]> git.proxmox.com Git - mirror_edk2.git/blame - MdePkg/Include/IndustryStandard/Tpm12.h
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
MdePkg Base.h: Use correct style to check the defined macro
[mirror_edk2.git] / MdePkg / Include / IndustryStandard / Tpm12.h
CommitLineData
9095d37b 1/** @file\r
1919913f 2 TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 103)\r
267669ba
LG		 3 See http://trustedcomputinggroup.org for latest specification updates\r
4\r
9095d37b 5 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
9344f092 6 SPDX-License-Identifier: BSD-2-Clause-Patent\r
8069d49e
LG		 7**/\r
8\r
267669ba
LG		 9\r
10#ifndef _TPM12_H_\r
11#define _TPM12_H_\r
12\r
ec8432e5 13///\r
14/// The start of TPM return codes\r
15///\r
6a8fb8ba 16#define TPM_BASE 0\r
267669ba
LG		 17\r
18//\r
427987f5 19// All structures MUST be packed on a byte boundary.\r
267669ba 20//\r
766f4bc1 21\r
a04ad3f0 22#pragma pack (1)\r
267669ba
LG		 23\r
24//\r
4135253b 25// Part 2, section 2.2.3: Helper redefinitions\r
267669ba 26//\r
cc078d72 27///\r
28/// Indicates the conditions where it is required that authorization be presented\r
29///\r
267669ba 30typedef UINT8 TPM_AUTH_DATA_USAGE;\r
cc078d72 31///\r
32/// The information as to what the payload is in an encrypted structure\r
33///\r
267669ba 34typedef UINT8 TPM_PAYLOAD_TYPE;\r
cc078d72 35///\r
36/// The version info breakdown\r
37///\r
267669ba 38typedef UINT8 TPM_VERSION_BYTE;\r
cc078d72 39///\r
1919913f 40/// The state of the dictionary attack mitigation logic\r
41///\r
42typedef UINT8 TPM_DA_STATE;\r
43///\r
cc078d72 44/// The request or response authorization type\r
45///\r
267669ba 46typedef UINT16 TPM_TAG;\r
cc078d72 47///\r
48/// The protocol in use\r
49///\r
267669ba 50typedef UINT16 TPM_PROTOCOL_ID;\r
cc078d72 51///\r
52/// Indicates the start state\r
53///\r
267669ba 54typedef UINT16 TPM_STARTUP_TYPE;\r
cc078d72 55///\r
56/// The definition of the encryption scheme\r
57///\r
267669ba 58typedef UINT16 TPM_ENC_SCHEME;\r
cc078d72 59///\r
60/// The definition of the signature scheme\r
61///\r
267669ba 62typedef UINT16 TPM_SIG_SCHEME;\r
cc078d72 63///\r
64/// The definition of the migration scheme\r
65///\r
267669ba 66typedef UINT16 TPM_MIGRATE_SCHEME;\r
cc078d72 67///\r
68/// Sets the state of the physical presence mechanism\r
69///\r
267669ba 70typedef UINT16 TPM_PHYSICAL_PRESENCE;\r
cc078d72 71///\r
72/// Indicates the types of entity that are supported by the TPM\r
73///\r
267669ba 74typedef UINT16 TPM_ENTITY_TYPE;\r
cc078d72 75///\r
76/// Indicates the permitted usage of the key\r
77///\r
267669ba 78typedef UINT16 TPM_KEY_USAGE;\r
cc078d72 79///\r
80/// The type of asymmetric encrypted structure in use by the endorsement key\r
81///\r
267669ba 82typedef UINT16 TPM_EK_TYPE;\r
cc078d72 83///\r
84/// The tag for the structure\r
85///\r
267669ba 86typedef UINT16 TPM_STRUCTURE_TAG;\r
cc078d72 87///\r
88/// The platform specific spec to which the information relates to\r
89///\r
267669ba 90typedef UINT16 TPM_PLATFORM_SPECIFIC;\r
cc078d72 91///\r
92/// The command ordinal\r
93///\r
267669ba 94typedef UINT32 TPM_COMMAND_CODE;\r
cc078d72 95///\r
96/// Identifies a TPM capability area\r
97///\r
267669ba 98typedef UINT32 TPM_CAPABILITY_AREA;\r
cc078d72 99///\r
100/// Indicates information regarding a key\r
101///\r
267669ba 102typedef UINT32 TPM_KEY_FLAGS;\r
cc078d72 103///\r
104/// Indicates the type of algorithm\r
105///\r
267669ba 106typedef UINT32 TPM_ALGORITHM_ID;\r
cc078d72 107///\r
108/// The locality modifier\r
109///\r
267669ba 110typedef UINT32 TPM_MODIFIER_INDICATOR;\r
cc078d72 111///\r
112/// The actual number of a counter\r
113///\r
267669ba 114typedef UINT32 TPM_ACTUAL_COUNT;\r
cc078d72 115///\r
116/// Attributes that define what options are in use for a transport session\r
117///\r
267669ba 118typedef UINT32 TPM_TRANSPORT_ATTRIBUTES;\r
cc078d72 119///\r
120/// Handle to an authorization session\r
121///\r
267669ba 122typedef UINT32 TPM_AUTHHANDLE;\r
cc078d72 123///\r
124/// Index to a DIR register\r
125///\r
267669ba 126typedef UINT32 TPM_DIRINDEX;\r
cc078d72 127///\r
128/// The area where a key is held assigned by the TPM\r
129///\r
267669ba 130typedef UINT32 TPM_KEY_HANDLE;\r
cc078d72 131///\r
132/// Index to a PCR register\r
133///\r
267669ba 134typedef UINT32 TPM_PCRINDEX;\r
cc078d72 135///\r
136/// The return code from a function\r
137///\r
267669ba 138typedef UINT32 TPM_RESULT;\r
cc078d72 139///\r
140/// The types of resources that a TPM may have using internal resources\r
141///\r
267669ba 142typedef UINT32 TPM_RESOURCE_TYPE;\r
cc078d72 143///\r
144/// Allows for controlling of the key when loaded and how to handle TPM_Startup issues\r
145///\r
267669ba 146typedef UINT32 TPM_KEY_CONTROL;\r
cc078d72 147///\r
148/// The index into the NV storage area\r
149///\r
267669ba 150typedef UINT32 TPM_NV_INDEX;\r
cc078d72 151///\r
9095d37b
LG		 152/// The family ID. Family IDs are automatically assigned a sequence number by the TPM.\r
153/// A trusted process can set the FamilyID value in an individual row to NULL, which\r
cc078d72 154/// invalidates that row. The family ID resets to NULL on each change of TPM Owner.\r
155///\r
267669ba 156typedef UINT32 TPM_FAMILY_ID;\r
cc078d72 157///\r
158/// IA value used as a label for the most recent verification of this family. Set to zero when not in use.\r
159///\r
267669ba 160typedef UINT32 TPM_FAMILY_VERIFICATION;\r
cc078d72 161///\r
162/// How the TPM handles var\r
163///\r
267669ba 164typedef UINT32 TPM_STARTUP_EFFECTS;\r
cc078d72 165///\r
166/// The mode of a symmetric encryption\r
167///\r
267669ba 168typedef UINT32 TPM_SYM_MODE;\r
cc078d72 169///\r
170/// The family flags\r
171///\r
267669ba 172typedef UINT32 TPM_FAMILY_FLAGS;\r
cc078d72 173///\r
174/// The index value for the delegate NV table\r
175///\r
267669ba 176typedef UINT32 TPM_DELEGATE_INDEX;\r
cc078d72 177///\r
178/// The restrictions placed on delegation of CMK commands\r
179///\r
267669ba 180typedef UINT32 TPM_CMK_DELEGATE;\r
cc078d72 181///\r
182/// The ID value of a monotonic counter\r
183///\r
267669ba 184typedef UINT32 TPM_COUNT_ID;\r
cc078d72 185///\r
186/// A command to execute\r
187///\r
267669ba 188typedef UINT32 TPM_REDIT_COMMAND;\r
cc078d72 189///\r
190/// A transport session handle\r
191///\r
267669ba 192typedef UINT32 TPM_TRANSHANDLE;\r
cc078d72 193///\r
194/// A generic handle could be key, transport etc\r
195///\r
267669ba 196typedef UINT32 TPM_HANDLE;\r
cc078d72 197///\r
198/// What operation is happening\r
199///\r
267669ba
LG		 200typedef UINT32 TPM_FAMILY_OPERATION;\r
201\r
202//\r
203// Part 2, section 2.2.4: Vendor specific\r
204// The following defines allow for the quick specification of a\r
205// vendor specific item.\r
206//\r
207#define TPM_Vendor_Specific32 ((UINT32) 0x00000400)\r
208#define TPM_Vendor_Specific8 ((UINT8) 0x80)\r
209\r
210//\r
4135253b 211// Part 2, section 3.1: TPM_STRUCTURE_TAG\r
267669ba
LG		 212//\r
213#define TPM_TAG_CONTEXTBLOB ((TPM_STRUCTURE_TAG) 0x0001)\r
214#define TPM_TAG_CONTEXT_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0002)\r
215#define TPM_TAG_CONTEXTPOINTER ((TPM_STRUCTURE_TAG) 0x0003)\r
216#define TPM_TAG_CONTEXTLIST ((TPM_STRUCTURE_TAG) 0x0004)\r
217#define TPM_TAG_SIGNINFO ((TPM_STRUCTURE_TAG) 0x0005)\r
218#define TPM_TAG_PCR_INFO_LONG ((TPM_STRUCTURE_TAG) 0x0006)\r
219#define TPM_TAG_PERSISTENT_FLAGS ((TPM_STRUCTURE_TAG) 0x0007)\r
220#define TPM_TAG_VOLATILE_FLAGS ((TPM_STRUCTURE_TAG) 0x0008)\r
221#define TPM_TAG_PERSISTENT_DATA ((TPM_STRUCTURE_TAG) 0x0009)\r
222#define TPM_TAG_VOLATILE_DATA ((TPM_STRUCTURE_TAG) 0x000A)\r
223#define TPM_TAG_SV_DATA ((TPM_STRUCTURE_TAG) 0x000B)\r
224#define TPM_TAG_EK_BLOB ((TPM_STRUCTURE_TAG) 0x000C)\r
225#define TPM_TAG_EK_BLOB_AUTH ((TPM_STRUCTURE_TAG) 0x000D)\r
226#define TPM_TAG_COUNTER_VALUE ((TPM_STRUCTURE_TAG) 0x000E)\r
227#define TPM_TAG_TRANSPORT_INTERNAL ((TPM_STRUCTURE_TAG) 0x000F)\r
228#define TPM_TAG_TRANSPORT_LOG_IN ((TPM_STRUCTURE_TAG) 0x0010)\r
229#define TPM_TAG_TRANSPORT_LOG_OUT ((TPM_STRUCTURE_TAG) 0x0011)\r
230#define TPM_TAG_AUDIT_EVENT_IN ((TPM_STRUCTURE_TAG) 0x0012)\r
231#define TPM_TAG_AUDIT_EVENT_OUT ((TPM_STRUCTURE_TAG) 0x0013)\r
232#define TPM_TAG_CURRENT_TICKS ((TPM_STRUCTURE_TAG) 0x0014)\r
233#define TPM_TAG_KEY ((TPM_STRUCTURE_TAG) 0x0015)\r
234#define TPM_TAG_STORED_DATA12 ((TPM_STRUCTURE_TAG) 0x0016)\r
235#define TPM_TAG_NV_ATTRIBUTES ((TPM_STRUCTURE_TAG) 0x0017)\r
236#define TPM_TAG_NV_DATA_PUBLIC ((TPM_STRUCTURE_TAG) 0x0018)\r
237#define TPM_TAG_NV_DATA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0019)\r
238#define TPM_TAG_DELEGATIONS ((TPM_STRUCTURE_TAG) 0x001A)\r
239#define TPM_TAG_DELEGATE_PUBLIC ((TPM_STRUCTURE_TAG) 0x001B)\r
240#define TPM_TAG_DELEGATE_TABLE_ROW ((TPM_STRUCTURE_TAG) 0x001C)\r
241#define TPM_TAG_TRANSPORT_AUTH ((TPM_STRUCTURE_TAG) 0x001D)\r
242#define TPM_TAG_TRANSPORT_PUBLIC ((TPM_STRUCTURE_TAG) 0x001E)\r
243#define TPM_TAG_PERMANENT_FLAGS ((TPM_STRUCTURE_TAG) 0x001F)\r
244#define TPM_TAG_STCLEAR_FLAGS ((TPM_STRUCTURE_TAG) 0x0020)\r
245#define TPM_TAG_STANY_FLAGS ((TPM_STRUCTURE_TAG) 0x0021)\r
246#define TPM_TAG_PERMANENT_DATA ((TPM_STRUCTURE_TAG) 0x0022)\r
247#define TPM_TAG_STCLEAR_DATA ((TPM_STRUCTURE_TAG) 0x0023)\r
248#define TPM_TAG_STANY_DATA ((TPM_STRUCTURE_TAG) 0x0024)\r
249#define TPM_TAG_FAMILY_TABLE_ENTRY ((TPM_STRUCTURE_TAG) 0x0025)\r
250#define TPM_TAG_DELEGATE_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0026)\r
251#define TPM_TAG_DELG_KEY_BLOB ((TPM_STRUCTURE_TAG) 0x0027)\r
252#define TPM_TAG_KEY12 ((TPM_STRUCTURE_TAG) 0x0028)\r
253#define TPM_TAG_CERTIFY_INFO2 ((TPM_STRUCTURE_TAG) 0x0029)\r
254#define TPM_TAG_DELEGATE_OWNER_BLOB ((TPM_STRUCTURE_TAG) 0x002A)\r
