Google Git
Sign in
qemu / skiboot / d54c698de79f3a4c6bb04d8d744e0aca054629df / . / libstb / tss2 / ibmtpm20tss / utils / ibmtss / TPM_Types.h
blob: 855a3cd6653cfcfdda9d0fde2fcc49c85c216410 [file] [log] [blame]
/********************************************************************************/
/* */
/* Headers from Part 2 */
/* Written by Ken Goldman */
/* IBM Thomas J. Watson Research Center */
/* */
/* Licenses and Notices */
/* */
/* 1. Copyright Licenses: */
/* */
/* - Trusted Computing Group (TCG) grants to the user of the source code in */
/* this specification (the "Source Code") a worldwide, irrevocable, */
/* nonexclusive, royalty free, copyright license to reproduce, create */
/* derivative works, distribute, display and perform the Source Code and */
/* derivative works thereof, and to grant others the rights granted herein. */
/* */
/* - The TCG grants to the user of the other parts of the specification */
/* (other than the Source Code) the rights to reproduce, distribute, */
/* display, and perform the specification solely for the purpose of */
/* developing products based on such documents. */
/* */
/* 2. Source Code Distribution Conditions: */
/* */
/* - Redistributions of Source Code must retain the above copyright licenses, */
/* this list of conditions and the following disclaimers. */
/* */
/* - Redistributions in binary form must reproduce the above copyright */
/* licenses, this list of conditions and the following disclaimers in the */
/* documentation and/or other materials provided with the distribution. */
/* */
/* 3. Disclaimers: */
/* */
/* - THE COPYRIGHT LICENSES SET FORTH ABOVE DO NOT REPRESENT ANY FORM OF */
/* LICENSE OR WAIVER, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, WITH */
/* RESPECT TO PATENT RIGHTS HELD BY TCG MEMBERS (OR OTHER THIRD PARTIES) */
/* THAT MAY BE NECESSARY TO IMPLEMENT THIS SPECIFICATION OR OTHERWISE. */
/* Contact TCG Administration (admin@trustedcomputinggroup.org) for */
/* information on specification licensing rights available through TCG */
/* membership agreements. */
/* */
/* - THIS SPECIFICATION IS PROVIDED "AS IS" WITH NO EXPRESS OR IMPLIED */
/* WARRANTIES WHATSOEVER, INCLUDING ANY WARRANTY OF MERCHANTABILITY OR */
/* FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, COMPLETENESS, OR */
/* NONINFRINGEMENT OF INTELLECTUAL PROPERTY RIGHTS, OR ANY WARRANTY */
/* OTHERWISE ARISING OUT OF ANY PROPOSAL, SPECIFICATION OR SAMPLE. */
/* */
/* - Without limitation, TCG and its members and licensors disclaim all */
/* liability, including liability for infringement of any proprietary */
/* rights, relating to use of information in this specification and to the */
/* implementation of this specification, and TCG disclaims all liability for */
/* cost of procurement of substitute goods or services, lost profits, loss */
/* of use, loss of data or any incidental, consequential, direct, indirect, */
/* or special damages, whether under contract, tort, warranty or otherwise, */
/* arising in any way out of use or reliance upon this specification or any */
/* information herein. */
/* */
/* (c) Copyright IBM Corp. and others, 2012 - 2019 */
/* */
/********************************************************************************/
/* rev 124 */
#ifndef _TPM_TYPES_H
#define _TPM_TYPES_H
#include <stdint.h>
#include <ibmtss/Implementation.h>
#ifdef __cplusplus
extern "C" {
#endif
/*
The C bit field is non-portable, but the TPM specification reference implementation uses them.
These two macros attempt to define the TPM specification bit fields for little and big endian
machines. There is no guarantee that either will work with a specific compiler or tool chain. If
not, the developer must create a custom structure.
TPM_BITFIELD_LE - little endian
TPM_BITFIELD_BE - big endian
To access the structures as uint's for marshaling and unmarshaling, each bit field is a union with
an integral field called 'val'.
Yes, I know that this uses anonymous structs, but the alternative yields another level of
deferencing, and will likely break more code. I hope your compiler supports this recent addition
to the standard.
For portable code:
If neither macro is defined, this header defines the structures as uint32_t. It defines constants
for the various bits, and can be used as:
variable & CONSTANT (test for set)
!(variable & CONSTANT) (test for clear)
variable &= CONSTANT (to set)
variable |= ~CONSTANT (to clear)
Although the portable structures are all uint32_t, some only use the least significant 8 bits and
are marshalled as a uint_8t.
*/
/* Table 3 - Definition of Base Types */
/* In BaseTypes.h */
/* Table 4 - Defines for Logic Values */
// In Table 39 (Yes, NO)
/* In bool.h (TRUE, FALSE) */
#define SET 1
#define CLEAR 0
/* Part 4 5.5 Capabilities.h */
#define MAX_CAP_DATA (MAX_CAP_BUFFER-sizeof(TPM_CAP)-sizeof(UINT32))
#define MAX_CAP_ALGS (MAX_CAP_DATA/sizeof(TPMS_ALG_PROPERTY))
#define MAX_CAP_HANDLES (MAX_CAP_DATA/sizeof(TPM_HANDLE))
#define MAX_CAP_CC (MAX_CAP_DATA/sizeof(TPM_CC))
#define MAX_TPM_PROPERTIES (MAX_CAP_DATA/sizeof(TPMS_TAGGED_PROPERTY))
#define MAX_PCR_PROPERTIES (MAX_CAP_DATA/sizeof(TPMS_TAGGED_PCR_SELECT))
#define MAX_ECC_CURVES (MAX_CAP_DATA/sizeof(TPM_ECC_CURVE))
#define MAX_TAGGED_POLICIES (MAX_CAP_DATA/sizeof(TPMS_TAGGED_POLICY))
/* Table 5 - Definition of Types for Documentation Clarity */
typedef UINT32 TPM_ALGORITHM_ID; /* this is the 1.2 compatible form of the TPM_ALG_ID */
typedef UINT32 TPM_MODIFIER_INDICATOR;
typedef UINT32 TPM_AUTHORIZATION_SIZE; /* the authorizationSize parameter in a command */
typedef UINT32 TPM_PARAMETER_SIZE; /* the parameterSizeset parameter in a command */
typedef UINT16 TPM_KEY_SIZE; /* a key size in octets */
typedef UINT16 TPM_KEY_BITS; /* a key size in bits */
/* Table 6 - Definition of (UINT32) TPM_SPEC Constants <> */
typedef UINT32 TPM_SPEC;
#define TPM_SPEC_FAMILY 0x322E3000 /* ASCII "2.0" with null terminator */
#define TPM_SPEC_LEVEL 00 /* the level number for the specification */
#define TPM_SPEC_VERSION 124 /* the version number of the spec (01.21 * 100) */
#define TPM_SPEC_YEAR 2015 /* the year of the version */
#define TPM_SPEC_DAY_OF_YEAR 191 /* the day of the year */
/* Table 7 - Definition of (UINT32) TPM_GENERATED Constants <O> */
typedef UINT32 TPM_GENERATED;
#define TPM_GENERATED_VALUE 0xff544347 /* 0xFF 'TCG' (FF 54 43 47) */
/* Table 9 - Definition of (UINT16) TPM_ALG_ID Constants <IN/OUT, S> */
typedef UINT16 TPM_ALG_ID;
/* Table 10 - Definition of (UINT16) {ECC} TPM_ECC_CURVE Constants <IN/OUT, S> */
typedef UINT16 TPM_ECC_CURVE;
/* Table 16 - Definition of (UINT32) TPM_RC Constants (Actions) <OUT> */
typedef UINT32 TPM_RC;
#define TPM_RC_SUCCESS 0x000
#define TPM_RC_BAD_TAG 0x01E /* defined for compatibility with TPM 1.2 */
#define RC_VER1 0x100 /* set for all format 0 response codes */
#define TPM_RC_INITIALIZE (RC_VER1 + 0x000) /* TPM not initialized by TPM2_Startup or already initialized */
#define TPM_RC_FAILURE (RC_VER1 + 0x001) /* commands not being accepted because of a TPM failure */
#define TPM_RC_SEQUENCE (RC_VER1 + 0x003) /* improper use of a sequence handle */
#define TPM_RC_PRIVATE (RC_VER1 + 0x00B) /* not currently used */
#define TPM_RC_HMAC (RC_VER1 + 0x019) /* not currently used */
#define TPM_RC_DISABLED (RC_VER1 + 0x020) /* the command is disabled */
#define TPM_RC_EXCLUSIVE (RC_VER1 + 0x021) /* command failed because audit sequence required exclusivity */
#define TPM_RC_AUTH_TYPE (RC_VER1 + 0x024) /* authorization handle is not correct for command */
#define TPM_RC_AUTH_MISSING (RC_VER1 + 0x025) /* command requires an authorization session
for handle and it is not present. */
#define TPM_RC_POLICY (RC_VER1 + 0x026) /* policy failure in math Operation or an invalid authPolicy value */
#define TPM_RC_PCR (RC_VER1 + 0x027) /* PCR check fail */
#define TPM_RC_PCR_CHANGED (RC_VER1 + 0x028) /* PCR have changed since checked. */
#define TPM_RC_UPGRADE (RC_VER1 + 0x02D) /* for all commands other than
TPM2_FieldUpgradeData(), this code
indicates that the TPM is in field
upgrade mode */
#define TPM_RC_TOO_MANY_CONTEXTS (RC_VER1 + 0x02E) /* context ID counter is at maximum. */
#define TPM_RC_AUTH_UNAVAILABLE (RC_VER1 + 0x02F) /* authValue or authPolicy is not available for selected entity. */
#define TPM_RC_REBOOT (RC_VER1 + 0x030) /* a _TPM_Init and Startup(CLEAR) is
required before the TPM can resume
operation. */
#define TPM_RC_UNBALANCED (RC_VER1 + 0x031) /* the protection algorithms (hash and
symmetric) are not reasonably balanced */
#define TPM_RC_COMMAND_SIZE (RC_VER1 + 0x042) /* command commandSize value is inconsistent
with contents of the command buffer */
#define TPM_RC_COMMAND_CODE (RC_VER1 + 0x043) /* command code not supported */
#define TPM_RC_AUTHSIZE (RC_VER1 + 0x044) /* the value of authorizationSize is out of range */
#define TPM_RC_AUTH_CONTEXT (RC_VER1 + 0x045) /* use of an authorization session with a
context command or another command that
cannot have an authorization session.*/
#define TPM_RC_NV_RANGE (RC_VER1 + 0x046) /* NV offset+size is out of range. */
#define TPM_RC_NV_SIZE (RC_VER1 + 0x047) /* Requested allocation size is larger than allowed. */
#define TPM_RC_NV_LOCKED (RC_VER1 + 0x048) /* NV access locked. */
#define TPM_RC_NV_AUTHORIZATION (RC_VER1 + 0x049) /* NV access authorization fails in command
actions (this failure does not affect
lockout.action) */
#define TPM_RC_NV_UNINITIALIZED (RC_VER1 + 0x04A) /* an NV Index is used before being
initialized or the state saved by
TPM2_Shutdown(STATE) could not be
restored */
#define TPM_RC_NV_SPACE (RC_VER1 + 0x04B) /* insufficient space for NV allocation */
#define TPM_RC_NV_DEFINED (RC_VER1 + 0x04C) /* NV Index or persistent object already defined */
#define TPM_RC_BAD_CONTEXT (RC_VER1 + 0x050) /* context in TPM2_ContextLoad() is not valid */
#define TPM_RC_CPHASH (RC_VER1 + 0x051) /* cpHash value already set or not correct for use */
#define TPM_RC_PARENT (RC_VER1 + 0x052) /* handle for parent is not a valid parent */
#define TPM_RC_NEEDS_TEST (RC_VER1 + 0x053) /* some function needs testing. */
#define TPM_RC_NO_RESULT (RC_VER1 + 0x054) /* returned when an internal function cannot
process a request due to an unspecified
problem. */
#define TPM_RC_SENSITIVE (RC_VER1 + 0x055) /* the sensitive area did not unmarshal correctly after decryption */
#define RC_MAX_FM0 (RC_VER1 + 0x07F) /* largest version 1 code that is not a warning */
/* The codes in this group may have a value added to them to indicate the handle, session, or
parameter to which they apply. */
#define RC_FMT1 0x080 /* This bit is SET in all format 1 response codes */
#define TPM_RC_ASYMMETRIC (RC_FMT1 + 0x001) /* asymmetric algorithm not supported or not correct */
#define TPM_RC_ATTRIBUTES (RC_FMT1 + 0x002) /* inconsistent attributes */
#define TPM_RC_HASH (RC_FMT1 + 0x003) /* hash algorithm not supported or not appropriate */
#define TPM_RC_VALUE (RC_FMT1 + 0x004) /* value is out of range or is not correct for the context */
#define TPM_RC_HIERARCHY (RC_FMT1 + 0x005) /* hierarchy is not enabled or is not correct for the use */
#define TPM_RC_KEY_SIZE (RC_FMT1 + 0x007) /* key size is not supported */
#define TPM_RC_MGF (RC_FMT1 + 0x008) /* mask generation function not supported */
#define TPM_RC_MODE (RC_FMT1 + 0x009) /* mode of operation not supported */
#define TPM_RC_TYPE (RC_FMT1 + 0x00A) /* the type of the value is not appropriate for the use */
#define TPM_RC_HANDLE (RC_FMT1 + 0x00B) /* the handle is not correct for the use */
#define TPM_RC_KDF (RC_FMT1 + 0x00C) /* unsupported key derivation function or
function not appropriate for use */
#define TPM_RC_RANGE (RC_FMT1 + 0x00D) /* value was out of allowed range. */
#define TPM_RC_AUTH_FAIL (RC_FMT1 + 0x00E) /* the authorization HMAC check failed and DA counter incremented */
#define TPM_RC_NONCE (RC_FMT1 + 0x00F) /* invalid nonce size or nonce value mismatch */
#define TPM_RC_PP (RC_FMT1 + 0x010) /* authorization requires assertion of PP */
#define TPM_RC_SCHEME (RC_FMT1 + 0x012) /* unsupported or incompatible scheme */
#define TPM_RC_SIZE (RC_FMT1 + 0x015) /* structure is the wrong size */
#define TPM_RC_SYMMETRIC (RC_FMT1 + 0x016) /* unsupported symmetric algorithm or key
size, or not appropriate for instance */
#define TPM_RC_TAG (RC_FMT1 + 0x017) /* incorrect structure tag */
#define TPM_RC_SELECTOR (RC_FMT1 + 0x018) /* union selector is incorrect */
#define TPM_RC_INSUFFICIENT (RC_FMT1 + 0x01A) /* the TPM was unable to unmarshal a value
because there were not enough octets in
the input buffer */
#define TPM_RC_SIGNATURE (RC_FMT1 + 0x01B) /* the signature is not valid */
#define TPM_RC_KEY (RC_FMT1 + 0x01C) /* key fields are not compatible with the selected use */
#define TPM_RC_POLICY_FAIL (RC_FMT1 + 0x01D) /* a policy check failed */
#define TPM_RC_INTEGRITY (RC_FMT1 + 0x01F) /* integrity check failed */
#define TPM_RC_TICKET (RC_FMT1 + 0x020) /* invalid ticket */
#define TPM_RC_RESERVED_BITS (RC_FMT1 + 0x021) /* reserved bits not set to zero as required */
#define TPM_RC_BAD_AUTH (RC_FMT1 + 0x022) /* authorization failure without DA implications */
#define TPM_RC_EXPIRED (RC_FMT1 + 0x023) /* the policy has expired */
#define TPM_RC_POLICY_CC (RC_FMT1 + 0x024) /* the commandCode in the policy is not the
commandCode of the command */
#define TPM_RC_BINDING (RC_FMT1 + 0x025) /* public and sensitive portions of an
object are not cryptographically bound */
#define TPM_RC_CURVE (RC_FMT1 + 0x026) /* curve not supported */
#define TPM_RC_ECC_POINT (RC_FMT1 + 0x027) /* point is not on the required curve. */
/* aliases for FMT1 commands when parameter number can be added */
