github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/src/tpm2/tpm12.h (about) 1 /** @file 2 TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 103) 3 See http://trustedcomputinggroup.org for latest specification updates 4 5 Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR> 6 This program and the accompanying materials 7 are licensed and made available under the terms and conditions of the BSD License 8 which accompanies this distribution. The full text of the license may be found at 9 http://opensource.org/licenses/bsd-license.php 10 11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. 13 **/ 14 15 16 #ifndef _TPM12_H_ 17 #define _TPM12_H_ 18 19 #include "tpm2_types.h" 20 21 /// The start of TPM return codes 22 #define TPM_BASE 0 23 24 // All structures MUST be packed on a byte boundary. 25 26 #pragma pack (1) 27 28 // Part 2, section 2.2.3: Helper redefinitions 29 // 30 /// Indicates the conditions where it is required that authorization be presented 31 typedef byte TPM_AUTH_DATA_USAGE; 32 /// The information as to what the payload is in an encrypted structure 33 typedef byte TPM_PAYLOAD_TYPE; 34 /// The version info breakdown 35 typedef byte TPM_VERSION_BYTE; 36 /// The state of the dictionary attack mitigation logic 37 typedef byte TPM_DA_STATE; 38 /// The request or response authorization type 39 typedef uint16_t TPM_TAG; 40 /// The protocol in use 41 typedef uint16_t TPM_PROTOCOL_ID; 42 /// Indicates the start state 43 typedef uint16_t TPM_STARTUP_TYPE; 44 /// The definition of the encryption scheme 45 typedef uint16_t TPM_ENC_SCHEME; 46 /// The definition of the signature scheme 47 typedef uint16_t TPM_SIG_SCHEME; 48 /// The definition of the migration scheme 49 typedef uint16_t TPM_MIGRATE_SCHEME; 50 /// Sets the state of the physical presence mechanism 51 typedef uint16_t TPM_PHYSICAL_PRESENCE; 52 /// Indicates the types of entity that are supported by the TPM 53 typedef uint16_t TPM_ENTITY_TYPE; 54 /// Indicates the permitted usage of the key 55 typedef uint16_t TPM_KEY_USAGE; 56 /// The type of asymmetric encrypted structure in use by the endorsement key 57 typedef uint16_t TPM_EK_TYPE; 58 /// The tag for the structure 59 typedef uint16_t TPM_STRUCTURE_TAG; 60 /// The platform specific spec to which the information relates to 61 typedef uint16_t TPM_PLATFORM_SPECIFIC; 62 /// The command ordinal 63 typedef uint32_t TPM_COMMAND_CODE; 64 /// Identifies a TPM capability area 65 typedef uint32_t TPM_CAPABILITY_AREA; 66 /// Indicates information regarding a key 67 typedef uint32_t TPM_KEY_FLAGS; 68 /// Indicates the type of algorithm 69 typedef uint32_t TPM_ALGORITHM_ID; 70 /// The locality modifier 71 typedef uint32_t TPM_MODIFIER_INDICATOR; 72 /// The actual number of a counter 73 typedef uint32_t TPM_ACTUAL_COUNT; 74 /// Attributes that define what options are in use for a transport session 75 typedef uint32_t TPM_TRANSPORT_ATTRIBUTES; 76 /// Handle to an authorization session 77 typedef uint32_t TPM_AUTHHANDLE; 78 /// Index to a DIR register 79 typedef uint32_t TPM_DIRINDEX; 80 /// The area where a key is held assigned by the TPM 81 typedef uint32_t TPM_KEY_HANDLE; 82 /// Index to a PCR register 83 typedef uint32_t TPM_PCRINDEX; 84 /// The return code from a function 85 typedef uint32_t TPM_RESULT; 86 /// The types of resources that a TPM may have using internal resources 87 typedef uint32_t TPM_RESOURCE_TYPE; 88 /// Allows for controlling of the key when loaded and how to handle TPM_Startup issues 89 typedef uint32_t TPM_KEY_CONTROL; 90 /// The index into the NV storage area 91 typedef uint32_t TPM_NV_INDEX; 92 /// The family ID. Family IDs are automatically assigned a sequence number by the TPM. 93 /// A trusted process can set the FamilyID value in an individual row to NULL, which 94 /// invalidates that row. The family ID resets to NULL on each change of TPM Owner. 95 typedef uint32_t TPM_FAMILY_ID; 96 /// IA value used as a label for the most recent verification of this family. Set to zero when not in use. 97 typedef uint32_t TPM_FAMILY_VERIFICATION; 98 /// How the TPM handles var 99 typedef uint32_t TPM_STARTUP_EFFECTS; 100 /// The mode of a symmetric encryption 101 typedef uint32_t TPM_SYM_MODE; 102 /// The family flags 103 typedef uint32_t TPM_FAMILY_FLAGS; 104 /// The index value for the delegate NV table 105 typedef uint32_t TPM_DELEGATE_INDEX; 106 /// The restrictions placed on delegation of CMK commands 107 typedef uint32_t TPM_CMK_DELEGATE; 108 /// The ID value of a monotonic counter 109 typedef uint32_t TPM_COUNT_ID; 110 /// A command to execute 111 typedef uint32_t TPM_REDIT_COMMAND; 112 /// A transport session handle 113 typedef uint32_t TPM_TRANSHANDLE; 114 /// A generic handle could be key, transport etc 115 typedef uint32_t TPM_HANDLE; 116 /// What operation is happening 117 typedef uint32_t TPM_FAMILY_OPERATION; 118 119 // Part 2, section 2.2.4: Vendor specific 120 // vendor specific item. 121 // 122 #define TPM_Vendor_Specific32 ((uint32_t) 0x00000400) 123 #define TPM_Vendor_Specific8 ((byte) 0x80) 124 125 // Part 2, section 3.1: TPM_STRUCTURE_TAG 126 #define TPM_TAG_CONTEXTBLOB ((TPM_STRUCTURE_TAG) 0x0001) 127 #define TPM_TAG_CONTEXT_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0002) 128 #define TPM_TAG_CONTEXTPOINTER ((TPM_STRUCTURE_TAG) 0x0003) 129 #define TPM_TAG_CONTEXTLIST ((TPM_STRUCTURE_TAG) 0x0004) 130 #define TPM_TAG_SIGNINFO ((TPM_STRUCTURE_TAG) 0x0005) 131 #define TPM_TAG_PCR_INFO_LONG ((TPM_STRUCTURE_TAG) 0x0006) 132 #define TPM_TAG_PERSISTENT_FLAGS ((TPM_STRUCTURE_TAG) 0x0007) 133 #define TPM_TAG_VOLATILE_FLAGS ((TPM_STRUCTURE_TAG) 0x0008) 134 #define TPM_TAG_PERSISTENT_DATA ((TPM_STRUCTURE_TAG) 0x0009) 135 #define TPM_TAG_VOLATILE_DATA ((TPM_STRUCTURE_TAG) 0x000A) 136 #define TPM_TAG_SV_DATA ((TPM_STRUCTURE_TAG) 0x000B) 137 #define TPM_TAG_EK_BLOB ((TPM_STRUCTURE_TAG) 0x000C) 138 #define TPM_TAG_EK_BLOB_AUTH ((TPM_STRUCTURE_TAG) 0x000D) 139 #define TPM_TAG_COUNTER_VALUE ((TPM_STRUCTURE_TAG) 0x000E) 140 #define TPM_TAG_TRANSPORT_INTERNAL ((TPM_STRUCTURE_TAG) 0x000F) 141 #define TPM_TAG_TRANSPORT_LOG_IN ((TPM_STRUCTURE_TAG) 0x0010) 142 #define TPM_TAG_TRANSPORT_LOG_OUT ((TPM_STRUCTURE_TAG) 0x0011) 143 #define TPM_TAG_AUDIT_EVENT_IN ((TPM_STRUCTURE_TAG) 0x0012) 144 #define TPM_TAG_AUDIT_EVENT_OUT ((TPM_STRUCTURE_TAG) 0x0013) 145 #define TPM_TAG_CURRENT_TICKS ((TPM_STRUCTURE_TAG) 0x0014) 146 #define TPM_TAG_KEY ((TPM_STRUCTURE_TAG) 0x0015) 147 #define TPM_TAG_STORED_DATA12 ((TPM_STRUCTURE_TAG) 0x0016) 148 #define TPM_TAG_NV_ATTRIBUTES ((TPM_STRUCTURE_TAG) 0x0017) 149 #define TPM_TAG_NV_DATA_PUBLIC ((TPM_STRUCTURE_TAG) 0x0018) 150 #define TPM_TAG_NV_DATA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0019) 151 #define TPM_TAG_DELEGATIONS ((TPM_STRUCTURE_TAG) 0x001A) 152 #define TPM_TAG_DELEGATE_PUBLIC ((TPM_STRUCTURE_TAG) 0x001B) 153 #define TPM_TAG_DELEGATE_TABLE_ROW ((TPM_STRUCTURE_TAG) 0x001C) 154 #define TPM_TAG_TRANSPORT_AUTH ((TPM_STRUCTURE_TAG) 0x001D) 155 #define TPM_TAG_TRANSPORT_PUBLIC ((TPM_STRUCTURE_TAG) 0x001E) 156 #define TPM_TAG_PERMANENT_FLAGS ((TPM_STRUCTURE_TAG) 0x001F) 157 #define TPM_TAG_STCLEAR_FLAGS ((TPM_STRUCTURE_TAG) 0x0020) 158 #define TPM_TAG_STANY_FLAGS ((TPM_STRUCTURE_TAG) 0x0021) 159 #define TPM_TAG_PERMANENT_DATA ((TPM_STRUCTURE_TAG) 0x0022) 160 #define TPM_TAG_STCLEAR_DATA ((TPM_STRUCTURE_TAG) 0x0023) 161 #define TPM_TAG_STANY_DATA ((TPM_STRUCTURE_TAG) 0x0024) 162 #define TPM_TAG_FAMILY_TABLE_ENTRY ((TPM_STRUCTURE_TAG) 0x0025) 163 #define TPM_TAG_DELEGATE_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0026) 164 #define TPM_TAG_DELG_KEY_BLOB ((TPM_STRUCTURE_TAG) 0x0027) 165 #define TPM_TAG_KEY12 ((TPM_STRUCTURE_TAG) 0x0028) 166 #define TPM_TAG_CERTIFY_INFO2 ((TPM_STRUCTURE_TAG) 0x0029) 167 #define TPM_TAG_DELEGATE_OWNER_BLOB ((TPM_STRUCTURE_TAG) 0x002A) 168 #define TPM_TAG_EK_BLOB_ACTIVATE ((TPM_STRUCTURE_TAG) 0x002B) 169 #define TPM_TAG_DAA_BLOB ((TPM_STRUCTURE_TAG) 0x002C) 170 #define TPM_TAG_DAA_CONTEXT ((TPM_STRUCTURE_TAG) 0x002D) 171 #define TPM_TAG_DAA_ENFORCE ((TPM_STRUCTURE_TAG) 0x002E) 172 #define TPM_TAG_DAA_ISSUER ((TPM_STRUCTURE_TAG) 0x002F) 173 #define TPM_TAG_CAP_VERSION_INFO ((TPM_STRUCTURE_TAG) 0x0030) 174 #define TPM_TAG_DAA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0031) 175 #define TPM_TAG_DAA_TPM ((TPM_STRUCTURE_TAG) 0x0032) 176 #define TPM_TAG_CMK_MIGAUTH ((TPM_STRUCTURE_TAG) 0x0033) 177 #define TPM_TAG_CMK_SIGTICKET ((TPM_STRUCTURE_TAG) 0x0034) 178 #define TPM_TAG_CMK_MA_APPROVAL ((TPM_STRUCTURE_TAG) 0x0035) 179 #define TPM_TAG_QUOTE_INFO2 ((TPM_STRUCTURE_TAG) 0x0036) 180 #define TPM_TAG_DA_INFO ((TPM_STRUCTURE_TAG) 0x0037) 181 #define TPM_TAG_DA_LIMITED ((TPM_STRUCTURE_TAG) 0x0038) 182 #define TPM_TAG_DA_ACTION_TYPE ((TPM_STRUCTURE_TAG) 0x0039) 183 184 // Part 2, section 4: TPM Types 185 186 // Part 2, section 4.1: TPM_RESOURCE_TYPE 187 #define TPM_RT_KEY ((TPM_RESOURCE_TYPE) 0x00000001) ///< The handle is a key handle and is the result of a LoadKey type operation 188 #define TPM_RT_AUTH ((TPM_RESOURCE_TYPE) 0x00000002) ///< The handle is an authorization handle. Auth handles come from TPM_OIAP, TPM_OSAP and TPM_DSAP 189 #define TPM_RT_HASH ((TPM_RESOURCE_TYPE) 0x00000003) ///< Reserved for hashes 190 #define TPM_RT_TRANS ((TPM_RESOURCE_TYPE) 0x00000004) ///< The handle is for a transport session. Transport handles come from TPM_EstablishTransport 191 #define TPM_RT_CONTEXT ((TPM_RESOURCE_TYPE) 0x00000005) ///< Resource wrapped and held outside the TPM using the context save/restore commands 192 #define TPM_RT_COUNTER ((TPM_RESOURCE_TYPE) 0x00000006) ///< Reserved for counters 193 #define TPM_RT_DELEGATE ((TPM_RESOURCE_TYPE) 0x00000007) ///< The handle is for a delegate row. These are the internal rows held in NV storage by the TPM 194 #define TPM_RT_DAA_TPM ((TPM_RESOURCE_TYPE) 0x00000008) ///< The value is a DAA TPM specific blob 195 #define TPM_RT_DAA_V0 ((TPM_RESOURCE_TYPE) 0x00000009) ///< The value is a DAA V0 parameter 196 #define TPM_RT_DAA_V1 ((TPM_RESOURCE_TYPE) 0x0000000A) ///< The value is a DAA V1 parameter 197 