255#define TPM_TAG_EK_BLOB_ACTIVATE ((TPM_STRUCTURE_TAG) 0x002B)\r
256#define TPM_TAG_DAA_BLOB ((TPM_STRUCTURE_TAG) 0x002C)\r
257#define TPM_TAG_DAA_CONTEXT ((TPM_STRUCTURE_TAG) 0x002D)\r
258#define TPM_TAG_DAA_ENFORCE ((TPM_STRUCTURE_TAG) 0x002E)\r
259#define TPM_TAG_DAA_ISSUER ((TPM_STRUCTURE_TAG) 0x002F)\r
260#define TPM_TAG_CAP_VERSION_INFO ((TPM_STRUCTURE_TAG) 0x0030)\r
261#define TPM_TAG_DAA_SENSITIVE ((TPM_STRUCTURE_TAG) 0x0031)\r
262#define TPM_TAG_DAA_TPM ((TPM_STRUCTURE_TAG) 0x0032)\r
263#define TPM_TAG_CMK_MIGAUTH ((TPM_STRUCTURE_TAG) 0x0033)\r
264#define TPM_TAG_CMK_SIGTICKET ((TPM_STRUCTURE_TAG) 0x0034)\r
265#define TPM_TAG_CMK_MA_APPROVAL ((TPM_STRUCTURE_TAG) 0x0035)\r
266#define TPM_TAG_QUOTE_INFO2 ((TPM_STRUCTURE_TAG) 0x0036)\r
1919913f 267#define TPM_TAG_DA_INFO ((TPM_STRUCTURE_TAG) 0x0037)\r
268#define TPM_TAG_DA_LIMITED ((TPM_STRUCTURE_TAG) 0x0038)\r
269#define TPM_TAG_DA_ACTION_TYPE ((TPM_STRUCTURE_TAG) 0x0039)\r
267669ba
LG		 270\r
271//\r
272// Part 2, section 4: TPM Types\r
273//\r
274\r
275//\r
276// Part 2, section 4.1: TPM_RESOURCE_TYPE\r
277//\r
4135253b 278#define TPM_RT_KEY ((TPM_RESOURCE_TYPE) 0x00000001) ///< The handle is a key handle and is the result of a LoadKey type operation\r
279#define TPM_RT_AUTH ((TPM_RESOURCE_TYPE) 0x00000002) ///< The handle is an authorization handle. Auth handles come from TPM_OIAP, TPM_OSAP and TPM_DSAP\r
280#define TPM_RT_HASH ((TPM_RESOURCE_TYPE) 0x00000003) ///< Reserved for hashes\r
281#define TPM_RT_TRANS ((TPM_RESOURCE_TYPE) 0x00000004) ///< The handle is for a transport session. Transport handles come from TPM_EstablishTransport\r
282#define TPM_RT_CONTEXT ((TPM_RESOURCE_TYPE) 0x00000005) ///< Resource wrapped and held outside the TPM using the context save/restore commands\r
283#define TPM_RT_COUNTER ((TPM_RESOURCE_TYPE) 0x00000006) ///< Reserved for counters\r
284#define TPM_RT_DELEGATE ((TPM_RESOURCE_TYPE) 0x00000007) ///< The handle is for a delegate row. These are the internal rows held in NV storage by the TPM\r
285#define TPM_RT_DAA_TPM ((TPM_RESOURCE_TYPE) 0x00000008) ///< The value is a DAA TPM specific blob\r
286#define TPM_RT_DAA_V0 ((TPM_RESOURCE_TYPE) 0x00000009) ///< The value is a DAA V0 parameter\r
287#define TPM_RT_DAA_V1 ((TPM_RESOURCE_TYPE) 0x0000000A) ///< The value is a DAA V1 parameter\r
267669ba
LG		 288\r
289//\r
290// Part 2, section 4.2: TPM_PAYLOAD_TYPE\r
291//\r
4135253b 292#define TPM_PT_ASYM ((TPM_PAYLOAD_TYPE) 0x01) ///< The entity is an asymmetric key\r
293#define TPM_PT_BIND ((TPM_PAYLOAD_TYPE) 0x02) ///< The entity is bound data\r
294#define TPM_PT_MIGRATE ((TPM_PAYLOAD_TYPE) 0x03) ///< The entity is a migration blob\r
295#define TPM_PT_MAINT ((TPM_PAYLOAD_TYPE) 0x04) ///< The entity is a maintenance blob\r
296#define TPM_PT_SEAL ((TPM_PAYLOAD_TYPE) 0x05) ///< The entity is sealed data\r
297#define TPM_PT_MIGRATE_RESTRICTED ((TPM_PAYLOAD_TYPE) 0x06) ///< The entity is a restricted-migration asymmetric key\r
298#define TPM_PT_MIGRATE_EXTERNAL ((TPM_PAYLOAD_TYPE) 0x07) ///< The entity is a external migratable key\r
299#define TPM_PT_CMK_MIGRATE ((TPM_PAYLOAD_TYPE) 0x08) ///< The entity is a CMK migratable blob\r
300#define TPM_PT_VENDOR_SPECIFIC ((TPM_PAYLOAD_TYPE) 0x80) ///< 0x80 - 0xFF Vendor specific payloads\r
301\r
302//\r
303// Part 2, section 4.3: TPM_ENTITY_TYPE\r
304//\r
305#define TPM_ET_KEYHANDLE ((UINT16) 0x0001) ///< The entity is a keyHandle or key\r
306#define TPM_ET_OWNER ((UINT16) 0x0002) ///< The entity is the TPM Owner\r
307#define TPM_ET_DATA ((UINT16) 0x0003) ///< The entity is some data\r
308#define TPM_ET_SRK ((UINT16) 0x0004) ///< The entity is the SRK\r
309#define TPM_ET_KEY ((UINT16) 0x0005) ///< The entity is a key or keyHandle\r
310#define TPM_ET_REVOKE ((UINT16) 0x0006) ///< The entity is the RevokeTrust value\r
311#define TPM_ET_DEL_OWNER_BLOB ((UINT16) 0x0007) ///< The entity is a delegate owner blob\r
312#define TPM_ET_DEL_ROW ((UINT16) 0x0008) ///< The entity is a delegate row\r
313#define TPM_ET_DEL_KEY_BLOB ((UINT16) 0x0009) ///< The entity is a delegate key blob\r
314#define TPM_ET_COUNTER ((UINT16) 0x000A) ///< The entity is a counter\r
315#define TPM_ET_NV ((UINT16) 0x000B) ///< The entity is a NV index\r
1919913f 316#define TPM_ET_OPERATOR ((UINT16) 0x000C) ///< The entity is the operator\r
4135253b 317#define TPM_ET_RESERVED_HANDLE ((UINT16) 0x0040) ///< Reserved. This value avoids collisions with the handle MSB setting.\r
267669ba
LG		 318//\r
319// TPM_ENTITY_TYPE MSB Values: The MSB is used to indicate the ADIP encryption sheme when applicable\r
320//\r
4135253b 321#define TPM_ET_XOR ((UINT16) 0x0000) ///< ADIP encryption scheme: XOR\r
322#define TPM_ET_AES128 ((UINT16) 0x0006) ///< ADIP encryption scheme: AES 128 bits\r
267669ba
LG		 323\r
324//\r
325// Part 2, section 4.4.1: Reserved Key Handles\r
326//\r
4135253b 327#define TPM_KH_SRK ((TPM_KEY_HANDLE) 0x40000000) ///< The handle points to the SRK\r
328#define TPM_KH_OWNER ((TPM_KEY_HANDLE) 0x40000001) ///< The handle points to the TPM Owner\r
329#define TPM_KH_REVOKE ((TPM_KEY_HANDLE) 0x40000002) ///< The handle points to the RevokeTrust value\r
330#define TPM_KH_TRANSPORT ((TPM_KEY_HANDLE) 0x40000003) ///< The handle points to the EstablishTransport static authorization\r
331#define TPM_KH_OPERATOR ((TPM_KEY_HANDLE) 0x40000004) ///< The handle points to the Operator auth\r
332#define TPM_KH_ADMIN ((TPM_KEY_HANDLE) 0x40000005) ///< The handle points to the delegation administration auth\r
333#define TPM_KH_EK ((TPM_KEY_HANDLE) 0x40000006) ///< The handle points to the PUBEK, only usable with TPM_OwnerReadInternalPub\r
267669ba
LG		 334\r
335//\r
336// Part 2, section 4.5: TPM_STARTUP_TYPE\r
337//\r
4135253b 338#define TPM_ST_CLEAR ((TPM_STARTUP_TYPE) 0x0001) ///< The TPM is starting up from a clean state\r
339#define TPM_ST_STATE ((TPM_STARTUP_TYPE) 0x0002) ///< The TPM is starting up from a saved state\r
340#define TPM_ST_DEACTIVATED ((TPM_STARTUP_TYPE) 0x0003) ///< The TPM is to startup and set the deactivated flag to TRUE\r
267669ba
LG		 341\r
342//\r
343// Part 2, section 4.6: TPM_STATUP_EFFECTS\r
344// The table makeup is still an open issue.\r
345//\r
346\r
347//\r
348// Part 2, section 4.7: TPM_PROTOCOL_ID\r
349//\r
4135253b 350#define TPM_PID_OIAP ((TPM_PROTOCOL_ID) 0x0001) ///< The OIAP protocol.\r
351#define TPM_PID_OSAP ((TPM_PROTOCOL_ID) 0x0002) ///< The OSAP protocol.\r
352#define TPM_PID_ADIP ((TPM_PROTOCOL_ID) 0x0003) ///< The ADIP protocol.\r
353#define TPM_PID_ADCP ((TPM_PROTOCOL_ID) 0x0004) ///< The ADCP protocol.\r
354#define TPM_PID_OWNER ((TPM_PROTOCOL_ID) 0x0005) ///< The protocol for taking ownership of a TPM.\r
355#define TPM_PID_DSAP ((TPM_PROTOCOL_ID) 0x0006) ///< The DSAP protocol\r
356#define TPM_PID_TRANSPORT ((TPM_PROTOCOL_ID) 0x0007) ///< The transport protocol\r
267669ba
LG		 357\r
358//\r
359// Part 2, section 4.8: TPM_ALGORITHM_ID\r
360// The TPM MUST support the algorithms TPM_ALG_RSA, TPM_ALG_SHA, TPM_ALG_HMAC,\r
361// TPM_ALG_MGF1\r
362//\r
4135253b 363#define TPM_ALG_RSA ((TPM_ALGORITHM_ID) 0x00000001) ///< The RSA algorithm.\r
364#define TPM_ALG_DES ((TPM_ALGORITHM_ID) 0x00000002) ///< The DES algorithm\r
365#define TPM_ALG_3DES ((TPM_ALGORITHM_ID) 0x00000003) ///< The 3DES algorithm in EDE mode\r
366#define TPM_ALG_SHA ((TPM_ALGORITHM_ID) 0x00000004) ///< The SHA1 algorithm\r
367#define TPM_ALG_HMAC ((TPM_ALGORITHM_ID) 0x00000005) ///< The RFC 2104 HMAC algorithm\r
368#define TPM_ALG_AES128 ((TPM_ALGORITHM_ID) 0x00000006) ///< The AES algorithm, key size 128\r
369#define TPM_ALG_MGF1 ((TPM_ALGORITHM_ID) 0x00000007) ///< The XOR algorithm using MGF1 to create a string the size of the encrypted block\r
370#define TPM_ALG_AES192 ((TPM_ALGORITHM_ID) 0x00000008) ///< AES, key size 192\r
371#define TPM_ALG_AES256 ((TPM_ALGORITHM_ID) 0x00000009) ///< AES, key size 256\r
372#define TPM_ALG_XOR ((TPM_ALGORITHM_ID) 0x0000000A) ///< XOR using the rolling nonces\r
267669ba
LG		 373\r
374//\r
375// Part 2, section 4.9: TPM_PHYSICAL_PRESENCE\r
376//\r
4135253b 377#define TPM_PHYSICAL_PRESENCE_HW_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0200) ///< Sets the physicalPresenceHWEnable to FALSE\r
378#define TPM_PHYSICAL_PRESENCE_CMD_DISABLE ((TPM_PHYSICAL_PRESENCE) 0x0100) ///< Sets the physicalPresenceCMDEnable to FALSE\r
379#define TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0080) ///< Sets the physicalPresenceLifetimeLock to TRUE\r
380#define TPM_PHYSICAL_PRESENCE_HW_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0040) ///< Sets the physicalPresenceHWEnable to TRUE\r
381#define TPM_PHYSICAL_PRESENCE_CMD_ENABLE ((TPM_PHYSICAL_PRESENCE) 0x0020) ///< Sets the physicalPresenceCMDEnable to TRUE\r
382#define TPM_PHYSICAL_PRESENCE_NOTPRESENT ((TPM_PHYSICAL_PRESENCE) 0x0010) ///< Sets PhysicalPresence = FALSE\r
383#define TPM_PHYSICAL_PRESENCE_PRESENT ((TPM_PHYSICAL_PRESENCE) 0x0008) ///< Sets PhysicalPresence = TRUE\r
384#define TPM_PHYSICAL_PRESENCE_LOCK ((TPM_PHYSICAL_PRESENCE) 0x0004) ///< Sets PhysicalPresenceLock = TRUE\r
267669ba
LG		 385\r
386//\r
387// Part 2, section 4.10: TPM_MIGRATE_SCHEME\r
388//\r
4135253b 389#define TPM_MS_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0001) ///< A public key that can be used with all TPM migration commands other than 'ReWrap' mode.\r
390#define TPM_MS_REWRAP ((TPM_MIGRATE_SCHEME) 0x0002) ///< A public key that can be used for the ReWrap mode of TPM_CreateMigrationBlob.\r
391#define TPM_MS_MAINT ((TPM_MIGRATE_SCHEME) 0x0003) ///< A public key that can be used for the Maintenance commands\r
392#define TPM_MS_RESTRICT_MIGRATE ((TPM_MIGRATE_SCHEME) 0x0004) ///< The key is to be migrated to a Migration Authority.\r