#define TPM_RCS_VALUE TPM_RC_VALUE
#define TPM_RCS_TYPE TPM_RC_TYPE
#define TPM_RCS_HANDLE TPM_RC_HANDLE
#define TPM_RCS_SIZE TPM_RC_SIZE
#define TPM_RCS_ATTRIBUTES TPM_RC_ATTRIBUTES
#define TPM_RCS_NONCE TPM_RC_NONCE
#define TPM_RCS_SYMMETRIC TPM_RC_SYMMETRIC
#define TPM_RCS_MODE TPM_RC_MODE
#define TPM_RCS_SCHEME TPM_RC_SCHEME
#define TPM_RCS_KEY TPM_RC_KEY
#define TPM_RCS_ECC_POINT TPM_RC_ECC_POINT
#define TPM_RCS_HASH TPM_RC_HASH
#define TPM_RCS_HIERARCHY TPM_RC_HIERARCHY
#define TPM_RCS_TICKET TPM_RC_TICKET
#define TPM_RCS_RANGE TPM_RC_RANGE
#define TPM_RCS_INTEGRITY TPM_RC_INTEGRITY
#define TPM_RCS_POLICY_CC TPM_RC_POLICY_CC
#define TPM_RCS_EXPIRED TPM_RC_EXPIRED
#define RC_WARN 0x900 /* set for warning response codes */
#define TPM_RC_CONTEXT_GAP (RC_WARN + 0x001) /* gap for context ID is too large */
#define TPM_RC_OBJECT_MEMORY (RC_WARN + 0x002) /* out of memory for object contexts */
#define TPM_RC_SESSION_MEMORY (RC_WARN + 0x003) /* out of memory for session contexts */
#define TPM_RC_MEMORY (RC_WARN + 0x004) /* out of shared object/session memory or
need space for internal operations */
#define TPM_RC_SESSION_HANDLES (RC_WARN + 0x005) /* out of session handles - a session must
be flushed before a new session may be
created */
#define TPM_RC_OBJECT_HANDLES (RC_WARN + 0x006) /* out of object handles - the handle space
for objects is depleted and a reboot is
required */
#define TPM_RC_LOCALITY (RC_WARN + 0x007) /* bad locality */
#define TPM_RC_YIELDED (RC_WARN + 0x008) /* the TPM has suspended operation on the
command; forward progress was made and
the command may be retried. */
#define TPM_RC_CANCELED (RC_WARN + 0x009) /* the command was canceled */
#define TPM_RC_CANCELLED TPM_RC_CANCELED
#define TPM_RC_TESTING (RC_WARN + 0x00A) /* TPM is performing self-tests */
#define TPM_RC_REFERENCE_H0 (RC_WARN + 0x010) /* the 1st handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H1 (RC_WARN + 0x011) /* the 2nd handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H2 (RC_WARN + 0x012) /* the 3rd handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H3 (RC_WARN + 0x013) /* the 4th handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H4 (RC_WARN + 0x014) /* the 5th handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H5 (RC_WARN + 0x015) /* the 6th handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_H6 (RC_WARN + 0x016) /* the 7th handle in the handle area
references a transient object or session
that is not loaded */
#define TPM_RC_REFERENCE_S0 (RC_WARN + 0x018) /* the 1st authorization session handle
references a session that is not
loaded */
#define TPM_RC_REFERENCE_S1 (RC_WARN + 0x019) /* the 2nd authorization session handle
references a session that is not
loaded */
#define TPM_RC_REFERENCE_S2 (RC_WARN + 0x01A) /* the 3rd authorization session handle
references a session that is not
loaded */
#define TPM_RC_REFERENCE_S3 (RC_WARN + 0x01B) /* the 4th authorization session handle
references a session that is not
loaded */
#define TPM_RC_REFERENCE_S4 (RC_WARN + 0x01C) /* the 5th session handle references a
session that is not loaded */
#define TPM_RC_REFERENCE_S5 (RC_WARN + 0x01D) /* the 6th session handle references a session that is not loaded */
#define TPM_RC_REFERENCE_S6 (RC_WARN + 0x01E) /* the 7th authorization session handle
references a session that is not
loaded */
#define TPM_RC_NV_RATE (RC_WARN + 0x020) /* the TPM is rate-limiting accesses to prevent wearout of NV */
#define TPM_RC_LOCKOUT (RC_WARN + 0x021) /* authorizations for objects subject to DA
protection are not allowed at this time
because the TPM is in DA lockout mode */
#define TPM_RC_RETRY (RC_WARN + 0x022) /* the TPM was not able to start the command */
#define TPM_RC_NV_UNAVAILABLE (RC_WARN + 0x023) /* the command may require writing of NV and
NV is not current accessible */
#define TPM_RC_NOT_USED (RC_WARN + 0x07F) /* this value is reserved and shall not be returned by the TPM */
#define TPM_RC_H 0x000 /* add to a handle-related error */
#define TPM_RC_P 0x040 /* add to a parameter-related error */
#define TPM_RC_S 0x800 /* add to a session-related error */
#define TPM_RC_1 0x100 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_2 0x200 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_3 0x300 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_4 0x400 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_5 0x500 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_6 0x600 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_7 0x700 /* add to a parameter-, handle-, or session-related error */
#define TPM_RC_8 0x800 /* add to a parameter-related error */
#define TPM_RC_9 0x900 /* add to a parameter-related error */
#define TPM_RC_A 0xA00 /* add to a parameter-related error */
#define TPM_RC_B 0xB00 /* add to a parameter-related error */
#define TPM_RC_C 0xC00 /* add to a parameter-related error */
#define TPM_RC_D 0xD00 /* add to a parameter-related error */
#define TPM_RC_E 0xE00 /* add to a parameter-related error */
#define TPM_RC_F 0xF00 /* add to a parameter-related error */
#define TPM_RC_N_MASK 0xF00 /* number mask */
/* Table 17 - Definition of (INT8) TPM_CLOCK_ADJUST Constants <IN> */
typedef INT8 TPM_CLOCK_ADJUST;
#define TPM_CLOCK_COARSE_SLOWER -3 /* Slow the Clock update rate by one coarse adjustment step. */
#define TPM_CLOCK_MEDIUM_SLOWER -2 /* Slow the Clock update rate by one medium adjustment step. */
#define TPM_CLOCK_FINE_SLOWER -1 /* Slow the Clock update rate by one fine adjustment step. */
#define TPM_CLOCK_NO_CHANGE 0 /* No change to the Clock update rate. */
#define TPM_CLOCK_FINE_FASTER 1 /* Speed the Clock update rate by one fine adjustment step. */
#define TPM_CLOCK_MEDIUM_FASTER 2 /* Speed the Clock update rate by one medium adjustment step. */
#define TPM_CLOCK_COARSE_FASTER 3 /* Speed the Clock update rate by one coarse adjustment step. */
/* Table 18 - Definition of (UINT16) TPM_EO Constants <IN/OUT> */
typedef UINT16 TPM_EO;
#define TPM_EO_EQ 0x0000 /* A = B */
#define TPM_EO_NEQ 0x0001 /* A != B */
#define TPM_EO_SIGNED_GT 0x0002 /* A > B signed */
#define TPM_EO_UNSIGNED_GT 0x0003 /* A > B unsigned */
#define TPM_EO_SIGNED_LT 0x0004 /* A < B signed */
#define TPM_EO_UNSIGNED_LT 0x0005 /* A < B unsigned */
#define TPM_EO_SIGNED_GE 0x0006 /* A = B signed */
#define TPM_EO_UNSIGNED_GE 0x0007 /* A = B unsigned */
#define TPM_EO_SIGNED_LE 0x0008 /* A = B signed */
#define TPM_EO_UNSIGNED_LE 0x0009 /* A = B unsigned */
#define TPM_EO_BITSET 0x000A /* All bits SET in B are SET in A. ((A&B)=B) */
#define TPM_EO_BITCLEAR 0x000B /* All bits SET in B are CLEAR in A. ((A&B)=0) */
/* Table 19 - Definition of (UINT16) TPM_ST Constants <IN/OUT, S> */
typedef UINT16 TPM_ST;
#define TPM_ST_RSP_COMMAND 0x00C4 /* tag value for a response */
#define TPM_ST_NULL 0X8000 /* no structure type specified */
#define TPM_ST_NO_SESSIONS 0x8001 /* command/response has no attached sessions*/
#define TPM_ST_SESSIONS 0x8002 /* command/response has one or more attached sessions*/
#define TPM_ST_ATTEST_NV 0x8014 /* tag for an attestation structure */
#define TPM_ST_ATTEST_COMMAND_AUDIT 0x8015 /* tag for an attestation structure */
#define TPM_ST_ATTEST_SESSION_AUDIT 0x8016 /* tag for an attestation structure */
#define TPM_ST_ATTEST_CERTIFY 0x8017 /* tag for an attestation structure */
#define TPM_ST_ATTEST_QUOTE 0x8018 /* tag for an attestation structure */
#define TPM_ST_ATTEST_TIME 0x8019 /* tag for an attestation structure */
#define TPM_ST_ATTEST_CREATION 0x801A /* tag for an attestation structure */
#define TPM_ST_ATTEST_NV_DIGEST 0x801C /* tag for an attestation structure */
#define TPM_ST_CREATION 0x8021 /* tag for a ticket type */
#define TPM_ST_VERIFIED 0x8022 /* tag for a ticket type */
#define TPM_ST_AUTH_SECRET 0x8023 /* tag for a ticket type */
#define TPM_ST_HASHCHECK 0x8024 /* tag for a ticket type */
#define TPM_ST_AUTH_SIGNED 0x8025 /* tag for a ticket type */
#define TPM_ST_FU_MANIFEST 0x8029 /* tag for a structure describing a Field Upgrade Policy */
/* Table 20 - Definition of (UINT16) TPM_SU Constants <IN> */
typedef UINT16 TPM_SU;
#define TPM_SU_CLEAR 0x0000 /* on TPM2_Startup(), indicates that the TPM should perform TPM Reset or TPM Restart */
#define TPM_SU_STATE 0x0001 /* on TPM2_Startup(), indicates that the TPM should restore the
state saved by TPM2_Shutdown(TPM_SU_STATE) */
/* Table 21 - Definition of (UINT8) TPM_SE Constants <IN> */
typedef UINT8 TPM_SE;
#define TPM_SE_HMAC 0x00
#define TPM_SE_POLICY 0x01
#define TPM_SE_TRIAL 0x03
/* Table 22 - Definition of (UINT32) TPM_CAP Constants */
typedef UINT32 TPM_CAP;
#define TPM_CAP_FIRST 0x00000000 /* */
#define TPM_CAP_ALGS 0x00000000 /* TPM_ALG_ID(1) TPML_ALG_PROPERTY */
#define TPM_CAP_HANDLES 0x00000001 /* TPM_HANDLE TPML_HANDLE */
#define TPM_CAP_COMMANDS 0x00000002 /* TPM_CC TPML_CCA */
#define TPM_CAP_PP_COMMANDS 0x00000003 /* TPM_CC TPML_CC */
#define TPM_CAP_AUDIT_COMMANDS 0x00000004 /* TPM_CC TPML_CC */
#define TPM_CAP_PCRS 0x00000005 /* reserved TPML_PCR_SELECTION */
#define TPM_CAP_TPM_PROPERTIES 0x00000006 /* TPM_PT TPML_TAGGED_TPM_PROPERTY */
#define TPM_CAP_PCR_PROPERTIES 0x00000007 /* TPM_PT_PCR TPML_TAGGED_PCR_PROPERTY */
#define TPM_CAP_ECC_CURVES 0x00000008 /* TPM_ECC_CURVE(1) TPML_ECC_CURVE */
#define TPM_CAP_AUTH_POLICIES 0x00000009 /* TPML_TAGGED_POLICY */
#define TPM_CAP_LAST 0x00000009 /* */
#define TPM_CAP_VENDOR_PROPERTY 0x00000100 /* manufacturer specific manufacturer-specific values */
/* Table 23 - Definition of (UINT32) TPM_PT Constants <IN/OUT, S> */
typedef UINT32 TPM_PT;
#define TPM_PT_NONE 0x00000000 /* indicates no property type */
#define PT_GROUP 0x00000100 /* The number of properties in each group. */
#define PT_FIXED (PT_GROUP * 1) /* the group of fixed properties returned as TPMS_TAGGED_PROPERTY */
/* The values in this group are only changed due to a firmware change in the TPM. */
#define TPM_PT_FAMILY_INDICATOR (PT_FIXED + 0) /* a 4-octet character string containing the
TPM Family value (TPM_SPEC_FAMILY) */
#define TPM_PT_LEVEL (PT_FIXED + 1) /* the level of the specification */
#define TPM_PT_REVISION (PT_FIXED + 2) /* the specification Revision times 100 */
#define TPM_PT_DAY_OF_YEAR (PT_FIXED + 3) /* the specification day of year using TCG calendar */
#define TPM_PT_YEAR (PT_FIXED + 4) /* the specification year using the CE */
#define TPM_PT_MANUFACTURER (PT_FIXED + 5) /* the vendor ID unique to each TPM manufacturer */
#define TPM_PT_VENDOR_STRING_1 (PT_FIXED + 6) /* the first four characters of the vendor ID string */
#define TPM_PT_VENDOR_STRING_2 (PT_FIXED + 7) /* the second four characters of the vendor ID string */
#define TPM_PT_VENDOR_STRING_3 (PT_FIXED + 8) /* the third four characters of the vendor ID string */
#define TPM_PT_VENDOR_STRING_4 (PT_FIXED + 9) /* the fourth four characters of the vendor ID sting */
#define TPM_PT_VENDOR_TPM_TYPE (PT_FIXED + 10) /* vendor-defined value indicating the TPM model */
#define TPM_PT_FIRMWARE_VERSION_1 (PT_FIXED + 11) /* the most-significant 32 bits of a TPM
vendor-specific value indicating the
version number of the firmware */
#define TPM_PT_FIRMWARE_VERSION_2 (PT_FIXED + 12) /* the least-significant 32 bits of a TPM
vendor-specific value indicating the
version number of the firmware */
#define TPM_PT_INPUT_BUFFER (PT_FIXED + 13) /* the maximum size of a parameter
(typically, a TPM2B_MAX_BUFFER) */
#define TPM_PT_HR_TRANSIENT_MIN (PT_FIXED + 14) /* the minimum number of transient objects
that can be held in TPM RAM */
#define TPM_PT_HR_PERSISTENT_MIN (PT_FIXED + 15) /* the minimum number of persistent objects
that can be held in TPM NV memory */
#define TPM_PT_HR_LOADED_MIN (PT_FIXED + 16) /* the minimum number of authorization
sessions that can be held in TPM RAM */
#define TPM_PT_ACTIVE_SESSIONS_MAX (PT_FIXED + 17) /* the number of authorization sessions that
may be active at a time */
#define TPM_PT_PCR_COUNT (PT_FIXED + 18) /* the number of PCR implemented */
#define TPM_PT_PCR_SELECT_MIN (PT_FIXED + 19) /* the minimum number of octets in a
TPMS_PCR_SELECT.sizeOfSelect */
#define TPM_PT_CONTEXT_GAP_MAX (PT_FIXED + 20) /* the maximum allowed difference (unsigned)
between the contextID values of two saved
session contexts */
#define TPM_PT_NV_COUNTERS_MAX (PT_FIXED + 22) /* the maximum number of NV Indexes that are
allowed to have TPM_NV_COUNTER attribute SET */
#define TPM_PT_NV_INDEX_MAX (PT_FIXED + 23) /* the maximum size of an NV Index data area */
#define TPM_PT_MEMORY (PT_FIXED + 24) /* a TPMA_MEMORY indicating the memory
management method for the TPM */
#define TPM_PT_CLOCK_UPDATE (PT_FIXED + 25) /* interval, in milliseconds, between
updates to the copy of
TPMS_CLOCK_INFO.clock in NV */
#define TPM_PT_CONTEXT_HASH (PT_FIXED + 26) /* the algorithm used for the integrity HMAC
on saved contexts and for hashing the
fuData of TPM2_FirmwareRead() */
#define TPM_PT_CONTEXT_SYM (PT_FIXED + 27) /* TPM_ALG_ID, the algorithm used for
encryption of saved contexts */
#define TPM_PT_CONTEXT_SYM_SIZE (PT_FIXED + 28) /* TPM_KEY_BITS, the size of the key used
for encryption of saved contexts */
#define TPM_PT_ORDERLY_COUNT (PT_FIXED + 29) /* the modulus - 1 of the count for NV
update of an orderly counter */
#define TPM_PT_MAX_COMMAND_SIZE (PT_FIXED + 30) /* the maximum value for commandSize in a command */
#define TPM_PT_MAX_RESPONSE_SIZE (PT_FIXED + 31) /* the maximum value for responseSize in a response */
#define TPM_PT_MAX_DIGEST (PT_FIXED + 32) /* the maximum size of a digest that can be
produced by the TPM */
#define TPM_PT_MAX_OBJECT_CONTEXT (PT_FIXED + 33) /* the maximum size of an object context
that will be returned by