198 // Part 2, section 4.2: TPM_PAYLOAD_TYPE 199 #define TPM_PT_ASYM ((TPM_PAYLOAD_TYPE) 0x01) ///< The entity is an asymmetric key 200 #define TPM_PT_BIND ((TPM_PAYLOAD_TYPE) 0x02) ///< The entity is bound data 201 #define TPM_PT_MIGRATE ((TPM_PAYLOAD_TYPE) 0x03) ///< The entity is a migration blob 202 #define TPM_PT_MAINT ((TPM_PAYLOAD_TYPE) 0x04) ///< The entity is a maintenance blob 203 #define TPM_PT_SEAL ((TPM_PAYLOAD_TYPE) 0x05) ///< The entity is sealed data 204 #define TPM_PT_MIGRATE_RESTRICTED ((TPM_PAYLOAD_TYPE) 0x06) ///< The entity is a restricted-migration asymmetric key 205 #define TPM_PT_MIGRATE_EXTERNAL ((TPM_PAYLOAD_TYPE) 0x07) ///< The entity is a external migratable key 206 #define TPM_PT_CMK_MIGRATE ((TPM_PAYLOAD_TYPE) 0x08) ///< The entity is a CMK migratable blob 207 #define TPM_PT_VENDOR_SPECIFIC ((TPM_PAYLOAD_TYPE) 0x80) ///< 0x80 - 0xFF Vendor specific payloads 208 209 // Part 2, section 4.3: TPM_ENTITY_TYPE 210 #define TPM_ET_KEYHANDLE ((uint16_t) 0x0001) ///< The entity is a keyHandle or key 211 #define TPM_ET_OWNER ((uint16_t) 0x0002) ///< The entity is the TPM Owner 212 #define TPM_ET_DATA ((uint16_t) 0x0003) ///< The entity is some data 213 #define TPM_ET_SRK ((uint16_t) 0x0004) ///< The entity is the SRK 214 #define TPM_ET_KEY ((uint16_t) 0x0005) ///< The entity is a key or keyHandle 215 #define TPM_ET_REVOKE ((uint16_t) 0x0006) ///< The entity is the RevokeTrust value 216 #define TPM_ET_DEL_OWNER_BLOB ((uint16_t) 0x0007) ///< The entity is a delegate owner blob 217 #define TPM_ET_DEL_ROW ((uint16_t) 0x0008) ///< The entity is a delegate row 218 #define TPM_ET_DEL_KEY_BLOB ((uint16_t) 0x0009) ///< The entity is a delegate key blob 219 #define TPM_ET_COUNTER ((uint16_t) 0x000A) ///< The entity is a counter 220 #define TPM_ET_NV ((uint16_t) 0x000B) ///< The entity is a NV index 221 #define TPM_ET_OPERATOR ((uint16_t) 0x000C) ///< The entity is the operator 222 #define TPM_ET_RESERVED_HANDLE ((uint16_t) 0x0040) ///< Reserved. This value avoids collisions with the handle MSB setting. 223 // TPM_ENTITY_TYPE MSB Values: The MSB is used to indicate the ADIP encryption sheme when applicable 224 #define TPM_ET_XOR ((uint16_t) 0x0000) ///< ADIP encryption scheme: XOR 225 #define TPM_ET_AES128 ((uint16_t) 0x0006) ///< ADIP encryption scheme: AES 128 bits 226 227 // Part 2, section 4.4.1: Reserved Key Handles 228 #define TPM_KH_SRK ((TPM_KEY_HANDLE) 0x40000000) ///< The handle points to the SRK 229 #define TPM_KH_OWNER ((TPM_KEY_HANDLE) 0x40000001) ///< The handle points to the TPM Owner 230 #define TPM_KH_REVOKE ((TPM_KEY_HANDLE) 0x40000002) ///< The handle points to the RevokeTrust value 231 #define TPM_KH_TRANSPORT ((TPM_KEY_HANDLE) 0x40000003) ///< The handle points to the EstablishTransport static authorization 232 #define TPM_KH_OPERATOR ((TPM_KEY_HANDLE) 0x40000004) ///< The handle points to the Operator auth 233 #define TPM_KH_ADMIN ((TPM_KEY_HANDLE) 0x40000005) ///< The handle points to the delegation administration auth 234 #define TPM_KH_EK ((TPM_KEY_HANDLE) 0x40000006) ///< The handle points to the PUBEK, only usable with TPM_OwnerReadInternalPub 235 236 // Part 2, section 4.5: TPM_STARTUP_TYPE 237 #define TPM_ST_CLEAR ((TPM_STARTUP_TYPE) 0x0001) ///< The TPM is starting up from a clean state 238 #define TPM_ST_STATE ((TPM_STARTUP_TYPE) 0x0002) ///< The TPM is starting up from a saved state 239 #define TPM_ST_DEACTIVATED ((TPM_STARTUP_TYPE) 0x0003) ///< The TPM is to startup and set the deactivated flag to TRUE 240 241 // Part 2, section 4.6: TPM_STATUP_EFFECTS 242 // The table makeup is still an open issue. 243 // Part 2, section 4.7: TPM_PROTOCOL_ID 244 #define TPM_PID_OIAP ((TPM_PROTOCOL_ID) 0x0001) ///< The OIAP protocol. 245 #define TPM_PID_OSAP ((TPM_PROTOCOL_ID) 0x0002) ///< The OSAP protocol. 246 #define TPM_PID_ADIP ((TPM_PROTOCOL_ID) 0x0003) ///< The ADIP protocol. 247 #define TPM_PID_ADCP ((TPM_PROTOCOL_ID) 0x0004) ///< The ADCP protocol. 248 #define TPM_PID_OWNER ((TPM_PROTOCOL_ID) 0x0005) ///< The protocol for taking ownership of a TPM. 249 #define TPM_PID_DSAP ((TPM_PROTOCOL_ID) 0x0006) ///< The DSAP protocol 250 #define TPM_PID_TRANSPORT ((TPM_PROTOCOL_ID) 0x0007) ///< The transport protocol 251 252 // Part 2, section 4.8: TPM_ALGORITHM_ID 253 // The TPM MUST support the algorithms TPM_ALG_RSA, TPM_ALG_SHA, TPM_ALG_HMAC, 254 // TPM_ALG_MGF1 255 #define TPM_ALG_RSA ((TPM_ALGORITHM_ID) 0x00000001) ///< The RSA algorithm. 256 #define TPM_ALG_DES ((TPM_ALGORITHM_ID) 0x00000002) ///< The DES algorithm 257 #define TPM_ALG_3DES ((TPM_ALGORITHM_ID) 0x00000003) ///< The 3DES algorithm in EDE mode 258 #define TPM_ALG_SHA ((TPM_ALGORITHM_ID) 0x00000004) ///< The SHA1 algorithm 259 #define TPM_ALG_HMAC ((TPM_ALGORITHM_ID) 0x00000005) ///< The RFC 2104 HMAC algorithm 260 #define TPM_ALG_AES128 ((TPM_ALGORITHM_ID) 0x00000006) ///< The AES algorithm, key size 128 261 #define TPM_ALG_MGF1 ((TPM_ALGORITHM_ID) 0x00000007) ///< The XOR algorithm using MGF1 to create a string the size of the encrypted block 262 #define TPM_ALG_AES192 ((TPM_ALGORITHM_ID) 0x00000008) ///< AES, key size 192 263 #define TPM_ALG_AES256 ((TPM_ALGORITHM_ID) 0x00000009) ///< AES, key size 256 264 #define TPM_ALG_XOR ((TPM_ALGORITHM_ID) 0x0000000A) ///< XOR using the rolling nonces 265 266 // Part 2, section 4.9: TPM_PHYSICAL_PRESENCE 267 #define TPM_PHYSICAL_PRESENCE_HW_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0200) ///< Sets the physicalPresenceHWEnable to FALSE 268 #define TPM_PHYSICAL_PRESENCE_CMD_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0100) ///< Sets the physicalPresenceCMDEnable to FALSE 269 #define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0080) ///< Sets the physicalPresenceLifetimeLock to TRUE 270 #define TPM_PHYSICAL_PRESENCE_HW_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0040) ///< Sets the physicalPresenceHWEnable to TRUE 271 #define TPM_PHYSICAL_PRESENCE_CMD_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0020) ///< Sets the physicalPresenceCMDEnable to TRUE 272 #define TPM_PHYSICAL_PRESENCE_NOTPRESENT ((TPM_PHYSICAL_PRESENCE) 0x0010) ///< Sets PhysicalPresence = FALSE 273 #define TPM_PHYSICAL_PRESENCE_PRESENT ((TPM_PHYSICAL_PRESENCE) 0x0008) ///< Sets PhysicalPresence = TRUE 274 #define TPM_PHYSICAL_PRESENCE_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0004) ///< Sets PhysicalPresenceLock = TRUE 275 276 // Part 2, section 4.10: TPM_MIGRATE_SCHEME 277 #define TPM_MS_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0001) ///< A public key that can be used with all TPM migration commands other than 'ReWrap' mode. 278 #define TPM_MS_REWRAP ((TPM_MIGRATE_SCHEME) 0x0002) ///< A public key that can be used for the ReWrap mode of TPM_CreateMigrationBlob. 279 #define TPM_MS_MAINT ((TPM_MIGRATE_SCHEME) 0x0003) ///< A public key that can be used for the Maintenance commands 280 #define TPM_MS_RESTRICT_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0004) ///< The key is to be migrated to a Migration Authority. 281 #define TPM_MS_RESTRICT_APPROVE_DOUBLE ((TPM_MIGRATE_SCHEME) 0x0005) ///< The key is to be migrated to an entity approved by a Migration Authority using double wrapping 282 283 // Part 2, section 4.11: TPM_EK_TYPE 284 #define TPM_EK_TYPE_ACTIVATE ((TPM_EK_TYPE) 0x0001) ///< The blob MUST be TPM_EK_BLOB_ACTIVATE 285 #define TPM_EK_TYPE_AUTH ((TPM_EK_TYPE) 0x0002) ///< The blob MUST be TPM_EK_BLOB_AUTH 286 287 // Part 2, section 4.12: TPM_PLATFORM_SPECIFIC 288 #define TPM_PS_PC_11 ((TPM_PLATFORM_SPECIFIC) 0x0001) ///< PC Specific version 1.1 289 #define TPM_PS_PC_12 ((TPM_PLATFORM_SPECIFIC) 0x0002) ///< PC Specific version 1.2 290 #define TPM_PS_PDA_12 ((TPM_PLATFORM_SPECIFIC) 0x0003) ///< PDA Specific version 1.2 291 #define TPM_PS_Server_12 ((TPM_PLATFORM_SPECIFIC) 0x0004) ///< Server Specific version 1.2 292 #define TPM_PS_Mobile_12 ((TPM_PLATFORM_SPECIFIC) 0x0005) ///< Mobil Specific version 1.2 293 294 // Part 2, section 5: Basic Structures 295 /// Part 2, section 5.1: TPM_STRUCT_VER 296 typedef struct tdTPM_STRUCT_VER { 297 byte major; 298 byte minor; 299 byte revMajor; 300 byte revMinor; 301 } TPM_STRUCT_VER; 302 303 /// Part 2, section 5.3: TPM_VERSION 304 typedef struct tdTPM_VERSION { 305 TPM_VERSION_BYTE major; 306 TPM_VERSION_BYTE minor; 307 byte revMajor; 308 byte revMinor; 309 } TPM_VERSION; 310 311 312 #define TPM_SHA1_160_HASH_LEN 0x14 313 #define TPM_SHA1BASED_NONCE_LEN TPM_SHA1_160_HASH_LEN 314 315 /// Part 2, section 5.4: TPM_DIGEST 316 typedef struct tdTPM_DIGEST{ 317 byte digest[TPM_SHA1_160_HASH_LEN]; 318 } TPM_DIGEST; 319 320 /// This SHALL be the digest of the chosen identityLabel and privacyCA for a new TPM identity 321 typedef TPM_DIGEST TPM_CHOSENID_HASH; 322 /// This SHALL be the hash of a list of PCR indexes and PCR values that a key or data is bound to 323 typedef TPM_DIGEST TPM_COMPOSITE_HASH; 324 /// This SHALL be the value of a DIR register 325 typedef TPM_DIGEST TPM_DIRVALUE; 326 327 typedef TPM_DIGEST TPM_HMAC; 328 /// The value inside of the PCR 329 typedef TPM_DIGEST TPM_PCRVALUE; 330 /// This SHALL be the value of the current internal audit state 331 typedef TPM_DIGEST TPM_AUDITDIGEST; 332 333 /// Part 2, section 5.5: TPM_NONCE 334 typedef struct tdTPM_NONCE{ 335 byte nonce[20]; 336 } TPM_NONCE; 337 338 /// This SHALL be a random value generated by a TPM immediately after the EK is installed 339 /// in that TPM, whenever an EK is installed in that TPM 340 typedef TPM_NONCE TPM_DAA_TPM_SEED; 341 /// This SHALL be a random value 342 typedef TPM_NONCE TPM_DAA_CONTEXT_SEED; 343 344 // Part 2, section 5.6: TPM_AUTHDATA 345 // 346 /// The AuthData data is the information that is saved or passed to provide proof of ownership 347 /// 296 of an entity 348 typedef byte tdTPM_AUTHDATA[20]; 349 350 typedef tdTPM_AUTHDATA TPM_AUTHDATA; 351 /// A secret plaintext value used in the authorization process 352 typedef TPM_AUTHDATA TPM_SECRET; 353 /// A ciphertext (encrypted) version of AuthData data. The encryption mechanism depends on the context 354 typedef TPM_AUTHDATA TPM_ENCAUTH; 355 356 /// Part 2, section 5.7: TPM_KEY_HANDLE_LIST 357 /// Size of handle is loaded * sizeof(TPM_KEY_HANDLE) 358 typedef struct tdTPM_KEY_HANDLE_LIST { 359 uint16_t loaded; 360 TPM_KEY_HANDLE handle[1]; 361 } TPM_KEY_HANDLE_LIST; 362 363 // Part 2, section 5.8: TPM_KEY_USAGE values 364 /// TPM_KEY_SIGNING SHALL indicate a signing key. The [private] key SHALL be 365 /// used for signing operations, only. This means that it MUST be a leaf of the 366 /// Protected Storage key hierarchy. 