393#define TPM_MS_RESTRICT_APPROVE_DOUBLE ((TPM_MIGRATE_SCHEME) 0x0005) ///< The key is to be migrated to an entity approved by a Migration Authority using double wrapping\r
267669ba
LG		 394\r
395//\r
396// Part 2, section 4.11: TPM_EK_TYPE\r
397//\r
4135253b 398#define TPM_EK_TYPE_ACTIVATE ((TPM_EK_TYPE) 0x0001) ///< The blob MUST be TPM_EK_BLOB_ACTIVATE\r
399#define TPM_EK_TYPE_AUTH ((TPM_EK_TYPE) 0x0002) ///< The blob MUST be TPM_EK_BLOB_AUTH\r
267669ba
LG		 400\r
401//\r
402// Part 2, section 4.12: TPM_PLATFORM_SPECIFIC\r
403//\r
4135253b 404#define TPM_PS_PC_11 ((TPM_PLATFORM_SPECIFIC) 0x0001) ///< PC Specific version 1.1\r
405#define TPM_PS_PC_12 ((TPM_PLATFORM_SPECIFIC) 0x0002) ///< PC Specific version 1.2\r
406#define TPM_PS_PDA_12 ((TPM_PLATFORM_SPECIFIC) 0x0003) ///< PDA Specific version 1.2\r
407#define TPM_PS_Server_12 ((TPM_PLATFORM_SPECIFIC) 0x0004) ///< Server Specific version 1.2\r
408#define TPM_PS_Mobile_12 ((TPM_PLATFORM_SPECIFIC) 0x0005) ///< Mobil Specific version 1.2\r
267669ba
LG		 409\r
410//\r
411// Part 2, section 5: Basic Structures\r
412//\r
413\r
427987f5 414///\r
415/// Part 2, section 5.1: TPM_STRUCT_VER\r
416///\r
267669ba
LG		 417typedef struct tdTPM_STRUCT_VER {\r
418 UINT8 major;\r
419 UINT8 minor;\r
420 UINT8 revMajor;\r
421 UINT8 revMinor;\r
422} TPM_STRUCT_VER;\r
423\r
427987f5 424///\r
425/// Part 2, section 5.3: TPM_VERSION\r
426///\r
267669ba
LG		 427typedef struct tdTPM_VERSION {\r
428 TPM_VERSION_BYTE major;\r
429 TPM_VERSION_BYTE minor;\r
430 UINT8 revMajor;\r
431 UINT8 revMinor;\r
432} TPM_VERSION;\r
433\r
267669ba 434\r
9cf53f00 435#define TPM_SHA1_160_HASH_LEN 0x14\r
436#define TPM_SHA1BASED_NONCE_LEN TPM_SHA1_160_HASH_LEN\r
437\r
cc078d72 438///\r
439/// Part 2, section 5.4: TPM_DIGEST\r
440///\r
267669ba
LG		 441typedef struct tdTPM_DIGEST{\r
442 UINT8 digest[TPM_SHA1_160_HASH_LEN];\r
443} TPM_DIGEST;\r
444\r
cc078d72 445///\r
446/// This SHALL be the digest of the chosen identityLabel and privacyCA for a new TPM identity\r
447///\r
4135253b 448typedef TPM_DIGEST TPM_CHOSENID_HASH;\r
cc078d72 449///\r
450/// This SHALL be the hash of a list of PCR indexes and PCR values that a key or data is bound to\r
451///\r
4135253b 452typedef TPM_DIGEST TPM_COMPOSITE_HASH;\r
cc078d72 453///\r
454/// This SHALL be the value of a DIR register\r
455///\r
4135253b 456typedef TPM_DIGEST TPM_DIRVALUE;\r
cc078d72 457\r
267669ba 458typedef TPM_DIGEST TPM_HMAC;\r
cc078d72 459///\r
460/// The value inside of the PCR\r
461///\r
4135253b 462typedef TPM_DIGEST TPM_PCRVALUE;\r
cc078d72 463///\r
464/// This SHALL be the value of the current internal audit state\r
465///\r
4135253b 466typedef TPM_DIGEST TPM_AUDITDIGEST;\r
267669ba 467\r
427987f5 468///\r
469/// Part 2, section 5.5: TPM_NONCE\r
470///\r
267669ba
LG		 471typedef struct tdTPM_NONCE{\r
472 UINT8 nonce[20];\r
473} TPM_NONCE;\r
474\r
1919913f 475///\r
476/// This SHALL be a random value generated by a TPM immediately after the EK is installed\r
477/// in that TPM, whenever an EK is installed in that TPM\r
478///\r
479typedef TPM_NONCE TPM_DAA_TPM_SEED;\r
480///\r
481/// This SHALL be a random value\r
482///\r
483typedef TPM_NONCE TPM_DAA_CONTEXT_SEED;\r
484\r
267669ba
LG		 485//\r
486// Part 2, section 5.6: TPM_AUTHDATA\r
487//\r
cc078d72 488///\r
489/// The AuthData data is the information that is saved or passed to provide proof of ownership\r
490/// 296 of an entity\r
491///\r
267669ba 492typedef UINT8 tdTPM_AUTHDATA[20];\r
cc078d72 493\r
267669ba 494typedef tdTPM_AUTHDATA TPM_AUTHDATA;\r
cc078d72 495///\r
496/// A secret plaintext value used in the authorization process\r
497///\r
267669ba 498typedef TPM_AUTHDATA TPM_SECRET;\r
cc078d72 499///\r
500/// A ciphertext (encrypted) version of AuthData data. The encryption mechanism depends on the context\r
501///\r
267669ba
LG		 502typedef TPM_AUTHDATA TPM_ENCAUTH;\r
503\r
427987f5 504///\r
505/// Part 2, section 5.7: TPM_KEY_HANDLE_LIST\r
506/// Size of handle is loaded * sizeof(TPM_KEY_HANDLE)\r
507///\r
267669ba
LG		 508typedef struct tdTPM_KEY_HANDLE_LIST {\r
509 UINT16 loaded;\r
510 TPM_KEY_HANDLE handle[1];\r
511} TPM_KEY_HANDLE_LIST;\r
512\r
513//\r
514// Part 2, section 5.8: TPM_KEY_USAGE values\r
515//\r
4135253b 516///\r
517/// TPM_KEY_SIGNING SHALL indicate a signing key. The [private] key SHALL be\r
518/// used for signing operations, only. This means that it MUST be a leaf of the\r
519/// Protected Storage key hierarchy.\r
520///\r
267669ba 521#define TPM_KEY_SIGNING ((UINT16) 0x0010)\r
4135253b 522///\r
523/// TPM_KEY_STORAGE SHALL indicate a storage key. The key SHALL be used to wrap\r
524/// and unwrap other keys in the Protected Storage hierarchy\r
525///\r
267669ba 526#define TPM_KEY_STORAGE ((UINT16) 0x0011)\r
4135253b 527///\r
528/// TPM_KEY_IDENTITY SHALL indicate an identity key. The key SHALL be used for\r
529/// operations that require a TPM identity, only.\r
530///\r
267669ba 531#define TPM_KEY_IDENTITY ((UINT16) 0x0012)\r
4135253b 532///\r
533/// TPM_KEY_AUTHCHANGE SHALL indicate an ephemeral key that is in use during\r
534/// the ChangeAuthAsym process, only.\r
535///\r
267669ba 536#define TPM_KEY_AUTHCHANGE ((UINT16) 0x0013)\r
4135253b 537///\r
538/// TPM_KEY_BIND SHALL indicate a key that can be used for TPM_Bind and\r
539/// TPM_Unbind operations only.\r
540///\r
267669ba 541#define TPM_KEY_BIND ((UINT16) 0x0014)\r
4135253b 542///\r
543/// TPM_KEY_LEGACY SHALL indicate a key that can perform signing and binding\r
544/// operations. The key MAY be used for both signing and binding operations.\r
545/// The TPM_KEY_LEGACY key type is to allow for use by applications where both\r
546/// signing and encryption operations occur with the same key. The use of this\r
547/// key type is not recommended TPM_KEY_MIGRATE 0x0016 This SHALL indicate a\r
548/// key in use for TPM_MigrateKey\r
549///\r
267669ba 550#define TPM_KEY_LEGACY ((UINT16) 0x0015)\r
4135253b 551///\r
552/// TPM_KEY_MIGRAGE SHALL indicate a key in use for TPM_MigrateKey\r
553///\r
267669ba 554#define TPM_KEY_MIGRATE ((UINT16) 0x0016)\r
267669ba
LG		 555\r
556//\r
4135253b 557// Part 2, section 5.8.1: Mandatory Key Usage Schemes\r
267669ba
LG		 558//\r
559\r
560#define TPM_ES_NONE ((TPM_ENC_SCHEME) 0x0001)\r
561#define TPM_ES_RSAESPKCSv15 ((TPM_ENC_SCHEME) 0x0002)\r
562#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((TPM_ENC_SCHEME) 0x0003)\r
1919913f 563#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004) ///< rev94 defined\r
564#define TPM_ES_SYM_CTR ((TPM_ENC_SCHEME) 0x0004)\r
267669ba
LG		 565#define TPM_ES_SYM_OFB ((TPM_ENC_SCHEME) 0x0005)\r
566\r
567#define TPM_SS_NONE ((TPM_SIG_SCHEME) 0x0001)\r
568#define TPM_SS_RSASSAPKCS1v15_SHA1 ((TPM_SIG_SCHEME) 0x0002)\r
569#define TPM_SS_RSASSAPKCS1v15_DER ((TPM_SIG_SCHEME) 0x0003)\r
570#define TPM_SS_RSASSAPKCS1v15_INFO ((TPM_SIG_SCHEME) 0x0004)\r
571\r
572//\r
573// Part 2, section 5.9: TPM_AUTH_DATA_USAGE values\r
574//\r
575#define TPM_AUTH_NEVER ((TPM_AUTH_DATA_USAGE) 0x00)\r
576#define TPM_AUTH_ALWAYS ((TPM_AUTH_DATA_USAGE) 0x01)\r
577#define TPM_AUTH_PRIV_USE_ONLY ((TPM_AUTH_DATA_USAGE) 0x03)\r
578\r
427987f5 579///\r
580/// Part 2, section 5.10: TPM_KEY_FLAGS\r
581///\r
373b5cf9 582typedef enum tdTPM_KEY_FLAGS {\r
267669ba
LG		 583 redirection = 0x00000001,\r
584 migratable = 0x00000002,\r
585 isVolatile = 0x00000004,\r
586 pcrIgnoredOnRead = 0x00000008,\r
587 migrateAuthority = 0x00000010\r
3e7b340f 588} TPM_KEY_FLAGS_BITS;\r
267669ba 589\r
427987f5 590///\r
591/// Part 2, section 5.11: TPM_CHANGEAUTH_VALIDATE\r
592///\r
267669ba
LG		 593typedef struct tdTPM_CHANGEAUTH_VALIDATE {\r
594 TPM_SECRET newAuthSecret;\r
595 TPM_NONCE n1;\r
596} TPM_CHANGEAUTH_VALIDATE;\r
597\r
427987f5 598///\r
599/// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH\r
600/// decalared after section 10 to catch declaration of TPM_PUBKEY\r
601///\r
602/// Part 2 section 10.1: TPM_KEY_PARMS\r
603/// [size_is(parmSize)] BYTE* parms;\r
604///\r
267669ba
LG		 605typedef struct tdTPM_KEY_PARMS {\r
606 TPM_ALGORITHM_ID algorithmID;\r
607 TPM_ENC_SCHEME encScheme;\r
608 TPM_SIG_SCHEME sigScheme;\r
609 UINT32 parmSize;\r
610 UINT8 *parms;\r
611} TPM_KEY_PARMS;\r
612\r
427987f5 613///\r
614/// Part 2, section 10.4: TPM_STORE_PUBKEY\r
615///\r
267669ba
LG		 616typedef struct tdTPM_STORE_PUBKEY {\r
617 UINT32 keyLength;\r
618 UINT8 key[1];\r
619} TPM_STORE_PUBKEY;\r
620\r
427987f5 621///\r
622/// Part 2, section 10.5: TPM_PUBKEY\r
623///\r
267669ba
LG		 624typedef struct tdTPM_PUBKEY{\r
625 TPM_KEY_PARMS algorithmParms;\r
626 TPM_STORE_PUBKEY pubKey;\r
627} TPM_PUBKEY;\r
628\r
427987f5 629///\r
630/// Part 2, section 5.12: TPM_MIGRATIONKEYAUTH\r
631///\r
267669ba
LG		 632typedef struct tdTPM_MIGRATIONKEYAUTH{\r
633 TPM_PUBKEY migrationKey;\r
634 TPM_MIGRATE_SCHEME migrationScheme;\r
635 TPM_DIGEST digest;\r
636} TPM_MIGRATIONKEYAUTH;\r
637\r
427987f5 638///\r
639/// Part 2, section 5.13: TPM_COUNTER_VALUE\r
640///\r
267669ba
LG		 641typedef struct tdTPM_COUNTER_VALUE{\r
642 TPM_STRUCTURE_TAG tag;\r
643 UINT8 label[4];\r
644 TPM_ACTUAL_COUNT counter;\r
645} TPM_COUNTER_VALUE;\r
646\r
427987f5 647///\r
648/// Part 2, section 5.14: TPM_SIGN_INFO\r
649/// Size of data indicated by dataLen\r
650///\r
267669ba
LG		 651typedef struct tdTPM_SIGN_INFO {\r
652 TPM_STRUCTURE_TAG tag;\r
653 UINT8 fixed[4];\r
654 TPM_NONCE replay;\r
655 UINT32 dataLen;\r
656 UINT8 *data;\r
657} TPM_SIGN_INFO;\r
658\r
427987f5 659///\r
660/// Part 2, section 5.15: TPM_MSA_COMPOSITE\r
661/// Number of migAuthDigest indicated by MSAlist\r
662///\r
267669ba
LG		 663typedef struct tdTPM_MSA_COMPOSITE {\r