TPM2_ContextSave */
#define TPM_PT_MAX_SESSION_CONTEXT (PT_FIXED + 34) /* the maximum size of a session context
that will be returned by
TPM2_ContextSave */
#define TPM_PT_PS_FAMILY_INDICATOR (PT_FIXED + 35) /* platform-specific family (a TPM_PS
value)(see Table 26) */
#define TPM_PT_PS_LEVEL (PT_FIXED + 36) /* the level of the platform-specific specification */
#define TPM_PT_PS_REVISION (PT_FIXED + 37) /* the specification Revision times 100 for
the platform-specific specification */
#define TPM_PT_PS_DAY_OF_YEAR (PT_FIXED + 38) /* the platform-specific specification day
of year using TCG calendar */
#define TPM_PT_PS_YEAR (PT_FIXED + 39) /* the platform-specific specification year
using the CE */
#define TPM_PT_SPLIT_MAX (PT_FIXED + 40) /* the number of split signing operations
supported by the TPM */
#define TPM_PT_TOTAL_COMMANDS (PT_FIXED + 41) /* total number of commands implemented in the TPM */
#define TPM_PT_LIBRARY_COMMANDS (PT_FIXED + 42) /* number of commands from the TPM library
that are implemented */
#define TPM_PT_VENDOR_COMMANDS (PT_FIXED + 43) /* number of vendor commands that are implemented */
#define TPM_PT_NV_BUFFER_MAX (PT_FIXED + 44) /* the maximum data size in one NV write command */
#define TPM_PT_MODES (PT_FIXED + 45) /* a TPMA_MODES value, indicating that the
TPM is designed for these modes. */
#define TPM_PT_MAX_CAP_BUFFER (PT_FIXED + 46) /* the maximum size of a
TPMS_CAPABILITY_DATA structure returned
in TPM2_GetCapability(). */
#define PT_VAR (PT_GROUP * 2) /* the group of variable properties returned
as TPMS_TAGGED_PROPERTY */
/* The properties in this group change because of a Protected Capability other than a firmware
update. The values are not necessarily persistent across all power transitions. */
#define TPM_PT_PERMANENT (PT_VAR + 0) /* TPMA_PERMANENT */
#define TPM_PT_STARTUP_CLEAR (PT_VAR + 1) /* TPMA_STARTUP_CLEAR */
#define TPM_PT_HR_NV_INDEX (PT_VAR + 2) /* the number of NV Indexes currently defined */
#define TPM_PT_HR_LOADED (PT_VAR + 3) /* the number of authorization sessions
currently loaded into TPM RAM */
#define TPM_PT_HR_LOADED_AVAIL (PT_VAR + 4) /* the number of additional authorization
sessions, of any type, that could be
loaded into TPM RAM */
#define TPM_PT_HR_ACTIVE (PT_VAR + 5) /* the number of active authorization
sessions currently being tracked by the
TPM */
#define TPM_PT_HR_ACTIVE_AVAIL (PT_VAR + 6) /* the number of additional authorization
sessions, of any type, that could be
created */
#define TPM_PT_HR_TRANSIENT_AVAIL (PT_VAR + 7) /* estimate of the number of additional
transient objects that could be loaded
into TPM RAM */
#define TPM_PT_HR_PERSISTENT (PT_VAR + 8) /* the number of persistent objects
currently loaded into TPM NV memory */
#define TPM_PT_HR_PERSISTENT_AVAIL (PT_VAR + 9) /* the number of additional persistent
objects that could be loaded into NV
memory */
#define TPM_PT_NV_COUNTERS (PT_VAR + 10) /* the number of defined NV Indexes that
have the NV TPM_NV_COUNTER attribute SET */
#define TPM_PT_NV_COUNTERS_AVAIL (PT_VAR + 11) /* the number of additional NV Indexes that
can be defined with their TPM_NT of TPM_NV_COUNTER
and the TPM_NV_ORDERLY attribute SET */
#define TPM_PT_ALGORITHM_SET (PT_VAR + 12) /* code that limits the algorithms that may
be used with the TPM */
#define TPM_PT_LOADED_CURVES (PT_VAR + 13) /* the number of loaded ECC curves */
#define TPM_PT_LOCKOUT_COUNTER (PT_VAR + 14) /* the current value of the lockout counter (failedTries) */
#define TPM_PT_MAX_AUTH_FAIL (PT_VAR + 15) /* the number of authorization failures
before DA lockout is invoked */
#define TPM_PT_LOCKOUT_INTERVAL (PT_VAR + 16) /* the number of seconds before the value
reported by TPM_PT_LOCKOUT_COUNTER is
decremented */
#define TPM_PT_LOCKOUT_RECOVERY (PT_VAR + 17) /* the number of seconds after a lockoutAuth
failure before use of lockoutAuth may be
attempted again */
#define TPM_PT_NV_WRITE_RECOVERY (PT_VAR + 18) /* number of milliseconds before the TPM
will accept another command that will
modify NV */
#define TPM_PT_AUDIT_COUNTER_0 (PT_VAR + 19) /* the high-order 32 bits of the command audit counter */
#define TPM_PT_AUDIT_COUNTER_1 (PT_VAR + 20) /* the low-order 32 bits of the command audit counter */
/* Table 24 - Definition of (UINT32) TPM_PT_PCR Constants <IN/OUT, S> */
typedef UINT32 TPM_PT_PCR;
#define TPM_PT_PCR_FIRST 0x00000000 /* bottom of the range of TPM_PT_PCR properties */
#define TPM_PT_PCR_SAVE 0x00000000 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR is saved and restored by TPM_SU_STATE */
#define TPM_PT_PCR_EXTEND_L0 0x00000001 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be extended from locality 0 */
#define TPM_PT_PCR_RESET_L0 0x00000002 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 0 */
#define TPM_PT_PCR_EXTEND_L1 0x00000003 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be extended from locality 1 */
#define TPM_PT_PCR_RESET_L1 0x00000004 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 1 */
#define TPM_PT_PCR_EXTEND_L2 0x00000005 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be extended from locality 2 */
#define TPM_PT_PCR_RESET_L2 0x00000006 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 2 */
#define TPM_PT_PCR_EXTEND_L3 0x00000007 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be extended from locality 3 */
#define TPM_PT_PCR_RESET_L3 0x00000008 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 3 */
#define TPM_PT_PCR_EXTEND_L4 0x00000009 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be extended from locality 4 */
#define TPM_PT_PCR_RESET_L4 0x0000000A /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 4 */
#define TPM_PT_PCR_NO_INCREMENT 0x00000011 /* a SET bit in the TPMS_PCR_SELECT indicates that
modifications to this PCR (reset or Extend) will
not increment the pcrUpdateCounter */
#define TPM_PT_PCR_RESET_L4 0x0000000A /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR may be reset by TPM2_PCR_Reset() from
locality 4 */
#define TPM_PT_PCR_DRTM_RESET 0x00000012 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR is reset by a DRTM event */
#define TPM_PT_PCR_POLICY 0x00000013 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR is controlled by policy */
#define TPM_PT_PCR_AUTH 0x00000014 /* a SET bit in the TPMS_PCR_SELECT indicates that
the PCR is controlled by an authorization
value */
#define TPM_PT_PCR_LAST 0x00000014 /* top of the range of TPM_PT_PCR properties of the
implementation */
/* Table 25 - Definition of (UINT32) TPM_PS Constants <OUT> */
typedef UINT32 TPM_PS;
#define TPM_PS_MAIN 0x00000000 /* not platform specific */
#define TPM_PS_PC 0x00000001 /* PC Client */
#define TPM_PS_PDA 0x00000002 /* PDA (includes all mobile devices that are not
specifically cell phones) */
#define TPM_PS_CELL_PHONE 0x00000003 /* Cell Phone */
#define TPM_PS_SERVER 0x00000004 /* Server WG */
#define TPM_PS_PERIPHERAL 0x00000005 /* Peripheral WG */
#define TPM_PS_TSS 0x00000006 /* TSS WG */
#define TPM_PS_STORAGE 0x00000007 /* Storage WG */
#define TPM_PS_AUTHENTICATION 0x00000008 /* Authentication WG */
#define TPM_PS_EMBEDDED 0x00000009 /* Embedded WG */
#define TPM_PS_HARDCOPY 0x0000000A /* Hardcopy WG */
#define TPM_PS_INFRASTRUCTURE 0x0000000B /* Infrastructure WG */
#define TPM_PS_VIRTUALIZATION 0x0000000C /* Virtualization WG */
#define TPM_PS_TNC 0x0000000D /* Trusted Network Connect WG */
#define TPM_PS_MULTI_TENANT 0x0000000E /* Multi-tenant WG */
#define TPM_PS_TC 0x0000000F /* Technical Committee*/
/* Table 26 - Definition of Types for Handles */
typedef UINT32 TPM_HANDLE; /* Handles may refer to objects (keys or data blobs), authorization
sessions (HMAC and policy), NV Indexes, permanent TPM locations,
and PCR. */
/* Table 27 - Definition of (UINT8) TPM_HT Constants <S> */
typedef UINT8 TPM_HT;
#define TPM_HT_PCR 0x00 /* PCR - consecutive numbers, starting at 0, that reference the PCR registers */
#define TPM_HT_NV_INDEX 0x01 /* NV Index - assigned by the caller */
#define TPM_HT_HMAC_SESSION 0x02 /* HMAC Authorization Session - assigned by the TPM when the session is created */
#define TPM_HT_LOADED_SESSION 0x02 /* Loaded Authorization Session - used only in the context of TPM2_GetCapability */
#define TPM_HT_POLICY_SESSION 0x03 /* Policy Authorization Session - assigned by the TPM when the session is created */
#define TPM_HT_SAVED_SESSION 0x03 /* Saved Authorization Session - used only in the context of TPM2_GetCapability */
#define TPM_HT_PERMANENT 0x40 /* Permanent Values - assigned by this specification in Table 27 */
#define TPM_HT_TRANSIENT 0x80 /* Transient Objects - assigned by the TPM when an object is
loaded into transient-object memory or when a persistent
object is converted to a transient object */
#define TPM_HT_PERSISTENT 0x81 /* Persistent Objects - assigned by the TPM when a loaded
transient object is made persistent */
/* Table 28 - Definition of (TPM_HANDLE) TPM_RH Constants <S> */
typedef TPM_HANDLE TPM_RH;
#define TPM_RH_FIRST 0x40000000 /* R */
#define TPM_RH_SRK 0x40000000 /* R not used1 */
#define TPM_RH_OWNER 0x40000001 /* K, A, P handle references the Storage Primary
Seed (SPS), the ownerAuth, and the ownerPolicy */
#define TPM_RH_REVOKE 0x40000002 /* R not used1 */
#define TPM_RH_TRANSPORT 0x40000003 /* R not used1 */
#define TPM_RH_OPERATOR 0x40000004 /* R not used1 */
#define TPM_RH_ADMIN 0x40000005 /* R not used1 */
#define TPM_RH_EK 0x40000006 /* R not used1 */
#define TPM_RH_NULL 0x40000007 /* K, A, P a handle associated with the null
hierarchy, an EmptyAuth authValue, and an Empty
Policy authPolicy. */
#define TPM_RH_UNASSIGNED 0x40000008 /* R value reserved to the TPM to indicate a handle
location that has not been initialized or
assigned */
#define TPM_RS_PW 0x40000009 /* S authorization value used to indicate a password
authorization session */
#define TPM_RH_LOCKOUT 0x4000000A /* A references the authorization associated with
the dictionary attack lockout reset */
#define TPM_RH_ENDORSEMENT 0x4000000B /* K, A, P references the Endorsement Primary Seed
(EPS), endorsementAuth, and endorsementPolicy */
#define TPM_RH_PLATFORM 0x4000000C /* K, A, P references the Platform Primary Seed
(PPS), platformAuth, and platformPolicy */
#define TPM_RH_PLATFORM_NV 0x4000000D /* C for phEnableNV */
#define TPM_RH_AUTH_00 0x40000010 /* A Start of a range of authorization values that
are vendor-specific. A TPM may support any of
the values in this range as are needed for
vendor-specific purposes. Disabled if ehEnable is CLEAR. */
#define TPM_RH_AUTH_FF 0x4000010F /* A End of the range of vendor-specific
authorization values. */
#define TPM_RH_LAST 0x4000010F /* R the top of the reserved handle area */
/* Table 29 - Definition of (TPM_HANDLE) TPM_HC Constants <S> */
typedef TPM_HANDLE TPM_HC;
#define HR_HANDLE_MASK 0x00FFFFFF /* to mask off the HR */
#define HR_RANGE_MASK 0xFF000000 /* to mask off the variable part */
#define HR_SHIFT 24
#define HR_PCR ((TPM_HT_PCR) << HR_SHIFT)
#define HR_HMAC_SESSION (TPM_HT_HMAC_SESSION << HR_SHIFT)
#define HR_POLICY_SESSION (TPM_HT_POLICY_SESSION << HR_SHIFT)
#define HR_TRANSIENT (TPM_HC)((((UINT32)TPM_HT_TRANSIENT) << HR_SHIFT))
#define HR_PERSISTENT (TPM_HC)((((UINT32)TPM_HT_PERSISTENT) << HR_SHIFT))
#define HR_NV_INDEX (TPM_HT_NV_INDEX << HR_SHIFT)
#define HR_PERMANENT (TPM_HT_PERMANENT << HR_SHIFT)
#define PCR_FIRST (HR_PCR + 0) /* first PCR */
#define PCR_LAST (HR_PCR | HR_HANDLE_MASK) /* last PCR in range */
#define HMAC_SESSION_FIRST (HR_HMAC_SESSION + 0) /* first HMAC session */
#define HMAC_SESSION_LAST (HMAC_SESSION_FIRST | HR_HANDLE_MASK) /* last HMAC session */
#define LOADED_SESSION_FIRST HMAC_SESSION_FIRST /* used in GetCapability */
#define LOADED_SESSION_LAST HMAC_SESSION_LAST /* used in GetCapability */
#define POLICY_SESSION_FIRST (HR_POLICY_SESSION + 0) /* first policy session */
#define POLICY_SESSION_LAST (POLICY_SESSION_FIRST | HR_HANDLE_MASK) /* last policy session */
#define TRANSIENT_FIRST ((UINT32)(HR_TRANSIENT + 0)) /* first transient object */
#define ACTIVE_SESSION_FIRST POLICY_SESSION_FIRST /* used in GetCapability */
#define ACTIVE_SESSION_LAST POLICY_SESSION_LAST /* used in GetCapability */
#define TRANSIENT_LAST ((UINT32)(TRANSIENT_FIRST | HR_HANDLE_MASK)) /* last transient object */
#define PERSISTENT_FIRST ((UINT32)(HR_PERSISTENT + 0)) /* first persistent object */
#define PERSISTENT_LAST ((UINT32)(PERSISTENT_FIRST | HR_HANDLE_MASK)) /* last persistent object */
#define PLATFORM_PERSISTENT (PERSISTENT_FIRST + 0x00800000) /* first platform persistent object */
#define NV_INDEX_FIRST (HR_NV_INDEX + 0) /* first allowed NV Index */
#define NV_INDEX_LAST (NV_INDEX_FIRST | HR_HANDLE_MASK) /* last allowed NV Index */
#define PERMANENT_FIRST TPM_RH_FIRST
#define PERMANENT_LAST TPM_RH_LAST
/* Table 30 - Definition of (UINT32) TPMA_ALGORITHM Bits */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int asymmetric : 1; /* 0 an asymmetric algorithm with public and private portions */
unsigned int symmetric : 1; /* 1 a symmetric block cipher */
unsigned int hash : 1; /* a hash algorithm */
unsigned int object : 1; /* an algorithm that may be used as an object type */
unsigned int Reserved1 : 4; /* 7:4 */
unsigned int signing : 1; /* 8 a signing algorithm */
unsigned int encrypting : 1; /* 9 an encryption/decryption algorithm */
unsigned int method : 1; /* 10 a method such as a key derivative function (KDF) */
unsigned int Reserved2 : 21; /* 31:11 */
};
UINT32 val;
} TPMA_ALGORITHM;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Reserved2 : 21; /* 31:11 */
unsigned int method : 1; /* 10 a method such as a key derivative function (KDF) */