367 #define TPM_KEY_SIGNING ((uint16_t) 0x0010) 368 /// TPM_KEY_STORAGE SHALL indicate a storage key. The key SHALL be used to wrap 369 /// and unwrap other keys in the Protected Storage hierarchy 370 #define TPM_KEY_STORAGE ((uint16_t) 0x0011) 371 /// TPM_KEY_IDENTITY SHALL indicate an identity key. The key SHALL be used for 372 /// operations that require a TPM identity, only. 373 #define TPM_KEY_IDENTITY ((uint16_t) 0x0012) 374 /// 375 /// TPM_KEY_AUTHCHANGE SHALL indicate an ephemeral key that is in use during 376 /// the ChangeAuthAsym process, only. 377 #define TPM_KEY_AUTHCHANGE ((uint16_t) 0x0013) 378 /// TPM_KEY_BIND SHALL indicate a key that can be used for TPM_Bind and 379 /// TPM_Unbind operations only. 380 #define TPM_KEY_BIND ((uint16_t) 0x0014) 381 /// TPM_KEY_LEGACY SHALL indicate a key that can perform signing and binding 382 /// operations. The key MAY be used for both signing and binding operations. 383 /// The TPM_KEY_LEGACY key type is to allow for use by applications where both 384 /// signing and encryption operations occur with the same key. The use of this 385 /// key type is not recommended TPM_KEY_MIGRATE 0x0016 This SHALL indicate a 386 /// key in use for TPM_MigrateKey 387 #define TPM_KEY_LEGACY ((uint16_t) 0x0015) 388 /// TPM_KEY_MIGRAGE SHALL indicate a key in use for TPM_MigrateKey 389 #define TPM_KEY_MIGRATE ((uint16_t) 0x0016) 390 391 // Part 2, section 5.8.1: Mandatory Key Usage Schemes 392 #define TPM_ES_NONE ((TPM_ENC_SCHEME) 0x0001) 393 #define TPM_ES_RSAESPKCSv15 ((TPM_ENC_SCHEME) 0x0002) 394 #define TPM_ES_RSAESOAEP_SHA1_MGF1 ((TPM_ENC_SCHEME) 0x0003) 395 #define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004) ///< rev94 defined 396 #define TPM_ES_SYM_CTR ((TPM_ENC_SCHEME) 0x0004) 397 #define TPM_ES_SYM_OFB ((TPM_ENC_SCHEME) 0x0005) 398 399 #define TPM_SS_NONE ((TPM_SIG_SCHEME) 0x0001) 400 #define TPM_SS_RSASSAPKCS1v15_SHA1 ((TPM_SIG_SCHEME) 0x0002) 401 #define TPM_SS_RSASSAPKCS1v15_DER ((TPM_SIG_SCHEME) 0x0003) 402 #define TPM_SS_RSASSAPKCS1v15_INFO ((TPM_SIG_SCHEME) 0x0004) 403 404 // Part 2, section 5.9: TPM_AUTH_DATA_USAGE values 405 #define TPM_AUTH_NEVER ((TPM_AUTH_DATA_USAGE) 0x00) 406 #define TPM_AUTH_ALWAYS ((TPM_AUTH_DATA_USAGE) 0x01) 407 #define TPM_AUTH_PRIV_USE_ONLY ((TPM_AUTH_DATA_USAGE) 0x03) 408 409 /// Part 2, section 5.10: TPM_KEY_FLAGS 410 typedef enum tdTPM_KEY_FLAGS { 411 redirection = 0x00000001, 412 migratable = 0x00000002, 413 isVolatile = 0x00000004, 414 pcrIgnoredOnRead = 0x00000008, 415 migrateAuthority = 0x00000010 416 } TPM_KEY_FLAGS_BITS; 417 418 /// Part 2, section 5.11: TPM_CHANGEAUTH_VALIDATE 419 typedef struct tdTPM_CHANGEAUTH_VALIDATE { 420 TPM_SECRET newAuthSecret; 421 TPM_NONCE n1; 422 } TPM_CHANGEAUTH_VALIDATE; 423 424 /// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH 425 /// decalared after section 10 to catch declaration of TPM_PUBKEY 426 /// 427 /// Part 2 section 10.1: TPM_KEY_PARMS 428 /// [size_is(parmSize)] BYTE* parms; 429 typedef struct tdTPM_KEY_PARMS { 430 TPM_ALGORITHM_ID algorithmID; 431 TPM_ENC_SCHEME encScheme; 432 TPM_SIG_SCHEME sigScheme; 433 uint32_t parmSize; 434 byte *parms; 435 } TPM_KEY_PARMS; 436 437 /// Part 2, section 10.4: TPM_STORE_PUBKEY 438 typedef struct tdTPM_STORE_PUBKEY { 439 uint32_t keyLength; 440 byte key[1]; 441 } TPM_STORE_PUBKEY; 442 443 /// Part 2, section 10.5: TPM_PUBKEY 444 typedef struct tdTPM_PUBKEY{ 445 TPM_KEY_PARMS algorithmParms; 446 TPM_STORE_PUBKEY pubKey; 447 } TPM_PUBKEY; 448 449 /// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH 450 typedef struct tdTPM_MIGRATIONKEYAUTH{ 451 TPM_PUBKEY migrationKey; 452 TPM_MIGRATE_SCHEME migrationScheme; 453 TPM_DIGEST digest; 454 } TPM_MIGRATIONKEYAUTH; 455 456 /// Part 2, section 5.13: TPM_COUNTER_VALUE 457 typedef struct tdTPM_COUNTER_VALUE{ 458 TPM_STRUCTURE_TAG tag; 459 byte label[4]; 460 TPM_ACTUAL_COUNT counter; 461 } TPM_COUNTER_VALUE; 462 463 /// Part 2, section 5.14: TPM_SIGN_INFO 464 /// Size of data indicated by dataLen 465 typedef struct tdTPM_SIGN_INFO { 466 TPM_STRUCTURE_TAG tag; 467 byte fixed[4]; 468 TPM_NONCE replay; 469 uint32_t dataLen; 470 byte *data; 471 } TPM_SIGN_INFO; 472 473 /// Part 2, section 5.15: TPM_MSA_COMPOSITE 474 /// Number of migAuthDigest indicated by MSAlist 475 typedef struct tdTPM_MSA_COMPOSITE { 476 uint32_t MSAlist; 477 TPM_DIGEST migAuthDigest[1]; 478 } TPM_MSA_COMPOSITE; 479 480 /// 481 /// Part 2, section 5.16: TPM_CMK_AUTH 482 /// 483 typedef struct tdTPM_CMK_AUTH{ 484 TPM_DIGEST migrationAuthorityDigest; 485 TPM_DIGEST destinationKeyDigest; 486 TPM_DIGEST sourceKeyDigest; 487 } TPM_CMK_AUTH; 488 489 // 490 // Part 2, section 5.17: TPM_CMK_DELEGATE 491 // 492 #define TPM_CMK_DELEGATE_SIGNING ((TPM_CMK_DELEGATE) BIT31) 493 #define TPM_CMK_DELEGATE_STORAGE ((TPM_CMK_DELEGATE) BIT30) 494 #define TPM_CMK_DELEGATE_BIND ((TPM_CMK_DELEGATE) BIT29) 495 #define TPM_CMK_DELEGATE_LEGACY ((TPM_CMK_DELEGATE) BIT28) 496 #define TPM_CMK_DELEGATE_MIGRATE ((TPM_CMK_DELEGATE) BIT27) 497 498 /// 499 /// Part 2, section 5.18: TPM_SELECT_SIZE 500 /// 501 typedef struct tdTPM_SELECT_SIZE { 502 byte major; 503 byte minor; 504 uint16_t reqSize; 505 } TPM_SELECT_SIZE; 506 507 /// 508 /// Part 2, section 5,19: TPM_CMK_MIGAUTH 509 /// 510 typedef struct tdTPM_CMK_MIGAUTH{ 511 TPM_STRUCTURE_TAG tag; 512 TPM_DIGEST msaDigest; 513 TPM_DIGEST pubKeyDigest; 514 } TPM_CMK_MIGAUTH; 515 516 /// 517 /// Part 2, section 5.20: TPM_CMK_SIGTICKET 518 /// 519 typedef struct tdTPM_CMK_SIGTICKET{ 520 TPM_STRUCTURE_TAG tag; 521 TPM_DIGEST verKeyDigest; 522 TPM_DIGEST signedData; 523 } TPM_CMK_SIGTICKET; 524 525 /// 526 /// Part 2, section 5.21: TPM_CMK_MA_APPROVAL 527 /// 528 typedef struct tdTPM_CMK_MA_APPROVAL{ 529 TPM_STRUCTURE_TAG tag; 530 TPM_DIGEST migrationAuthorityDigest; 531 } TPM_CMK_MA_APPROVAL; 532 533 // 534 // Part 2, section 6: Command Tags 535 // 536 #define TPM_TAG_RQU_COMMAND ((TPM_STRUCTURE_TAG) 0x00C1) 537 #define TPM_TAG_RQU_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C2) 538 #define TPM_TAG_RQU_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C3) 539 #define TPM_TAG_RSP_COMMAND ((TPM_STRUCTURE_TAG) 0x00C4) 540 #define TPM_TAG_RSP_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C5) 541 #define TPM_TAG_RSP_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C6) 542 543 /// 544 /// Part 2, section 7.1: TPM_PERMANENT_FLAGS 545 /// 546 typedef struct tdTPM_PERMANENT_FLAGS{ 547 TPM_STRUCTURE_TAG tag; 548 byte disable; 549 byte ownership; 550 byte deactivated; 551 byte readPubek; 552 byte disableOwnerClear; 553 byte allowMaintenance; 554 byte physicalPresenceLifetimeLock; 555 byte physicalPresenceHWEnable; 556 byte physicalPresenceCMDEnable; 557 byte CEKPUsed; 558 byte TPMpost; 559 byte TPMpostLock; 560 byte FIPS; 561 byte operator_; 562 byte enableRevokeEK; 563 byte nvLocked; 564 byte readSRKPub; 565 byte tpmEstablished; 566 byte maintenanceDone; 567 byte disableFullDALogicInfo; 568 } TPM_PERMANENT_FLAGS; 569 570 // 571 // Part 2, section 7.1.1: Flag Restrictions (of TPM_PERMANENT_FLAGS) 572 // 573 #define TPM_PF_DISABLE ((TPM_CAPABILITY_AREA) 1) 574 #define TPM_PF_OWNERSHIP ((TPM_CAPABILITY_AREA) 2) 575 #define TPM_PF_DEACTIVATED ((TPM_CAPABILITY_AREA) 3) 576 #define TPM_PF_READPUBEK ((TPM_CAPABILITY_AREA) 4) 577 #define TPM_PF_DISABLEOWNERCLEAR ((TPM_CAPABILITY_AREA) 5) 578 #define TPM_PF_ALLOWMAINTENANCE ((TPM_CAPABILITY_AREA) 6) 579 #define TPM_PF_PHYSICALPRESENCELIFETIMELOCK ((TPM_CAPABILITY_AREA) 7) 580 #define TPM_PF_PHYSICALPRESENCEHWENABLE ((TPM_CAPABILITY_AREA) 8) 581 #define TPM_PF_PHYSICALPRESENCECMDENABLE ((TPM_CAPABILITY_AREA) 9) 582 #define TPM_PF_CEKPUSED ((TPM_CAPABILITY_AREA) 10) 583 #define TPM_PF_TPMPOST ((TPM_CAPABILITY_AREA) 11) 584 #define TPM_PF_TPMPOSTLOCK ((TPM_CAPABILITY_AREA) 12) 585 #define TPM_PF_FIPS ((TPM_CAPABILITY_AREA) 13) 586 #define TPM_PF_OPERATOR ((TPM_CAPABILITY_AREA) 14) 587 #define TPM_PF_ENABLEREVOKEEK ((TPM_CAPABILITY_AREA) 15) 588 #define TPM_PF_NV_LOCKED ((TPM_CAPABILITY_AREA) 16) 589 #define TPM_PF_READSRKPUB ((TPM_CAPABILITY_AREA) 17) 590 #define TPM_PF_TPMESTABLISHED ((TPM_CAPABILITY_AREA) 18) 591 #define TPM_PF_MAINTENANCEDONE ((TPM_CAPABILITY_AREA) 19) 592 #define TPM_PF_DISABLEFULLDALOGICINFO ((TPM_CAPABILITY_AREA) 20) 593 594 /// 595 /// Part 2, section 7.2: TPM_STCLEAR_FLAGS 596 /// 597 typedef struct tdTPM_STCLEAR_FLAGS{ 598 TPM_STRUCTURE_TAG tag; 599 byte deactivated; 600 byte disableForceClear; 601 byte physicalPresence; 602 byte physicalPresenceLock; 603 byte bGlobalLock; 604 } TPM_STCLEAR_FLAGS; 605 606 // 607 // Part 2, section 7.2.1: Flag Restrictions (of TPM_STCLEAR_FLAGS) 608 // 609 #define TPM_SF_DEACTIVATED ((TPM_CAPABILITY_AREA) 1) 610 #define TPM_SF_DISABLEFORCECLEAR ((TPM_CAPABILITY_AREA) 2) 611 #define TPM_SF_PHYSICALPRESENCE ((TPM_CAPABILITY_AREA) 3) 612 #define TPM_SF_PHYSICALPRESENCELOCK ((TPM_CAPABILITY_AREA) 4) 613 #define TPM_SF_BGLOBALLOCK ((TPM_CAPABILITY_AREA) 5) 614 615 /// 616 /// Part 2, section 7.3: TPM_STANY_FLAGS 617 /// 618 typedef struct tdTPM_STANY_FLAGS{ 619 TPM_STRUCTURE_TAG tag; 620 byte postInitialise; 621 TPM_MODIFIER_INDICATOR localityModifier; 622 byte transportExclusive; 623 byte TOSPresent; 624 } TPM_STANY_FLAGS; 625 626 // 627 // Part 2, section 7.3.1: Flag Restrictions (of TPM_STANY_FLAGS) 628 // 629 #define TPM_AF_POSTINITIALISE ((TPM_CAPABILITY_AREA) 1) 630 #define TPM_AF_LOCALITYMODIFIER ((TPM_CAPABILITY_AREA) 2) 631 #define TPM_AF_TRANSPORTEXCLUSIVE ((TPM_CAPABILITY_AREA) 3) 632 #define TPM_AF_TOSPRESENT ((TPM_CAPABILITY_AREA) 4) 633 634 // 635 // All those structures defined in section 7.4, 7.5, 7.6 are not normative and 636 // thus no definitions here 637 // 638 // Part 2, section 7.4: TPM_PERMANENT_DATA 639 // 640 #define TPM_MIN_COUNTERS 4 ///< the minimum number of counters is 4 641 #define TPM_DELEGATE_KEY TPM_KEY 642 #define TPM_NUM_PCR 16 643 #define TPM_MAX_NV_WRITE_NOOWNER 64 644 645 // 646 // Part 2, section 7.4.1: PERMANENT_DATA Subcap for SetCapability 647 // 648 #define TPM_PD_REVMAJOR ((TPM_CAPABILITY_AREA) 1) 649 #define TPM_PD_REVMINOR ((TPM_CAPABILITY_AREA) 2) 650 #define TPM_PD_TPMPROOF ((TPM_CAPABILITY_AREA) 3) 651 #define TPM_PD_OWNERAUTH ((TPM_CAPABILITY_AREA) 4) 652 #define TPM_PD_OPERATORAUTH ((TPM_CAPABILITY_AREA) 5) 653 #define TPM_PD_MANUMAINTPUB ((TPM_CAPABILITY_AREA) 6) 654 #define TPM_PD_ENDORSEMENTKEY ((TPM_CAPABILITY_AREA) 7) 655 #define TPM_PD_SRK ((TPM_CAPABILITY_AREA) 8) 656 #define TPM_PD_DELEGATEKEY ((TPM_CAPABILITY_AREA) 9) 657 #define TPM_PD_CONTEXTKEY ((TPM_CAPABILITY_AREA) 10) 658 #define TPM_PD_AUDITMONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 11) 659 #define TPM_PD_MONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 12) 660 #define TPM_PD_PCRATTRIB ((TPM_CAPABILITY_AREA) 13) 661 #define TPM_PD_ORDINALAUDITSTATUS ((TPM_CAPABILITY_AREA) 14) 662 #define TPM_PD_AUTHDIR ((TPM_CAPABILITY_AREA) 15) 663 #define TPM_PD_RNGSTATE ((TPM_CAPABILITY_AREA) 16) 664 #define TPM_PD_FAMILYTABLE ((TPM_CAPABILITY_AREA) 17) 665 #define TPM_DELEGATETABLE ((TPM_CAPABILITY_AREA) 18) 666 #define TPM_PD_EKRESET ((TPM_CAPABILITY_AREA) 19) 667 #define TPM_PD_MAXNVBUFSIZE ((TPM_CAPABILITY_AREA) 20) 668 #define TPM_PD_LASTFAMILYID ((TPM_CAPABILITY_AREA) 21) 669 #define TPM_PD_NOOWNERNVWRITE ((TPM_CAPABILITY_AREA) 22) 670 #define TPM_PD_RESTRICTDELEGATE ((TPM_CAPABILITY_AREA) 23) 671 #define TPM_PD_TPMDAASEED ((TPM_CAPABILITY_AREA) 24) 672 #define TPM_PD_DAAPROOF ((TPM_CAPABILITY_AREA) 25) 673 674 /// 675 /// Part 2, section 7.5: TPM_STCLEAR_DATA 676 /// available inside TPM only 677 /// 678 typedef struct tdTPM_STCLEAR_DATA{ 679 TPM_STRUCTURE_TAG tag; 680 TPM_NONCE contextNonceKey; 681 TPM_COUNT_ID countID; 682 uint32_t ownerReference; 683 byte disableResetLock; 684 TPM_PCRVALUE PCR[TPM_NUM_PCR]; 685 uint32_t deferredPhysicalPresence; 686 }TPM_STCLEAR_DATA; 687 688 // 689 // Part 2, section 7.5.1: STCLEAR_DATA Subcap for SetCapability 690 // 691 #define TPM_SD_CONTEXTNONCEKEY ((TPM_CAPABILITY_AREA)0x00000001) 692 #define TPM_SD_COUNTID ((TPM_CAPABILITY_AREA)0x00000002) 693 #define TPM_SD_OWNERREFERENCE ((TPM_CAPABILITY_AREA)0x00000003) 694 #define TPM_SD_DISABLERESETLOCK ((TPM_CAPABILITY_AREA)0x00000004) 695 #define TPM_SD_PCR ((TPM_CAPABILITY_AREA)0x00000005) 696 #define TPM_SD_DEFERREDPHYSICALPRESENCE ((TPM_CAPABILITY_AREA)0x00000006) 697 698 // 699 // Part 2, section 7.6.1: STANY_DATA Subcap for SetCapability 700 // 701 #define TPM_AD_CONTEXTNONCESESSION ((TPM_CAPABILITY_AREA) 1) 702 #define TPM_AD_AUDITDIGEST ((TPM_CAPABILITY_AREA) 2) 703 #define TPM_AD_CURRENTTICKS ((TPM_CAPABILITY_AREA) 3) 704 #define TPM_AD_CONTEXTCOUNT ((TPM_CAPABILITY_AREA) 4) 705 #define TPM_AD_CONTEXTLIST ((TPM_CAPABILITY_AREA) 5) 706 #define TPM_AD_SESSIONS ((TPM_CAPABILITY_AREA) 6) 707 708 // 709 // Part 2, section 8: PCR Structures 710 // 711 712 /// 713 /// Part 2, section 8.1: TPM_PCR_SELECTION 714 /// Size of pcrSelect[] indicated by sizeOfSelect 715 /// 716 typedef struct tdTPM_PCR_SELECTION { 717 uint16_t sizeOfSelect; 718 byte pcrSelect[1]; 719 } TPM_PCR_SELECTION; 720 721 /// 722 /// Part 2, section 8.2: TPM_PCR_COMPOSITE 723 /// Size of pcrValue[] indicated by valueSize 724 /// 725 typedef struct tdTPM_PCR_COMPOSITE { 726 TPM_PCR_SELECTION select; 727 uint32_t valueSize; 728 TPM_PCRVALUE pcrValue[1]; 729 } TPM_PCR_COMPOSITE; 730 731 /// 732 /// Part 2, section 8.3: TPM_PCR_INFO 733 /// 734 typedef struct tdTPM_PCR_INFO { 735 TPM_PCR_SELECTION pcrSelection; 736 TPM_COMPOSITE_HASH digestAtRelease; 737 TPM_COMPOSITE_HASH digestAtCreation; 738 } TPM_PCR_INFO; 739 740 /// 741 /// Part 2, section 8.6: TPM_LOCALITY_SELECTION 742 /// 743 typedef byte TPM_LOCALITY_SELECTION; 744 745 #define TPM_LOC_FOUR ((byte) 0x10) 746 #define TPM_LOC_THREE ((byte) 0x08) 747 #define TPM_LOC_TWO ((byte) 0x04) 748 #define TPM_LOC_ONE ((byte) 0x02) 749 #define TPM_LOC_ZERO ((byte) 0x01) 750 751 /// 752 /// Part 2, section 8.4: TPM_PCR_INFO_LONG 753 /// 754 typedef struct tdTPM_PCR_INFO_LONG { 755 TPM_STRUCTURE_TAG tag; 756 TPM_LOCALITY_SELECTION localityAtCreation; 757 TPM_LOCALITY_SELECTION localityAtRelease; 758 TPM_PCR_SELECTION creationPCRSelection; 759 TPM_PCR_SELECTION releasePCRSelection; 760 TPM_COMPOSITE_HASH digestAtCreation; 761 TPM_COMPOSITE_HASH digestAtRelease; 762 } TPM_PCR_INFO_LONG; 763 764 /// 765 /// Part 2, section 8.5: TPM_PCR_INFO_SHORT 766 /// 767 typedef struct tdTPM_PCR_INFO_SHORT{ 768 TPM_PCR_SELECTION pcrSelection; 769 TPM_LOCALITY_SELECTION localityAtRelease; 770 TPM_COMPOSITE_HASH digestAtRelease; 771 } TPM_PCR_INFO_SHORT; 772 773 /// 774 /// Part 2, section 8.8: TPM_PCR_ATTRIBUTES 775 /// 776 typedef struct tdTPM_PCR_ATTRIBUTES{ 777 byte pcrReset; 778 TPM_LOCALITY_SELECTION pcrExtendLocal; 779 TPM_LOCALITY_SELECTION pcrResetLocal; 780 } TPM_PCR_ATTRIBUTES; 781 782 // 783 // Part 2, section 9: Storage Structures 784 // 785 786 /// 787 /// Part 2, section 9.1: TPM_STORED_DATA 788 /// [size_is(sealInfoSize)] BYTE* sealInfo; 789 /// [size_is(encDataSize)] BYTE* encData; 790 /// 791 typedef struct tdTPM_STORED_DATA { 792 TPM_STRUCT_VER ver; 793 uint32_t sealInfoSize; 794 byte *sealInfo; 795 uint32_t encDataSize; 796 byte *encData; 797 } TPM_STORED_DATA; 798 799 /// 800 /// Part 2, section 9.2: TPM_STORED_DATA12 801 /// [size_is(sealInfoSize)] BYTE* sealInfo; 802 /// [size_is(encDataSize)] BYTE* encData; 803 /// 804 typedef struct tdTPM_STORED_DATA12 { 805 TPM_STRUCTURE_TAG tag; 806 TPM_ENTITY_TYPE et; 807 uint32_t sealInfoSize; 808 byte *sealInfo; 809 uint32_t encDataSize; 810 byte *encData; 811 } TPM_STORED_DATA12; 812 813 /// 814 /// Part 2, section 9.3: TPM_SEALED_DATA 815 /// [size_is(dataSize)] BYTE* data; 816 /// 817 typedef struct tdTPM_SEALED_DATA { 818 TPM_PAYLOAD_TYPE payload; 819 TPM_SECRET authData; 820 TPM_NONCE tpmProof; 821 TPM_DIGEST storedDigest; 822 uint32_t dataSize; 823 byte *data; 824 } TPM_SEALED_DATA; 825 826 /// 827 /// Part 2, section 9.4: TPM_SYMMETRIC_KEY 828 /// [size_is(size)] BYTE* data; 829 /// 830 typedef struct tdTPM_SYMMETRIC_KEY { 831 TPM_ALGORITHM_ID algId; 832 TPM_ENC_SCHEME encScheme; 833 uint16_t dataSize; 834 byte *data; 835 } TPM_SYMMETRIC_KEY; 836 837 /// 838 /// Part 2, section 9.5: TPM_BOUND_DATA 839 /// 840 typedef struct tdTPM_BOUND_DATA { 841 TPM_STRUCT_VER ver; 842 TPM_PAYLOAD_TYPE payload; 843 byte payloadData[1]; 844 } TPM_BOUND_DATA; 845 846 // 847 // Part 2 section 10: TPM_KEY complex 848 // 849 850 // 851 // Section 10.1, 10.4, and 10.5 have been defined previously 852 // 853 854 /// 855 /// Part 2, section 10.2: TPM_KEY 856 /// [size_is(encDataSize)] BYTE* encData; 857 /// 858 typedef struct tdTPM_KEY{ 859 TPM_STRUCT_VER ver; 860 TPM_KEY_USAGE keyUsage; 861 TPM_KEY_FLAGS keyFlags; 862 TPM_AUTH_DATA_USAGE authDataUsage; 863 TPM_KEY_PARMS algorithmParms; 864 uint32_t PCRInfoSize; 865 byte *PCRInfo; 866 TPM_STORE_PUBKEY pubKey; 867 uint32_t encDataSize; 868 byte *encData; 869 } TPM_KEY; 870 871 /// 872 /// Part 2, section 10.3: TPM_KEY12 873 /// [size_is(encDataSize)] BYTE* encData; 874 /// 875 typedef struct tdTPM_KEY12{ 876 TPM_STRUCTURE_TAG tag; 877 uint16_t fill; 878 TPM_KEY_USAGE keyUsage; 879 TPM_KEY_FLAGS keyFlags; 880 TPM_AUTH_DATA_USAGE authDataUsage; 881 TPM_KEY_PARMS algorithmParms; 882 uint32_t PCRInfoSize; 883 byte *PCRInfo; 884 TPM_STORE_PUBKEY pubKey; 885 uint32_t encDataSize; 886 byte *encData; 887 } TPM_KEY12; 888 889 /// 890 /// Part 2, section 10.7: TPM_STORE_PRIVKEY 891 /// [size_is(keyLength)] BYTE* key; 892 /// 893 typedef struct tdTPM_STORE_PRIVKEY { 894 uint32_t keyLength; 895 byte *key; 896 } TPM_STORE_PRIVKEY; 897 898 /// 899 /// Part 2, section 10.6: TPM_STORE_ASYMKEY 900 /// 901 typedef struct tdTPM_STORE_ASYMKEY { // pos len total 902 TPM_PAYLOAD_TYPE payload; // 0 1 1 903 TPM_SECRET usageAuth; // 1 20 21 904 TPM_SECRET migrationAuth; // 21 20 41 905 TPM_DIGEST pubDataDigest; // 41 20 61 906 TPM_STORE_PRIVKEY privKey; // 61 132-151 193-214 907 } TPM_STORE_ASYMKEY; 908 909 /// 910 /// Part 2, section 10.8: TPM_MIGRATE_ASYMKEY 911 /// [size_is(partPrivKeyLen)] BYTE* partPrivKey; 912 /// 913 typedef struct tdTPM_MIGRATE_ASYMKEY { // pos len total 914 TPM_PAYLOAD_TYPE payload; // 0 1 1 915 TPM_SECRET usageAuth; // 1 20 21 916 TPM_DIGEST pubDataDigest; // 21 20 41 917 uint32_t partPrivKeyLen; // 41 4 45 918 byte *partPrivKey; // 45 112-127 157-172 919 } TPM_MIGRATE_ASYMKEY; 920 921 /// 922 /// Part 2, section 10.9: TPM_KEY_CONTROL 923 /// 924 #define TPM_KEY_CONTROL_OWNER_EVICT ((uint32_t) 0x00000001) 925 926 // 927 // Part 2, section 11: Signed Structures 928 // 929 930 /// 931 /// Part 2, section 11.1: TPM_CERTIFY_INFO Structure 932 /// 933 typedef struct tdTPM_CERTIFY_INFO { 934 TPM_STRUCT_VER version; 935 TPM_KEY_USAGE keyUsage; 936 TPM_KEY_FLAGS keyFlags; 937 TPM_AUTH_DATA_USAGE authDataUsage; 938 TPM_KEY_PARMS algorithmParms; 939 TPM_DIGEST pubkeyDigest; 940 TPM_NONCE data; 941 byte parentPCRStatus; 942 uint32_t PCRInfoSize; 943 byte *PCRInfo; 944 } TPM_CERTIFY_INFO; 945 946 /// 947 /// Part 2, section 11.2: TPM_CERTIFY_INFO2 Structure 948 /// 949 typedef struct tdTPM_CERTIFY_INFO2 { 950 TPM_STRUCTURE_TAG tag; 951 byte fill; 952 TPM_PAYLOAD_TYPE payloadType; 953 TPM_KEY_USAGE keyUsage; 954 TPM_KEY_FLAGS keyFlags; 955 TPM_AUTH_DATA_USAGE authDataUsage; 956 TPM_KEY_PARMS algorithmParms; 957 TPM_DIGEST pubkeyDigest; 958 TPM_NONCE data; 959 byte parentPCRStatus; 960 uint32_t PCRInfoSize; 961 byte *PCRInfo; 962 uint32_t migrationAuthoritySize; 963 byte *migrationAuthority; 964 } TPM_CERTIFY_INFO2; 965 966 /// 967 /// Part 2, section 11.3 TPM_QUOTE_INFO Structure 968 /// 969 typedef struct tdTPM_QUOTE_INFO { 970 