664 UINT32 MSAlist;\r
665 TPM_DIGEST migAuthDigest[1];\r
666} TPM_MSA_COMPOSITE;\r
667\r
427987f5 668///\r
669/// Part 2, section 5.16: TPM_CMK_AUTH\r
670///\r
267669ba
LG		 671typedef struct tdTPM_CMK_AUTH{\r
672 TPM_DIGEST migrationAuthorityDigest;\r
673 TPM_DIGEST destinationKeyDigest;\r
674 TPM_DIGEST sourceKeyDigest;\r
675} TPM_CMK_AUTH;\r
676\r
677//\r
678// Part 2, section 5.17: TPM_CMK_DELEGATE\r
679//\r
4135253b 680#define TPM_CMK_DELEGATE_SIGNING ((TPM_CMK_DELEGATE) BIT31)\r
681#define TPM_CMK_DELEGATE_STORAGE ((TPM_CMK_DELEGATE) BIT30)\r
682#define TPM_CMK_DELEGATE_BIND ((TPM_CMK_DELEGATE) BIT29)\r
683#define TPM_CMK_DELEGATE_LEGACY ((TPM_CMK_DELEGATE) BIT28)\r
684#define TPM_CMK_DELEGATE_MIGRATE ((TPM_CMK_DELEGATE) BIT27)\r
267669ba 685\r
427987f5 686///\r
687/// Part 2, section 5.18: TPM_SELECT_SIZE\r
688///\r
267669ba
LG		 689typedef struct tdTPM_SELECT_SIZE {\r
690 UINT8 major;\r
691 UINT8 minor;\r
692 UINT16 reqSize;\r
693} TPM_SELECT_SIZE;\r
694\r
427987f5 695///\r
696/// Part 2, section 5,19: TPM_CMK_MIGAUTH\r
697///\r
267669ba
LG		 698typedef struct tdTPM_CMK_MIGAUTH{\r
699 TPM_STRUCTURE_TAG tag;\r
700 TPM_DIGEST msaDigest;\r
701 TPM_DIGEST pubKeyDigest;\r
702} TPM_CMK_MIGAUTH;\r
703\r
427987f5 704///\r
705/// Part 2, section 5.20: TPM_CMK_SIGTICKET\r
706///\r
267669ba
LG		 707typedef struct tdTPM_CMK_SIGTICKET{\r
708 TPM_STRUCTURE_TAG tag;\r
709 TPM_DIGEST verKeyDigest;\r
710 TPM_DIGEST signedData;\r
711} TPM_CMK_SIGTICKET;\r
712\r
427987f5 713///\r
714/// Part 2, section 5.21: TPM_CMK_MA_APPROVAL\r
715///\r
267669ba
LG		 716typedef struct tdTPM_CMK_MA_APPROVAL{\r
717 TPM_STRUCTURE_TAG tag;\r
718 TPM_DIGEST migrationAuthorityDigest;\r
719} TPM_CMK_MA_APPROVAL;\r
720\r
721//\r
722// Part 2, section 6: Command Tags\r
723//\r
724#define TPM_TAG_RQU_COMMAND ((TPM_STRUCTURE_TAG) 0x00C1)\r
725#define TPM_TAG_RQU_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C2)\r
726#define TPM_TAG_RQU_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C3)\r
727#define TPM_TAG_RSP_COMMAND ((TPM_STRUCTURE_TAG) 0x00C4)\r
728#define TPM_TAG_RSP_AUTH1_COMMAND ((TPM_STRUCTURE_TAG) 0x00C5)\r
729#define TPM_TAG_RSP_AUTH2_COMMAND ((TPM_STRUCTURE_TAG) 0x00C6)\r
730\r
427987f5 731///\r
732/// Part 2, section 7.1: TPM_PERMANENT_FLAGS\r
733///\r
267669ba
LG		 734typedef struct tdTPM_PERMANENT_FLAGS{\r
735 TPM_STRUCTURE_TAG tag;\r
736 BOOLEAN disable;\r
737 BOOLEAN ownership;\r
738 BOOLEAN deactivated;\r
739 BOOLEAN readPubek;\r
740 BOOLEAN disableOwnerClear;\r
741 BOOLEAN allowMaintenance;\r
742 BOOLEAN physicalPresenceLifetimeLock;\r
743 BOOLEAN physicalPresenceHWEnable;\r
744 BOOLEAN physicalPresenceCMDEnable;\r
745 BOOLEAN CEKPUsed;\r
746 BOOLEAN TPMpost;\r
747 BOOLEAN TPMpostLock;\r
748 BOOLEAN FIPS;\r
749 BOOLEAN operator;\r
750 BOOLEAN enableRevokeEK;\r
751 BOOLEAN nvLocked;\r
752 BOOLEAN readSRKPub;\r
753 BOOLEAN tpmEstablished;\r
754 BOOLEAN maintenanceDone;\r
1919913f 755 BOOLEAN disableFullDALogicInfo;\r
267669ba
LG		 756} TPM_PERMANENT_FLAGS;\r
757\r
758//\r
4135253b 759// Part 2, section 7.1.1: Flag Restrictions (of TPM_PERMANENT_FLAGS)\r
267669ba
LG		 760//\r
761#define TPM_PF_DISABLE ((TPM_CAPABILITY_AREA) 1)\r
762#define TPM_PF_OWNERSHIP ((TPM_CAPABILITY_AREA) 2)\r
763#define TPM_PF_DEACTIVATED ((TPM_CAPABILITY_AREA) 3)\r
764#define TPM_PF_READPUBEK ((TPM_CAPABILITY_AREA) 4)\r
765#define TPM_PF_DISABLEOWNERCLEAR ((TPM_CAPABILITY_AREA) 5)\r
766#define TPM_PF_ALLOWMAINTENANCE ((TPM_CAPABILITY_AREA) 6)\r
767#define TPM_PF_PHYSICALPRESENCELIFETIMELOCK ((TPM_CAPABILITY_AREA) 7)\r
768#define TPM_PF_PHYSICALPRESENCEHWENABLE ((TPM_CAPABILITY_AREA) 8)\r
769#define TPM_PF_PHYSICALPRESENCECMDENABLE ((TPM_CAPABILITY_AREA) 9)\r
770#define TPM_PF_CEKPUSED ((TPM_CAPABILITY_AREA) 10)\r
771#define TPM_PF_TPMPOST ((TPM_CAPABILITY_AREA) 11)\r
772#define TPM_PF_TPMPOSTLOCK ((TPM_CAPABILITY_AREA) 12)\r
773#define TPM_PF_FIPS ((TPM_CAPABILITY_AREA) 13)\r
774#define TPM_PF_OPERATOR ((TPM_CAPABILITY_AREA) 14)\r
775#define TPM_PF_ENABLEREVOKEEK ((TPM_CAPABILITY_AREA) 15)\r
776#define TPM_PF_NV_LOCKED ((TPM_CAPABILITY_AREA) 16)\r
777#define TPM_PF_READSRKPUB ((TPM_CAPABILITY_AREA) 17)\r
778#define TPM_PF_TPMESTABLISHED ((TPM_CAPABILITY_AREA) 18)\r
779#define TPM_PF_MAINTENANCEDONE ((TPM_CAPABILITY_AREA) 19)\r
1919913f 780#define TPM_PF_DISABLEFULLDALOGICINFO ((TPM_CAPABILITY_AREA) 20)\r
267669ba 781\r
427987f5 782///\r
783/// Part 2, section 7.2: TPM_STCLEAR_FLAGS\r
784///\r
267669ba
LG		 785typedef struct tdTPM_STCLEAR_FLAGS{\r
786 TPM_STRUCTURE_TAG tag;\r
787 BOOLEAN deactivated;\r
788 BOOLEAN disableForceClear;\r
789 BOOLEAN physicalPresence;\r
790 BOOLEAN physicalPresenceLock;\r
791 BOOLEAN bGlobalLock;\r
792} TPM_STCLEAR_FLAGS;\r
793\r
794//\r
4135253b 795// Part 2, section 7.2.1: Flag Restrictions (of TPM_STCLEAR_FLAGS)\r
267669ba
LG		 796//\r
797#define TPM_SF_DEACTIVATED ((TPM_CAPABILITY_AREA) 1)\r
798#define TPM_SF_DISABLEFORCECLEAR ((TPM_CAPABILITY_AREA) 2)\r
799#define TPM_SF_PHYSICALPRESENCE ((TPM_CAPABILITY_AREA) 3)\r
800#define TPM_SF_PHYSICALPRESENCELOCK ((TPM_CAPABILITY_AREA) 4)\r
801#define TPM_SF_BGLOBALLOCK ((TPM_CAPABILITY_AREA) 5)\r
802\r
427987f5 803///\r
804/// Part 2, section 7.3: TPM_STANY_FLAGS\r
805///\r
267669ba
LG		 806typedef struct tdTPM_STANY_FLAGS{\r
807 TPM_STRUCTURE_TAG tag;\r
808 BOOLEAN postInitialise;\r
809 TPM_MODIFIER_INDICATOR localityModifier;\r
810 BOOLEAN transportExclusive;\r
811 BOOLEAN TOSPresent;\r
812} TPM_STANY_FLAGS;\r
813\r
814//\r
4135253b 815// Part 2, section 7.3.1: Flag Restrictions (of TPM_STANY_FLAGS)\r
267669ba
LG		 816//\r
817#define TPM_AF_POSTINITIALISE ((TPM_CAPABILITY_AREA) 1)\r
818#define TPM_AF_LOCALITYMODIFIER ((TPM_CAPABILITY_AREA) 2)\r
819#define TPM_AF_TRANSPORTEXCLUSIVE ((TPM_CAPABILITY_AREA) 3)\r
820#define TPM_AF_TOSPRESENT ((TPM_CAPABILITY_AREA) 4)\r
821\r
822//\r
9095d37b 823// All those structures defined in section 7.4, 7.5, 7.6 are not normative and\r
267669ba
LG		 824// thus no definitions here\r
825//\r
1919913f 826// Part 2, section 7.4: TPM_PERMANENT_DATA\r
827//\r
828#define TPM_MIN_COUNTERS 4 ///< the minimum number of counters is 4\r
829#define TPM_DELEGATE_KEY TPM_KEY\r
830#define TPM_NUM_PCR 16\r
831#define TPM_MAX_NV_WRITE_NOOWNER 64\r
832\r
833//\r
834// Part 2, section 7.4.1: PERMANENT_DATA Subcap for SetCapability\r
835//\r
836#define TPM_PD_REVMAJOR ((TPM_CAPABILITY_AREA) 1)\r
837#define TPM_PD_REVMINOR ((TPM_CAPABILITY_AREA) 2)\r
838#define TPM_PD_TPMPROOF ((TPM_CAPABILITY_AREA) 3)\r
839#define TPM_PD_OWNERAUTH ((TPM_CAPABILITY_AREA) 4)\r
840#define TPM_PD_OPERATORAUTH ((TPM_CAPABILITY_AREA) 5)\r
841#define TPM_PD_MANUMAINTPUB ((TPM_CAPABILITY_AREA) 6)\r
842#define TPM_PD_ENDORSEMENTKEY ((TPM_CAPABILITY_AREA) 7)\r
843#define TPM_PD_SRK ((TPM_CAPABILITY_AREA) 8)\r
844#define TPM_PD_DELEGATEKEY ((TPM_CAPABILITY_AREA) 9)\r
845#define TPM_PD_CONTEXTKEY ((TPM_CAPABILITY_AREA) 10)\r
846#define TPM_PD_AUDITMONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 11)\r
847#define TPM_PD_MONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 12)\r
848#define TPM_PD_PCRATTRIB ((TPM_CAPABILITY_AREA) 13)\r
849#define TPM_PD_ORDINALAUDITSTATUS ((TPM_CAPABILITY_AREA) 14)\r
850#define TPM_PD_AUTHDIR ((TPM_CAPABILITY_AREA) 15)\r
851#define TPM_PD_RNGSTATE ((TPM_CAPABILITY_AREA) 16)\r
852#define TPM_PD_FAMILYTABLE ((TPM_CAPABILITY_AREA) 17)\r
853#define TPM_DELEGATETABLE ((TPM_CAPABILITY_AREA) 18)\r
854#define TPM_PD_EKRESET ((TPM_CAPABILITY_AREA) 19)\r
855#define TPM_PD_MAXNVBUFSIZE ((TPM_CAPABILITY_AREA) 20)\r
856#define TPM_PD_LASTFAMILYID ((TPM_CAPABILITY_AREA) 21)\r
857#define TPM_PD_NOOWNERNVWRITE ((TPM_CAPABILITY_AREA) 22)\r
858#define TPM_PD_RESTRICTDELEGATE ((TPM_CAPABILITY_AREA) 23)\r
859#define TPM_PD_TPMDAASEED ((TPM_CAPABILITY_AREA) 24)\r
860#define TPM_PD_DAAPROOF ((TPM_CAPABILITY_AREA) 25)\r
861\r
862///\r
863/// Part 2, section 7.5: TPM_STCLEAR_DATA\r
864/// available inside TPM only\r
865///\r
866 typedef struct tdTPM_STCLEAR_DATA{\r
867 TPM_STRUCTURE_TAG tag;\r
868 TPM_NONCE contextNonceKey;\r
869 TPM_COUNT_ID countID;\r
870 UINT32 ownerReference;\r
871 BOOLEAN disableResetLock;\r
872 TPM_PCRVALUE PCR[TPM_NUM_PCR];\r
873 UINT32 deferredPhysicalPresence;\r
874 }TPM_STCLEAR_DATA;\r
875\r
876//\r
877// Part 2, section 7.5.1: STCLEAR_DATA Subcap for SetCapability\r
878//\r
879#define TPM_SD_CONTEXTNONCEKEY ((TPM_CAPABILITY_AREA)0x00000001)\r
880#define TPM_SD_COUNTID ((TPM_CAPABILITY_AREA)0x00000002)\r
881#define TPM_SD_OWNERREFERENCE ((TPM_CAPABILITY_AREA)0x00000003)\r
882#define TPM_SD_DISABLERESETLOCK ((TPM_CAPABILITY_AREA)0x00000004)\r
883#define TPM_SD_PCR ((TPM_CAPABILITY_AREA)0x00000005)\r
884#define TPM_SD_DEFERREDPHYSICALPRESENCE ((TPM_CAPABILITY_AREA)0x00000006)\r
885\r
886//\r
887// Part 2, section 7.6.1: STANY_DATA Subcap for SetCapability\r
888//\r
889#define TPM_AD_CONTEXTNONCESESSION ((TPM_CAPABILITY_AREA) 1)\r
890#define TPM_AD_AUDITDIGEST ((TPM_CAPABILITY_AREA) 2)\r
891#define TPM_AD_CURRENTTICKS ((TPM_CAPABILITY_AREA) 3)\r
892#define TPM_AD_CONTEXTCOUNT ((TPM_CAPABILITY_AREA) 4)\r
893#define TPM_AD_CONTEXTLIST ((TPM_CAPABILITY_AREA) 5)\r
894#define TPM_AD_SESSIONS ((TPM_CAPABILITY_AREA) 6)\r
267669ba
LG		 895\r
896//\r
897// Part 2, section 8: PCR Structures\r
9095d37b 898//\r
267669ba 899\r
427987f5 900///\r
901/// Part 2, section 8.1: TPM_PCR_SELECTION\r
902/// Size of pcrSelect[] indicated by sizeOfSelect\r
903///\r
267669ba
LG		 904typedef struct tdTPM_PCR_SELECTION {\r
905 UINT16 sizeOfSelect;\r
906 UINT8 pcrSelect[1];\r
907} TPM_PCR_SELECTION;\r
908\r
427987f5 909///\r
910/// Part 2, section 8.2: TPM_PCR_COMPOSITE\r
911/// Size of pcrValue[] indicated by valueSize\r
912///\r
267669ba