unsigned int encrypting : 1; /* 9 an encryption/decryption algorithm */
unsigned int signing : 1; /* 8 a signing algorithm */
unsigned int Reserved1 : 4; /* 7:4 */
unsigned int object : 1; /* an algorithm that may be used as an object type */
unsigned int hash : 1; /* a hash algorithm */
unsigned int symmetric : 1; /* 1 a symmetric block cipher */
unsigned int asymmetric : 1; /* 0 an asymmetric algorithm with public and private portions */
};
UINT32 val;
} TPMA_ALGORITHM;
#else
typedef struct {
UINT32 val;
} TPMA_ALGORITHM;
#endif
#define TPMA_ALGORITHM_ASYMMETRIC 0x00000001
#define TPMA_ALGORITHM_SYMMETRIC 0x00000002
#define TPMA_ALGORITHM_HASH 0x00000004
#define TPMA_ALGORITHM_OBJECT 0x00000008
#define TPMA_ALGORITHM_RESERVED1 0x000000f0
#define TPMA_ALGORITHM_SIGNING 0x00000100
#define TPMA_ALGORITHM_ENCRYPTING 0x00000200
#define TPMA_ALGORITHM_METHOD 0x00000400
#define TPMA_ALGORITHM_RESERVED2 0xfffff800
#define TPMA_ALGORITHM_RESERVED ( \
TPMA_ALGORITHM_RESERVED1 | \
TPMA_ALGORITHM_RESERVED2 )
/* Table 31 - Definition of (UINT32) TPMA_OBJECT Bits */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int Reserved1 : 1; /* 0 shall be zero */
unsigned int fixedTPM : 1; /* 1 The hierarchy of the object, as indicated by its Qualified Name, may not change. */
unsigned int stClear : 1; /* 2 Previously saved contexts of this object may not be loaded after Startup(CLEAR). */
unsigned int Reserved2 : 1; /* 3 shall be zero */
unsigned int fixedParent : 1; /* 4 The parent of the object may not change. */
unsigned int sensitiveDataOrigin : 1; /* 5 the TPM generated all of the sensitive data other than the authValue. */
unsigned int userWithAuth : 1; /* 6 HMAC session or with a password */
unsigned int adminWithPolicy : 1; /* 7 policy session. */
unsigned int Reserved3 : 2; /* 9:8 shall be zero */
unsigned int noDA : 1; /* 10 The object is not subject to dictionary attack protections. */
unsigned int encryptedDuplication : 1; /* 11 */
unsigned int Reserved4 : 4; /* 15:12 shall be zero */
unsigned int restricted : 1; /* 16 Key usage is restricted to manipulate structures of known format */
unsigned int decrypt : 1; /* 17 The private portion of the key may be used to decrypt. */
unsigned int sign : 1; /* 18 For a symmetric cipher object, the private
portion of the key may be used to encrypt. For
other objects, the private portion of the key may
be used to sign. */
unsigned int Reserved5 : 13; /* 31:19 shall be zero */
};
UINT32 val;
} TPMA_OBJECT;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Reserved5 : 13; /* 31:19 shall be zero */
unsigned int sign : 1; /* 18 For a symmetric cipher object, the private
portion of the key may be used to encrypt. For
other objects, the private portion of the key may
be used to sign. */
unsigned int decrypt : 1; /* 17 The private portion of the key may be used to decrypt. */
unsigned int restricted : 1; /* 16 Key usage is restricted to manipulate structures of known format */
unsigned int Reserved4 : 4; /* 15:12 shall be zero */
unsigned int encryptedDuplication : 1; /* 11 */
unsigned int noDA : 1; /* 10 The object is not subject to dictionary attack protections. */
unsigned int Reserved3 : 2; /* 9:8 shall be zero */
unsigned int adminWithPolicy : 1; /* 7 policy session. */
unsigned int userWithAuth : 1; /* 6 HMAC session or with a password */
unsigned int sensitiveDataOrigin : 1; /* 5 the TPM generated all of the sensitive data other than the authValue. */
unsigned int fixedParent : 1; /* 4 The parent of the object may not change. */
unsigned int Reserved2 : 1; /* 3 shall be zero */
unsigned int stClear : 1; /* 2 Previously saved contexts of this object may not be loaded after Startup(CLEAR). */
unsigned int fixedTPM : 1; /* 1 The hierarchy of the object, as indicated by its Qualified Name, may not change. */
unsigned int Reserved1 : 1; /* 0 shall be zero */
};
UINT32 val;
} TPMA_OBJECT;
#else
typedef struct {
UINT32 val;
} TPMA_OBJECT;
#endif
#define TPMA_OBJECT_RESERVED1 0x00000001
#define TPMA_OBJECT_FIXEDTPM 0x00000002
#define TPMA_OBJECT_STCLEAR 0x00000004
#define TPMA_OBJECT_RESERVED2 0x00000008
#define TPMA_OBJECT_FIXEDPARENT 0x00000010
#define TPMA_OBJECT_SENSITIVEDATAORIGIN 0x00000020
#define TPMA_OBJECT_USERWITHAUTH 0x00000040
#define TPMA_OBJECT_ADMINWITHPOLICY 0x00000080
#define TPMA_OBJECT_RESERVED3 0x00000300
#define TPMA_OBJECT_NODA 0x00000400
#define TPMA_OBJECT_ENCRYPTEDDUPLICATION 0x00000800
#define TPMA_OBJECT_RESERVED4 0x0000f000
#define TPMA_OBJECT_RESTRICTED 0x00010000
#define TPMA_OBJECT_DECRYPT 0x00020000
#define TPMA_OBJECT_SIGN 0x00040000
#define TPMA_OBJECT_RESERVED5 0xfff80000
#define TPMA_OBJECT_RESERVED ( \
TPMA_OBJECT_RESERVED1 | \
TPMA_OBJECT_RESERVED2 | \
TPMA_OBJECT_RESERVED3 | \
TPMA_OBJECT_RESERVED4 | \
TPMA_OBJECT_RESERVED5 )
/* Table 32 - Definition of (UINT8) TPMA_SESSION Bits <IN/OUT> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int continueSession : 1; /* 0 the session is to remain active after successful completion of the command */
unsigned int auditExclusive : 1; /* 1 executed if the session is exclusive at the start of the command */
unsigned int auditReset : 1; /* 2 audit digest of the session should be initialized */
unsigned int Reserved : 2; /* 4:3 shall be CLEAR */
unsigned int decrypt : 1; /* 5 first parameter in the command is symmetrically encrypted */
unsigned int encrypt : 1; /* 6 TPM should use this session to encrypt the first parameter in the response */
unsigned int audit : 1; /* 7 session is for audit */
};
UINT8 val;
} TPMA_SESSION;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int audit : 1; /* 7 session is for audit */
unsigned int encrypt : 1; /* 6 TPM should use this session to encrypt the first parameter in the response */
unsigned int decrypt : 1; /* 5 first parameter in the command is symmetrically encrypted */
unsigned int Reserved : 2; /* 4:3 shall be CLEAR */
unsigned int auditReset : 1; /* 2 audit digest of the session should be initialized */
unsigned int auditExclusive : 1; /* 1 executed if the session is exclusive at the start of the command */
unsigned int continueSession : 1; /* 0 the session is to remain active after successful completion of the command */
};
UINT8 val;
} TPMA_SESSION;
#else
typedef struct {
UINT8 val;
} TPMA_SESSION;
#endif
#define TPMA_SESSION_CONTINUESESSION 0x01
#define TPMA_SESSION_AUDITEXCLUSIVE 0x02
#define TPMA_SESSION_AUDITRESET 0x04
#define TPMA_SESSION_DECRYPT 0x20
#define TPMA_SESSION_ENCRYPT 0x40
#define TPMA_SESSION_AUDIT 0x80
#define TPMA_SESSION_RESERVED 0x18
/* Table 33 - Definition of (UINT8) TPMA_LOCALITY Bits <IN/OUT> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int TPM_LOC_ZERO : 1; /* 0 */
unsigned int TPM_LOC_ONE : 1; /* 1 */
unsigned int TPM_LOC_TWO : 1; /* 2 */
unsigned int TPM_LOC_THREE : 1; /* 3 */
unsigned int TPM_LOC_FOUR : 1; /* 4 */
unsigned int Extended : 3; /* 7:5 */
};
UINT8 val;
} TPMA_LOCALITY;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Extended : 3; /* 7:5 */
unsigned int TPM_LOC_FOUR : 1; /* 4 */
unsigned int TPM_LOC_THREE : 1; /* 3 */
unsigned int TPM_LOC_TWO : 1; /* 2 */
unsigned int TPM_LOC_ONE : 1; /* 1 */
unsigned int TPM_LOC_ZERO : 1; /* 0 */
};
UINT8 val;
} TPMA_LOCALITY;
#else
typedef struct {
UINT8 val;
} TPMA_LOCALITY;
#endif
#define TPMA_LOCALITY_ZERO 0x01
#define TPMA_LOCALITY_ONE 0x02
#define TPMA_LOCALITY_TWO 0x04
#define TPMA_LOCALITY_THREE 0x08
#define TPMA_LOCALITY_FOUR 0x10
#define TPMA_LOCALITY_EXTENDED 0xe0
/* Table 34 - Definition of (UINT32) TPMA_PERMANENT Bits <OUT> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int ownerAuthSet : 1; /* 0 TPM2_HierarchyChangeAuth() with ownerAuth has been executed since the last TPM2_Clear(). */
unsigned int endorsementAuthSet : 1; /* 1 TPM2_HierarchyChangeAuth() with endorsementAuth has been executed since the last TPM2_Clear(). */
unsigned int lockoutAuthSet : 1; /* 2 TPM2_HierarchyChangeAuth() with lockoutAuth has been executed since the last TPM2_Clear(). */
unsigned int Reserved1 : 5; /* 7:3 */
unsigned int disableClear : 1; /* 8 TPM2_Clear() is disabled. */
unsigned int inLockout : 1; /* 9 The TPM is in lockout and commands that require authorization
with other than Platform Authorization or Lockout Authorization will not succeed. */
unsigned int tpmGeneratedEPS : 1; /* 10 The EPS was created by the TPM. */
unsigned int Reserved2 : 21; /* 31:11 */
};
UINT32 val;
} TPMA_PERMANENT;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Reserved2 : 21; /* 31:11 */
unsigned int tpmGeneratedEPS : 1; /* 10 The EPS was created by the TPM. */
unsigned int inLockout : 1; /* 9 The TPM is in lockout and commands that require authorization with other than Platform Authorization will not succeed. */
unsigned int disableClear : 1; /* 8 TPM2_Clear() is disabled. */
unsigned int Reserved1 : 5; /* 7:3 */
unsigned int lockoutAuthSet : 1; /* 2 TPM2_HierarchyChangeAuth() with lockoutAuth has been executed since the last TPM2_Clear(). */
unsigned int endorsementAuthSet : 1; /* 1 TPM2_HierarchyChangeAuth() with endorsementAuth has been executed since the last TPM2_Clear(). */
unsigned int ownerAuthSet : 1; /* 0 TPM2_HierarchyChangeAuth() with ownerAuth has been executed since the last TPM2_Clear(). */
};
UINT32 val;
} TPMA_PERMANENT;
#else
typedef struct {
UINT32 val;
} TPMA_PERMANENT;
#endif
#define TPMA_PERMANENT_OWNERAUTHSET 0x00000001
#define TPMA_PERMANENT_ENDORSEMENTAUTHSET 0x00000002
#define TPMA_PERMANENT_LOCKOUTAUTHSET 0x00000004
#define TPMA_PERMANENT_RESERVED1 0x000000f8
#define TPMA_PERMANENT_DISABLECLEAR 0x00000100
#define TPMA_PERMANENT_INLOCKOUT 0x00000200
#define TPMA_PERMANENT_TPMGENERATEDEPS 0x00000400
#define TPMA_PERMANENT_RESERVED2 0xfffff800
/* Table 35 - Definition of (UINT32) TPMA_STARTUP_CLEAR Bits <OUT> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int phEnable : 1; /* 0 The platform hierarchy is enabled and platformAuth or platformPolicy may be used for authorization. */
unsigned int shEnable : 1; /* 1 The Storage hierarchy is enabled and ownerAuth or ownerPolicy may be used for authorization. */
unsigned int ehEnable : 1; /* 2 The EPS hierarchy is enabled and endorsementAuth may be used to authorize commands. */
unsigned int phEnableNV : 1; /* 3 NV indices that have TPMA_PLATFORM_CREATE SET may be read or written. */
unsigned int Reserved : 27; /* 30:4 shall be zero */
unsigned int orderly : 1; /* 31 The TPM received a TPM2_Shutdown() and a matching TPM2_Startup(). */
};
UINT32 val;
} TPMA_STARTUP_CLEAR;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int orderly : 1; /* 31 The TPM received a TPM2_Shutdown() and a matching TPM2_Startup(). */
unsigned int Reserved : 27; /* 30:4 shall be zero */
unsigned int phEnableNV : 1; /* 3 NV indices that have TPMA_PLATFORM_CREATE SET may be read or written. */
unsigned int ehEnable : 1; /* 2 The EPS hierarchy is enabled and endorsementAuth may be used to authorize commands. */
unsigned int shEnable : 1; /* 1 The Storage hierarchy is enabled and ownerAuth or ownerPolicy may be used for authorization. */
unsigned int phEnable : 1; /* 0 The platform hierarchy is enabled and platformAuth or platformPolicy may be used for authorization. */
};
UINT32 val;
} TPMA_STARTUP_CLEAR;
#else
typedef struct {
UINT32 val;
} TPMA_STARTUP_CLEAR;
#endif
#define TPMA_STARTUP_CLEAR_PHENABLE 0x00000001
#define TPMA_STARTUP_CLEAR_SHENABLE 0x00000002
#define TPMA_STARTUP_CLEAR_EHENABLE 0x00000004
#define TPMA_STARTUP_CLEAR_PHENABLENV 0x00000008
#define TPMA_STARTUP_CLEAR_RESERVED 0x7ffffff0
#define TPMA_STARTUP_CLEAR_ORDERLY 0x80000000
/* Table 36 - Definition of (UINT32) TPMA_MEMORY Bits <Out> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int sharedRAM : 1; /* 0 RAM memory used for authorization session contexts is shared with the memory used for transient objects */
unsigned int sharedNV : 1; /* 1 indicates that the NV memory used for persistent objects is shared with the NV memory used for NV Index values */
unsigned int objectCopiedToRam : 1; /* 2 indicates that the TPM copies persistent objects to a transient-object slot in RAM */
unsigned int Reserved : 29; /* 31:3 shall be zero */
};
UINT32 val;
} TPMA_MEMORY;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Reserved : 29; /* 31:3 shall be zero */
unsigned int objectCopiedToRam : 1; /* 2 indicates that the TPM copies persistent objects to a transient-object slot in RAM */
unsigned int sharedNV : 1; /* 1 indicates that the NV memory used for persistent objects is shared with the NV memory used for NV Index values */
unsigned int sharedRAM : 1; /* 0 RAM memory used for authorization session contexts is shared with the memory used for transient objects */
};
UINT32 val;
} TPMA_MEMORY;
#else
typedef struct {
UINT32 val;
} TPMA_MEMORY;
#endif
#define TPMA_MEMORY_SHAREDRAM 0x00000001
#define TPMA_MEMORY_SHAREDNV 0x00000002
#define TPMA_MEMORY_OBJECTCOPIEDTORAM 0x00000004
#define TPMA_MEMORY_RESERVED 0xfffffff8
/* Table 37 - Definition of (TPM_CC) TPMA_CC Bits <OUT> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int commandIndex : 16; /* 15:0 indicates the command being selected */
unsigned int Reserved : 6; /* 21:16 shall be zero */
unsigned int nv : 1; /* 22 indicates that the command may write to NV */
unsigned int extensive : 1; /* 23 This command could flush any number of loaded contexts. */
unsigned int flushed : 1; /* 24 The context associated with any transient handle in the command will be flushed when this command completes. */
unsigned int cHandles : 3; /* 27:25 indicates the number of the handles in the handle area for this command */
unsigned int rHandle : 1; /* 28 indicates the presence of the handle area in the input */
unsigned int V : 1; /* 29 indicates that the command is vendor-specific */