TPM_STRUCT_VER version; 971 byte fixed[4]; 972 TPM_COMPOSITE_HASH digestValue; 973 TPM_NONCE externalData; 974 } TPM_QUOTE_INFO; 975 976 /// 977 /// Part 2, section 11.4 TPM_QUOTE_INFO2 Structure 978 /// 979 typedef struct tdTPM_QUOTE_INFO2 { 980 TPM_STRUCTURE_TAG tag; 981 byte fixed[4]; 982 TPM_NONCE externalData; 983 TPM_PCR_INFO_SHORT infoShort; 984 } TPM_QUOTE_INFO2; 985 986 // 987 // Part 2, section 12: Identity Structures 988 // 989 990 /// 991 /// Part 2, section 12.1 TPM_EK_BLOB 992 /// 993 typedef struct tdTPM_EK_BLOB { 994 TPM_STRUCTURE_TAG tag; 995 TPM_EK_TYPE ekType; 996 uint32_t blobSize; 997 byte *blob; 998 } TPM_EK_BLOB; 999 1000 /// 1001 /// Part 2, section 12.2 TPM_EK_BLOB_ACTIVATE 1002 /// 1003 typedef struct tdTPM_EK_BLOB_ACTIVATE { 1004 TPM_STRUCTURE_TAG tag; 1005 TPM_SYMMETRIC_KEY sessionKey; 1006 TPM_DIGEST idDigest; 1007 TPM_PCR_INFO_SHORT pcrInfo; 1008 } TPM_EK_BLOB_ACTIVATE; 1009 1010 /// 1011 /// Part 2, section 12.3 TPM_EK_BLOB_AUTH 1012 /// 1013 typedef struct tdTPM_EK_BLOB_AUTH { 1014 TPM_STRUCTURE_TAG tag; 1015 TPM_SECRET authValue; 1016 } TPM_EK_BLOB_AUTH; 1017 1018 1019 /// 1020 /// Part 2, section 12.5 TPM_IDENTITY_CONTENTS 1021 /// 1022 typedef struct tdTPM_IDENTITY_CONTENTS { 1023 TPM_STRUCT_VER ver; 1024 uint32_t ordinal; 1025 TPM_CHOSENID_HASH labelPrivCADigest; 1026 TPM_PUBKEY identityPubKey; 1027 } TPM_IDENTITY_CONTENTS; 1028 1029 /// 1030 /// Part 2, section 12.6 TPM_IDENTITY_REQ 1031 /// 1032 typedef struct tdTPM_IDENTITY_REQ { 1033 uint32_t asymSize; 1034 uint32_t symSize; 1035 TPM_KEY_PARMS asymAlgorithm; 1036 TPM_KEY_PARMS symAlgorithm; 1037 byte *asymBlob; 1038 byte *symBlob; 1039 } TPM_IDENTITY_REQ; 1040 1041 /// 1042 /// Part 2, section 12.7 TPM_IDENTITY_PROOF 1043 /// 1044 typedef struct tdTPM_IDENTITY_PROOF { 1045 TPM_STRUCT_VER ver; 1046 uint32_t labelSize; 1047 uint32_t identityBindingSize; 1048 uint32_t endorsementSize; 1049 uint32_t platformSize; 1050 uint32_t conformanceSize; 1051 TPM_PUBKEY identityKey; 1052 byte *labelArea; 1053 byte *identityBinding; 1054 byte *endorsementCredential; 1055 byte *platformCredential; 1056 byte *conformanceCredential; 1057 } TPM_IDENTITY_PROOF; 1058 1059 /// 1060 /// Part 2, section 12.8 TPM_ASYM_CA_CONTENTS 1061 /// 1062 typedef struct tdTPM_ASYM_CA_CONTENTS { 1063 TPM_SYMMETRIC_KEY sessionKey; 1064 TPM_DIGEST idDigest; 1065 } TPM_ASYM_CA_CONTENTS; 1066 1067 /// 1068 /// Part 2, section 12.9 TPM_SYM_CA_ATTESTATION 1069 /// 1070 typedef struct tdTPM_SYM_CA_ATTESTATION { 1071 uint32_t credSize; 1072 TPM_KEY_PARMS algorithm; 1073 byte *credential; 1074 } TPM_SYM_CA_ATTESTATION; 1075 1076 /// 1077 /// Part 2, section 15: Tick Structures 1078 /// Placed here out of order because definitions are used in section 13. 1079 /// 1080 typedef struct tdTPM_CURRENT_TICKS { 1081 TPM_STRUCTURE_TAG tag; 1082 uint64_t currentTicks; 1083 uint16_t tickRate; 1084 TPM_NONCE tickNonce; 1085 } TPM_CURRENT_TICKS; 1086 1087 /// 1088 /// Part 2, section 13: Transport structures 1089 /// 1090 1091 /// 1092 /// Part 2, section 13.1: TPM _TRANSPORT_PUBLIC 1093 /// 1094 typedef struct tdTPM_TRANSPORT_PUBLIC { 1095 TPM_STRUCTURE_TAG tag; 1096 TPM_TRANSPORT_ATTRIBUTES transAttributes; 1097 TPM_ALGORITHM_ID algId; 1098 TPM_ENC_SCHEME encScheme; 1099 } TPM_TRANSPORT_PUBLIC; 1100 1101 // 1102 // Part 2, section 13.1.1 TPM_TRANSPORT_ATTRIBUTES Definitions 1103 // 1104 #define TPM_TRANSPORT_ENCRYPT ((uint32_t)BIT0) 1105 #define TPM_TRANSPORT_LOG ((uint32_t)BIT1) 1106 #define TPM_TRANSPORT_EXCLUSIVE ((uint32_t)BIT2) 1107 1108 /// 1109 /// Part 2, section 13.2 TPM_TRANSPORT_INTERNAL 1110 /// 1111 typedef struct tdTPM_TRANSPORT_INTERNAL { 1112 TPM_STRUCTURE_TAG tag; 1113 TPM_AUTHDATA authData; 1114 TPM_TRANSPORT_PUBLIC transPublic; 1115 TPM_TRANSHANDLE transHandle; 1116 TPM_NONCE transNonceEven; 1117 TPM_DIGEST transDigest; 1118 } TPM_TRANSPORT_INTERNAL; 1119 1120 /// 1121 /// Part 2, section 13.3 TPM_TRANSPORT_LOG_IN structure 1122 /// 1123 typedef struct tdTPM_TRANSPORT_LOG_IN { 1124 TPM_STRUCTURE_TAG tag; 1125 TPM_DIGEST parameters; 1126 TPM_DIGEST pubKeyHash; 1127 } TPM_TRANSPORT_LOG_IN; 1128 1129 /// 1130 /// Part 2, section 13.4 TPM_TRANSPORT_LOG_OUT structure 1131 /// 1132 typedef struct tdTPM_TRANSPORT_LOG_OUT { 1133 TPM_STRUCTURE_TAG tag; 1134 TPM_CURRENT_TICKS currentTicks; 1135 TPM_DIGEST parameters; 1136 TPM_MODIFIER_INDICATOR locality; 1137 } TPM_TRANSPORT_LOG_OUT; 1138 1139 /// 1140 /// Part 2, section 13.5 TPM_TRANSPORT_AUTH structure 1141 /// 1142 typedef struct tdTPM_TRANSPORT_AUTH { 1143 TPM_STRUCTURE_TAG tag; 1144 TPM_AUTHDATA authData; 1145 } TPM_TRANSPORT_AUTH; 1146 1147 // 1148 // Part 2, section 14: Audit Structures 1149 // 1150 1151 /// 1152 /// Part 2, section 14.1 TPM_AUDIT_EVENT_IN structure 1153 /// 1154 typedef struct tdTPM_AUDIT_EVENT_IN { 1155 TPM_STRUCTURE_TAG tag; 1156 TPM_DIGEST inputParms; 1157 TPM_COUNTER_VALUE auditCount; 1158 } TPM_AUDIT_EVENT_IN; 1159 1160 /// 1161 /// Part 2, section 14.2 TPM_AUDIT_EVENT_OUT structure 1162 /// 1163 typedef struct tdTPM_AUDIT_EVENT_OUT { 1164 TPM_STRUCTURE_TAG tag; 1165 TPM_COMMAND_CODE ordinal; 1166 TPM_DIGEST outputParms; 1167 TPM_COUNTER_VALUE auditCount; 1168 TPM_RESULT returnCode; 1169 } TPM_AUDIT_EVENT_OUT; 1170 1171 // 1172 // Part 2, section 16: Return Codes 1173 // 1174 1175 #define TPM_VENDOR_ERROR TPM_Vendor_Specific32 1176 #define TPM_NON_FATAL 0x00000800 1177 1178 #define TPM_SUCCESS ((TPM_RESULT) TPM_BASE) 1179 #define TPM_AUTHFAIL ((TPM_RESULT) (TPM_BASE + 1)) 1180 #define TPM_BADINDEX ((TPM_RESULT) (TPM_BASE + 2)) 1181 #define TPM_BAD_PARAMETER ((TPM_RESULT) (TPM_BASE + 3)) 1182 #define TPM_AUDITFAILURE ((TPM_RESULT) (TPM_BASE + 4)) 1183 #define TPM_CLEAR_DISABLED ((TPM_RESULT) (TPM_BASE + 5)) 1184 #define TPM_DEACTIVATED ((TPM_RESULT) (TPM_BASE + 6)) 1185 #define TPM_DISABLED ((TPM_RESULT) (TPM_BASE + 7)) 1186 #define TPM_DISABLED_CMD ((TPM_RESULT) (TPM_BASE + 8)) 1187 #define TPM_FAIL ((TPM_RESULT) (TPM_BASE + 9)) 1188 #define TPM_BAD_ORDINAL ((TPM_RESULT) (TPM_BASE + 10)) 1189 #define TPM_INSTALL_DISABLED ((TPM_RESULT) (TPM_BASE + 11)) 1190 #define TPM_INVALID_KEYHANDLE ((TPM_RESULT) (TPM_BASE + 12)) 1191 #define TPM_KEYNOTFOUND ((TPM_RESULT) (TPM_BASE + 13)) 1192 #define TPM_INAPPROPRIATE_ENC ((TPM_RESULT) (TPM_BASE + 14)) 1193 #define TPM_MIGRATEFAIL ((TPM_RESULT) (TPM_BASE + 15)) 1194 #define TPM_INVALID_PCR_INFO ((TPM_RESULT) (TPM_BASE + 16)) 1195 #define TPM_NOSPACE ((TPM_RESULT) (TPM_BASE + 17)) 1196 #define TPM_NOSRK ((TPM_RESULT) (TPM_BASE + 18)) 1197 #define TPM_NOTSEALED_BLOB ((TPM_RESULT) (TPM_BASE + 19)) 1198 #define TPM_OWNER_SET ((TPM_RESULT) (TPM_BASE + 20)) 1199 #define TPM_RESOURCES ((TPM_RESULT) (TPM_BASE + 21)) 1200 #define TPM_SHORTRANDOM ((TPM_RESULT) (TPM_BASE + 22)) 1201 #define TPM_SIZE ((TPM_RESULT) (TPM_BASE + 23)) 1202 #define TPM_WRONGPCRVAL ((TPM_RESULT) (TPM_BASE + 24)) 1203 #define TPM_BAD_PARAM_SIZE ((TPM_RESULT) (TPM_BASE + 25)) 1204 #define TPM_SHA_THREAD ((TPM_RESULT) (TPM_BASE + 26)) 1205 #define TPM_SHA_ERROR ((TPM_RESULT) (TPM_BASE + 27)) 1206 #define TPM_FAILEDSELFTEST ((TPM_RESULT) (TPM_BASE + 28)) 1207 #define TPM_AUTH2FAIL ((TPM_RESULT) (TPM_BASE + 29)) 1208 #define TPM_BADTAG ((TPM_RESULT) (TPM_BASE + 30)) 1209 #define TPM_IOERROR ((TPM_RESULT) (TPM_BASE + 31)) 1210 #define TPM_ENCRYPT_ERROR ((TPM_RESULT) (TPM_BASE + 32)) 1211 #define TPM_DECRYPT_ERROR ((TPM_RESULT) (TPM_BASE + 33)) 1212 #define TPM_INVALID_AUTHHANDLE ((TPM_RESULT) (TPM_BASE + 34)) 1213 #define TPM_NO_ENDORSEMENT ((TPM_RESULT) (TPM_BASE + 35)) 1214 #define TPM_INVALID_KEYUSAGE ((TPM_RESULT) (TPM_BASE + 36)) 1215 #define TPM_WRONG_ENTITYTYPE ((TPM_RESULT) (TPM_BASE + 37)) 1216 #define TPM_INVALID_POSTINIT ((TPM_RESULT) (TPM_BASE + 38)) 1217 #define TPM_INAPPROPRIATE_SIG ((TPM_RESULT) (TPM_BASE + 39)) 1218 #define TPM_BAD_KEY_PROPERTY ((TPM_RESULT) (TPM_BASE + 40)) 1219 #define TPM_BAD_MIGRATION ((TPM_RESULT) (TPM_BASE + 41)) 1220 #define TPM_BAD_SCHEME ((TPM_RESULT) (TPM_BASE + 42)) 1221 #define TPM_BAD_DATASIZE ((TPM_RESULT) (TPM_BASE + 43)) 1222 #define TPM_BAD_MODE ((TPM_RESULT) (TPM_BASE + 44)) 1223 #define TPM_BAD_PRESENCE ((TPM_RESULT) (TPM_BASE + 45)) 1224 #define TPM_BAD_VERSION ((TPM_RESULT) (TPM_BASE + 46)) 1225 #define TPM_NO_WRAP_TRANSPORT ((TPM_RESULT) (TPM_BASE + 47)) 1226 #define TPM_AUDITFAIL_UNSUCCESSFUL ((TPM_RESULT) (TPM_BASE + 48)) 1227 #define TPM_AUDITFAIL_SUCCESSFUL ((TPM_RESULT) (TPM_BASE + 49)) 1228 #define TPM_NOTRESETABLE ((TPM_RESULT) (TPM_BASE + 50)) 1229 #define TPM_NOTLOCAL ((TPM_RESULT) (TPM_BASE + 51)) 1230 #define TPM_BAD_TYPE ((TPM_RESULT) (TPM_BASE + 52)) 1231 #define TPM_INVALID_RESOURCE ((TPM_RESULT) (TPM_BASE + 53)) 1232 #define TPM_NOTFIPS ((TPM_RESULT) (TPM_BASE + 54)) 1233 #define TPM_INVALID_FAMILY ((TPM_RESULT) (TPM_BASE + 55)) 1234 #define TPM_NO_NV_PERMISSION ((TPM_RESULT) (TPM_BASE + 56)) 1235 #define TPM_REQUIRES_SIGN ((TPM_RESULT) (TPM_BASE + 57)) 1236 #define TPM_KEY_NOTSUPPORTED ((TPM_RESULT) (TPM_BASE + 58)) 1237 #define TPM_AUTH_CONFLICT ((TPM_RESULT) (TPM_BASE + 59)) 1238 #define TPM_AREA_LOCKED ((TPM_RESULT) (TPM_BASE + 60)) 1239 #define TPM_BAD_LOCALITY ((TPM_RESULT) (TPM_BASE + 61)) 1240 #define TPM_READ_ONLY ((TPM_RESULT) (TPM_BASE + 62)) 1241 #define TPM_PER_NOWRITE ((TPM_RESULT) (TPM_BASE + 63)) 1242 #define TPM_FAMILYCOUNT ((TPM_RESULT) (TPM_BASE + 64)) 1243 #define TPM_WRITE_LOCKED ((TPM_RESULT) (TPM_BASE + 65)) 1244 #define TPM_BAD_ATTRIBUTES ((TPM_RESULT) (TPM_BASE + 66)) 1245 #define TPM_INVALID_STRUCTURE ((TPM_RESULT) (TPM_BASE + 67)) 1246 #define TPM_KEY_OWNER_CONTROL ((TPM_RESULT) (TPM_BASE + 68)) 1247 #define TPM_BAD_COUNTER ((TPM_RESULT) (TPM_BASE + 69)) 1248 #define TPM_NOT_FULLWRITE ((TPM_RESULT) (TPM_BASE + 70)) 1249 #define TPM_CONTEXT_GAP ((TPM_RESULT) (TPM_BASE + 71)) 1250 #define TPM_MAXNVWRITES ((TPM_RESULT) (TPM_BASE + 72)) 1251 #define TPM_NOOPERATOR ((TPM_RESULT) (TPM_BASE + 73)) 1252 #define TPM_RESOURCEMISSING ((TPM_RESULT) (TPM_BASE + 74)) 1253 #define TPM_DELEGATE_LOCK ((TPM_RESULT) (TPM_BASE + 75)) 1254 #define TPM_DELEGATE_FAMILY ((TPM_RESULT) (TPM_BASE + 76)) 1255 #define TPM_DELEGATE_ADMIN ((TPM_RESULT) (TPM_BASE + 77)) 1256 #define TPM_TRANSPORT_NOTEXCLUSIVE ((TPM_RESULT) (TPM_BASE + 78)) 1257 #define TPM_OWNER_CONTROL ((TPM_RESULT) (TPM_BASE + 79)) 1258 #define TPM_DAA_RESOURCES ((TPM_RESULT) (TPM_BASE + 80)) 1259 #define TPM_DAA_INPUT_DATA0 ((TPM_RESULT) (TPM_BASE + 81)) 1260 #define TPM_DAA_INPUT_DATA1 ((TPM_RESULT) (TPM_BASE + 82)) 1261 #define TPM_DAA_ISSUER_SETTINGS ((TPM_RESULT) (TPM_BASE + 83)) 1262 #define TPM_DAA_TPM_SETTINGS ((TPM_RESULT) (TPM_BASE + 84)) 1263 #define TPM_DAA_STAGE ((TPM_RESULT) (TPM_BASE + 85)) 1264 #define TPM_DAA_ISSUER_VALIDITY ((TPM_RESULT) (TPM_BASE + 86)) 1265 #define TPM_DAA_WRONG_W ((TPM_RESULT) (TPM_BASE + 87)) 1266 #define TPM_BAD_HANDLE ((TPM_RESULT) (TPM_BASE + 88)) 1267 #define TPM_BAD_DELEGATE ((TPM_RESULT) (TPM_BASE + 89)) 1268 #define TPM_BADCONTEXT ((TPM_RESULT) (TPM_BASE + 90)) 1269 #define TPM_TOOMANYCONTEXTS ((TPM_RESULT) (TPM_BASE + 91)) 1270 #define TPM_MA_TICKET_SIGNATURE ((TPM_RESULT) (TPM_BASE + 92)) 1271 #define TPM_MA_DESTINATION ((TPM_RESULT) (TPM_BASE + 93)) 1272 #define TPM_MA_SOURCE ((TPM_RESULT) (TPM_BASE + 94)) 1273 #define TPM_MA_AUTHORITY ((TPM_RESULT) (TPM_BASE + 95)) 1274 #define TPM_PERMANENTEK ((TPM_RESULT) (TPM_BASE + 97)) 1275 #define TPM_BAD_SIGNATURE ((TPM_RESULT) (TPM_BASE + 98)) 1276 #define TPM_NOCONTEXTSPACE ((TPM_RESULT) (TPM_BASE + 99)) 1277 1278 #define TPM_RETRY ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL)) 1279 #define TPM_NEEDS_SELFTEST ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 1)) 1280 #define TPM_DOING_SELFTEST ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 2)) 1281 #define TPM_DEFEND_LOCK_RUNNING ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 3)) 1282 1283 // 1284 // Part 2, section 17: Ordinals 1285 // 1286 // Ordinals are 32 bit values. The upper byte contains values that serve as 1287 // flag indicators, the next byte contains values indicating what committee 1288 // designated the ordinal, and the final two bytes contain the Command 1289 // Ordinal Index. 1290 // 3 2 1 1291 // 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 1292 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1293 // |P|C|V| Reserved| Purview | Command Ordinal Index | 1294 // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1295 // 1296 // Where: 1297 // 1298 // * P is Protected/Unprotected command. When 0 the command is a Protected 1299 // command, when 1 the command is an Unprotected command. 1300 // 1301 // * C is Non-Connection/Connection related command. When 0 this command 1302 // passes through to either the protected (TPM) or unprotected (TSS) 1303 // components. 1304 // 1305 // * V is TPM/Vendor command. When 0 the command is TPM defined, when 1 the 1306 // command is vendor defined. 1307 // 1308 // * All reserved area bits are set to 0. 1309 // 1310 1311 #define TPM_ORD_ActivateIdentity ((TPM_COMMAND_CODE) 0x0000007A) 1312 #define TPM_ORD_AuthorizeMigrationKey ((TPM_COMMAND_CODE) 0x0000002B) 1313 #define TPM_ORD_CertifyKey ((TPM_COMMAND_CODE) 0x00000032) 1314 #define TPM_ORD_CertifyKey2 ((TPM_COMMAND_CODE) 0x00000033) 1315 #define TPM_ORD_CertifySelfTest ((TPM_COMMAND_CODE) 0x00000052) 1316 #define TPM_ORD_ChangeAuth ((TPM_COMMAND_CODE) 0x0000000C) 1317 #define TPM_ORD_ChangeAuthAsymFinish ((TPM_COMMAND_CODE) 0x0000000F) 1318 #define TPM_ORD_ChangeAuthAsymStart ((TPM_COMMAND_CODE) 0x0000000E) 1319 #define TPM_ORD_ChangeAuthOwner ((TPM_COMMAND_CODE) 0x00000010) 1320 #define TPM_ORD_CMK_ApproveMA ((TPM_COMMAND_CODE) 0x0000001D) 1321 #define TPM_ORD_CMK_ConvertMigration ((TPM_COMMAND_CODE) 0x00000024) 1322 #define TPM_ORD_CMK_CreateBlob ((TPM_COMMAND_CODE) 0x0000001B) 1323 #define TPM_ORD_CMK_CreateKey ((TPM_COMMAND_CODE) 0x00000013) 1324 #define TPM_ORD_CMK_CreateTicket ((TPM_COMMAND_CODE) 0x00000012) 1325 #define TPM_ORD_CMK_SetRestrictions ((TPM_COMMAND_CODE) 0x0000001C) 1326 #define TPM_ORD_ContinueSelfTest ((TPM_COMMAND_CODE) 0x00000053) 1327 #define TPM_ORD_ConvertMigrationBlob ((TPM_COMMAND_CODE) 0x0000002A) 1328 #define TPM_ORD_CreateCounter ((TPM_COMMAND_CODE) 0x000000DC) 1329 #define TPM_ORD_CreateEndorsementKeyPair ((TPM_COMMAND_CODE) 0x00000078) 1330 #define TPM_ORD_CreateMaintenanceArchive ((TPM_COMMAND_CODE) 0x0000002C) 1331 #define TPM_ORD_CreateMigrationBlob ((TPM_COMMAND_CODE) 0x00000028) 1332 #define TPM_ORD_CreateRevocableEK ((TPM_COMMAND_CODE) 0x0000007F) 1333 #define TPM_ORD_CreateWrapKey ((TPM_COMMAND_CODE) 0x0000001F) 1334 #define TPM_ORD_DAA_JOIN ((TPM_COMMAND_CODE) 0x00000029) 1335 #define TPM_ORD_DAA_SIGN ((TPM_COMMAND_CODE) 0x00000031) 1336 #define TPM_ORD_Delegate_CreateKeyDelegation ((TPM_COMMAND_CODE) 0x000000D4) 1337 #define TPM_ORD_Delegate_CreateOwnerDelegation ((TPM_COMMAND_CODE) 0x000000D5) 1338 #define TPM_ORD_Delegate_LoadOwnerDelegation ((TPM_COMMAND_CODE) 0x000000D8) 1339 #define TPM_ORD_Delegate_Manage ((TPM_COMMAND_CODE) 0x000000D2) 1340 #define TPM_ORD_Delegate_ReadTable ((TPM_COMMAND_CODE) 0x000000DB) 1341 #define TPM_ORD_Delegate_UpdateVerification ((TPM_COMMAND_CODE) 0x000000D1) 1342 #define TPM_ORD_Delegate_VerifyDelegation ((TPM_COMMAND_CODE) 0x000000D6) 1343 #define TPM_ORD_DirRead ((TPM_COMMAND_CODE) 0x0000001A) 1344 #define TPM_ORD_DirWriteAuth ((TPM_COMMAND_CODE) 0x00000019) 1345 #define TPM_ORD_DisableForceClear ((TPM_COMMAND_CODE) 0x0000005E) 1346 #define TPM_ORD_DisableOwnerClear ((TPM_COMMAND_CODE) 0x0000005C) 1347 #define TPM_ORD_DisablePubekRead ((TPM_COMMAND_CODE) 0x0000007E) 1348 #define TPM_ORD_DSAP ((TPM_COMMAND_CODE) 0x00000011) 1349 #define TPM_ORD_EstablishTransport ((TPM_COMMAND_CODE) 0x000000E6) 1350 #define TPM_ORD_EvictKey ((TPM_COMMAND_CODE) 0x00000022) 1351 #define TPM_ORD_ExecuteTransport ((TPM_COMMAND_CODE) 0x000000E7) 1352 #define TPM_ORD_Extend ((TPM_COMMAND_CODE) 0x00000014) 1353 #define TPM_ORD_FieldUpgrade ((TPM_COMMAND_CODE) 0x000000AA) 1354 #define TPM_ORD_FlushSpecific ((TPM_COMMAND_CODE) 0x000000BA) 1355 #define TPM_ORD_ForceClear ((TPM_COMMAND_CODE) 0x0000005D) 1356 #define TPM_ORD_GetAuditDigest ((TPM_COMMAND_CODE) 0x00000085) 1357 #define TPM_ORD_GetAuditDigestSigned ((TPM_COMMAND_CODE) 0x00000086) 1358 #define TPM_ORD_GetAuditEvent ((TPM_COMMAND_CODE) 0x00000082) 1359 #define TPM_ORD_GetAuditEventSigned ((TPM_COMMAND_CODE) 0x00000083) 1360 #define TPM_ORD_GetCapability ((TPM_COMMAND_CODE) 0x00000065) 1361 #define TPM_ORD_GetCapabilityOwner ((TPM_COMMAND_CODE) 0x00000066) 1362 #define TPM_ORD_GetCapabilitySigned ((TPM_COMMAND_CODE) 0x00000064) 1363 #define TPM_ORD_GetOrdinalAuditStatus ((TPM_COMMAND_CODE) 0x0000008C) 1364 #define TPM_ORD_GetPubKey ((TPM_COMMAND_CODE) 0x00000021) 1365 #define TPM_ORD_GetRandom ((TPM_COMMAND_CODE) 0x00000046) 1366 #define TPM_ORD_GetTestResult ((TPM_COMMAND_CODE) 0x00000054) 1367 #define TPM_ORD_GetTicks ((TPM_COMMAND_CODE) 0x000000F1) 1368 #define TPM_ORD_IncrementCounter ((TPM_COMMAND_CODE) 0x000000DD) 1369 #define TPM_ORD_Init ((TPM_COMMAND_CODE) 0x00000097) 1370 #define TPM_ORD_KeyControlOwner ((TPM_COMMAND_CODE) 0x00000023) 1371 #define TPM_ORD_KillMaintenanceFeature ((TPM_COMMAND_CODE) 0x0000002E) 1372 #define TPM_ORD_LoadAuthContext ((TPM_COMMAND_CODE) 0x000000B7) 1373 #define TPM_ORD_LoadContext ((TPM_COMMAND_CODE) 0x000000B9) 1374 #define TPM_ORD_LoadKey ((TPM_COMMAND_CODE) 0x00000020) 1375 #define TPM_ORD_LoadKey2 ((TPM_COMMAND_CODE) 0x00000041) 1376 #define TPM_ORD_LoadKeyContext ((TPM_COMMAND_CODE) 0x000000B5) 1377 #define TPM_ORD_LoadMaintenanceArchive ((TPM_COMMAND_CODE) 0x0000002D) 1378 #define TPM_ORD_LoadManuMaintPub ((TPM_COMMAND_CODE) 0x0000002F) 1379 #define TPM_ORD_MakeIdentity ((TPM_COMMAND_CODE) 0x00000079) 1380 #define TPM_ORD_MigrateKey ((TPM_COMMAND_CODE) 0x00000025) 1381 #define TPM_ORD_NV_DefineSpace ((TPM_COMMAND_CODE) 0x000000CC) 1382 #define TPM_ORD_NV_ReadValue ((TPM_COMMAND_CODE) 0x000000CF) 1383 #define TPM_ORD_NV_ReadValueAuth ((TPM_COMMAND_CODE) 0x000000D0) 1384 #define TPM_ORD_NV_WriteValue ((TPM_COMMAND_CODE) 0x000000CD) 1385 #define TPM_ORD_NV_WriteValueAuth ((TPM_COMMAND_CODE) 0x000000CE) 1386 #define TPM_ORD_OIAP ((TPM_COMMAND_CODE) 0x0000000A) 1387 #define TPM_ORD_OSAP ((TPM_COMMAND_CODE) 0x0000000B) 1388 #define TPM_ORD_OwnerClear ((TPM_COMMAND_CODE) 0x0000005B) 1389 #define TPM_ORD_OwnerReadInternalPub ((TPM_COMMAND_CODE) 0x00000081) 1390 #define TPM_ORD_OwnerReadPubek ((TPM_COMMAND_CODE) 0x0000007D) 1391 #define TPM_ORD_OwnerSetDisable ((TPM_COMMAND_CODE) 0x0000006E) 1392 #define TPM_ORD_PCR_Reset ((TPM_COMMAND_CODE) 0x000000C8) 1393 #define TPM_ORD_PcrRead ((TPM_COMMAND_CODE) 0x00000015) 1394 #define TPM_ORD_PhysicalDisable ((TPM_COMMAND_CODE) 0x00000070) 1395 #define TPM_ORD_PhysicalEnable ((TPM_COMMAND_CODE) 0x0000006F) 1396 #define TPM_ORD_PhysicalSetDeactivated ((TPM_COMMAND_CODE) 0x00000072) 1397 #define TPM_ORD_Quote ((TPM_COMMAND_CODE) 0x00000016) 1398 #define TPM_ORD_Quote2 ((TPM_COMMAND_CODE) 0x0000003E) 1399 #define TPM_ORD_ReadCounter ((TPM_COMMAND_CODE) 0x000000DE) 1400 #define TPM_ORD_ReadManuMaintPub ((TPM_COMMAND_CODE) 0x00000030) 1401 #define TPM_ORD_ReadPubek ((TPM_COMMAND_CODE) 0x0000007C) 1402 #define TPM_ORD_ReleaseCounter ((TPM_COMMAND_CODE) 0x000000DF) 1403 #define TPM_ORD_ReleaseCounterOwner ((TPM_COMMAND_CODE) 0x000000E0) 1404 #define TPM_ORD_ReleaseTransportSigned ((TPM_COMMAND_CODE) 0x000000E8) 1405 #define TPM_ORD_Reset ((TPM_COMMAND_CODE) 0x0000005A) 1406 #define TPM_ORD_ResetLockValue ((TPM_COMMAND_CODE) 0x00000040) 1407 #define TPM_ORD_RevokeTrust ((TPM_COMMAND_CODE) 0x00000080) 1408 #define TPM_ORD_SaveAuthContext ((TPM_COMMAND_CODE) 0x000000B6) 1409 #define TPM_ORD_SaveContext ((TPM_COMMAND_CODE) 0x000000B8) 1410 #define TPM_ORD_SaveKeyContext ((TPM_COMMAND_CODE) 0x000000B4) 1411 #define TPM_ORD_SaveState ((TPM_COMMAND_CODE) 0x00000098) 1412 #define TPM_ORD_Seal ((TPM_COMMAND_CODE) 0x00000017) 1413 #define TPM_ORD_Sealx ((TPM_COMMAND_CODE) 0x0000003D) 1414 #define TPM_ORD_SelfTestFull ((TPM_COMMAND_CODE) 0x00000050) 1415 #define TPM_ORD_SetCapability ((TPM_COMMAND_CODE) 0x0000003F) 1416 #define