LG		 913typedef struct tdTPM_PCR_COMPOSITE {\r
914 TPM_PCR_SELECTION select;\r
915 UINT32 valueSize;\r
916 TPM_PCRVALUE pcrValue[1];\r
917} TPM_PCR_COMPOSITE;\r
918\r
427987f5 919///\r
920/// Part 2, section 8.3: TPM_PCR_INFO\r
921///\r
267669ba
LG		 922typedef struct tdTPM_PCR_INFO {\r
923 TPM_PCR_SELECTION pcrSelection;\r
924 TPM_COMPOSITE_HASH digestAtRelease;\r
925 TPM_COMPOSITE_HASH digestAtCreation;\r
926} TPM_PCR_INFO;\r
927\r
427987f5 928///\r
929/// Part 2, section 8.6: TPM_LOCALITY_SELECTION\r
930///\r
267669ba
LG		 931typedef UINT8 TPM_LOCALITY_SELECTION;\r
932\r
933#define TPM_LOC_FOUR ((UINT8) 0x10)\r
934#define TPM_LOC_THREE ((UINT8) 0x08)\r
935#define TPM_LOC_TWO ((UINT8) 0x04)\r
936#define TPM_LOC_ONE ((UINT8) 0x02)\r
937#define TPM_LOC_ZERO ((UINT8) 0x01)\r
938\r
427987f5 939///\r
940/// Part 2, section 8.4: TPM_PCR_INFO_LONG\r
941///\r
267669ba
LG		 942typedef struct tdTPM_PCR_INFO_LONG {\r
943 TPM_STRUCTURE_TAG tag;\r
944 TPM_LOCALITY_SELECTION localityAtCreation;\r
945 TPM_LOCALITY_SELECTION localityAtRelease;\r
946 TPM_PCR_SELECTION creationPCRSelection;\r
947 TPM_PCR_SELECTION releasePCRSelection;\r
948 TPM_COMPOSITE_HASH digestAtCreation;\r
949 TPM_COMPOSITE_HASH digestAtRelease;\r
950} TPM_PCR_INFO_LONG;\r
951\r
427987f5 952///\r
953/// Part 2, section 8.5: TPM_PCR_INFO_SHORT\r
954///\r
267669ba
LG		 955typedef struct tdTPM_PCR_INFO_SHORT{\r
956 TPM_PCR_SELECTION pcrSelection;\r
957 TPM_LOCALITY_SELECTION localityAtRelease;\r
958 TPM_COMPOSITE_HASH digestAtRelease;\r
959} TPM_PCR_INFO_SHORT;\r
960\r
427987f5 961///\r
962/// Part 2, section 8.8: TPM_PCR_ATTRIBUTES\r
963///\r
267669ba
LG		 964typedef struct tdTPM_PCR_ATTRIBUTES{\r
965 BOOLEAN pcrReset;\r
966 TPM_LOCALITY_SELECTION pcrExtendLocal;\r
967 TPM_LOCALITY_SELECTION pcrResetLocal;\r
968} TPM_PCR_ATTRIBUTES;\r
969\r
970//\r
971// Part 2, section 9: Storage Structures\r
972//\r
973\r
427987f5 974///\r
975/// Part 2, section 9.1: TPM_STORED_DATA\r
976/// [size_is(sealInfoSize)] BYTE* sealInfo;\r
977/// [size_is(encDataSize)] BYTE* encData;\r
978///\r
267669ba
LG		 979typedef struct tdTPM_STORED_DATA {\r
980 TPM_STRUCT_VER ver;\r
981 UINT32 sealInfoSize;\r
982 UINT8 *sealInfo;\r
983 UINT32 encDataSize;\r
984 UINT8 *encData;\r
985} TPM_STORED_DATA;\r
986\r
427987f5 987///\r
988/// Part 2, section 9.2: TPM_STORED_DATA12\r
989/// [size_is(sealInfoSize)] BYTE* sealInfo;\r
990/// [size_is(encDataSize)] BYTE* encData;\r
991///\r
267669ba
LG		 992typedef struct tdTPM_STORED_DATA12 {\r
993 TPM_STRUCTURE_TAG tag;\r
994 TPM_ENTITY_TYPE et;\r
995 UINT32 sealInfoSize;\r
996 UINT8 *sealInfo;\r
997 UINT32 encDataSize;\r
998 UINT8 *encData;\r
999} TPM_STORED_DATA12;\r
1000\r
427987f5 1001///\r
1002/// Part 2, section 9.3: TPM_SEALED_DATA\r
1003/// [size_is(dataSize)] BYTE* data;\r
1004///\r
267669ba
LG		 1005typedef struct tdTPM_SEALED_DATA {\r
1006 TPM_PAYLOAD_TYPE payload;\r
1007 TPM_SECRET authData;\r
1008 TPM_NONCE tpmProof;\r
1009 TPM_DIGEST storedDigest;\r
1010 UINT32 dataSize;\r
1011 UINT8 *data;\r
1012} TPM_SEALED_DATA;\r
1013\r
427987f5 1014///\r
1015/// Part 2, section 9.4: TPM_SYMMETRIC_KEY\r
1016/// [size_is(size)] BYTE* data;\r
1017///\r
267669ba
LG		 1018typedef struct tdTPM_SYMMETRIC_KEY {\r
1019 TPM_ALGORITHM_ID algId;\r
1020 TPM_ENC_SCHEME encScheme;\r
1021 UINT16 dataSize;\r
1022 UINT8 *data;\r
1023} TPM_SYMMETRIC_KEY;\r
1024\r
427987f5 1025///\r
1026/// Part 2, section 9.5: TPM_BOUND_DATA\r
1027///\r
267669ba
LG		 1028typedef struct tdTPM_BOUND_DATA {\r
1029 TPM_STRUCT_VER ver;\r
1030 TPM_PAYLOAD_TYPE payload;\r
1031 UINT8 payloadData[1];\r
1032} TPM_BOUND_DATA;\r
1033\r
1034//\r
1035// Part 2 section 10: TPM_KEY complex\r
9095d37b 1036//\r
267669ba 1037\r
4135253b 1038//\r
1039// Section 10.1, 10.4, and 10.5 have been defined previously\r
1040//\r
1041\r
427987f5 1042///\r
1043/// Part 2, section 10.2: TPM_KEY\r
1044/// [size_is(encDataSize)] BYTE* encData;\r
1045///\r
267669ba
LG		 1046typedef struct tdTPM_KEY{\r
1047 TPM_STRUCT_VER ver;\r
1048 TPM_KEY_USAGE keyUsage;\r
1049 TPM_KEY_FLAGS keyFlags;\r
1050 TPM_AUTH_DATA_USAGE authDataUsage;\r
1051 TPM_KEY_PARMS algorithmParms;\r
1052 UINT32 PCRInfoSize;\r
1053 UINT8 *PCRInfo;\r
1054 TPM_STORE_PUBKEY pubKey;\r
1055 UINT32 encDataSize;\r
1056 UINT8 *encData;\r
1057} TPM_KEY;\r
1058\r
427987f5 1059///\r
1060/// Part 2, section 10.3: TPM_KEY12\r
1061/// [size_is(encDataSize)] BYTE* encData;\r
1062///\r
267669ba
LG		 1063typedef struct tdTPM_KEY12{\r
1064 TPM_STRUCTURE_TAG tag;\r
1065 UINT16 fill;\r
1066 TPM_KEY_USAGE keyUsage;\r
1067 TPM_KEY_FLAGS keyFlags;\r
1068 TPM_AUTH_DATA_USAGE authDataUsage;\r
1069 TPM_KEY_PARMS algorithmParms;\r
1070 UINT32 PCRInfoSize;\r
1071 UINT8 *PCRInfo;\r
1072 TPM_STORE_PUBKEY pubKey;\r
1073 UINT32 encDataSize;\r
1074 UINT8 *encData;\r
1075} TPM_KEY12;\r
1076\r
427987f5 1077///\r
1078/// Part 2, section 10.7: TPM_STORE_PRIVKEY\r
1079/// [size_is(keyLength)] BYTE* key;\r
1080///\r
267669ba
LG		 1081typedef struct tdTPM_STORE_PRIVKEY {\r
1082 UINT32 keyLength;\r
1083 UINT8 *key;\r
1084} TPM_STORE_PRIVKEY;\r
1085\r
427987f5 1086///\r
1087/// Part 2, section 10.6: TPM_STORE_ASYMKEY\r
1088///\r
267669ba
LG		 1089typedef struct tdTPM_STORE_ASYMKEY { // pos len total\r
1090 TPM_PAYLOAD_TYPE payload; // 0 1 1\r
1091 TPM_SECRET usageAuth; // 1 20 21\r
1092 TPM_SECRET migrationAuth; // 21 20 41\r
1093 TPM_DIGEST pubDataDigest; // 41 20 61\r
1094 TPM_STORE_PRIVKEY privKey; // 61 132-151 193-214\r
1095} TPM_STORE_ASYMKEY;\r
1096\r
427987f5 1097///\r
1098/// Part 2, section 10.8: TPM_MIGRATE_ASYMKEY\r
1099/// [size_is(partPrivKeyLen)] BYTE* partPrivKey;\r
1100///\r
267669ba
LG		 1101typedef struct tdTPM_MIGRATE_ASYMKEY { // pos len total\r
1102 TPM_PAYLOAD_TYPE payload; // 0 1 1\r
1103 TPM_SECRET usageAuth; // 1 20 21\r
1104 TPM_DIGEST pubDataDigest; // 21 20 41\r
1105 UINT32 partPrivKeyLen; // 41 4 45\r
1106 UINT8 *partPrivKey; // 45 112-127 157-172\r
1107} TPM_MIGRATE_ASYMKEY;\r
1108\r
427987f5 1109///\r
1110/// Part 2, section 10.9: TPM_KEY_CONTROL\r
1111///\r
267669ba
LG		 1112#define TPM_KEY_CONTROL_OWNER_EVICT ((UINT32) 0x00000001)\r
1113\r
1114//\r
1115// Part 2, section 11: Signed Structures\r
1116//\r
1117\r
427987f5 1118///\r
1119/// Part 2, section 11.1: TPM_CERTIFY_INFO Structure\r
1120///\r
4135253b 1121typedef struct tdTPM_CERTIFY_INFO {\r
1122 TPM_STRUCT_VER version;\r
1123 TPM_KEY_USAGE keyUsage;\r
1124 TPM_KEY_FLAGS keyFlags;\r
1125 TPM_AUTH_DATA_USAGE authDataUsage;\r
1126 TPM_KEY_PARMS algorithmParms;\r
1127 TPM_DIGEST pubkeyDigest;\r
1128 TPM_NONCE data;\r
1129 BOOLEAN parentPCRStatus;\r
1130 UINT32 PCRInfoSize;\r
1131 UINT8 *PCRInfo;\r
267669ba
LG		 1132} TPM_CERTIFY_INFO;\r
1133\r
427987f5 1134///\r
1135/// Part 2, section 11.2: TPM_CERTIFY_INFO2 Structure\r
1136///\r
4135253b 1137typedef struct tdTPM_CERTIFY_INFO2 {\r
1138 TPM_STRUCTURE_TAG tag;\r
1139 UINT8 fill;\r
1140 TPM_PAYLOAD_TYPE payloadType;\r
1141 TPM_KEY_USAGE keyUsage;\r
1142 TPM_KEY_FLAGS keyFlags;\r
1143 TPM_AUTH_DATA_USAGE authDataUsage;\r
1144 TPM_KEY_PARMS algorithmParms;\r
1145 TPM_DIGEST pubkeyDigest;\r
1146 TPM_NONCE data;\r
1147 BOOLEAN parentPCRStatus;\r
1148 UINT32 PCRInfoSize;\r
1149 UINT8 *PCRInfo;\r
1150 UINT32 migrationAuthoritySize;\r
1151 UINT8 *migrationAuthority;\r
267669ba
LG		 1152} TPM_CERTIFY_INFO2;\r
1153\r
427987f5 1154///\r
1155/// Part 2, section 11.3 TPM_QUOTE_INFO Structure\r
1156///\r
4135253b 1157typedef struct tdTPM_QUOTE_INFO {\r
1158 TPM_STRUCT_VER version;\r
1159 UINT8 fixed[4];\r
1160 TPM_COMPOSITE_HASH digestValue;\r
1161 TPM_NONCE externalData;\r
267669ba
LG		 1162} TPM_QUOTE_INFO;\r
1163\r
427987f5 1164///\r
1165/// Part 2, section 11.4 TPM_QUOTE_INFO2 Structure\r
1166///\r
4135253b 1167typedef struct tdTPM_QUOTE_INFO2 {\r
1168 TPM_STRUCTURE_TAG tag;\r
1169 UINT8 fixed[4];\r
1170 TPM_NONCE externalData;\r
1171 TPM_PCR_INFO_SHORT infoShort;\r
267669ba
LG		 1172} TPM_QUOTE_INFO2;\r
1173\r
1174//\r
1175// Part 2, section 12: Identity Structures\r
1176//\r
1177\r
427987f5 1178///\r
1179/// Part 2, section 12.1 TPM_EK_BLOB\r
1180///\r
4135253b 1181typedef struct tdTPM_EK_BLOB {\r
1182 TPM_STRUCTURE_TAG tag;\r
1183 TPM_EK_TYPE ekType;\r
1184 UINT32 blobSize;\r
1185 UINT8 *blob;\r
267669ba
LG		 1186} TPM_EK_BLOB;\r
1187\r
427987f5 1188///\r
1189/// Part 2, section 12.2 TPM_EK_BLOB_ACTIVATE\r
1190///\r
4135253b 1191typedef struct tdTPM_EK_BLOB_ACTIVATE {\r
1192 TPM_STRUCTURE_TAG tag;\r
1193 TPM_SYMMETRIC_KEY sessionKey;\r
1194 TPM_DIGEST idDigest;\r
1195 TPM_PCR_INFO_SHORT pcrInfo;\r
267669ba
LG		 1196} TPM_EK_BLOB_ACTIVATE;\r
1197\r
427987f5 1198///\r
1199/// Part 2, section 12.3 TPM_EK_BLOB_AUTH\r
1200///\r
4135253b 1201typedef struct tdTPM_EK_BLOB_AUTH {\r
1202 TPM_STRUCTURE_TAG tag;\r
1203 TPM_SECRET authValue;\r
267669ba
LG		 1204} TPM_EK_BLOB_AUTH;\r
1205\r
1206\r
427987f5 1207///\r
1208/// Part 2, section 12.5 TPM_IDENTITY_CONTENTS\r
1209///\r
4135253b 1210typedef struct tdTPM_IDENTITY_CONTENTS {\r
1211 TPM_STRUCT_VER ver;\r
1212 UINT32 ordinal;\r
1213 TPM_CHOSENID_HASH labelPrivCADigest;\r
1214 TPM_PUBKEY identityPubKey;\r
267669ba
LG		 1215} TPM_IDENTITY_CONTENTS;\r
1216\r
427987f5 1217///\r
1218/// Part 2, section 12.6 TPM_IDENTITY_REQ\r
1219///\r
4135253b 1220typedef struct tdTPM_IDENTITY_REQ {\r
1221 UINT32 asymSize;\r
1222 UINT32 symSize;\r
1223 TPM_KEY_PARMS asymAlgorithm;\r
1224 TPM_KEY_PARMS symAlgorithm;\r
1225 UINT8 *asymBlob;\r
1226 UINT8 *symBlob;\r
267669ba
LG		 1227} TPM_IDENTITY_REQ;\r
1228\r
427987f5 1229///\r
1230/// Part 2, section 12.7 TPM_IDENTITY_PROOF\r
1231///\r
4135253b 1232typedef struct tdTPM_IDENTITY_PROOF {\r
1233 TPM_STRUCT_VER ver;\r
1234 UINT32 labelSize;\r
1235 UINT32 identityBindingSize;\r