unsigned int Res : 2; /* 31:30 allocated for software; shall be zero */
};
UINT32 val;
} TPMA_CC;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Res : 2; /* 31:30 allocated for software; shall be zero */
unsigned int V : 1; /* 29 indicates that the command is vendor-specific */
unsigned int rHandle : 1; /* 28 indicates the presence of the handle area in the input */
unsigned int cHandles : 3; /* 27:25 indicates the number of the handles in the handle area for this command */
unsigned int flushed : 1; /* 24 The context associated with any transient handle in the command will be flushed when this command completes. */
unsigned int extensive : 1; /* 23 This command could flush any number of loaded contexts. */
unsigned int nv : 1; /* 22 indicates that the command may write to NV */
unsigned int Reserved : 6; /* 21:16 shall be zero */
unsigned int commandIndex : 16; /* 15:0 indicates the command being selected */
};
UINT32 val;
} TPMA_CC;
#else
typedef union {
struct {
UINT32 val;
};
} TPMA_CC;
#endif
#define TPMA_CC_COMMANDINDEX 0x0000ffff
#define TPMA_CC_RESERVED1 0x003f0000
#define TPMA_CC_NV 0x00400000
#define TPMA_CC_EXTENSIVE 0x00800000
#define TPMA_CC_FLUSHED 0x01000000
#define TPMA_CC_CHANDLES 0x0e000000
#define TPMA_CC_RHANDLE 0x10000000
#define TPMA_CC_V 0x20000000
#define TPMA_CC_RES 0xc0000000
#define TPMA_CC_RESERVED (0x003f0000 | 0xc0000000)
/* Table 38 - Definition of (UINT32) TPMA_MODES Bits <Out> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int FIPS_140_2 : 1; /* 0 indicates that the TPM is designed to comply with all of the FIPS 140-2 requirements at Level 1 or higher */
unsigned int Reserved : 31; /* 31:1 shall be zero */
};
UINT32 val;
} TPMA_MODES;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int Reserved : 31; /* 31:1 shall be zero */
unsigned int FIPS_140_2 : 1; /* 0 indicates that the TPM is designed to comply with all of the FIPS 140-2 requirements at Level 1 or higher */
};
UINT32 val;
} TPMA_MODES;
#else
typedef struct {
UINT32 val;
} TPMA_MODES;
#endif
#define TPMA_MODES_FIPS_140_2 0x00000001
/* Table 38 - Definition of (BYTE) TPMI_YES_NO Type */
typedef BYTE TPMI_YES_NO;
#define NO 0
#define YES 1
/* Table 39 - Definition of (TPM_HANDLE) TPMI_DH_OBJECT Type */
typedef TPM_HANDLE TPMI_DH_OBJECT;
/* Table 41 - Definition of (TPM_HANDLE) TPMI_DH_PARENT Type */
typedef TPM_HANDLE TPMI_DH_PARENT;
/* Table 40 - Definition of (TPM_HANDLE) TPMI_DH_PERSISTENT Type */
typedef TPM_HANDLE TPMI_DH_PERSISTENT;
/* Table 41 - Definition of (TPM_HANDLE) TPMI_DH_ENTITY Type <IN> */
typedef TPM_HANDLE TPMI_DH_ENTITY;
/* Table 42 - Definition of (TPM_HANDLE) TPMI_DH_PCR Type <IN> */
typedef TPM_HANDLE TPMI_DH_PCR;
/* Table 43 - Definition of (TPM_HANDLE) TPMI_SH_AUTH_SESSION Type <IN/OUT> */
typedef TPM_HANDLE TPMI_SH_AUTH_SESSION;
/* Table 44 - Definition of (TPM_HANDLE) TPMI_SH_HMAC Type <IN/OUT> */
typedef TPM_HANDLE TPMI_SH_HMAC;
/* Table 45 - Definition of (TPM_HANDLE) TPMI_SH_POLICY Type <IN/OUT> */
typedef TPM_HANDLE TPMI_SH_POLICY;
/* Table 46 - Definition of (TPM_HANDLE) TPMI_DH_CONTEXT Type */
typedef TPM_HANDLE TPMI_DH_CONTEXT;
/* Table 49 - Definition of (TPM_HANDLE) TPMI_DH_SAVED Type */
typedef TPM_HANDLE TPMI_DH_SAVED;
/* Table 47 - Definition of (TPM_HANDLE) TPMI_RH_HIERARCHY Type */
typedef TPM_HANDLE TPMI_RH_HIERARCHY;
/* Table 48 - Definition of (TPM_HANDLE) TPMI_RH_ENABLES Type */
typedef TPM_HANDLE TPMI_RH_ENABLES;
/* Table 49 - Definition of (TPM_HANDLE) TPMI_RH_HIERARCHY_AUTH Type <IN> */
typedef TPM_HANDLE TPMI_RH_HIERARCHY_AUTH;
/* Table 2:55 - Definition of TPMI_RH_HIERARCHY_POLICY Type */
typedef TPM_HANDLE TPMI_RH_HIERARCHY_POLICY;
/* Table 50 - Definition of (TPM_HANDLE) TPMI_RH_PLATFORM Type <IN> */
typedef TPM_HANDLE TPMI_RH_PLATFORM;
/* Table 51 - Definition of (TPM_HANDLE) TPMI_RH_OWNER Type <IN> */
typedef TPM_HANDLE TPMI_RH_OWNER;
/* Table 52 - Definition of (TPM_HANDLE) TPMI_RH_ENDORSEMENT Type <IN> */
typedef TPM_HANDLE TPMI_RH_ENDORSEMENT;
/* Table 53 - Definition of (TPM_HANDLE) TPMI_RH_PROVISION Type <IN> */
typedef TPM_HANDLE TPMI_RH_PROVISION;
/* Table 54 - Definition of (TPM_HANDLE) TPMI_RH_CLEAR Type <IN> */
typedef TPM_HANDLE TPMI_RH_CLEAR;
/* Table 55 - Definition of (TPM_HANDLE) TPMI_RH_NV_AUTH Type <IN> */
typedef TPM_HANDLE TPMI_RH_NV_AUTH;
/* Table 56 - Definition of (TPM_HANDLE) TPMI_RH_LOCKOUT Type <IN> */
typedef TPM_HANDLE TPMI_RH_LOCKOUT;
/* Table 57 - Definition of (TPM_HANDLE) TPMI_RH_NV_INDEX Type <IN/OUT> */
typedef TPM_HANDLE TPMI_RH_NV_INDEX;
/* Table 58 - Definition of (TPM_ALG_ID) TPMI_ALG_HASH Type */
typedef TPM_ALG_ID TPMI_ALG_HASH;
/* Table 59 - Definition of (TPM_ALG_ID) TPMI_ALG_ASYM Type */
typedef TPM_ALG_ID TPMI_ALG_ASYM;
/* Table 60 - Definition of (TPM_ALG_ID) TPMI_ALG_SYM Type */
typedef TPM_ALG_ID TPMI_ALG_SYM;
/* Table 61 - Definition of (TPM_ALG_ID) TPMI_ALG_SYM_OBJECT Type */
typedef TPM_ALG_ID TPMI_ALG_SYM_OBJECT;
/* Table 62 - Definition of (TPM_ALG_ID) TPMI_ALG_SYM_MODE Type */
typedef TPM_ALG_ID TPMI_ALG_SYM_MODE;
/* Table 63 - Definition of (TPM_ALG_ID) TPMI_ALG_KDF Type */
typedef TPM_ALG_ID TPMI_ALG_KDF;
/* Table 64 - Definition of (TPM_ALG_ID) TPMI_ALG_SIG_SCHEME Type */
typedef TPM_ALG_ID TPMI_ALG_SIG_SCHEME;
/* Table 65 - Definition of (TPM_ALG_ID) TPMI_ECC_KEY_EXCHANGE Type */
typedef TPM_ALG_ID TPMI_ECC_KEY_EXCHANGE;
/* Table 66 - Definition of (TPM_ST) TPMI_ST_COMMAND_TAG Type */
typedef TPM_ST TPMI_ST_COMMAND_TAG;
/* Table 71 - Definition of (TPM_ALG_ID) TPMI_ALG_MAC_SCHEME Type */
typedef TPM_ALG_ID TPMI_ALG_MAC_SCHEME;
/* Table 72 - Definition of (TPM_ALG_ID) TPMI_ALG_CIPHER_MODE Type */
typedef TPM_ALG_ID TPMI_ALG_CIPHER_MODE;
/* Table 67 - Definition of TPMS_EMPTY Structure <IN/OUT> */
typedef struct {
/* a structure with no member */
BYTE empty[0];
} TPMS_EMPTY;
/* Table 68 - Definition of TPMS_ALGORITHM_DESCRIPTION Structure <OUT> */
typedef struct {
TPM_ALG_ID alg; /* an algorithm */
TPMA_ALGORITHM attributes; /* the attributes of the algorithm */
} TPMS_ALGORITHM_DESCRIPTION;
/* Table 69 - Definition of TPMU_HA Union <IN/OUT, S> */
typedef union {
BYTE sha1 [SHA1_DIGEST_SIZE]; /* TPM_ALG_SHA1 */
BYTE sha256 [SHA256_DIGEST_SIZE]; /* TPM_ALG_SHA256 */
BYTE sha384 [SHA384_DIGEST_SIZE]; /* TPM_ALG_SHA384 */
BYTE sha512 [SHA512_DIGEST_SIZE]; /* TPM_ALG_SHA512 */
BYTE sm3_256 [SM3_256_DIGEST_SIZE]; /* TPM_ALG_SM3_256 */
BYTE tssmax [128]; /* to make union size larger */
} TPMU_HA;
/* legacy, better to use (sizeof(TPMU_HA) */
#define MAX_DIGEST_SIZE (sizeof(TPMU_HA))
/* Table 70 - Definition of TPMT_HA Structure <IN/OUT> */
typedef struct {
TPMI_ALG_HASH hashAlg; /* selector of the hash contained in the digest that implies the size of the digest */
TPMU_HA digest; /* the digest data */
} TPMT_HA;
/* Table 71 - Definition of TPM2B_DIGEST Structure */
typedef struct {
UINT16 size;
BYTE buffer[sizeof(TPMU_HA)];
} DIGEST_2B;
typedef union {
DIGEST_2B t;
TPM2B b;
} TPM2B_DIGEST;
/* Table 72 - Definition of TPM2B_DATA Structure */
typedef struct {
UINT16 size; /* size in octets of the buffer field; may be 0 */
BYTE buffer[sizeof(TPMT_HA)];
} DATA_2B;
typedef union {
DATA_2B t;
TPM2B b;
} TPM2B_DATA;
/* Table 73 - Definition of Types for TPM2B_NONCE */
typedef TPM2B_DIGEST TPM2B_NONCE; /* size limited to the same as the digest structure */
/* Table 74 - Definition of Types for TPM2B_AUTH */
typedef TPM2B_DIGEST TPM2B_AUTH; /* size limited to the same as the digest structure */
/* This is not in Part 2, but the concatenation of two digests to create an HMAC key is used often
enough that it's worth putting in a central location.
In Part 1 19.6.8 sessionKey Creation - authValue || salt.
In Part 1 19.6.5 HMAC Computation - sessionKey || authValue
I think both could be TPMU_HA, but the TPM reference code seems to use TPMT_HA.
*/
typedef struct {
UINT16 size;
BYTE buffer[sizeof(TPMU_HA) + /* TPM2B_AUTH authValue */
sizeof(TPMT_HA)]; /* salt */
} KEY_2B;
typedef union {
KEY_2B t;
TPM2B b;
} TPM2B_KEY;
/* Table 75 - Definition of Types for TPM2B_OPERAND */
typedef TPM2B_DIGEST TPM2B_OPERAND; /* size limited to the same as the digest structure */
/* Table 76 - Definition of TPM2B_EVENT Structure */
typedef struct {
UINT16 size; /* size of the operand */
BYTE buffer [1024]; /* the operand */
} EVENT_2B;
typedef union {
EVENT_2B t;
TPM2B b;
} TPM2B_EVENT;
/* Table 77 - Definition of TPM2B_MAX_BUFFER Structure */
/* MAX_DIGEST_BUFFER is TPM-dependent but is required to be at least 1,024. */
typedef struct {
UINT16 size; /* size of the buffer */
BYTE buffer [MAX_DIGEST_BUFFER]; /* the operand */
} MAX_BUFFER_2B;
typedef union {
MAX_BUFFER_2B t;
TPM2B b;
} TPM2B_MAX_BUFFER;
/* Table 78 - Definition of TPM2B_MAX_NV_BUFFER Structure */
typedef struct {
UINT16 size; /* size of the buffer */
BYTE buffer [MAX_NV_BUFFER_SIZE]; /* the operand */
} MAX_NV_BUFFER_2B;
typedef union {
MAX_NV_BUFFER_2B t;
TPM2B b;
} TPM2B_MAX_NV_BUFFER;
/* Table 79 - Definition of TPM2B_TIMEOUT Structure <IN/OUT> */
typedef TPM2B_DIGEST TPM2B_TIMEOUT; /* size limited to the same as the digest structure */
/* Table 80 - Definition of TPM2B_IV Structure <IN/OUT> */
typedef struct {
UINT16 size; /* size of the IV value */
BYTE buffer [MAX_SYM_BLOCK_SIZE]; /* the IV value */
} IV_2B;
typedef union {
IV_2B t;
TPM2B b;
} TPM2B_IV;
/* Table 81 - Definition of TPMU_NAME Union <> */
typedef union {
TPMT_HA digest; /* when the Name is a digest */
TPM_HANDLE handle; /* when the Name is a handle */
} TPMU_NAME;
/* Table 82 - Definition of TPM2B_NAME Structure */
typedef struct {
UINT16 size; /* size of the Name structure */
BYTE name[sizeof(TPMU_NAME)]; /* the Name structure */
} NAME_2B;
typedef union {
NAME_2B t;
TPM2B b;
} TPM2B_NAME;
/* Table 83 - Definition of TPMS_PCR_SELECT Structure */
typedef struct {
UINT8 sizeofSelect; /* the size in octets of the pcrSelect array */
BYTE pcrSelect [PCR_SELECT_MAX]; /* the bit map of selected PCR */
} TPMS_PCR_SELECT;
/* Table 84 - Definition of TPMS_PCR_SELECTION Structure */
typedef struct {
TPMI_ALG_HASH hash; /* the hash algorithm associated with the selection */
UINT8 sizeofSelect; /* the size in octets of the pcrSelect array */
BYTE pcrSelect [PCR_SELECT_MAX]; /* the bit map of selected PCR */
} TPMS_PCR_SELECTION;
/* Table 87 - Definition of TPMT_TK_CREATION Structure */
typedef struct {
TPM_ST tag; /* ticket structure tag TPM_ST_CREATION */
TPMI_RH_HIERARCHY hierarchy; /* the hierarchy containing name */
TPM2B_DIGEST digest; /* This shall be the HMAC produced using a proof value of hierarchy. */
} TPMT_TK_CREATION;
/* Table 88 - Definition of TPMT_TK_VERIFIED Structure */
typedef struct {
TPM_ST tag; /* ticket structure tag TPM_ST_VERIFIED */
TPMI_RH_HIERARCHY hierarchy; /* the hierarchy containing keyName */
TPM2B_DIGEST digest; /* This shall be the HMAC produced using a proof value of hierarchy. */
} TPMT_TK_VERIFIED;
/* Table 89 - Definition of TPMT_TK_AUTH Structure */
typedef struct {
TPM_ST tag; /* ticket structure tag TPM_ST_AUTH_SIGNED, TPM_ST_AUTH_SECRET */
TPMI_RH_HIERARCHY hierarchy; /* the hierarchy of the object used to produce the ticket */
TPM2B_DIGEST digest; /* This shall be the HMAC produced using a proof value of hierarchy. */
} TPMT_TK_AUTH;
/* Table 90 - Definition of TPMT_TK_HASHCHECK Structure */
typedef struct {
TPM_ST tag; /* ticket structure tag TPM_ST_HASHCHECK */
TPMI_RH_HIERARCHY hierarchy; /* the hierarchy */
TPM2B_DIGEST digest; /* This shall be the HMAC produced using a proof value of hierarchy. */
} TPMT_TK_HASHCHECK;
/* Table 91 - Definition of TPMS_ALG_PROPERTY Structure <OUT> */
typedef struct {
TPM_ALG_ID alg; /* an algorithm identifier */
TPMA_ALGORITHM algProperties; /* the attributes of the algorithm */
} TPMS_ALG_PROPERTY;
/* Table 92 - Definition of TPMS_TAGGED_PROPERTY Structure <OUT> */
typedef struct {
TPM_PT property; /* a property identifier */
UINT32 value; /* the value of the property */
} TPMS_TAGGED_PROPERTY;
/* Table 93 - Definition of TPMS_TAGGED_PCR_SELECT Structure <OUT> */
typedef struct {
TPM_PT_PCR tag; /* the property identifier */
UINT8 sizeofSelect; /* the size in octets of the pcrSelect array */
BYTE pcrSelect [PCR_SELECT_MAX]; /* the bit map of PCR with the identified property */
} TPMS_TAGGED_PCR_SELECT;
/* Table 96 - Definition of TPMS_TAGGED_POLICY Structure */
typedef struct {
TPM_HANDLE handle;
TPMT_HA policyHash;
} TPMS_TAGGED_POLICY;
/* Table 94 - Definition of TPML_CC Structure */
typedef struct {
UINT32 count; /* number of commands in the commandCode list; may be 0 */
TPM_CC commandCodes[MAX_CAP_CC]; /* a list of command codes */
} TPML_CC;
/* Table 95 - Definition of TPML_CCA Structure <OUT> */
typedef struct {
UINT32 count; /* number of values in the commandAttributes list; may be 0 */
TPMA_CC commandAttributes[MAX_CAP_CC]; /* a list of command codes attributes */
} TPML_CCA;
/* Table 96 - Definition of TPML_ALG Structure */
typedef struct {
UINT32 count; /* number of algorithms in the algorithms list; may be 0 */
TPM_ALG_ID algorithms[MAX_ALG_LIST_SIZE]; /* a list of algorithm IDs */
} TPML_ALG;
/* Table 97 - Definition of TPML_HANDLE Structure <OUT> */
typedef struct {
UINT32 count; /* the number of handles in the list may have a value of 0 */
TPM_HANDLE handle[MAX_CAP_HANDLES]; /* an array of handles */
} TPML_HANDLE;
/* Table 98 - Definition of TPML_DIGEST Structure */
typedef struct {
UINT32 count; /* number of digests in the list, minimum is two for TPM2_PolicyOR(). */
TPM2B_DIGEST digests[8]; /* a list of digests */
} TPML_DIGEST;
/* Table 99 - Definition of TPML_DIGEST_VALUES Structure */
typedef struct {
UINT32 count; /* number of digests in the list */
TPMT_HA digests[HASH_COUNT]; /* a list of tagged digests */