TPM_ORD_SetOperatorAuth ((TPM_COMMAND_CODE) 0x00000074) 1417 #define TPM_ORD_SetOrdinalAuditStatus ((TPM_COMMAND_CODE) 0x0000008D) 1418 #define TPM_ORD_SetOwnerInstall ((TPM_COMMAND_CODE) 0x00000071) 1419 #define TPM_ORD_SetOwnerPointer ((TPM_COMMAND_CODE) 0x00000075) 1420 #define TPM_ORD_SetRedirection ((TPM_COMMAND_CODE) 0x0000009A) 1421 #define TPM_ORD_SetTempDeactivated ((TPM_COMMAND_CODE) 0x00000073) 1422 #define TPM_ORD_SHA1Complete ((TPM_COMMAND_CODE) 0x000000A2) 1423 #define TPM_ORD_SHA1CompleteExtend ((TPM_COMMAND_CODE) 0x000000A3) 1424 #define TPM_ORD_SHA1Start ((TPM_COMMAND_CODE) 0x000000A0) 1425 #define TPM_ORD_SHA1Update ((TPM_COMMAND_CODE) 0x000000A1) 1426 #define TPM_ORD_Sign ((TPM_COMMAND_CODE) 0x0000003C) 1427 #define TPM_ORD_Startup ((TPM_COMMAND_CODE) 0x00000099) 1428 #define TPM_ORD_StirRandom ((TPM_COMMAND_CODE) 0x00000047) 1429 #define TPM_ORD_TakeOwnership ((TPM_COMMAND_CODE) 0x0000000D) 1430 #define TPM_ORD_Terminate_Handle ((TPM_COMMAND_CODE) 0x00000096) 1431 #define TPM_ORD_TickStampBlob ((TPM_COMMAND_CODE) 0x000000F2) 1432 #define TPM_ORD_UnBind ((TPM_COMMAND_CODE) 0x0000001E) 1433 #define TPM_ORD_Unseal ((TPM_COMMAND_CODE) 0x00000018) 1434 #define TSC_ORD_PhysicalPresence ((TPM_COMMAND_CODE) 0x4000000A) 1435 #define TSC_ORD_ResetEstablishmentBit ((TPM_COMMAND_CODE) 0x4000000B) 1436 1437 // 1438 // Part 2, section 18: Context structures 1439 // 1440 1441 /// 1442 /// Part 2, section 18.1: TPM_CONTEXT_BLOB 1443 /// 1444 typedef struct tdTPM_CONTEXT_BLOB { 1445 TPM_STRUCTURE_TAG tag; 1446 TPM_RESOURCE_TYPE resourceType; 1447 TPM_HANDLE handle; 1448 byte label[16]; 1449 uint32_t contextCount; 1450 TPM_DIGEST integrityDigest; 1451 uint32_t additionalSize; 1452 byte *additionalData; 1453 uint32_t sensitiveSize; 1454 byte *sensitiveData; 1455 } TPM_CONTEXT_BLOB; 1456 1457 /// 1458 /// Part 2, section 18.2 TPM_CONTEXT_SENSITIVE 1459 /// 1460 typedef struct tdTPM_CONTEXT_SENSITIVE { 1461 TPM_STRUCTURE_TAG tag; 1462 TPM_NONCE contextNonce; 1463 uint32_t internalSize; 1464 byte *internalData; 1465 } TPM_CONTEXT_SENSITIVE; 1466 1467 // 1468 // Part 2, section 19: NV Structures 1469 // 1470 1471 // 1472 // Part 2, section 19.1.1: Required TPM_NV_INDEX values 1473 // 1474 #define TPM_NV_INDEX_LOCK ((uint32_t)0xffffffff) 1475 #define TPM_NV_INDEX0 ((uint32_t)0x00000000) 1476 #define TPM_NV_INDEX_DIR ((uint32_t)0x10000001) 1477 #define TPM_NV_INDEX_EKCert ((uint32_t)0x0000f000) 1478 #define TPM_NV_INDEX_TPM_CC ((uint32_t)0x0000f001) 1479 #define TPM_NV_INDEX_PlatformCert ((uint32_t)0x0000f002) 1480 #define TPM_NV_INDEX_Platform_CC ((uint32_t)0x0000f003) 1481 // 1482 // Part 2, section 19.1.2: Reserved Index values 1483 // 1484 #define TPM_NV_INDEX_TSS_BASE ((uint32_t)0x00011100) 1485 #define TPM_NV_INDEX_PC_BASE ((uint32_t)0x00011200) 1486 #define TPM_NV_INDEX_SERVER_BASE ((uint32_t)0x00011300) 1487 #define TPM_NV_INDEX_MOBILE_BASE ((uint32_t)0x00011400) 1488 #define TPM_NV_INDEX_PERIPHERAL_BASE ((uint32_t)0x00011500) 1489 #define TPM_NV_INDEX_GROUP_RESV_BASE ((uint32_t)0x00010000) 1490 1491 /// 1492 /// Part 2, section 19.2: TPM_NV_ATTRIBUTES 1493 /// 1494 typedef struct tdTPM_NV_ATTRIBUTES { 1495 TPM_STRUCTURE_TAG tag; 1496 uint32_t attributes; 1497 } TPM_NV_ATTRIBUTES; 1498 1499 #define TPM_NV_PER_READ_STCLEAR (BIT31) 1500 #define TPM_NV_PER_AUTHREAD (BIT18) 1501 #define TPM_NV_PER_OWNERREAD (BIT17) 1502 #define TPM_NV_PER_PPREAD (BIT16) 1503 #define TPM_NV_PER_GLOBALLOCK (BIT15) 1504 #define TPM_NV_PER_WRITE_STCLEAR (BIT14) 1505 #define TPM_NV_PER_WRITEDEFINE (BIT13) 1506 #define TPM_NV_PER_WRITEALL (BIT12) 1507 #define TPM_NV_PER_AUTHWRITE (BIT2) 1508 #define TPM_NV_PER_OWNERWRITE (BIT1) 1509 #define TPM_NV_PER_PPWRITE (BIT0) 1510 1511 /// 1512 /// Part 2, section 19.3: TPM_NV_DATA_PUBLIC 1513 /// 1514 typedef struct tdTPM_NV_DATA_PUBLIC { 1515 TPM_STRUCTURE_TAG tag; 1516 TPM_NV_INDEX nvIndex; 1517 TPM_PCR_INFO_SHORT pcrInfoRead; 1518 TPM_PCR_INFO_SHORT pcrInfoWrite; 1519 TPM_NV_ATTRIBUTES permission; 1520 byte bReadSTClear; 1521 byte bWriteSTClear; 1522 byte bWriteDefine; 1523 uint32_t dataSize; 1524 } TPM_NV_DATA_PUBLIC; 1525 1526 // 1527 // Part 2, section 20: Delegate Structures 1528 // 1529 1530 #define TPM_DEL_OWNER_BITS ((uint32_t)0x00000001) 1531 #define TPM_DEL_KEY_BITS ((uint32_t)0x00000002) 1532 /// 1533 /// Part 2, section 20.2: Delegate Definitions 1534 /// 1535 typedef struct tdTPM_DELEGATIONS { 1536 TPM_STRUCTURE_TAG tag; 1537 uint32_t delegateType; 1538 uint32_t per1; 1539 uint32_t per2; 1540 } TPM_DELEGATIONS; 1541 1542 // 1543 // Part 2, section 20.2.1: Owner Permission Settings 1544 // 1545 #define TPM_DELEGATE_SetOrdinalAuditStatus (BIT30) 1546 #define TPM_DELEGATE_DirWriteAuth (BIT29) 1547 #define TPM_DELEGATE_CMK_ApproveMA (BIT28) 1548 #define TPM_DELEGATE_NV_WriteValue (BIT27) 1549 #define TPM_DELEGATE_CMK_CreateTicket (BIT26) 1550 #define TPM_DELEGATE_NV_ReadValue (BIT25) 1551 #define TPM_DELEGATE_Delegate_LoadOwnerDelegation (BIT24) 1552 #define TPM_DELEGATE_DAA_Join (BIT23) 1553 #define TPM_DELEGATE_AuthorizeMigrationKey (BIT22) 1554 #define TPM_DELEGATE_CreateMaintenanceArchive (BIT21) 1555 #define TPM_DELEGATE_LoadMaintenanceArchive (BIT20) 1556 #define TPM_DELEGATE_KillMaintenanceFeature (BIT19) 1557 #define TPM_DELEGATE_OwnerReadInteralPub (BIT18) 1558 #define TPM_DELEGATE_ResetLockValue (BIT17) 1559 #define TPM_DELEGATE_OwnerClear (BIT16) 1560 #define TPM_DELEGATE_DisableOwnerClear (BIT15) 1561 #define TPM_DELEGATE_NV_DefineSpace (BIT14) 1562 #define TPM_DELEGATE_OwnerSetDisable (BIT13) 1563 #define TPM_DELEGATE_SetCapability (BIT12) 1564 #define TPM_DELEGATE_MakeIdentity (BIT11) 1565 #define TPM_DELEGATE_ActivateIdentity (BIT10) 1566 #define TPM_DELEGATE_OwnerReadPubek (BIT9) 1567 #define TPM_DELEGATE_DisablePubekRead (BIT8) 1568 #define TPM_DELEGATE_SetRedirection (BIT7) 1569 #define TPM_DELEGATE_FieldUpgrade (BIT6) 1570 #define TPM_DELEGATE_Delegate_UpdateVerification (BIT5) 1571 #define TPM_DELEGATE_CreateCounter (BIT4) 1572 #define TPM_DELEGATE_ReleaseCounterOwner (BIT3) 1573 #define TPM_DELEGATE_DelegateManage (BIT2) 1574 #define TPM_DELEGATE_Delegate_CreateOwnerDelegation (BIT1) 1575 #define TPM_DELEGATE_DAA_Sign (BIT0) 1576 1577 // 1578 // Part 2, section 20.2.3: Key Permission settings 1579 // 1580 #define TPM_KEY_DELEGATE_CMK_ConvertMigration (BIT28) 1581 #define TPM_KEY_DELEGATE_TickStampBlob (BIT27) 1582 #define TPM_KEY_DELEGATE_ChangeAuthAsymStart (BIT26) 1583 #define TPM_KEY_DELEGATE_ChangeAuthAsymFinish (BIT25) 1584 #define TPM_KEY_DELEGATE_CMK_CreateKey (BIT24) 1585 #define TPM_KEY_DELEGATE_MigrateKey (BIT23) 1586 #define TPM_KEY_DELEGATE_LoadKey2 (BIT22) 1587 #define TPM_KEY_DELEGATE_EstablishTransport (BIT21) 1588 #define TPM_KEY_DELEGATE_ReleaseTransportSigned (BIT20) 1589 #define TPM_KEY_DELEGATE_Quote2 (BIT19) 1590 #define TPM_KEY_DELEGATE_Sealx (BIT18) 1591 #define TPM_KEY_DELEGATE_MakeIdentity (BIT17) 1592 #define TPM_KEY_DELEGATE_ActivateIdentity (BIT16) 1593 #define TPM_KEY_DELEGATE_GetAuditDigestSigned (BIT15) 1594 #define TPM_KEY_DELEGATE_Sign (BIT14) 1595 #define TPM_KEY_DELEGATE_CertifyKey2 (BIT13) 1596 #define TPM_KEY_DELEGATE_CertifyKey (BIT12) 1597 #define TPM_KEY_DELEGATE_CreateWrapKey (BIT11) 1598 #define TPM_KEY_DELEGATE_CMK_CreateBlob (BIT10) 1599 #define TPM_KEY_DELEGATE_CreateMigrationBlob (BIT9) 1600 #define TPM_KEY_DELEGATE_ConvertMigrationBlob (BIT8) 1601 #define TPM_KEY_DELEGATE_CreateKeyDelegation (BIT7) 1602 #define TPM_KEY_DELEGATE_ChangeAuth (BIT6) 1603 #define TPM_KEY_DELEGATE_GetPubKey (BIT5) 1604 #define TPM_KEY_DELEGATE_UnBind (BIT4) 1605 #define TPM_KEY_DELEGATE_Quote (BIT3) 1606 #define TPM_KEY_DELEGATE_Unseal (BIT2) 1607 #define TPM_KEY_DELEGATE_Seal (BIT1) 1608 #define TPM_KEY_DELEGATE_LoadKey (BIT0) 1609 1610 // 1611 // Part 2, section 20.3: TPM_FAMILY_FLAGS 1612 // 1613 #define TPM_DELEGATE_ADMIN_LOCK (BIT1) 1614 #define TPM_FAMFLAG_ENABLE (BIT0) 1615 1616 /// 1617 /// Part 2, section 20.4: TPM_FAMILY_LABEL 1618 /// 1619 typedef struct tdTPM_FAMILY_LABEL { 1620 byte label; 1621 } TPM_FAMILY_LABEL; 1622 1623 /// 1624 /// Part 2, section 20.5: TPM_FAMILY_TABLE_ENTRY 1625 /// 1626 typedef struct tdTPM_FAMILY_TABLE_ENTRY { 1627 TPM_STRUCTURE_TAG tag; 1628 TPM_FAMILY_LABEL label; 1629 TPM_FAMILY_ID familyID; 1630 TPM_FAMILY_VERIFICATION verificationCount; 1631 TPM_FAMILY_FLAGS flags; 1632 } TPM_FAMILY_TABLE_ENTRY; 1633 1634 // 1635 // Part 2, section 20.6: TPM_FAMILY_TABLE 1636 // 1637 #define TPM_NUM_FAMILY_TABLE_ENTRY_MIN 8 1638 1639 typedef struct tdTPM_FAMILY_TABLE{ 1640 TPM_FAMILY_TABLE_ENTRY famTableRow[TPM_NUM_FAMILY_TABLE_ENTRY_MIN]; 1641 } TPM_FAMILY_TABLE; 1642 1643 /// 1644 /// Part 2, section 20.7: TPM_DELEGATE_LABEL 1645 /// 1646 typedef struct tdTPM_DELEGATE_LABEL { 1647 byte label; 1648 } TPM_DELEGATE_LABEL; 1649 1650 /// 1651 /// Part 2, section 20.8: TPM_DELEGATE_PUBLIC 1652 /// 1653 typedef struct tdTPM_DELEGATE_PUBLIC { 1654 TPM_STRUCTURE_TAG tag; 1655 TPM_DELEGATE_LABEL label; 1656 TPM_PCR_INFO_SHORT pcrInfo; 1657 TPM_DELEGATIONS permissions; 1658 TPM_FAMILY_ID familyID; 1659 TPM_FAMILY_VERIFICATION verificationCount; 1660 } TPM_DELEGATE_PUBLIC; 1661 1662 /// 1663 /// Part 2, section 20.9: TPM_DELEGATE_TABLE_ROW 1664 /// 1665 typedef struct tdTPM_DELEGATE_TABLE_ROW { 1666 TPM_STRUCTURE_TAG tag; 1667 TPM_DELEGATE_PUBLIC pub; 1668 TPM_SECRET authValue; 1669 } TPM_DELEGATE_TABLE_ROW; 1670 1671 // 1672 // Part 2, section 20.10: TPM_DELEGATE_TABLE 1673 // 1674 #define TPM_NUM_DELEGATE_TABLE_ENTRY_MIN 2 1675 1676 typedef struct tdTPM_DELEGATE_TABLE{ 1677 TPM_DELEGATE_TABLE_ROW delRow[TPM_NUM_DELEGATE_TABLE_ENTRY_MIN]; 1678 } TPM_DELEGATE_TABLE; 1679 1680 /// 1681 /// Part 2, section 20.11: TPM_DELEGATE_SENSITIVE 1682 /// 1683 typedef struct tdTPM_DELEGATE_SENSITIVE { 1684 TPM_STRUCTURE_TAG tag; 1685 TPM_SECRET authValue; 1686 } TPM_DELEGATE_SENSITIVE; 1687 1688 /// 1689 /// Part 2, section 20.12: TPM_DELEGATE_OWNER_BLOB 1690 /// 1691 typedef struct tdTPM_DELEGATE_OWNER_BLOB { 1692 TPM_STRUCTURE_TAG tag; 1693 TPM_DELEGATE_PUBLIC pub; 1694 TPM_DIGEST integrityDigest; 