1236 UINT32 endorsementSize;\r
1237 UINT32 platformSize;\r
1238 UINT32 conformanceSize;\r
1239 TPM_PUBKEY identityKey;\r
1240 UINT8 *labelArea;\r
1241 UINT8 *identityBinding;\r
1242 UINT8 *endorsementCredential;\r
1243 UINT8 *platformCredential;\r
1244 UINT8 *conformanceCredential;\r
267669ba
LG		 1245} TPM_IDENTITY_PROOF;\r
1246\r
427987f5 1247///\r
1248/// Part 2, section 12.8 TPM_ASYM_CA_CONTENTS\r
1249///\r
4135253b 1250typedef struct tdTPM_ASYM_CA_CONTENTS {\r
1251 TPM_SYMMETRIC_KEY sessionKey;\r
1252 TPM_DIGEST idDigest;\r
267669ba
LG		 1253} TPM_ASYM_CA_CONTENTS;\r
1254\r
427987f5 1255///\r
1256/// Part 2, section 12.9 TPM_SYM_CA_ATTESTATION\r
1257///\r
4135253b 1258typedef struct tdTPM_SYM_CA_ATTESTATION {\r
1259 UINT32 credSize;\r
1260 TPM_KEY_PARMS algorithm;\r
1261 UINT8 *credential;\r
267669ba
LG		 1262} TPM_SYM_CA_ATTESTATION;\r
1263\r
427987f5 1264///\r
1265/// Part 2, section 15: Tick Structures\r
1266/// Placed here out of order because definitions are used in section 13.\r
1267///\r
267669ba
LG		 1268typedef struct tdTPM_CURRENT_TICKS {\r
1269 TPM_STRUCTURE_TAG tag;\r
1270 UINT64 currentTicks;\r
1271 UINT16 tickRate;\r
1272 TPM_NONCE tickNonce;\r
1273} TPM_CURRENT_TICKS;\r
1274\r
427987f5 1275///\r
1276/// Part 2, section 13: Transport structures\r
1277///\r
267669ba 1278\r
427987f5 1279///\r
1280/// Part 2, section 13.1: TPM _TRANSPORT_PUBLIC\r
1281///\r
4135253b 1282typedef struct tdTPM_TRANSPORT_PUBLIC {\r
1283 TPM_STRUCTURE_TAG tag;\r
1284 TPM_TRANSPORT_ATTRIBUTES transAttributes;\r
1285 TPM_ALGORITHM_ID algId;\r
1286 TPM_ENC_SCHEME encScheme;\r
1287} TPM_TRANSPORT_PUBLIC;\r
1288\r
1289//\r
1290// Part 2, section 13.1.1 TPM_TRANSPORT_ATTRIBUTES Definitions\r
1291//\r
14996c96
LG		 1292#define TPM_TRANSPORT_ENCRYPT ((UINT32)BIT0)\r
1293#define TPM_TRANSPORT_LOG ((UINT32)BIT1)\r
1294#define TPM_TRANSPORT_EXCLUSIVE ((UINT32)BIT2)\r
267669ba 1295\r
427987f5 1296///\r
1297/// Part 2, section 13.2 TPM_TRANSPORT_INTERNAL\r
1298///\r
4135253b 1299typedef struct tdTPM_TRANSPORT_INTERNAL {\r
1300 TPM_STRUCTURE_TAG tag;\r
1301 TPM_AUTHDATA authData;\r
1302 TPM_TRANSPORT_PUBLIC transPublic;\r
1303 TPM_TRANSHANDLE transHandle;\r
1304 TPM_NONCE transNonceEven;\r
1305 TPM_DIGEST transDigest;\r
267669ba
LG		 1306} TPM_TRANSPORT_INTERNAL;\r
1307\r
427987f5 1308///\r
1309/// Part 2, section 13.3 TPM_TRANSPORT_LOG_IN structure\r
1310///\r
4135253b 1311typedef struct tdTPM_TRANSPORT_LOG_IN {\r
1312 TPM_STRUCTURE_TAG tag;\r
1313 TPM_DIGEST parameters;\r
1314 TPM_DIGEST pubKeyHash;\r
267669ba
LG		 1315} TPM_TRANSPORT_LOG_IN;\r
1316\r
427987f5 1317///\r
1318/// Part 2, section 13.4 TPM_TRANSPORT_LOG_OUT structure\r
1319///\r
4135253b 1320typedef struct tdTPM_TRANSPORT_LOG_OUT {\r
1321 TPM_STRUCTURE_TAG tag;\r
1322 TPM_CURRENT_TICKS currentTicks;\r
1323 TPM_DIGEST parameters;\r
1324 TPM_MODIFIER_INDICATOR locality;\r
267669ba
LG		 1325} TPM_TRANSPORT_LOG_OUT;\r
1326\r
427987f5 1327///\r
1328/// Part 2, section 13.5 TPM_TRANSPORT_AUTH structure\r
1329///\r
4135253b 1330typedef struct tdTPM_TRANSPORT_AUTH {\r
1331 TPM_STRUCTURE_TAG tag;\r
1332 TPM_AUTHDATA authData;\r
267669ba
LG		 1333} TPM_TRANSPORT_AUTH;\r
1334\r
1335//\r
1336// Part 2, section 14: Audit Structures\r
1337//\r
1338\r
427987f5 1339///\r
1340/// Part 2, section 14.1 TPM_AUDIT_EVENT_IN structure\r
1341///\r
4135253b 1342typedef struct tdTPM_AUDIT_EVENT_IN {\r
1343 TPM_STRUCTURE_TAG tag;\r
1344 TPM_DIGEST inputParms;\r
1345 TPM_COUNTER_VALUE auditCount;\r
267669ba
LG		 1346} TPM_AUDIT_EVENT_IN;\r
1347\r
427987f5 1348///\r
1349/// Part 2, section 14.2 TPM_AUDIT_EVENT_OUT structure\r
1350///\r
4135253b 1351typedef struct tdTPM_AUDIT_EVENT_OUT {\r
1352 TPM_STRUCTURE_TAG tag;\r
1353 TPM_COMMAND_CODE ordinal;\r
1354 TPM_DIGEST outputParms;\r
1355 TPM_COUNTER_VALUE auditCount;\r
1356 TPM_RESULT returnCode;\r
267669ba
LG		 1357} TPM_AUDIT_EVENT_OUT;\r
1358\r
1359//\r
1360// Part 2, section 16: Return Codes\r
1361//\r
267669ba
LG		 1362\r
1363#define TPM_VENDOR_ERROR TPM_Vendor_Specific32\r
1364#define TPM_NON_FATAL 0x00000800\r
1365\r
1366#define TPM_SUCCESS ((TPM_RESULT) TPM_BASE)\r
1367#define TPM_AUTHFAIL ((TPM_RESULT) (TPM_BASE + 1))\r
1368#define TPM_BADINDEX ((TPM_RESULT) (TPM_BASE + 2))\r
1369#define TPM_BAD_PARAMETER ((TPM_RESULT) (TPM_BASE + 3))\r
1370#define TPM_AUDITFAILURE ((TPM_RESULT) (TPM_BASE + 4))\r
1371#define TPM_CLEAR_DISABLED ((TPM_RESULT) (TPM_BASE + 5))\r
1372#define TPM_DEACTIVATED ((TPM_RESULT) (TPM_BASE + 6))\r
1373#define TPM_DISABLED ((TPM_RESULT) (TPM_BASE + 7))\r
1374#define TPM_DISABLED_CMD ((TPM_RESULT) (TPM_BASE + 8))\r
1375#define TPM_FAIL ((TPM_RESULT) (TPM_BASE + 9))\r
1376#define TPM_BAD_ORDINAL ((TPM_RESULT) (TPM_BASE + 10))\r
1377#define TPM_INSTALL_DISABLED ((TPM_RESULT) (TPM_BASE + 11))\r
1378#define TPM_INVALID_KEYHANDLE ((TPM_RESULT) (TPM_BASE + 12))\r
1379#define TPM_KEYNOTFOUND ((TPM_RESULT) (TPM_BASE + 13))\r
1380#define TPM_INAPPROPRIATE_ENC ((TPM_RESULT) (TPM_BASE + 14))\r
1381#define TPM_MIGRATEFAIL ((TPM_RESULT) (TPM_BASE + 15))\r
1382#define TPM_INVALID_PCR_INFO ((TPM_RESULT) (TPM_BASE + 16))\r
1383#define TPM_NOSPACE ((TPM_RESULT) (TPM_BASE + 17))\r
1384#define TPM_NOSRK ((TPM_RESULT) (TPM_BASE + 18))\r
1385#define TPM_NOTSEALED_BLOB ((TPM_RESULT) (TPM_BASE + 19))\r
1386#define TPM_OWNER_SET ((TPM_RESULT) (TPM_BASE + 20))\r
1387#define TPM_RESOURCES ((TPM_RESULT) (TPM_BASE + 21))\r
1388#define TPM_SHORTRANDOM ((TPM_RESULT) (TPM_BASE + 22))\r
1389#define TPM_SIZE ((TPM_RESULT) (TPM_BASE + 23))\r
1390#define TPM_WRONGPCRVAL ((TPM_RESULT) (TPM_BASE + 24))\r
1391#define TPM_BAD_PARAM_SIZE ((TPM_RESULT) (TPM_BASE + 25))\r
1392#define TPM_SHA_THREAD ((TPM_RESULT) (TPM_BASE + 26))\r
1393#define TPM_SHA_ERROR ((TPM_RESULT) (TPM_BASE + 27))\r
1394#define TPM_FAILEDSELFTEST ((TPM_RESULT) (TPM_BASE + 28))\r
1395#define TPM_AUTH2FAIL ((TPM_RESULT) (TPM_BASE + 29))\r
1396#define TPM_BADTAG ((TPM_RESULT) (TPM_BASE + 30))\r
1397#define TPM_IOERROR ((TPM_RESULT) (TPM_BASE + 31))\r
1398#define TPM_ENCRYPT_ERROR ((TPM_RESULT) (TPM_BASE + 32))\r
1399#define TPM_DECRYPT_ERROR ((TPM_RESULT) (TPM_BASE + 33))\r
1400#define TPM_INVALID_AUTHHANDLE ((TPM_RESULT) (TPM_BASE + 34))\r
1401#define TPM_NO_ENDORSEMENT ((TPM_RESULT) (TPM_BASE + 35))\r
1402#define TPM_INVALID_KEYUSAGE ((TPM_RESULT) (TPM_BASE + 36))\r
1403#define TPM_WRONG_ENTITYTYPE ((TPM_RESULT) (TPM_BASE + 37))\r
1404#define TPM_INVALID_POSTINIT ((TPM_RESULT) (TPM_BASE + 38))\r
1405#define TPM_INAPPROPRIATE_SIG ((TPM_RESULT) (TPM_BASE + 39))\r
1406#define TPM_BAD_KEY_PROPERTY ((TPM_RESULT) (TPM_BASE + 40))\r
1407#define TPM_BAD_MIGRATION ((TPM_RESULT) (TPM_BASE + 41))\r
1408#define TPM_BAD_SCHEME ((TPM_RESULT) (TPM_BASE + 42))\r
1409#define TPM_BAD_DATASIZE ((TPM_RESULT) (TPM_BASE + 43))\r
1410#define TPM_BAD_MODE ((TPM_RESULT) (TPM_BASE + 44))\r
1411#define TPM_BAD_PRESENCE ((TPM_RESULT) (TPM_BASE + 45))\r
1412#define TPM_BAD_VERSION ((TPM_RESULT) (TPM_BASE + 46))\r
1413#define TPM_NO_WRAP_TRANSPORT ((TPM_RESULT) (TPM_BASE + 47))\r
1414#define TPM_AUDITFAIL_UNSUCCESSFUL ((TPM_RESULT) (TPM_BASE + 48))\r
1415#define TPM_AUDITFAIL_SUCCESSFUL ((TPM_RESULT) (TPM_BASE + 49))\r
1416#define TPM_NOTRESETABLE ((TPM_RESULT) (TPM_BASE + 50))\r
1417#define TPM_NOTLOCAL ((TPM_RESULT) (TPM_BASE + 51))\r
1418#define TPM_BAD_TYPE ((TPM_RESULT) (TPM_BASE + 52))\r
1419#define TPM_INVALID_RESOURCE ((TPM_RESULT) (TPM_BASE + 53))\r
1420#define TPM_NOTFIPS ((TPM_RESULT) (TPM_BASE + 54))\r
1421#define TPM_INVALID_FAMILY ((TPM_RESULT) (TPM_BASE + 55))\r
1422#define TPM_NO_NV_PERMISSION ((TPM_RESULT) (TPM_BASE + 56))\r
1423#define TPM_REQUIRES_SIGN ((TPM_RESULT) (TPM_BASE + 57))\r
1424#define TPM_KEY_NOTSUPPORTED ((TPM_RESULT) (TPM_BASE + 58))\r
1425#define TPM_AUTH_CONFLICT ((TPM_RESULT) (TPM_BASE + 59))\r
1426#define TPM_AREA_LOCKED ((TPM_RESULT) (TPM_BASE + 60))\r
1427#define TPM_BAD_LOCALITY ((TPM_RESULT) (TPM_BASE + 61))\r
1428#define TPM_READ_ONLY ((TPM_RESULT) (TPM_BASE + 62))\r
1429#define TPM_PER_NOWRITE ((TPM_RESULT) (TPM_BASE + 63))\r
1430#define TPM_FAMILYCOUNT ((TPM_RESULT) (TPM_BASE + 64))\r
1431#define TPM_WRITE_LOCKED ((TPM_RESULT) (TPM_BASE + 65))\r
1432#define TPM_BAD_ATTRIBUTES ((TPM_RESULT) (TPM_BASE + 66))\r
1433#define TPM_INVALID_STRUCTURE ((TPM_RESULT) (TPM_BASE + 67))\r
1434#define TPM_KEY_OWNER_CONTROL ((TPM_RESULT) (TPM_BASE + 68))\r
1435#define TPM_BAD_COUNTER ((TPM_RESULT) (TPM_BASE + 69))\r
1436#define TPM_NOT_FULLWRITE ((TPM_RESULT) (TPM_BASE + 70))\r
1437#define TPM_CONTEXT_GAP ((TPM_RESULT) (TPM_BASE + 71))\r
1438#define TPM_MAXNVWRITES ((TPM_RESULT) (TPM_BASE + 72))\r
1439#define TPM_NOOPERATOR ((TPM_RESULT) (TPM_BASE + 73))\r
1440#define TPM_RESOURCEMISSING ((TPM_RESULT) (TPM_BASE + 74))\r
1441#define TPM_DELEGATE_LOCK ((TPM_RESULT) (TPM_BASE + 75))\r
1442#define TPM_DELEGATE_FAMILY ((TPM_RESULT) (TPM_BASE + 76))\r
1443#define TPM_DELEGATE_ADMIN ((TPM_RESULT) (TPM_BASE + 77))\r
1444#define TPM_TRANSPORT_NOTEXCLUSIVE ((TPM_RESULT) (TPM_BASE + 78))\r
1445#define TPM_OWNER_CONTROL ((TPM_RESULT) (TPM_BASE + 79))\r
1446#define TPM_DAA_RESOURCES ((TPM_RESULT) (TPM_BASE + 80))\r
1447#define TPM_DAA_INPUT_DATA0 ((TPM_RESULT) (TPM_BASE + 81))\r
1448#define TPM_DAA_INPUT_DATA1 ((TPM_RESULT) (TPM_BASE + 82))\r
1449#define TPM_DAA_ISSUER_SETTINGS ((TPM_RESULT) (TPM_BASE + 83))\r
1450#define TPM_DAA_TPM_SETTINGS ((TPM_RESULT) (TPM_BASE + 84))\r
1451#define TPM_DAA_STAGE ((TPM_RESULT) (TPM_BASE + 85))\r
1452#define TPM_DAA_ISSUER_VALIDITY ((TPM_RESULT) (TPM_BASE + 86))\r
1453#define TPM_DAA_WRONG_W ((TPM_RESULT) (TPM_BASE + 87))\r
1454#define TPM_BAD_HANDLE ((TPM_RESULT) (TPM_BASE + 88))\r
1455#define TPM_BAD_DELEGATE ((TPM_RESULT) (TPM_BASE + 89))\r