} TPML_DIGEST_VALUES;
/* Table 100 - Definition of TPM2B_DIGEST_VALUES Structure */
typedef struct {
UINT16 size; /* size of the operand buffer */
BYTE buffer [sizeof(TPML_DIGEST_VALUES)]; /* the operand */
} TPM2B_DIGEST_VALUES;
/* Table 101 - Definition of TPML_PCR_SELECTION Structure */
typedef struct {
UINT32 count; /* number of selection structures A value of zero is allowed. */
TPMS_PCR_SELECTION pcrSelections[HASH_COUNT]; /* list of selections */
} TPML_PCR_SELECTION;
/* Table 102 - Definition of TPML_ALG_PROPERTY Structure <OUT> */
typedef struct {
UINT32 count; /* number of algorithm properties structures A value of zero is allowed. */
TPMS_ALG_PROPERTY algProperties[MAX_CAP_ALGS]; /* list of properties */
} TPML_ALG_PROPERTY;
/* Table 103 - Definition of TPML_TAGGED_TPM_PROPERTY Structure <OUT> */
typedef struct {
UINT32 count; /* number of properties A value of zero is allowed. */
TPMS_TAGGED_PROPERTY tpmProperty[MAX_TPM_PROPERTIES]; /* an array of tagged properties */
} TPML_TAGGED_TPM_PROPERTY;
/* Table 104 - Definition of TPML_TAGGED_PCR_PROPERTY Structure <OUT> */
typedef struct {
UINT32 count; /* number of properties A value of zero is allowed. */
TPMS_TAGGED_PCR_SELECT pcrProperty[MAX_PCR_PROPERTIES]; /* a tagged PCR selection */
} TPML_TAGGED_PCR_PROPERTY;
/* Table 105 - Definition of {ECC} TPML_ECC_CURVE Structure <OUT> */
typedef struct {
UINT32 count; /* number of curves A value of zero is allowed. */
TPM_ECC_CURVE eccCurves[MAX_ECC_CURVES]; /* array of ECC curve identifiers */
} TPML_ECC_CURVE ;
/* Table 109 - Definition of TPML_TAGGED_POLICY Structure */
typedef struct {
UINT32 count;
TPMS_TAGGED_POLICY policies[MAX_TAGGED_POLICIES];
} TPML_TAGGED_POLICY;
/* Table 106 - Definition of TPMU_CAPABILITIES Union <OUT> */
typedef union {
TPML_ALG_PROPERTY algorithms; /* TPM_CAP_ALGS */
TPML_HANDLE handles; /* TPM_CAP_HANDLES */
TPML_CCA command; /* TPM_CAP_COMMANDS */
TPML_CC ppCommands; /* TPM_CAP_PP_COMMANDS */
TPML_CC auditCommands; /* TPM_CAP_AUDIT_COMMANDS */
TPML_PCR_SELECTION assignedPCR; /* TPM_CAP_PCRS */
TPML_TAGGED_TPM_PROPERTY tpmProperties; /* TPM_CAP_TPM_PROPERTIES */
TPML_TAGGED_PCR_PROPERTY pcrProperties; /* TPM_CAP_PCR_PROPERTIES */
TPML_ECC_CURVE eccCurves; /* TPM_CAP_ECC_CURVES */
TPML_TAGGED_POLICY authPolicies; /* TPM_CAP_AUTH_POLICIES */
} TPMU_CAPABILITIES;
/* Table 107 - Definition of TPMS_CAPABILITY_DATA Structure <OUT> */
typedef struct {
TPM_CAP capability; /* the capability */
TPMU_CAPABILITIES data; /* the capability data */
} TPMS_CAPABILITY_DATA;
/* Table 108 - Definition of TPMS_CLOCK_INFO Structure */
typedef struct {
UINT64 clock; /* time in milliseconds during which the TPM has been powered */
UINT32 resetCount; /* number of occurrences of TPM Reset since the last TPM2_Clear() */
UINT32 restartCount; /* number of times that TPM2_Shutdown() or _TPM_Hash_Start have
occurred since the last TPM Reset or TPM2_Clear(). */
TPMI_YES_NO safe; /* no value of Clock greater than the current value of Clock has
been previously reported by the TPM */
} TPMS_CLOCK_INFO;
/* Table 109 - Definition of TPMS_TIME_INFO Structure */
typedef struct {
UINT64 time; /* time in milliseconds since the last _TPM_Init() or TPM2_Startup() */
TPMS_CLOCK_INFO clockInfo; /* a structure containing the clock information */
} TPMS_TIME_INFO;
/* Table 110 - Definition of TPMS_TIME_ATTEST_INFO Structure <OUT> */
typedef struct {
TPMS_TIME_INFO time; /* the Time, clock, resetCount, restartCount, and
Safe indicator */
UINT64 firmwareVersion; /* a TPM vendor-specific value indicating the
version number of the firmware */
} TPMS_TIME_ATTEST_INFO;
/* Table 111 - Definition of TPMS_CERTIFY_INFO Structure <OUT> */
typedef struct {
TPM2B_NAME name; /* Name of the certified object */
TPM2B_NAME qualifiedName; /* Qualified Name of the certified object */
} TPMS_CERTIFY_INFO;
/* Table 112 - Definition of TPMS_QUOTE_INFO Structure <OUT> */
typedef struct {
TPML_PCR_SELECTION pcrSelect; /* information on algID, PCR selected and digest */
TPM2B_DIGEST pcrDigest; /* digest of the selected PCR using the hash of the signing key */
} TPMS_QUOTE_INFO;
/* Table 113 - Definition of TPMS_COMMAND_AUDIT_INFO Structure <OUT> */
typedef struct {
UINT64 auditCounter; /* the monotonic audit counter */
TPM_ALG_ID digestAlg; /* hash algorithm used for the command audit */
TPM2B_DIGEST auditDigest; /* the current value of the audit digest */
TPM2B_DIGEST commandDigest; /* digest of the command codes being audited using digestAlg */
} TPMS_COMMAND_AUDIT_INFO;
/* Table 114 - Definition of TPMS_SESSION_AUDIT_INFO Structure <OUT> */
typedef struct {
TPMI_YES_NO exclusiveSession; /* current exclusive status of the session */
TPM2B_DIGEST sessionDigest; /* the current value of the session audit digest */
} TPMS_SESSION_AUDIT_INFO;
/* Table 115 - Definition of TPMS_CREATION_INFO Structure <OUT> */
typedef struct {
TPM2B_NAME objectName; /* Name of the object */
TPM2B_DIGEST creationHash; /* creationHash */
} TPMS_CREATION_INFO;
/* Table 116 - Definition of TPMS_NV_CERTIFY_INFO Structure <OUT> */
typedef struct {
TPM2B_NAME indexName; /* Name of the NV Index */
UINT16 offset; /* the offset parameter of TPM2_NV_Certify() */
TPM2B_MAX_NV_BUFFER nvContents; /* contents of the NV Index */
} TPMS_NV_CERTIFY_INFO;
/* Table 125 - Definition of TPMS_NV_DIGEST_CERTIFY_INFO Structure <OUT> */
typedef struct {
TPM2B_NAME indexName;
TPM2B_DIGEST nvDigest;
} TPMS_NV_DIGEST_CERTIFY_INFO;
typedef TPM_ST TPMI_ST_ATTEST;
/* Table 118 - Definition of TPMU_ATTEST Union <OUT> */
typedef union {
TPMS_CERTIFY_INFO certify; /* TPM_ST_ATTEST_CERTIFY */
TPMS_CREATION_INFO creation; /* TPM_ST_ATTEST_CREATION */
TPMS_QUOTE_INFO quote; /* TPM_ST_ATTEST_QUOTE */
TPMS_COMMAND_AUDIT_INFO commandAudit; /* TPM_ST_ATTEST_COMMAND_AUDIT */
TPMS_SESSION_AUDIT_INFO sessionAudit; /* TPM_ST_ATTEST_SESSION_AUDIT */
TPMS_TIME_ATTEST_INFO time; /* TPM_ST_ATTEST_TIME */
TPMS_NV_CERTIFY_INFO nv; /* TPM_ST_ATTEST_NV */
TPMS_NV_DIGEST_CERTIFY_INFO nvDigest; /* TPM_ST_ATTEST_NV_DIGEST */
} TPMU_ATTEST;
/* Table 119 - Definition of TPMS_ATTEST Structure <OUT> */
typedef struct {
TPM_GENERATED magic; /* the indication that this structure was created by
a TPM (always TPM_GENERATED_VALUE) */
TPMI_ST_ATTEST type; /* type of the attestation structure */
TPM2B_NAME qualifiedSigner; /* Qualified Name of the signing key */
TPM2B_DATA extraData; /* external information supplied by caller */
TPMS_CLOCK_INFO clockInfo; /* Clock, resetCount, restartCount, and Safe */
UINT64 firmwareVersion; /* TPM-vendor-specific value identifying the version
number of the firmware */
TPMU_ATTEST attested; /* the type-specific attestation information */
} TPMS_ATTEST;
/* Table 120 - Definition of TPM2B_ATTEST Structure <OUT> */
typedef struct {
UINT16 size; /* size of the attestationData structure */
BYTE attestationData[sizeof(TPMS_ATTEST)]; /* the signed structure */
} ATTEST_2B;
typedef union {
ATTEST_2B t;
TPM2B b;
} TPM2B_ATTEST;
/* Table 121 - Definition of TPMS_AUTH_COMMAND Structure <IN> */
typedef struct {
TPMI_SH_AUTH_SESSION sessionHandle; /* the session handle */
TPM2B_NONCE nonce; /* the session nonce, may be the Empty Buffer */
TPMA_SESSION sessionAttributes; /* the session attributes */
TPM2B_AUTH hmac; /* either an HMAC, a password, or an EmptyAuth */
} TPMS_AUTH_COMMAND;
/* Table 126 - Definition of TPMS_AUTH_RESPONSE Structure <OUT> */
typedef struct {
TPM2B_NONCE nonce; /* the session nonce, may be the Empty Buffer */
TPMA_SESSION sessionAttributes; /* the session attributes */
TPM2B_AUTH hmac; /* either an HMAC or an EmptyAuth */
} TPMS_AUTH_RESPONSE;
/* Table 127 - Definition of {AES} (TPM_KEY_BITS) TPMI_!ALG.S_KEY_BITS Type */
typedef TPM_KEY_BITS TPMI_TDES_KEY_BITS;
typedef TPM_KEY_BITS TPMI_AES_KEY_BITS;
typedef TPM_KEY_BITS TPMI_SM4_KEY_BITS;
typedef TPM_KEY_BITS TPMI_CAMELLIA_KEY_BITS;
/* Table 128 - Definition of TPMU_SYM_KEY_BITS Union */
typedef union {
#ifdef TPM_ALG_TDES
TPMI_TDES_KEY_BITS tdes; /* TPM_ALG_TDES */
#endif
#ifdef TPM_ALG_AES
TPMI_AES_KEY_BITS aes; /* TPM_ALG_AES */
#endif
#ifdef TPM_ALG_SM4
TPMI_SM4_KEY_BITS sm4; /* TPM_ALG_SM4 */
#endif
#ifdef TPM_ALG_CAMELLIA
TPMI_CAMELLIA_KEY_BITS camellia; /* TPM_ALG_CAMELLIA */
#endif
#ifdef TPM_ALG_XOR
TPMI_ALG_HASH xorr; /* TPM_ALG_XOR overload for using xor */
#endif
TPM_KEY_BITS sym; /* when selector may be any of the symmetric block ciphers */
} TPMU_SYM_KEY_BITS;
/* Table 129 - Definition of TPMU_SYM_MODE Union */
typedef union {
#ifdef TPM_ALG_TDES
TPMI_ALG_SYM_MODE tdes; /* TPM_ALG_TDES */
#endif
#ifdef TPM_ALG_AES
TPMI_ALG_SYM_MODE aes; /* TPM_ALG_AES */
#endif
#ifdef TPM_ALG_SM4
TPMI_ALG_SYM_MODE sm4; /* TPM_ALG_SM4 */
#endif
#ifdef TPM_ALG_CAMELLIA
TPMI_ALG_SYM_MODE camellia; /* TPM_ALG_CAMELLIA */
#endif
TPMI_ALG_SYM_MODE sym; /* when selector may be any of the symmetric block ciphers */
} TPMU_SYM_MODE;
/* Table 126 - xDefinition of TPMU_SYM_DETAILS Union */
/* Table 127 - Definition of TPMT_SYM_DEF Structure */
typedef struct {
TPMI_ALG_SYM algorithm; /* indicates a symmetric algorithm */
TPMU_SYM_KEY_BITS keyBits; /* a supported key size */
TPMU_SYM_MODE mode; /* the mode for the key */
} TPMT_SYM_DEF;
/* Table 128 - Definition of TPMT_SYM_DEF_OBJECT Structure */
typedef struct {
TPMI_ALG_SYM_OBJECT algorithm; /* selects a symmetric block cipher */
TPMU_SYM_KEY_BITS keyBits; /* the key size */
TPMU_SYM_MODE mode; /* default mode */
} TPMT_SYM_DEF_OBJECT;
/* Table 129 - Definition of TPM2B_SYM_KEY Structure */
typedef struct {
UINT16 size; /* size, in octets, of the buffer containing the key; may be zero */
BYTE buffer [MAX_SYM_KEY_BYTES]; /* the key */
} SYM_KEY_2B;
typedef union {
SYM_KEY_2B t;
TPM2B b;
} TPM2B_SYM_KEY;
/* Table 130 - Definition of TPMS_SYMCIPHER_PARMS Structure */
typedef struct {
TPMT_SYM_DEF_OBJECT sym; /* a symmetric block cipher */
} TPMS_SYMCIPHER_PARMS;
/* Table 135 - Definition of TPM2B_LABEL Structure */
typedef union {
struct {
UINT16 size;
BYTE buffer[LABEL_MAX_BUFFER];
} t;
TPM2B b;
} TPM2B_LABEL;
/* Table 135 - Definition of TPMS_DERIVE Structure */
typedef struct {
TPM2B_LABEL label;
TPM2B_LABEL context;
} TPMS_DERIVE;
/* Table 131 - Definition of TPM2B_SENSITIVE_DATA Structure */
typedef struct {
UINT16 size;
BYTE buffer[MAX_SYM_DATA]; /* the keyed hash private data structure */
} SENSITIVE_DATA_2B;
typedef union {
SENSITIVE_DATA_2B t;
TPM2B b;
} TPM2B_SENSITIVE_DATA;
/* Table 132 - Definition of TPMS_SENSITIVE_CREATE Structure <IN> */
typedef struct {
TPM2B_AUTH userAuth; /* the USER auth secret value */
TPM2B_SENSITIVE_DATA data; /* data to be sealed */
} TPMS_SENSITIVE_CREATE;
/* Table 133 - Definition of TPM2B_SENSITIVE_CREATE Structure <IN, S> */
typedef struct {
UINT16 size; /* size of sensitive in octets (may not be zero) */
TPMS_SENSITIVE_CREATE sensitive; /* data to be sealed or a symmetric key value. */
} TPM2B_SENSITIVE_CREATE;
/* Table 134 - Definition of TPMS_SCHEME_HASH Structure */
typedef struct {
TPMI_ALG_HASH hashAlg; /* the hash algorithm used to digest the message */
} TPMS_SCHEME_HASH;
/* Table 135 - Definition of {ECC} TPMS_SCHEME_ECDAA Structure */
typedef struct {
TPMI_ALG_HASH hashAlg; /* the hash algorithm used to digest the message */
UINT16 count; /* the counter value that is used between TPM2_Commit() and the sign operation */
} TPMS_SCHEME_ECDAA;
/* Table 136 - Definition of (TPM_ALG_ID) TPMI_ALG_KEYEDHASH_SCHEME Type */
typedef TPM_ALG_ID TPMI_ALG_KEYEDHASH_SCHEME;
/* Table 137 - Definition of Types for HMAC_SIG_SCHEME */
typedef TPMS_SCHEME_HASH TPMS_SCHEME_HMAC;
/* Table 138 - Definition of TPMS_SCHEME_XOR Structure */
typedef struct {
TPMI_ALG_HASH hashAlg; /* the hash algorithm used to digest the message */
TPMI_ALG_KDF kdf; /* the key derivation function */
} TPMS_SCHEME_XOR;
/* Table 139 - Definition of TPMU_SCHEME_KEYEDHASH Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_HMAC
TPMS_SCHEME_HMAC hmac; /* TPM_ALG_HMAC the "signing" scheme */
#endif
#ifdef TPM_ALG_XOR
TPMS_SCHEME_XOR xorr; /* TPM_ALG_XOR the "obfuscation" scheme */
#endif
} TPMU_SCHEME_KEYEDHASH;
/* Table 140 - Definition of TPMT_KEYEDHASH_SCHEME Structure */
typedef struct {
TPMI_ALG_KEYEDHASH_SCHEME scheme; /* selects the scheme */
TPMU_SCHEME_KEYEDHASH details; /* the scheme parameters */
} TPMT_KEYEDHASH_SCHEME;
/* Table 141 - Definition of {RSA} Types for RSA Signature Schemes */
typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_RSASSA;
typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_RSAPSS;
/* Table 142 - Definition of {ECC} Types for ECC Signature Schemes */
typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_ECDSA;
typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_SM2;
typedef TPMS_SCHEME_HASH TPMS_SIG_SCHEME_ECSCHNORR;
typedef TPMS_SCHEME_ECDAA TPMS_SIG_SCHEME_ECDAA;
/* Table 143 - Definition of TPMU_SIG_SCHEME Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_RSASSA
TPMS_SIG_SCHEME_RSASSA rsassa; /* TPM_ALG_RSASSA the RSASSA-PKCS1v1_5 scheme */
#endif
#ifdef TPM_ALG_RSAPSS
TPMS_SIG_SCHEME_RSAPSS rsapss; /* TPM_ALG_RSAPSS the RSASSA-PSS scheme */
#endif
#ifdef TPM_ALG_ECDSA
TPMS_SIG_SCHEME_ECDSA ecdsa; /* TPM_ALG_ECDSA the ECDSA scheme */
#endif
#ifdef TPM_ALG_ECDAA
TPMS_SIG_SCHEME_ECDAA ecdaa; /* TPM_ALG_ECDAA the ECDAA scheme */
#endif
#ifdef TPM_ALG_SM2
TPMS_SIG_SCHEME_SM2 sm2; /* TPM_ALG_SM2 ECDSA from SM2 */
#endif
#ifdef TPM_ALG_ECSCHNORR
TPMS_SIG_SCHEME_ECSCHNORR ecSchnorr; /* TPM_ALG_ECSCHNORR the EC Schnorr */
#endif
#ifdef TPM_ALG_HMAC
TPMS_SCHEME_HMAC hmac; /* TPM_ALG_HMAC the HMAC scheme */
#endif
TPMS_SCHEME_HASH any; /* selector that allows access to digest for any signing scheme */
} TPMU_SIG_SCHEME;