1695 uint32_t additionalSize; 1696 byte *additionalArea; 1697 uint32_t sensitiveSize; 1698 byte *sensitiveArea; 1699 } TPM_DELEGATE_OWNER_BLOB; 1700 1701 /// 1702 /// Part 2, section 20.13: TTPM_DELEGATE_KEY_BLOB 1703 /// 1704 typedef struct tdTPM_DELEGATE_KEY_BLOB { 1705 TPM_STRUCTURE_TAG tag; 1706 TPM_DELEGATE_PUBLIC pub; 1707 TPM_DIGEST integrityDigest; 1708 TPM_DIGEST pubKeyDigest; 1709 uint32_t additionalSize; 1710 byte *additionalArea; 1711 uint32_t sensitiveSize; 1712 byte *sensitiveArea; 1713 } TPM_DELEGATE_KEY_BLOB; 1714 1715 // 1716 // Part 2, section 20.14: TPM_FAMILY_OPERATION Values 1717 // 1718 #define TPM_FAMILY_CREATE ((uint32_t)0x00000001) 1719 #define TPM_FAMILY_ENABLE ((uint32_t)0x00000002) 1720 #define TPM_FAMILY_ADMIN ((uint32_t)0x00000003) 1721 #define TPM_FAMILY_INVALIDATE ((uint32_t)0x00000004) 1722 1723 // 1724 // Part 2, section 21.1: TPM_CAPABILITY_AREA for GetCapability 1725 // 1726 #define TPM_CAP_ORD ((TPM_CAPABILITY_AREA) 0x00000001) 1727 #define TPM_CAP_ALG ((TPM_CAPABILITY_AREA) 0x00000002) 1728 #define TPM_CAP_PID ((TPM_CAPABILITY_AREA) 0x00000003) 1729 #define TPM_CAP_FLAG ((TPM_CAPABILITY_AREA) 0x00000004) 1730 #define TPM_CAP_PROPERTY ((TPM_CAPABILITY_AREA) 0x00000005) 1731 #define TPM_CAP_VERSION ((TPM_CAPABILITY_AREA) 0x00000006) 1732 #define TPM_CAP_KEY_HANDLE ((TPM_CAPABILITY_AREA) 0x00000007) 1733 #define TPM_CAP_CHECK_LOADED ((TPM_CAPABILITY_AREA) 0x00000008) 1734 #define TPM_CAP_SYM_MODE ((TPM_CAPABILITY_AREA) 0x00000009) 1735 #define TPM_CAP_KEY_STATUS ((TPM_CAPABILITY_AREA) 0x0000000C) 1736 #define TPM_CAP_NV_LIST ((TPM_CAPABILITY_AREA) 0x0000000D) 1737 #define TPM_CAP_MFR ((TPM_CAPABILITY_AREA) 0x00000010) 1738 #define TPM_CAP_NV_INDEX ((TPM_CAPABILITY_AREA) 0x00000011) 1739 #define TPM_CAP_TRANS_ALG ((TPM_CAPABILITY_AREA) 0x00000012) 1740 #define TPM_CAP_HANDLE ((TPM_CAPABILITY_AREA) 0x00000014) 1741 #define TPM_CAP_TRANS_ES ((TPM_CAPABILITY_AREA) 0x00000015) 1742 #define TPM_CAP_AUTH_ENCRYPT ((TPM_CAPABILITY_AREA) 0x00000017) 1743 #define TPM_CAP_SELECT_SIZE ((TPM_CAPABILITY_AREA) 0x00000018) 1744 #define TPM_CAP_VERSION_VAL ((TPM_CAPABILITY_AREA) 0x0000001A) 1745 1746 #define TPM_CAP_FLAG_PERMANENT ((TPM_CAPABILITY_AREA) 0x00000108) 1747 #define TPM_CAP_FLAG_VOLATILE ((TPM_CAPABILITY_AREA) 0x00000109) 1748 1749 // 1750 // Part 2, section 21.2: CAP_PROPERTY Subcap values for GetCapability 1751 // 1752 #define TPM_CAP_PROP_PCR ((TPM_CAPABILITY_AREA) 0x00000101) 1753 #define TPM_CAP_PROP_DIR ((TPM_CAPABILITY_AREA) 0x00000102) 1754 #define TPM_CAP_PROP_MANUFACTURER ((TPM_CAPABILITY_AREA) 0x00000103) 1755 #define TPM_CAP_PROP_KEYS ((TPM_CAPABILITY_AREA) 0x00000104) 1756 #define TPM_CAP_PROP_MIN_COUNTER ((TPM_CAPABILITY_AREA) 0x00000107) 1757 #define TPM_CAP_PROP_AUTHSESS ((TPM_CAPABILITY_AREA) 0x0000010A) 1758 #define TPM_CAP_PROP_TRANSESS ((TPM_CAPABILITY_AREA) 0x0000010B) 1759 #define TPM_CAP_PROP_COUNTERS ((TPM_CAPABILITY_AREA) 0x0000010C) 1760 #define TPM_CAP_PROP_MAX_AUTHSESS ((TPM_CAPABILITY_AREA) 0x0000010D) 1761 #define TPM_CAP_PROP_MAX_TRANSESS ((TPM_CAPABILITY_AREA) 0x0000010E) 1762 #define TPM_CAP_PROP_MAX_COUNTERS ((TPM_CAPABILITY_AREA) 0x0000010F) 1763 #define TPM_CAP_PROP_MAX_KEYS ((TPM_CAPABILITY_AREA) 0x00000110) 1764 #define TPM_CAP_PROP_OWNER ((TPM_CAPABILITY_AREA) 0x00000111) 1765 #define TPM_CAP_PROP_CONTEXT ((TPM_CAPABILITY_AREA) 0x00000112) 1766 #define TPM_CAP_PROP_MAX_CONTEXT ((TPM_CAPABILITY_AREA) 0x00000113) 1767 #define TPM_CAP_PROP_FAMILYROWS ((TPM_CAPABILITY_AREA) 0x00000114) 1768 #define TPM_CAP_PROP_TIS_TIMEOUT ((TPM_CAPABILITY_AREA) 0x00000115) 1769 #define TPM_CAP_PROP_STARTUP_EFFECT ((TPM_CAPABILITY_AREA) 0x00000116) 1770 #define TPM_CAP_PROP_DELEGATE_ROW ((TPM_CAPABILITY_AREA) 0x00000117) 1771 #define TPM_CAP_PROP_DAA_MAX ((TPM_CAPABILITY_AREA) 0x00000119) 1772 #define CAP_PROP_SESSION_DAA ((TPM_CAPABILITY_AREA) 0x0000011A) 1773 #define TPM_CAP_PROP_CONTEXT_DIST ((TPM_CAPABILITY_AREA) 0x0000011B) 1774 #define TPM_CAP_PROP_DAA_INTERRUPT ((TPM_CAPABILITY_AREA) 0x0000011C) 1775 #define TPM_CAP_PROP_SESSIONS ((TPM_CAPABILITY_AREA) 0x0000011D) 1776 #define TPM_CAP_PROP_MAX_SESSIONS ((TPM_CAPABILITY_AREA) 0x0000011E) 1777 #define TPM_CAP_PROP_CMK_RESTRICTION ((TPM_CAPABILITY_AREA) 0x0000011F) 1778 #define TPM_CAP_PROP_DURATION ((TPM_CAPABILITY_AREA) 0x00000120) 1779 #define TPM_CAP_PROP_ACTIVE_COUNTER ((TPM_CAPABILITY_AREA) 0x00000122) 1780 #define TPM_CAP_PROP_MAX_NV_AVAILABLE ((TPM_CAPABILITY_AREA) 0x00000123) 1781 #define TPM_CAP_PROP_INPUT_BUFFER ((TPM_CAPABILITY_AREA) 0x00000124) 1782 1783 // 1784 // Part 2, section 21.4: TPM_CAPABILITY_AREA for SetCapability 1785 // 1786 #define TPM_SET_PERM_FLAGS ((TPM_CAPABILITY_AREA) 0x00000001) 1787 #define TPM_SET_PERM_DATA ((TPM_CAPABILITY_AREA) 0x00000002) 1788 #define TPM_SET_STCLEAR_FLAGS ((TPM_CAPABILITY_AREA) 0x00000003) 1789 #define TPM_SET_STCLEAR_DATA ((TPM_CAPABILITY_AREA) 0x00000004) 1790 #define TPM_SET_STANY_FLAGS ((TPM_CAPABILITY_AREA) 0x00000005) 1791 #define TPM_SET_STANY_DATA ((TPM_CAPABILITY_AREA) 0x00000006) 1792 1793 /// 1794 /// Part 2, section 21.6: TPM_CAP_VERSION_INFO 1795 /// [size_is(vendorSpecificSize)] BYTE* vendorSpecific; 1796 /// 1797 typedef struct tdTPM_CAP_VERSION_INFO { 1798 TPM_STRUCTURE_TAG tag; 1799 TPM_VERSION version; 1800 uint16_t specLevel; 1801 byte errataRev; 1802 byte tpmVendorID[4]; 1803 uint16_t vendorSpecificSize; 1804 byte *vendorSpecific; 1805 } TPM_CAP_VERSION_INFO; 1806 1807 /// 1808 /// Part 2, section 21.10: TPM_DA_ACTION_TYPE 1809 /// 1810 typedef struct tdTPM_DA_ACTION_TYPE { 1811 TPM_STRUCTURE_TAG tag; 1812 uint32_t actions; 1813 } TPM_DA_ACTION_TYPE; 1814 1815 #define TPM_DA_ACTION_FAILURE_MODE (((uint32_t)1)<<3) 1816 #define TPM_DA_ACTION_DEACTIVATE (((uint32_t)1)<<2) 1817 #define TPM_DA_ACTION_DISABLE (((uint32_t)1)<<1) 1818 #define TPM_DA_ACTION_TIMEOUT (((uint32_t)1)<<0) 1819 1820 /// 1821 /// Part 2, section 21.7: TPM_DA_INFO 1822 /// 1823 typedef struct tdTPM_DA_INFO { 1824 TPM_STRUCTURE_TAG tag; 1825 TPM_DA_STATE state; 1826 uint16_t currentCount; 1827 uint16_t thresholdCount; 1828 TPM_DA_ACTION_TYPE actionAtThreshold; 1829 uint32_t actionDependValue; 1830 uint32_t vendorDataSize; 1831 byte *vendorData; 1832 } TPM_DA_INFO; 1833 1834 /// 1835 /// Part 2, section 21.8: TPM_DA_INFO_LIMITED 1836 /// 1837 typedef struct tdTPM_DA_INFO_LIMITED { 1838 TPM_STRUCTURE_TAG tag; 1839 TPM_DA_STATE state; 1840 TPM_DA_ACTION_TYPE actionAtThreshold; 1841 uint32_t vendorDataSize; 1842 byte *vendorData; 1843 } TPM_DA_INFO_LIMITED; 1844 1845 // 1846 // Part 2, section 21.9: CAP_PROPERTY Subcap values for GetCapability 1847 // 1848 #define TPM_DA_STATE_INACTIVE ((byte)0x00) 1849 #define TPM_DA_STATE_ACTIVE ((byte)0x01) 1850 1851 // 1852 // Part 2, section 22: DAA Structures 1853 // 1854 1855 // 1856 // Part 2, section 22.1: Size definitions 1857 // 1858 #define TPM_DAA_SIZE_r0 (43) 1859 #define TPM_DAA_SIZE_r1 (43) 1860 #define TPM_DAA_SIZE_r2 (128) 1861 #define TPM_DAA_SIZE_r3 (168) 1862 #define TPM_DAA_SIZE_r4 (219) 1863 #define TPM_DAA_SIZE_NT (20) 1864 #define TPM_DAA_SIZE_v0 (128) 1865 #define TPM_DAA_SIZE_v1 (192) 1866 #define TPM_DAA_SIZE_NE (256) 1867 #define TPM_DAA_SIZE_w (256) 1868 #define TPM_DAA_SIZE_issuerModulus (256) 1869 // 1870 // Part 2, section 22.2: Constant definitions 1871 // 1872 #define TPM_DAA_power0 (104) 1873 #define TPM_DAA_power1 (1024) 1874 1875 /// 1876 /// Part 2, section 22.3: TPM_DAA_ISSUER 1877 /// 1878 typedef struct tdTPM_DAA_ISSUER { 1879 TPM_STRUCTURE_TAG tag; 1880 TPM_DIGEST DAA_digest_R0; 1881 TPM_DIGEST DAA_digest_R1; 1882 TPM_DIGEST DAA_digest_S0; 1883 TPM_DIGEST DAA_digest_S1; 1884 TPM_DIGEST DAA_digest_n; 1885 TPM_DIGEST DAA_digest_gamma; 1886 byte DAA_generic_q[26]; 1887 } TPM_DAA_ISSUER; 1888 1889 /// 1890 /// Part 2, section 22.4: TPM_DAA_TPM 1891 /// 1892 typedef struct tdTPM_DAA_TPM { 1893 TPM_STRUCTURE_TAG tag; 1894 TPM_DIGEST DAA_digestIssuer; 1895 TPM_DIGEST DAA_digest_v0; 1896 TPM_DIGEST DAA_digest_v1; 1897 TPM_DIGEST DAA_rekey; 1898 uint32_t DAA_count; 1899 } TPM_DAA_TPM; 1900 1901 /// 1902 /// Part 2, section 22.5: TPM_DAA_CONTEXT 1903 /// 1904 typedef struct tdTPM_DAA_CONTEXT { 1905 TPM_STRUCTURE_TAG tag; 1906 TPM_DIGEST DAA_digestContext; 1907 TPM_DIGEST DAA_digest; 1908 TPM_DAA_CONTEXT_SEED DAA_contextSeed; 1909 byte DAA_scratch[256]; 1910 byte DAA_stage; 1911 } TPM_DAA_CONTEXT; 1912 1913 /// 1914 /// Part 2, section 22.6: TPM_DAA_JOINDATA 1915 /// 1916 typedef struct tdTPM_DAA_JOINDATA { 1917 byte DAA_join_u0[128]; 1918 byte DAA_join_u1[138]; 1919 TPM_DIGEST DAA_digest_n0; 1920 } TPM_DAA_JOINDATA; 1921 1922 /// 1923 /// Part 2, section 22.8: TPM_DAA_BLOB 1924 /// 1925 typedef struct tdTPM_DAA_BLOB { 1926 TPM_STRUCTURE_TAG tag; 1927 TPM_RESOURCE_TYPE resourceType; 1928 byte label[16]; 1929 TPM_DIGEST blobIntegrity; 1930 uint32_t additionalSize; 1931 byte *additionalData; 1932 uint32_t sensitiveSize; 1933 byte *sensitiveData; 1934 } TPM_DAA_BLOB; 1935 1936 /// 1937 /// Part 2, section 22.9: TPM_DAA_SENSITIVE 1938 /// 1939 typedef struct tdTPM_DAA_SENSITIVE { 1940 TPM_STRUCTURE_TAG tag; 1941 uint32_t internalSize; 1942 byte *internalData; 1943 } TPM_DAA_SENSITIVE; 1944 1945 1946 // 1947 // Part 2, section 23: Redirection 1948 // 1949 1950 /// 1951 /// Part 2 section 23.1: TPM_REDIR_COMMAND 1952 /// This section defines exactly one value but does not 1953 /// give it a name. The definition of TPM_SetRedirection in Part3 1954 /// refers to exactly one name but does not give its value. We join 1955 /// them here. 1956 /// 1957 #define TPM_REDIR_GPIO (0x00000001) 1958 1959 /// 1960 /// TPM Command Headers defined in Part 3 1961 /// 1962 typedef struct tdTPM_RQU_COMMAND_HDR { 1963 TPM_STRUCTURE_TAG tag; 1964 uint32_t paramSize; 1965 TPM_COMMAND_CODE ordinal; 1966 } TPM_RQU_COMMAND_HDR; 1967 1968 /// 1969 /// TPM Response Headers defined in Part 3 1970 /// 1971 typedef struct tdTPM_RSP_COMMAND_HDR { 1972 TPM_STRUCTURE_TAG tag; 1973 uint32_t paramSize; 1974 TPM_RESULT returnCode; 1975 } TPM_RSP_COMMAND_HDR; 1976 1977 #pragma pack () 1978 1979 #endif