1456#define TPM_BADCONTEXT ((TPM_RESULT) (TPM_BASE + 90))\r
1457#define TPM_TOOMANYCONTEXTS ((TPM_RESULT) (TPM_BASE + 91))\r
1458#define TPM_MA_TICKET_SIGNATURE ((TPM_RESULT) (TPM_BASE + 92))\r
1459#define TPM_MA_DESTINATION ((TPM_RESULT) (TPM_BASE + 93))\r
1460#define TPM_MA_SOURCE ((TPM_RESULT) (TPM_BASE + 94))\r
1461#define TPM_MA_AUTHORITY ((TPM_RESULT) (TPM_BASE + 95))\r
1462#define TPM_PERMANENTEK ((TPM_RESULT) (TPM_BASE + 97))\r
1463#define TPM_BAD_SIGNATURE ((TPM_RESULT) (TPM_BASE + 98))\r
1464#define TPM_NOCONTEXTSPACE ((TPM_RESULT) (TPM_BASE + 99))\r
1465\r
1466#define TPM_RETRY ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL))\r
1467#define TPM_NEEDS_SELFTEST ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 1))\r
1468#define TPM_DOING_SELFTEST ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 2))\r
1469#define TPM_DEFEND_LOCK_RUNNING ((TPM_RESULT) (TPM_BASE + TPM_NON_FATAL + 3))\r
1470\r
1471//\r
1472// Part 2, section 17: Ordinals\r
1473//\r
1474// Ordinals are 32 bit values. The upper byte contains values that serve as\r
1475// flag indicators, the next byte contains values indicating what committee\r
1476// designated the ordinal, and the final two bytes contain the Command\r
1477// Ordinal Index.\r
1478// 3 2 1\r
1479// 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0 9 8 7 6 5 4 3 2 1 0\r
1480// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
1481// |P|C|V| Reserved| Purview | Command Ordinal Index |\r
1482// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
1483//\r
1484// Where:\r
1485//\r
1486// * P is Protected/Unprotected command. When 0 the command is a Protected\r
1487// command, when 1 the command is an Unprotected command.\r
1488//\r
1489// * C is Non-Connection/Connection related command. When 0 this command\r
1490// passes through to either the protected (TPM) or unprotected (TSS)\r
1491// components.\r
1492//\r
1493// * V is TPM/Vendor command. When 0 the command is TPM defined, when 1 the\r
1494// command is vendor defined.\r
1495//\r
1496// * All reserved area bits are set to 0.\r
1497//\r
1498\r
1499#define TPM_ORD_ActivateIdentity ((TPM_COMMAND_CODE) 0x0000007A)\r
1500#define TPM_ORD_AuthorizeMigrationKey ((TPM_COMMAND_CODE) 0x0000002B)\r
1501#define TPM_ORD_CertifyKey ((TPM_COMMAND_CODE) 0x00000032)\r
1502#define TPM_ORD_CertifyKey2 ((TPM_COMMAND_CODE) 0x00000033)\r
1503#define TPM_ORD_CertifySelfTest ((TPM_COMMAND_CODE) 0x00000052)\r
1504#define TPM_ORD_ChangeAuth ((TPM_COMMAND_CODE) 0x0000000C)\r
1505#define TPM_ORD_ChangeAuthAsymFinish ((TPM_COMMAND_CODE) 0x0000000F)\r
1506#define TPM_ORD_ChangeAuthAsymStart ((TPM_COMMAND_CODE) 0x0000000E)\r
1507#define TPM_ORD_ChangeAuthOwner ((TPM_COMMAND_CODE) 0x00000010)\r
1508#define TPM_ORD_CMK_ApproveMA ((TPM_COMMAND_CODE) 0x0000001D)\r
1509#define TPM_ORD_CMK_ConvertMigration ((TPM_COMMAND_CODE) 0x00000024)\r
1510#define TPM_ORD_CMK_CreateBlob ((TPM_COMMAND_CODE) 0x0000001B)\r
1511#define TPM_ORD_CMK_CreateKey ((TPM_COMMAND_CODE) 0x00000013)\r
1512#define TPM_ORD_CMK_CreateTicket ((TPM_COMMAND_CODE) 0x00000012)\r
1513#define TPM_ORD_CMK_SetRestrictions ((TPM_COMMAND_CODE) 0x0000001C)\r
1514#define TPM_ORD_ContinueSelfTest ((TPM_COMMAND_CODE) 0x00000053)\r
1515#define TPM_ORD_ConvertMigrationBlob ((TPM_COMMAND_CODE) 0x0000002A)\r
1516#define TPM_ORD_CreateCounter ((TPM_COMMAND_CODE) 0x000000DC)\r
1517#define TPM_ORD_CreateEndorsementKeyPair ((TPM_COMMAND_CODE) 0x00000078)\r
1518#define TPM_ORD_CreateMaintenanceArchive ((TPM_COMMAND_CODE) 0x0000002C)\r
1519#define TPM_ORD_CreateMigrationBlob ((TPM_COMMAND_CODE) 0x00000028)\r
1520#define TPM_ORD_CreateRevocableEK ((TPM_COMMAND_CODE) 0x0000007F)\r
1521#define TPM_ORD_CreateWrapKey ((TPM_COMMAND_CODE) 0x0000001F)\r
1522#define TPM_ORD_DAA_JOIN ((TPM_COMMAND_CODE) 0x00000029)\r
1523#define TPM_ORD_DAA_SIGN ((TPM_COMMAND_CODE) 0x00000031)\r
1524#define TPM_ORD_Delegate_CreateKeyDelegation ((TPM_COMMAND_CODE) 0x000000D4)\r
1525#define TPM_ORD_Delegate_CreateOwnerDelegation ((TPM_COMMAND_CODE) 0x000000D5)\r
1526#define TPM_ORD_Delegate_LoadOwnerDelegation ((TPM_COMMAND_CODE) 0x000000D8)\r
1527#define TPM_ORD_Delegate_Manage ((TPM_COMMAND_CODE) 0x000000D2)\r
1528#define TPM_ORD_Delegate_ReadTable ((TPM_COMMAND_CODE) 0x000000DB)\r
1529#define TPM_ORD_Delegate_UpdateVerification ((TPM_COMMAND_CODE) 0x000000D1)\r
1530#define TPM_ORD_Delegate_VerifyDelegation ((TPM_COMMAND_CODE) 0x000000D6)\r
1531#define TPM_ORD_DirRead ((TPM_COMMAND_CODE) 0x0000001A)\r
1532#define TPM_ORD_DirWriteAuth ((TPM_COMMAND_CODE) 0x00000019)\r
1533#define TPM_ORD_DisableForceClear ((TPM_COMMAND_CODE) 0x0000005E)\r
1534#define TPM_ORD_DisableOwnerClear ((TPM_COMMAND_CODE) 0x0000005C)\r
1535#define TPM_ORD_DisablePubekRead ((TPM_COMMAND_CODE) 0x0000007E)\r
1536#define TPM_ORD_DSAP ((TPM_COMMAND_CODE) 0x00000011)\r
1537#define TPM_ORD_EstablishTransport ((TPM_COMMAND_CODE) 0x000000E6)\r
1538#define TPM_ORD_EvictKey ((TPM_COMMAND_CODE) 0x00000022)\r
1539#define TPM_ORD_ExecuteTransport ((TPM_COMMAND_CODE) 0x000000E7)\r
1540#define TPM_ORD_Extend ((TPM_COMMAND_CODE) 0x00000014)\r
1541#define TPM_ORD_FieldUpgrade ((TPM_COMMAND_CODE) 0x000000AA)\r
1542#define TPM_ORD_FlushSpecific ((TPM_COMMAND_CODE) 0x000000BA)\r
1543#define TPM_ORD_ForceClear ((TPM_COMMAND_CODE) 0x0000005D)\r
1544#define TPM_ORD_GetAuditDigest ((TPM_COMMAND_CODE) 0x00000085)\r
1545#define TPM_ORD_GetAuditDigestSigned ((TPM_COMMAND_CODE) 0x00000086)\r
1546#define TPM_ORD_GetAuditEvent ((TPM_COMMAND_CODE) 0x00000082)\r
1547#define TPM_ORD_GetAuditEventSigned ((TPM_COMMAND_CODE) 0x00000083)\r
1548#define TPM_ORD_GetCapability ((TPM_COMMAND_CODE) 0x00000065)\r
1549#define TPM_ORD_GetCapabilityOwner ((TPM_COMMAND_CODE) 0x00000066)\r
1550#define TPM_ORD_GetCapabilitySigned ((TPM_COMMAND_CODE) 0x00000064)\r
1551#define TPM_ORD_GetOrdinalAuditStatus ((TPM_COMMAND_CODE) 0x0000008C)\r
1552#define TPM_ORD_GetPubKey ((TPM_COMMAND_CODE) 0x00000021)\r
1553#define TPM_ORD_GetRandom ((TPM_COMMAND_CODE) 0x00000046)\r
1554#define TPM_ORD_GetTestResult ((TPM_COMMAND_CODE) 0x00000054)\r
1555#define TPM_ORD_GetTicks ((TPM_COMMAND_CODE) 0x000000F1)\r
1556#define TPM_ORD_IncrementCounter ((TPM_COMMAND_CODE) 0x000000DD)\r
1557#define TPM_ORD_Init ((TPM_COMMAND_CODE) 0x00000097)\r
1558#define TPM_ORD_KeyControlOwner ((TPM_COMMAND_CODE) 0x00000023)\r
1559#define TPM_ORD_KillMaintenanceFeature ((TPM_COMMAND_CODE) 0x0000002E)\r
1560#define TPM_ORD_LoadAuthContext ((TPM_COMMAND_CODE) 0x000000B7)\r
1561#define TPM_ORD_LoadContext ((TPM_COMMAND_CODE) 0x000000B9)\r
1562#define TPM_ORD_LoadKey ((TPM_COMMAND_CODE) 0x00000020)\r
1563#define TPM_ORD_LoadKey2 ((TPM_COMMAND_CODE) 0x00000041)\r
1564#define TPM_ORD_LoadKeyContext ((TPM_COMMAND_CODE) 0x000000B5)\r
1565#define TPM_ORD_LoadMaintenanceArchive ((TPM_COMMAND_CODE) 0x0000002D)\r
1566#define TPM_ORD_LoadManuMaintPub ((TPM_COMMAND_CODE) 0x0000002F)\r
1567#define TPM_ORD_MakeIdentity ((TPM_COMMAND_CODE) 0x00000079)\r
1568#define TPM_ORD_MigrateKey ((TPM_COMMAND_CODE) 0x00000025)\r
1569#define TPM_ORD_NV_DefineSpace ((TPM_COMMAND_CODE) 0x000000CC)\r
1570#define TPM_ORD_NV_ReadValue ((TPM_COMMAND_CODE) 0x000000CF)\r
1571#define TPM_ORD_NV_ReadValueAuth ((TPM_COMMAND_CODE) 0x000000D0)\r
1572#define TPM_ORD_NV_WriteValue ((TPM_COMMAND_CODE) 0x000000CD)\r
1573#define TPM_ORD_NV_WriteValueAuth ((TPM_COMMAND_CODE) 0x000000CE)\r
1574#define TPM_ORD_OIAP ((TPM_COMMAND_CODE) 0x0000000A)\r
1575#define TPM_ORD_OSAP ((TPM_COMMAND_CODE) 0x0000000B)\r
1576#define TPM_ORD_OwnerClear ((TPM_COMMAND_CODE) 0x0000005B)\r
1577#define TPM_ORD_OwnerReadInternalPub ((TPM_COMMAND_CODE) 0x00000081)\r
1578#define TPM_ORD_OwnerReadPubek ((TPM_COMMAND_CODE) 0x0000007D)\r
1579#define TPM_ORD_OwnerSetDisable ((TPM_COMMAND_CODE) 0x0000006E)\r
1580#define TPM_ORD_PCR_Reset ((TPM_COMMAND_CODE) 0x000000C8)\r
1581#define TPM_ORD_PcrRead ((TPM_COMMAND_CODE) 0x00000015)\r
1582#define TPM_ORD_PhysicalDisable ((TPM_COMMAND_CODE) 0x00000070)\r
1583#define TPM_ORD_PhysicalEnable ((TPM_COMMAND_CODE) 0x0000006F)\r
1584#define TPM_ORD_PhysicalSetDeactivated ((TPM_COMMAND_CODE) 0x00000072)\r
1585#define TPM_ORD_Quote ((TPM_COMMAND_CODE) 0x00000016)\r
1586#define TPM_ORD_Quote2 ((TPM_COMMAND_CODE) 0x0000003E)\r
1587#define TPM_ORD_ReadCounter ((TPM_COMMAND_CODE) 0x000000DE)\r
1588#define TPM_ORD_ReadManuMaintPub ((TPM_COMMAND_CODE) 0x00000030)\r
1589#define TPM_ORD_ReadPubek ((TPM_COMMAND_CODE) 0x0000007C)\r
1590#define TPM_ORD_ReleaseCounter ((TPM_COMMAND_CODE) 0x000000DF)\r
1591#define TPM_ORD_ReleaseCounterOwner ((TPM_COMMAND_CODE) 0x000000E0)\r
1592#define TPM_ORD_ReleaseTransportSigned ((TPM_COMMAND_CODE) 0x000000E8)\r
1593#define TPM_ORD_Reset ((TPM_COMMAND_CODE) 0x0000005A)\r
1594#define TPM_ORD_ResetLockValue ((TPM_COMMAND_CODE) 0x00000040)\r
1595#define TPM_ORD_RevokeTrust ((TPM_COMMAND_CODE) 0x00000080)\r
1596#define TPM_ORD_SaveAuthContext ((TPM_COMMAND_CODE) 0x000000B6)\r
1597#define TPM_ORD_SaveContext ((TPM_COMMAND_CODE) 0x000000B8)\r
1598#define TPM_ORD_SaveKeyContext ((TPM_COMMAND_CODE) 0x000000B4)\r
1599#define TPM_ORD_SaveState ((TPM_COMMAND_CODE) 0x00000098)\r
1600#define TPM_ORD_Seal ((TPM_COMMAND_CODE) 0x00000017)\r
1601#define TPM_ORD_Sealx ((TPM_COMMAND_CODE) 0x0000003D)\r
1602#define TPM_ORD_SelfTestFull ((TPM_COMMAND_CODE) 0x00000050)\r
1603#define TPM_ORD_SetCapability ((TPM_COMMAND_CODE) 0x0000003F)\r
1604#define TPM_ORD_SetOperatorAuth ((TPM_COMMAND_CODE) 0x00000074)\r
1605#define TPM_ORD_SetOrdinalAuditStatus ((TPM_COMMAND_CODE) 0x0000008D)\r
1606#define TPM_ORD_SetOwnerInstall ((TPM_COMMAND_CODE) 0x00000071)\r
1607#define TPM_ORD_SetOwnerPointer ((TPM_COMMAND_CODE) 0x00000075)\r