/* Table 144 - Definition of TPMT_SIG_SCHEME Structure */
typedef struct {
TPMI_ALG_SIG_SCHEME scheme; /* scheme selector */
TPMU_SIG_SCHEME details; /* scheme parameters */
} TPMT_SIG_SCHEME;
/* Table 145 - Definition of Types for {RSA} Encryption Schemes */
typedef TPMS_SCHEME_HASH TPMS_ENC_SCHEME_OAEP; /* schemes that only need a hash */
typedef TPMS_EMPTY TPMS_ENC_SCHEME_RSAES; /* schemes that need nothing */
/* Table 146 - Definition of Types for {ECC} ECC Key Exchange */
typedef TPMS_SCHEME_HASH TPMS_KEY_SCHEME_ECDH; /* schemes that only need a hash */
typedef TPMS_SCHEME_HASH TPMS_KEY_SCHEME_ECMQV; /* schemes that only need a hash */
/* Table 147 - Definition of Types for KDF Schemes, hash-based key- or mask-generation functions */
typedef TPMS_SCHEME_HASH TPMS_SCHEME_MGF1;
typedef TPMS_SCHEME_HASH TPMS_SCHEME_KDF1_SP800_56A;
typedef TPMS_SCHEME_HASH TPMS_SCHEME_KDF2;
typedef TPMS_SCHEME_HASH TPMS_SCHEME_KDF1_SP800_108;
/* Table 148 - Definition of TPMU_KDF_SCHEME Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_MGF1
TPMS_SCHEME_MGF1 mgf1; /* TPM_ALG_MGF1 */
#endif
#ifdef TPM_ALG_KDF1_SP800_56A
TPMS_SCHEME_KDF1_SP800_56A kdf1_SP800_56a; /* TPM_ALG_KDF1_SP800_56A */
#endif
#ifdef TPM_ALG_KDF2
TPMS_SCHEME_KDF2 kdf2; /* TPM_ALG_KDF2 */
#endif
#ifdef TPM_ALG_KDF1_SP800_108
TPMS_SCHEME_KDF1_SP800_108 kdf1_sp800_108; /* TPM_ALG_KDF1_SP800_108 */
#endif
} TPMU_KDF_SCHEME;
/* Table 149 - Definition of TPMT_KDF_SCHEME Structure */
typedef struct {
TPMI_ALG_KDF scheme; /* scheme selector */
TPMU_KDF_SCHEME details; /* scheme parameters */
} TPMT_KDF_SCHEME;
/* Table 150 - Definition of (TPM_ALG_ID) TPMI_ALG_ASYM_SCHEME Type <> */
typedef TPM_ALG_ID TPMI_ALG_ASYM_SCHEME;
/* Table 151 - Definition of TPMU_ASYM_SCHEME Union */
typedef union {
#ifdef TPM_ALG_ECDH
TPMS_KEY_SCHEME_ECDH ecdh; /* TPM_ALG_ECDH */
#endif
#ifdef TPM_ALG_ECMQV
TPMS_KEY_SCHEME_ECMQV ecmqvh; /* TPM_ALG_ECMQV */
#endif
#ifdef TPM_ALG_RSASSA
TPMS_SIG_SCHEME_RSASSA rsassa; /* TPM_ALG_RSASSA */
#endif
#ifdef TPM_ALG_RSAPSS
TPMS_SIG_SCHEME_RSAPSS rsapss; /* TPM_ALG_RSAPSS */
#endif
#ifdef TPM_ALG_ECDSA
TPMS_SIG_SCHEME_ECDSA ecdsa; /* TPM_ALG_ECDSA */
#endif
#ifdef TPM_ALG_ECDAA
TPMS_SIG_SCHEME_ECDAA ecdaa; /* TPM_ALG_ECDAA */
#endif
#ifdef TPM_ALG_SM2
TPMS_SIG_SCHEME_SM2 sm2; /* TPM_ALG_SM2 */
#endif
#ifdef TPM_ALG_ECSCHNORR
TPMS_SIG_SCHEME_ECSCHNORR ecSchnorr; /* TPM_ALG_ECSCHNORR */
#endif
#ifdef TPM_ALG_RSAES
TPMS_ENC_SCHEME_RSAES rsaes; /* TPM_ALG_RSAES */
#endif
#ifdef TPM_ALG_OAEP
TPMS_ENC_SCHEME_OAEP oaep; /* TPM_ALG_OAEP */
#endif
TPMS_SCHEME_HASH anySig;
} TPMU_ASYM_SCHEME;
/* Table 152 - Definition of TPMT_ASYM_SCHEME Structure <> */
typedef struct {
TPMI_ALG_ASYM_SCHEME scheme; /* scheme selector */
TPMU_ASYM_SCHEME details; /* scheme parameters */
} TPMT_ASYM_SCHEME;
/* Table 153 - Definition of (TPM_ALG_ID) {RSA} TPMI_ALG_RSA_SCHEME Type */
typedef TPM_ALG_ID TPMI_ALG_RSA_SCHEME;
/* Table 154 - Definition of {RSA} TPMT_RSA_SCHEME Structure */
typedef struct {
TPMI_ALG_RSA_SCHEME scheme; /* scheme selector */
TPMU_ASYM_SCHEME details; /* scheme parameters */
} TPMT_RSA_SCHEME;
/* Table 155 - Definition of (TPM_ALG_ID) {RSA} TPMI_ALG_RSA_DECRYPT Type */
typedef TPM_ALG_ID TPMI_ALG_RSA_DECRYPT;
/* Table 156 - Definition of {RSA} TPMT_RSA_DECRYPT Structure */
typedef struct {
TPMI_ALG_RSA_DECRYPT scheme; /* scheme selector */
TPMU_ASYM_SCHEME details; /* scheme parameters */
} TPMT_RSA_DECRYPT;
/* Table 157 - Definition of {RSA} TPM2B_PUBLIC_KEY_RSA Structure */
typedef struct {
UINT16 size; /* size of the buffer */
BYTE buffer[MAX_RSA_KEY_BYTES]; /* Value */
} PUBLIC_KEY_RSA_2B;
typedef union {
PUBLIC_KEY_RSA_2B t;
TPM2B b;
} TPM2B_PUBLIC_KEY_RSA;
/* Table 158 - Definition of {RSA} (TPM_KEY_BITS) TPMI_RSA_KEY_BITS Type */
typedef TPM_KEY_BITS TPMI_RSA_KEY_BITS;
/* Table 159 - Definition of {RSA} TPM2B_PRIVATE_KEY_RSA Structure */
typedef struct {
UINT16 size;
BYTE buffer[MAX_RSA_KEY_BYTES/2];
} PRIVATE_KEY_RSA_2B;
typedef union {
PRIVATE_KEY_RSA_2B t;
TPM2B b;
} TPM2B_PRIVATE_KEY_RSA;
/* Table 160 - Definition of {ECC} TPM2B_ECC_PARAMETER Structure */
typedef struct {
UINT16 size; /* size of the buffer */
BYTE buffer[MAX_ECC_KEY_BYTES]; /* the parameter data */
} ECC_PARAMETER_2B;
typedef union {
ECC_PARAMETER_2B t;
TPM2B b;
} TPM2B_ECC_PARAMETER;
/* Table 161 - Definition of {ECC} TPMS_ECC_POINT Structure */
typedef struct {
TPM2B_ECC_PARAMETER x; /* X coordinate */
TPM2B_ECC_PARAMETER y; /* Y coordinate */
} TPMS_ECC_POINT;
/* Table 162 - Definition of {ECC} TPM2B_ECC_POINT Structure */
typedef struct {
UINT16 size; /* size of the remainder of this structure */
TPMS_ECC_POINT point; /* coordinates */
} TPM2B_ECC_POINT;
/* Table 163 - Definition of (TPM_ALG_ID) {ECC} TPMI_ALG_ECC_SCHEME Type */
typedef TPM_ALG_ID TPMI_ALG_ECC_SCHEME;
/* Table 164 - Definition of {ECC} (TPM_ECC_CURVE) TPMI_ECC_CURVE Type */
typedef TPM_ECC_CURVE TPMI_ECC_CURVE;
/* Table 165 - Definition of (TPMT_SIG_SCHEME) {ECC} TPMT_ECC_SCHEME Structure */
typedef struct {
TPMI_ALG_ECC_SCHEME scheme; /* scheme selector */
TPMU_ASYM_SCHEME details; /* scheme parameters */
} TPMT_ECC_SCHEME;
/* Table 166 - Definition of {ECC} TPMS_ALGORITHM_DETAIL_ECC Structure <OUT> */
typedef struct {
TPM_ECC_CURVE curveID; /* identifier for the curve */
UINT16 keySize; /* Size in bits of the key */
TPMT_KDF_SCHEME kdf; /* If not TPM_ALG_NULL, the required KDF and hash algorithm
used in secret sharing operations */
TPMT_ECC_SCHEME sign; /* If not TPM_ALG_NULL, this is the mandatory signature
scheme that is required to be used with this curve. */
TPM2B_ECC_PARAMETER p; /* Fp (the modulus) */
TPM2B_ECC_PARAMETER a; /* coefficient of the linear term in the curve equation */
TPM2B_ECC_PARAMETER b; /* constant term for curve equation */
TPM2B_ECC_PARAMETER gX; /* x coordinate of base point G */
TPM2B_ECC_PARAMETER gY; /* y coordinate of base point G */
TPM2B_ECC_PARAMETER n; /* order of G */
TPM2B_ECC_PARAMETER h; /* cofactor (a size of zero indicates a cofactor of 1) */
} TPMS_ALGORITHM_DETAIL_ECC;
/* Table 167 - Definition of {RSA} TPMS_SIGNATURE_RSA Structure */
typedef struct {
TPMI_ALG_HASH hash; /* the hash algorithm used to digest the message TPM_ALG_NULL is not allowed. */
TPM2B_PUBLIC_KEY_RSA sig; /* The signature is the size of a public key. */
} TPMS_SIGNATURE_RSA;
/* Table 168 - Definition of Types for {RSA} Signature */
typedef TPMS_SIGNATURE_RSA TPMS_SIGNATURE_RSASSA;
typedef TPMS_SIGNATURE_RSA TPMS_SIGNATURE_RSAPSS;
/* Table 169 - Definition of {ECC} TPMS_SIGNATURE_ECC Structure */
typedef struct {
TPMI_ALG_HASH hash; /* the hash algorithm used in the signature process TPM_ALG_NULL is not allowed. */
TPM2B_ECC_PARAMETER signatureR;
TPM2B_ECC_PARAMETER signatureS;
} TPMS_SIGNATURE_ECC;
/* Table 170 - Definition of Types for {ECC} TPMS_SIGNATURE_ECC */
typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECDSA;
typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECDAA;
typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_SM2;
typedef TPMS_SIGNATURE_ECC TPMS_SIGNATURE_ECSCHNORR;
/* Table 171 - Definition of TPMU_SIGNATURE Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_RSASSA
TPMS_SIGNATURE_RSASSA rsassa; /* TPM_ALG_RSASSA */
#endif
#ifdef TPM_ALG_RSAPSS
TPMS_SIGNATURE_RSAPSS rsapss; /* TPM_ALG_RSAPSS */
#endif
#ifdef TPM_ALG_ECDSA
TPMS_SIGNATURE_ECDSA ecdsa; /* TPM_ALG_ECDSA */
#endif
#ifdef TPM_ALG_ECDAA
TPMS_SIGNATURE_ECDSA ecdaa; /* TPM_ALG_ECDAA */
#endif
#ifdef TPM_ALG_SM2
TPMS_SIGNATURE_ECDSA sm2; /* TPM_ALG_SM2 */
#endif
#ifdef TPM_ALG_ECSCHNORR
TPMS_SIGNATURE_ECDSA ecschnorr; /* TPM_ALG_ECSCHNORR */
#endif
#ifdef TPM_ALG_HMAC
TPMT_HA hmac; /* TPM_ALG_HMAC */
#endif
TPMS_SCHEME_HASH any; /* used to access the hash */
} TPMU_SIGNATURE;
/* Table 172 - Definition of TPMT_SIGNATURE Structure */
typedef struct {
TPMI_ALG_SIG_SCHEME sigAlg; /* selector of the algorithm used to construct the signature */
TPMU_SIGNATURE signature; /* This shall be the actual signature information. */
} TPMT_SIGNATURE;
/* Table 173 - Definition of TPMU_ENCRYPTED_SECRET Union <S> */
typedef union {
#ifdef TPM_ALG_ECC
BYTE ecc[sizeof(TPMS_ECC_POINT)]; /* TPM_ALG_ECC */
#endif
#ifdef TPM_ALG_RSA
BYTE rsa[MAX_RSA_KEY_BYTES]; /* TPM_ALG_RSA */
#endif
#ifdef TPM_ALG_SYMCIPHER
BYTE symmetric[sizeof(TPM2B_DIGEST)]; /* TPM_ALG_SYMCIPHER */
#endif
#ifdef TPM_ALG_KEYEDHASH
BYTE keyedHash[sizeof(TPM2B_DIGEST)]; /* TPM_ALG_KEYEDHASH */
#endif
} TPMU_ENCRYPTED_SECRET;
/* Table 174 - Definition of TPM2B_ENCRYPTED_SECRET Structure */
typedef struct {
UINT16 size; /* size of the secret value */
BYTE secret[sizeof(TPMU_ENCRYPTED_SECRET)]; /* secret */
} ENCRYPTED_SECRET_2B;
typedef union {
ENCRYPTED_SECRET_2B t;
TPM2B b;
} TPM2B_ENCRYPTED_SECRET;
/* Table 175 - Definition of (TPM_ALG_ID) TPMI_ALG_PUBLIC Type */
typedef TPM_ALG_ID TPMI_ALG_PUBLIC;
/* Table 176 - Definition of TPMU_PUBLIC_ID Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_KEYEDHASH
TPM2B_DIGEST keyedHash; /* TPM_ALG_KEYEDHASH */
#endif
#ifdef TPM_ALG_SYMCIPHER
TPM2B_DIGEST sym; /* TPM_ALG_SYMCIPHER */
#endif
#ifdef TPM_ALG_RSA
TPM2B_PUBLIC_KEY_RSA rsa; /* TPM_ALG_RSA */
#endif
#ifdef TPM_ALG_ECC
TPMS_ECC_POINT ecc; /* TPM_ALG_ECC */
#endif
TPMS_DERIVE derive; /* only allowed for TPM2_CreateLoaded when
parentHandle is a Derivation Parent */
} TPMU_PUBLIC_ID;
/* Table 177 - Definition of TPMS_KEYEDHASH_PARMS Structure */
typedef struct {
TPMT_KEYEDHASH_SCHEME scheme; /* Indicates the signing method used for a keyedHash signing object */
} TPMS_KEYEDHASH_PARMS;
/* Table 178 - Definition of TPMS_ASYM_PARMS Structure <> */
typedef struct {
TPMT_SYM_DEF_OBJECT symmetric; /* the companion symmetric algorithm for a restricted decryption key */
TPMT_ASYM_SCHEME scheme; /* for a key with the sign attribute SET, a valid signing scheme for the key type */
} TPMS_ASYM_PARMS;
/* Table 179 - Definition of {RSA} TPMS_RSA_PARMS Structure */
typedef struct {
TPMT_SYM_DEF_OBJECT symmetric; /* for a restricted decryption key, shall be set to a supported symmetric algorithm, key size, and mode. */
TPMT_RSA_SCHEME scheme; /* for an unrestricted signing key, shall be either TPM_ALG_RSAPSS TPM_ALG_RSASSA or TPM_ALG_NULL */
TPMI_RSA_KEY_BITS keyBits; /* number of bits in the public modulus */
UINT32 exponent; /* the public exponent */
} TPMS_RSA_PARMS;
/* Table 180 - Definition of {ECC} TPMS_ECC_PARMS Structure */
typedef struct {
TPMT_SYM_DEF_OBJECT symmetric; /* for a restricted decryption key, shall be set to a supported symmetric algorithm, key size. and mode. */
TPMT_ECC_SCHEME scheme; /* If the sign attribute of the key is SET, then this shall be a valid signing scheme. */
TPMI_ECC_CURVE curveID; /* ECC curve ID */
TPMT_KDF_SCHEME kdf; /* an optional key derivation scheme for generating a symmetric key from a Z value */
} TPMS_ECC_PARMS;
/* Table 181 - Definition of TPMU_PUBLIC_PARMS Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_KEYEDHASH
TPMS_KEYEDHASH_PARMS keyedHashDetail; /* TPM_ALG_KEYEDHASH */
#endif
#ifdef TPM_ALG_SYMCIPHER
TPMS_SYMCIPHER_PARMS symDetail; /* TPM_ALG_SYMCIPHER */
#endif
#ifdef TPM_ALG_RSA
TPMS_RSA_PARMS rsaDetail; /* TPM_ALG_RSA */
#endif
#ifdef TPM_ALG_ECC
TPMS_ECC_PARMS eccDetail; /* TPM_ALG_ECC */
#endif
TPMS_ASYM_PARMS asymDetail; /* common scheme structure for RSA and ECC keys */
} TPMU_PUBLIC_PARMS;
/* Table 182 - Definition of TPMT_PUBLIC_PARMS Structure */
typedef struct {
TPMI_ALG_PUBLIC type; /* the algorithm to be tested */
TPMU_PUBLIC_PARMS parameters; /* the algorithm details */
} TPMT_PUBLIC_PARMS;
/* Table 183 - Definition of TPMT_PUBLIC Structure */
typedef struct {
TPMI_ALG_PUBLIC type; /* "algorithm" associated with this object */
TPMI_ALG_HASH nameAlg; /* algorithm used for computing the Name of the object */
TPMA_OBJECT objectAttributes; /* attributes that, along with type, determine the manipulations of this object */
TPM2B_DIGEST authPolicy; /* optional policy for using this key */
TPMU_PUBLIC_PARMS parameters; /* the algorithm or structure details */
TPMU_PUBLIC_ID unique; /* the unique identifier of the structure */
} TPMT_PUBLIC;
/* Table 184 - Definition of TPM2B_PUBLIC Structure */
typedef struct {
UINT16 size; /* size of publicArea */
TPMT_PUBLIC publicArea; /* the public area */
} TPM2B_PUBLIC;
/* Table 192 - Definition of TPM2B_TEMPLATE Structure */
typedef union {
struct {
UINT16 size; /* size of publicArea */
BYTE buffer[sizeof(TPMT_PUBLIC)]; /* the public area */
} t;
TPM2B b;
} TPM2B_TEMPLATE;
/* Table 186 - Definition of TPMU_SENSITIVE_COMPOSITE Union <IN/OUT, S> */
typedef union {
#ifdef TPM_ALG_RSA
TPM2B_PRIVATE_KEY_RSA rsa; /* TPM_ALG_RSA a prime factor of the public key */
#endif
#ifdef TPM_ALG_ECC
TPM2B_ECC_PARAMETER ecc; /* TPM_ALG_ECC the integer private key */
#endif
#ifdef TPM_ALG_KEYEDHASH
TPM2B_SENSITIVE_DATA bits; /* TPM_ALG_KEYEDHASH the private data */
#endif
#ifdef TPM_ALG_SYMCIPHER
TPM2B_SYM_KEY sym; /* TPM_ALG_SYMCIPHER the symmetric key */
#endif
} TPMU_SENSITIVE_COMPOSITE;
/* Table 187 - Definition of TPMT_SENSITIVE Structure */
typedef struct {
TPMI_ALG_PUBLIC sensitiveType; /* identifier for the sensitive area */
TPM2B_AUTH authValue; /* user authorization data */
TPM2B_DIGEST seedValue; /* for asymmetric key object, the optional protection seed; for other objects, the obfuscation value */
TPMU_SENSITIVE_COMPOSITE sensitive; /* the type-specific private data */
} TPMT_SENSITIVE;
/* Table 188 - Definition of TPM2B_SENSITIVE Structure <IN/OUT> */
typedef struct {
UINT16 size; /* size of the private structure */
TPMT_SENSITIVE sensitiveArea; /* an unencrypted sensitive area */
} SENSITIVE_2B;
typedef union {
SENSITIVE_2B t;
TPM2B b;
} TPM2B_SENSITIVE;
