoSize)] BYTE* sealInfo;
/// [size_is(encDataSize)] BYTE* encData;
///
typedef struct tdTPM_STORED_DATA12 {
TPM_STRUCTURE_TAG tag;
TPM_ENTITY_TYPE et;
UINT32 sealInfoSize;
UINT8 *sealInfo;
UINT32 encDataSize;
UINT8 *encData;
} TPM_STORED_DATA12;
///
/// Part 2, section 9.3: TPM_SEALED_DATA