/* Table 189 - Definition of _PRIVATE Structure <> */
typedef struct {
TPM2B_DIGEST integrityOuter;
TPM2B_DIGEST integrityInner; /* could also be a TPM2B_IV */
TPM2B_SENSITIVE sensitive; /* the sensitive area */
} _PRIVATE;
/* Table 190 - Definition of TPM2B_PRIVATE Structure <IN/OUT, S> */
typedef struct {
UINT16 size; /* size of the private structure */
BYTE buffer[sizeof(_PRIVATE)]; /* an encrypted private area */
} PRIVATE_2B;
typedef union {
PRIVATE_2B t;
TPM2B b;
} TPM2B_PRIVATE;
/* Table 191 - Definition of _ID_OBJECT Structure <> */
typedef struct {
TPM2B_DIGEST integrityHMAC; /* HMAC using the nameAlg of the storage key on the target TPM */
TPM2B_DIGEST encIdentity; /* credential protector information returned if name matches the referenced object */
} _ID_OBJECT;
/* Table 192 - Definition of TPM2B_ID_OBJECT Structure <IN/OUT> */
typedef struct {
UINT16 size; /* size of the credential structure */
BYTE credential[sizeof(_ID_OBJECT)]; /* an encrypted credential area */
} ID_OBJECT_2B;
typedef union {
ID_OBJECT_2B t;
TPM2B b;
} TPM2B_ID_OBJECT;
/* Table 193 - Definition of (UINT32) TPM_NV_INDEX Bits <> */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int index : 24; /* 23:0 The Index of the NV location */
unsigned int RH_NV : 8; /* 31:24 constant value of TPM_HT_NV_INDEX indicating the NV Index range */
};
UINT32 val;
} TPM_NV_INDEX;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int RH_NV : 8; /* 31:24 constant value of TPM_HT_NV_INDEX indicating the NV Index range */
unsigned int index : 24; /* 23:0 The Index of the NV location */
};
UINT32 val;
} TPM_NV_INDEX;
#else
typedef struct {
UINT32 val;
} TPM_NV_INDEX;
#endif
#define TPM_NV_INDEX_INDEX 0x00ffffff
#define TPM_NV_INDEX_RH_NV 0xff000000
/* Table 194 - Definition of TPM_NT Constants */
#define TPM_NT_ORDINARY 0x0 /* Ordinary - contains data that is opaque to the TPM that can only be modified using TPM2_NV_Write(). */
#define TPM_NT_COUNTER 0x1 /* Counter - contains an 8-octet value that is to be used as a
counter and can only be modified with TPM2_NV_Increment() */
#define TPM_NT_BITS 0x2 /* Bit Field - contains an 8-octet value to be used as a bit field
and can only be modified with TPM2_NV_SetBits(). */
#define TPM_NT_EXTEND 0x4 /* Extend - contains a digest-sized value used like a PCR. The Index
can only be modified using TPM2_NV_Extend(). The extend will use
the nameAlg of the Index. */
#define TPM_NT_PIN_FAIL 0x8 /* PIN Fail - contains a PIN limit and a PIN count that increments on a PIN authorization failure */
#define TPM_NT_PIN_PASS 0x9 /* PIN Pass - contains a PIN limit and a PIN count that increments on a PIN authorization success */
/* Table 204 - Definition of TPMS_NV_PIN_COUNTER_PARAMETERS Structure */
typedef struct {
uint32_t pinCount; /* This counter shows the current number of successful authValue
authorization attempts to access a TPM_NT_PIN_PASS index or the current
number of unsuccessful authValue authorization attempts to access a
TPM_NT_PIN_FAIL index. */
uint32_t pinLimit; /* This threshold is the value of pinCount at which the authValue
authorization of the host TPM_NT_PIN_PASS or TPM_NT_PIN_FAIL index is
locked out. */
} TPMS_NV_PIN_COUNTER_PARAMETERS;
/* Table 205 - Definition of (UINT32) TPMA_NV Bits */
#if defined TPM_BITFIELD_LE
typedef union {
struct {
unsigned int TPMA_NV_PPWRITE : 1; /* 0 The Index data can be written if Platform Authorization is provided. */
unsigned int TPMA_NV_OWNERWRITE : 1; /* 1 The Index data can be written if Owner Authorization is provided. */
unsigned int TPMA_NV_AUTHWRITE : 1; /* 2 Authorizations to change the Index contents that require USER role may be provided with an HMAC session or password. */
unsigned int TPMA_NV_POLICYWRITE : 1; /* 3 Authorizations to change the Index contents that require USER role may be provided with a policy session. */
unsigned int TPM_NT : 4; /* 7:4 The type of the index */
unsigned int Reserved1 : 2; /* 9:8 shall be zero reserved for future use */
unsigned int TPMA_NV_POLICY_DELETE : 1; /* 10 Index may not be deleted unless the authPolicy is satisfied. */
unsigned int TPMA_NV_WRITELOCKED : 1; /* 11 Index cannot be written. */
unsigned int TPMA_NV_WRITEALL : 1; /* 12 A partial write of the Index data is not allowed. The write size shall match the defined space size. */
unsigned int TPMA_NV_WRITEDEFINE : 1; /* 13 TPM2_NV_WriteLock() may be used to prevent further writes to this location. */
unsigned int TPMA_NV_WRITE_STCLEAR : 1; /* 14 TPM2_NV_WriteLock() may be used to prevent further writes to this location until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_GLOBALLOCK : 1; /* 15 If TPM2_NV_GlobalLock() is successful, then further writes are not permitted until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_PPREAD : 1; /* 16 The Index data can be read if Platform Authorization is provided. */
unsigned int TPMA_NV_OWNERREAD : 1; /* 17 The Index data can be read if Owner Authorization is provided. */
unsigned int TPMA_NV_AUTHREAD : 1; /* 18 The Index data may be read if the authValue is provided. */
unsigned int TPMA_NV_POLICYREAD : 1; /* 19 The Index data may be read if the authPolicy is satisfied. */
unsigned int Reserved2 : 5; /* 24:20 shall be zero reserved for future use */
unsigned int TPMA_NV_NO_DA : 1; /* 25 Authorization failures of the Index do not affect the DA logic */
unsigned int TPMA_NV_ORDERLY : 1; /* 26 NV Index state is only required to be saved when the TPM performs an orderly shutdown */
unsigned int TPMA_NV_CLEAR_STCLEAR : 1; /* 27 TPMA_NV_WRITTEN for the Index is CLEAR by TPM Reset or TPM Restart. */
unsigned int TPMA_NV_READLOCKED : 1; /* 28 Reads of the Index are blocked until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_WRITTEN : 1; /* 29 Index has been written. */
unsigned int TPMA_NV_PLATFORMCREATE : 1; /* 30 This Index may be undefined with Platform Authorization but not with Owner Authorization. */
unsigned int TPMA_NV_READ_STCLEAR : 1; /* 31 TPM2_NV_ReadLock() may be used to SET TPMA_NV_READLOCKED for this Index. */
};
UINT32 val;
} TPMA_NV;
#elif defined TPM_BITFIELD_BE
typedef union {
struct {
unsigned int TPMA_NV_READ_STCLEAR : 1; /* 31 TPM2_NV_ReadLock() may be used to SET TPMA_NV_READLOCKED for this Index. */
unsigned int TPMA_NV_PLATFORMCREATE : 1; /* 30 This Index may be undefined with Platform Authorization but not with Owner Authorization. */
unsigned int TPMA_NV_WRITTEN : 1; /* 29 Index has been written. */
unsigned int TPMA_NV_READLOCKED : 1; /* 28 Reads of the Index are blocked until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_CLEAR_STCLEAR : 1; /* 27 TPMA_NV_WRITTEN for the Index is CLEAR by TPM Reset or TPM Restart. */
unsigned int TPMA_NV_ORDERLY : 1; /* 26 NV Index state is only required to be saved when the TPM performs an orderly shutdown */
unsigned int TPMA_NV_NO_DA : 1; /* 25 Authorization failures of the Index do not affect the DA logic */
unsigned int Reserved2 : 5; /* 24:20 shall be zero reserved for future use */
unsigned int TPMA_NV_POLICYREAD : 1; /* 19 The Index data may be read if the authPolicy is satisfied. */
unsigned int TPMA_NV_AUTHREAD : 1; /* 18 The Index data may be read if the authValue is provided. */
unsigned int TPMA_NV_OWNERREAD : 1; /* 17 The Index data can be read if Owner Authorization is provided. */
unsigned int TPMA_NV_PPREAD : 1; /* 16 The Index data can be read if Platform Authorization is provided. */
unsigned int TPMA_NV_GLOBALLOCK : 1; /* 15 If TPM2_NV_GlobalLock() is successful, then further writes are not permitted until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_WRITE_STCLEAR : 1; /* 14 TPM2_NV_WriteLock() may be used to prevent further writes to this location until the next TPM Reset or TPM Restart. */
unsigned int TPMA_NV_WRITEDEFINE : 1; /* 13 TPM2_NV_WriteLock() may be used to prevent further writes to this location. */
unsigned int TPMA_NV_WRITEALL : 1; /* 12 A partial write of the Index data is not allowed. The write size shall match the defined space size. */
unsigned int TPMA_NV_WRITELOCKED : 1; /* 11 Index cannot be written. */
unsigned int TPMA_NV_POLICY_DELETE : 1; /* 10 Index may not be deleted unless the authPolicy is satisfied. */
unsigned int Reserved1 : 2; /* 9:8 shall be zero reserved for future use */
unsigned int TPM_NT : 4; /* 7:4 The type of the index */
unsigned int TPMA_NV_POLICYWRITE : 1; /* 3 Authorizations to change the Index contents that require USER role may be provided with a policy session. */
unsigned int TPMA_NV_AUTHWRITE : 1; /* 2 Authorizations to change the Index contents that require USER role may be provided with an HMAC session or password. */
unsigned int TPMA_NV_OWNERWRITE : 1; /* 1 The Index data can be written if Owner Authorization is provided. */
unsigned int TPMA_NV_PPWRITE : 1; /* 0 The Index data can be written if Platform Authorization is provided. */
};
UINT32 val;
} TPMA_NV;
#else
typedef struct {
UINT32 val;
} TPMA_NV;
#endif
#define TPMA_NVA_PPWRITE 0x00000001
#define TPMA_NVA_OWNERWRITE 0x00000002
#define TPMA_NVA_AUTHWRITE 0x00000004
#define TPMA_NVA_POLICYWRITE 0x00000008
#define TPMA_NVA_ORDINARY 0x00000000
#define TPMA_NVA_COUNTER 0x00000010
#define TPMA_NVA_BITS 0x00000020
#define TPMA_NVA_EXTEND 0x00000040
#define TPMA_NVA_PIN_FAIL 0x00000080
#define TPMA_NVA_PIN_PASS 0x00000090
#define TPMA_NVA_RESERVED1 0x00000300
#define TPMA_NVA_POLICY_DELETE 0x00000400
#define TPMA_NVA_WRITELOCKED 0x00000800
#define TPMA_NVA_WRITEALL 0x00001000
#define TPMA_NVA_WRITEDEFINE 0x00002000
#define TPMA_NVA_WRITE_STCLEAR 0x00004000
#define TPMA_NVA_GLOBALLOCK 0x00008000
#define TPMA_NVA_PPREAD 0x00010000
#define TPMA_NVA_OWNERREAD 0x00020000
#define TPMA_NVA_AUTHREAD 0x00040000
#define TPMA_NVA_POLICYREAD 0x00080000
#define TPMA_NVA_RESERVED2 0x01f00000
#define TPMA_NVA_NO_DA 0x02000000
#define TPMA_NVA_ORDERLY 0x04000000
#define TPMA_NVA_CLEAR_STCLEAR 0x08000000
#define TPMA_NVA_READLOCKED 0x10000000
#define TPMA_NVA_WRITTEN 0x20000000
#define TPMA_NVA_PLATFORMCREATE 0x40000000
#define TPMA_NVA_READ_STCLEAR 0x80000000
#define TPMA_NVA_TPM_NT_MASK 0x000000f0
#define TPMA_NV_RESERVED (TPMA_NVA_RESERVED1 | TPMA_NVA_RESERVED2)
/* Table 197 - Definition of TPMS_NV_PUBLIC Structure */
typedef struct {
TPMI_RH_NV_INDEX nvIndex; /* the handle of the data area */
TPMI_ALG_HASH nameAlg; /* hash algorithm used to compute the name of the Index and used for the authPolicy */
TPMA_NV attributes; /* the Index attributes */
TPM2B_DIGEST authPolicy; /* optional access policy for the Index */
UINT16 dataSize; /* the size of the data area */
} TPMS_NV_PUBLIC;
/* Table 198 - Definition of TPM2B_NV_PUBLIC Structure */
typedef struct {
UINT16 size; /* size of nvPublic */
TPMS_NV_PUBLIC nvPublic; /* the public area */
} TPM2B_NV_PUBLIC;
/* Table 199 - Definition of TPM2B_CONTEXT_SENSITIVE Structure <IN/OUT> */
typedef struct {
UINT16 size;
BYTE buffer[MAX_CONTEXT_SIZE]; /* the sensitive data */
} CONTEXT_SENSITIVE_2B;
typedef union {
CONTEXT_SENSITIVE_2B t;
TPM2B b;
} TPM2B_CONTEXT_SENSITIVE;
/* Table 200 - Definition of TPMS_CONTEXT_DATA Structure <IN/OUT, S> */
typedef struct {
TPM2B_DIGEST integrity; /* the integrity value */
TPM2B_CONTEXT_SENSITIVE encrypted; /* the sensitive area */
} TPMS_CONTEXT_DATA;
/* Table 201 - Definition of TPM2B_CONTEXT_DATA Structure <IN/OUT> */
typedef struct {
UINT16 size;
BYTE buffer[sizeof(TPMS_CONTEXT_DATA)];
} CONTEXT_DATA_2B;
typedef union {
CONTEXT_DATA_2B t;
TPM2B b;
} TPM2B_CONTEXT_DATA;
/* Table 202 - Definition of TPMS_CONTEXT Structure */
typedef struct {
UINT64 sequence; /* the sequence number of the context */
TPMI_DH_SAVED savedHandle; /* a handle indicating if the context is a session, object or sequence object */
TPMI_RH_HIERARCHY hierarchy; /* the hierarchy of the context */
TPM2B_CONTEXT_DATA contextBlob; /* the context data and integrity HMAC */
} TPMS_CONTEXT;
/* Table 203 - Context Handle Values */
#define TPM_CONTEXT_HANDLE_HMAC 0x02000000 /* an HMAC session context */
#define TPM_CONTEXT_HANDLE_POLICY_SESSION 0x03000000 /* a policy session context */
#define TPM_CONTEXT_HANDLE_TRANSIENT 0x80000000 /* an ordinary transient object */
#define TPM_CONTEXT_HANDLE_SEQUENCE 0x80000001 /* a sequence object */
#define TPM_CONTEXT_HANDLE_STCLEAR 0x80000002 /* a transient object with the stClear attribute SET */
/* Table 204 - Definition of TPMS_CREATION_DATA Structure <OUT> */
typedef struct {
TPML_PCR_SELECTION pcrSelect; /* list indicating the PCR included in pcrDigest */
TPM2B_DIGEST pcrDigest; /* digest of the selected PCR using nameAlg of the object for which this structure is being created */
TPMA_LOCALITY locality; /* the locality at which the object was created */
TPM_ALG_ID parentNameAlg; /* nameAlg of the parent */
TPM2B_NAME parentName; /* Name of the parent at time of creation */
TPM2B_NAME parentQualifiedName; /* Qualified Name of the parent at the time of creation */
TPM2B_DATA outsideInfo; /* association with additional information added by the key creator */
} TPMS_CREATION_DATA;
/* Table 205 - Definition of TPM2B_CREATION_DATA Structure <OUT> */
typedef struct {
UINT16 size; /* size of the creation data */
TPMS_CREATION_DATA creationData;
} TPM2B_CREATION_DATA;
typedef struct tdNTC2_CFG_STRUCT {
uint8_t i2cLoc1_2;
uint8_t i2cLoc3_4;
uint8_t AltCfg;
uint8_t Direction;
uint8_t PullUp;
uint8_t PushPull;
uint8_t CFG_A;
uint8_t CFG_B;
uint8_t CFG_C;
uint8_t CFG_D;
uint8_t CFG_E;
uint8_t CFG_F;
uint8_t CFG_G;
uint8_t CFG_H;
uint8_t CFG_I;
uint8_t CFG_J;
uint8_t IsValid; /* Must be AAh */
uint8_t IsLocked; /* Ignored on NTC2_PreConfig, NTC2_GetConfig returns AAh once configuration
is locked. */
} NTC2_CFG_STRUCT;
#ifdef __cplusplus
}
#endif
#endif