1608#define TPM_ORD_SetRedirection ((TPM_COMMAND_CODE) 0x0000009A)\r
1609#define TPM_ORD_SetTempDeactivated ((TPM_COMMAND_CODE) 0x00000073)\r
1610#define TPM_ORD_SHA1Complete ((TPM_COMMAND_CODE) 0x000000A2)\r
1611#define TPM_ORD_SHA1CompleteExtend ((TPM_COMMAND_CODE) 0x000000A3)\r
1612#define TPM_ORD_SHA1Start ((TPM_COMMAND_CODE) 0x000000A0)\r
1613#define TPM_ORD_SHA1Update ((TPM_COMMAND_CODE) 0x000000A1)\r
1614#define TPM_ORD_Sign ((TPM_COMMAND_CODE) 0x0000003C)\r
1615#define TPM_ORD_Startup ((TPM_COMMAND_CODE) 0x00000099)\r
1616#define TPM_ORD_StirRandom ((TPM_COMMAND_CODE) 0x00000047)\r
1617#define TPM_ORD_TakeOwnership ((TPM_COMMAND_CODE) 0x0000000D)\r
1618#define TPM_ORD_Terminate_Handle ((TPM_COMMAND_CODE) 0x00000096)\r
1619#define TPM_ORD_TickStampBlob ((TPM_COMMAND_CODE) 0x000000F2)\r
1620#define TPM_ORD_UnBind ((TPM_COMMAND_CODE) 0x0000001E)\r
1621#define TPM_ORD_Unseal ((TPM_COMMAND_CODE) 0x00000018)\r
1622#define TSC_ORD_PhysicalPresence ((TPM_COMMAND_CODE) 0x4000000A)\r
1623#define TSC_ORD_ResetEstablishmentBit ((TPM_COMMAND_CODE) 0x4000000B)\r
1624\r
1625//\r
1626// Part 2, section 18: Context structures\r
1627//\r
1628\r
427987f5 1629///\r
1630/// Part 2, section 18.1: TPM_CONTEXT_BLOB\r
1631///\r
4135253b 1632typedef struct tdTPM_CONTEXT_BLOB {\r
1633 TPM_STRUCTURE_TAG tag;\r
1634 TPM_RESOURCE_TYPE resourceType;\r
1635 TPM_HANDLE handle;\r
1636 UINT8 label[16];\r
1637 UINT32 contextCount;\r
1638 TPM_DIGEST integrityDigest;\r
1639 UINT32 additionalSize;\r
1640 UINT8 *additionalData;\r
1641 UINT32 sensitiveSize;\r
1642 UINT8 *sensitiveData;\r
267669ba
LG		 1643} TPM_CONTEXT_BLOB;\r
1644\r
427987f5 1645///\r
1646/// Part 2, section 18.2 TPM_CONTEXT_SENSITIVE\r
1647///\r
4135253b 1648typedef struct tdTPM_CONTEXT_SENSITIVE {\r
1649 TPM_STRUCTURE_TAG tag;\r
1650 TPM_NONCE contextNonce;\r
1651 UINT32 internalSize;\r
1652 UINT8 *internalData;\r
267669ba
LG		 1653} TPM_CONTEXT_SENSITIVE;\r
1654\r
1655//\r
1656// Part 2, section 19: NV Structures\r
1657//\r
1658\r
4135253b 1659//\r
1660// Part 2, section 19.1.1: Required TPM_NV_INDEX values\r
1661//\r
267669ba
LG		 1662#define TPM_NV_INDEX_LOCK ((UINT32)0xffffffff)\r
1663#define TPM_NV_INDEX0 ((UINT32)0x00000000)\r
1664#define TPM_NV_INDEX_DIR ((UINT32)0x10000001)\r
1665#define TPM_NV_INDEX_EKCert ((UINT32)0x0000f000)\r
1666#define TPM_NV_INDEX_TPM_CC ((UINT32)0x0000f001)\r
1667#define TPM_NV_INDEX_PlatformCert ((UINT32)0x0000f002)\r
1668#define TPM_NV_INDEX_Platform_CC ((UINT32)0x0000f003)\r
4135253b 1669//\r
1670// Part 2, section 19.1.2: Reserved Index values\r
1671//\r
267669ba
LG		 1672#define TPM_NV_INDEX_TSS_BASE ((UINT32)0x00011100)\r
1673#define TPM_NV_INDEX_PC_BASE ((UINT32)0x00011200)\r
1674#define TPM_NV_INDEX_SERVER_BASE ((UINT32)0x00011300)\r
1675#define TPM_NV_INDEX_MOBILE_BASE ((UINT32)0x00011400)\r
1676#define TPM_NV_INDEX_PERIPHERAL_BASE ((UINT32)0x00011500)\r
1677#define TPM_NV_INDEX_GROUP_RESV_BASE ((UINT32)0x00010000)\r
1678\r
427987f5 1679///\r
1680/// Part 2, section 19.2: TPM_NV_ATTRIBUTES\r
1681///\r
1682typedef struct tdTPM_NV_ATTRIBUTES {\r
1683 TPM_STRUCTURE_TAG tag;\r
f754f721 1684 UINT32 attributes;\r
427987f5 1685} TPM_NV_ATTRIBUTES;\r
1686\r
4135253b 1687#define TPM_NV_PER_READ_STCLEAR (BIT31)\r
1688#define TPM_NV_PER_AUTHREAD (BIT18)\r
1689#define TPM_NV_PER_OWNERREAD (BIT17)\r
1690#define TPM_NV_PER_PPREAD (BIT16)\r
1691#define TPM_NV_PER_GLOBALLOCK (BIT15)\r
1692#define TPM_NV_PER_WRITE_STCLEAR (BIT14)\r
1693#define TPM_NV_PER_WRITEDEFINE (BIT13)\r
1694#define TPM_NV_PER_WRITEALL (BIT12)\r
1695#define TPM_NV_PER_AUTHWRITE (BIT2)\r
1696#define TPM_NV_PER_OWNERWRITE (BIT1)\r
1697#define TPM_NV_PER_PPWRITE (BIT0)\r
267669ba 1698\r
427987f5 1699///\r
1700/// Part 2, section 19.3: TPM_NV_DATA_PUBLIC\r
1701///\r
4135253b 1702typedef struct tdTPM_NV_DATA_PUBLIC {\r
1703 TPM_STRUCTURE_TAG tag;\r
1704 TPM_NV_INDEX nvIndex;\r
1705 TPM_PCR_INFO_SHORT pcrInfoRead;\r
1706 TPM_PCR_INFO_SHORT pcrInfoWrite;\r
1707 TPM_NV_ATTRIBUTES permission;\r
1708 BOOLEAN bReadSTClear;\r
1709 BOOLEAN bWriteSTClear;\r
1710 BOOLEAN bWriteDefine;\r
1711 UINT32 dataSize;\r
1712} TPM_NV_DATA_PUBLIC;\r
267669ba 1713\r
4135253b 1714//\r
1715// Part 2, section 20: Delegate Structures\r
1716//\r
267669ba 1717\r
4135253b 1718#define TPM_DEL_OWNER_BITS ((UINT32)0x00000001)\r
1719#define TPM_DEL_KEY_BITS ((UINT32)0x00000002)\r
cc078d72 1720///\r
1721/// Part 2, section 20.2: Delegate Definitions\r
1722///\r
4135253b 1723typedef struct tdTPM_DELEGATIONS {\r
1724 TPM_STRUCTURE_TAG tag;\r
1725 UINT32 delegateType;\r
1726 UINT32 per1;\r
1727 UINT32 per2;\r
1728} TPM_DELEGATIONS;\r
267669ba 1729\r
4135253b 1730//\r
1731// Part 2, section 20.2.1: Owner Permission Settings\r
1732//\r
1733#define TPM_DELEGATE_SetOrdinalAuditStatus (BIT30)\r
1734#define TPM_DELEGATE_DirWriteAuth (BIT29)\r
1735#define TPM_DELEGATE_CMK_ApproveMA (BIT28)\r
1919913f 1736#define TPM_DELEGATE_NV_WriteValue (BIT27)\r
4135253b 1737#define TPM_DELEGATE_CMK_CreateTicket (BIT26)\r
1919913f 1738#define TPM_DELEGATE_NV_ReadValue (BIT25)\r
4135253b 1739#define TPM_DELEGATE_Delegate_LoadOwnerDelegation (BIT24)\r
1740#define TPM_DELEGATE_DAA_Join (BIT23)\r
1741#define TPM_DELEGATE_AuthorizeMigrationKey (BIT22)\r
1742#define TPM_DELEGATE_CreateMaintenanceArchive (BIT21)\r
1743#define TPM_DELEGATE_LoadMaintenanceArchive (BIT20)\r
1744#define TPM_DELEGATE_KillMaintenanceFeature (BIT19)\r
1745#define TPM_DELEGATE_OwnerReadInteralPub (BIT18)\r
1746#define TPM_DELEGATE_ResetLockValue (BIT17)\r
1747#define TPM_DELEGATE_OwnerClear (BIT16)\r
1748#define TPM_DELEGATE_DisableOwnerClear (BIT15)\r
1919913f 1749#define TPM_DELEGATE_NV_DefineSpace (BIT14)\r
4135253b 1750#define TPM_DELEGATE_OwnerSetDisable (BIT13)\r
1751#define TPM_DELEGATE_SetCapability (BIT12)\r
1752#define TPM_DELEGATE_MakeIdentity (BIT11)\r
1753#define TPM_DELEGATE_ActivateIdentity (BIT10)\r
1754#define TPM_DELEGATE_OwnerReadPubek (BIT9)\r
1755#define TPM_DELEGATE_DisablePubekRead (BIT8)\r
1756#define TPM_DELEGATE_SetRedirection (BIT7)\r
1757#define TPM_DELEGATE_FieldUpgrade (BIT6)\r
1758#define TPM_DELEGATE_Delegate_UpdateVerification (BIT5)\r
1759#define TPM_DELEGATE_CreateCounter (BIT4)\r
1760#define TPM_DELEGATE_ReleaseCounterOwner (BIT3)\r
1761#define TPM_DELEGATE_DelegateManage (BIT2)\r
1762#define TPM_DELEGATE_Delegate_CreateOwnerDelegation (BIT1)\r
1763#define TPM_DELEGATE_DAA_Sign (BIT0)\r
1764\r
1765//\r
1766// Part 2, section 20.2.3: Key Permission settings\r
1767//\r
1768#define TPM_KEY_DELEGATE_CMK_ConvertMigration (BIT28)\r
1769#define TPM_KEY_DELEGATE_TickStampBlob (BIT27)\r
1770#define TPM_KEY_DELEGATE_ChangeAuthAsymStart (BIT26)\r
1771#define TPM_KEY_DELEGATE_ChangeAuthAsymFinish (BIT25)\r
1772#define TPM_KEY_DELEGATE_CMK_CreateKey (BIT24)\r
1773#define TPM_KEY_DELEGATE_MigrateKey (BIT23)\r
1774#define TPM_KEY_DELEGATE_LoadKey2 (BIT22)\r
1775#define TPM_KEY_DELEGATE_EstablishTransport (BIT21)\r
1776#define TPM_KEY_DELEGATE_ReleaseTransportSigned (BIT20)\r
1777#define TPM_KEY_DELEGATE_Quote2 (BIT19)\r
1778#define TPM_KEY_DELEGATE_Sealx (BIT18)\r
1779#define TPM_KEY_DELEGATE_MakeIdentity (BIT17)\r
1780#define TPM_KEY_DELEGATE_ActivateIdentity (BIT16)\r
1781#define TPM_KEY_DELEGATE_GetAuditDigestSigned (BIT15)\r
1782#define TPM_KEY_DELEGATE_Sign (BIT14)\r
1783#define TPM_KEY_DELEGATE_CertifyKey2 (BIT13)\r
1784#define TPM_KEY_DELEGATE_CertifyKey (BIT12)\r
1785#define TPM_KEY_DELEGATE_CreateWrapKey (BIT11)\r
1786#define TPM_KEY_DELEGATE_CMK_CreateBlob (BIT10)\r
1787#define TPM_KEY_DELEGATE_CreateMigrationBlob (BIT9)\r
1788#define TPM_KEY_DELEGATE_ConvertMigrationBlob (BIT8)\r
1789#define TPM_KEY_DELEGATE_CreateKeyDelegation (BIT7)\r
1790#define TPM_KEY_DELEGATE_ChangeAuth (BIT6)\r
1791#define TPM_KEY_DELEGATE_GetPubKey (BIT5)\r
1792#define TPM_KEY_DELEGATE_UnBind (BIT4)\r
1793#define TPM_KEY_DELEGATE_Quote (BIT3)\r
1794#define TPM_KEY_DELEGATE_Unseal (BIT2)\r
1795#define TPM_KEY_DELEGATE_Seal (BIT1)\r
1796#define TPM_KEY_DELEGATE_LoadKey (BIT0)\r
1797\r
1798//\r
1799// Part 2, section 20.3: TPM_FAMILY_FLAGS\r
1800//\r
1801#define TPM_DELEGATE_ADMIN_LOCK (BIT1)\r
1802#define TPM_FAMFLAG_ENABLE (BIT0)\r
1803\r
427987f5 1804///\r
1805/// Part 2, section 20.4: TPM_FAMILY_LABEL\r
1806///\r
4135253b 1807typedef struct tdTPM_FAMILY_LABEL {\r
1808 UINT8 label;\r
267669ba
LG		 1809} TPM_FAMILY_LABEL;\r
1810\r
427987f5 1811///\r
1812/// Part 2, section 20.5: TPM_FAMILY_TABLE_ENTRY\r
1813///\r
4135253b 1814typedef struct tdTPM_FAMILY_TABLE_ENTRY {\r
1815 TPM_STRUCTURE_TAG tag;\r
1816 TPM_FAMILY_LABEL label;\r
1817 TPM_FAMILY_ID familyID;\r
1818 TPM_FAMILY_VERIFICATION verificationCount;\r
1819 TPM_FAMILY_FLAGS flags;\r
267669ba
LG		 1820} TPM_FAMILY_TABLE_ENTRY;\r
1821\r
4135253b 1822//\r
1823// Part 2, section 20.6: TPM_FAMILY_TABLE\r
1824//\r
1825#define TPM_NUM_FAMILY_TABLE_ENTRY_MIN 8\r
267669ba 1826\r
4135253b 1827typedef struct tdTPM_FAMILY_TABLE{\r
1828 TPM_FAMILY_TABLE_ENTRY famTableRow[TPM_NUM_FAMILY_TABLE_ENTRY_MIN];\r
1829} TPM_FAMILY_TABLE;\r
267669ba 1830\r
427987f5 1831///\r
1832/// Part 2, section 20.7: TPM_DELEGATE_LABEL\r
1833///\r
4135253b 1834typedef struct tdTPM_DELEGATE_LABEL {\r
1835 UINT8 label;\r
267669ba
LG		 1836} TPM_DELEGATE_LABEL;\r
1837\r
427987f5 1838///\r
1839/// Part 2, section 20.8: TPM_DELEGATE_PUBLIC\r
1840///\r
4135253b 1841typedef struct tdTPM_DELEGATE_PUBLIC {\r
1842 TPM_STRUCTURE_TAG tag;\r
1843 TPM_DELEGATE_LABEL label;\r
1844 TPM_PCR_INFO_SHORT pcrInfo;\r
1845 TPM_DELEGATIONS permissions;\r
1846 TPM_FAMILY_ID familyID;\r
1847 TPM_FAMILY_VERIFICATION verificationCount;\r
267669ba
LG		 1848} TPM_DELEGATE_PUBLIC;\r
1849\r
427987f5 1850///\r
1851/// Part 2, section 20.9: TPM_DELEGATE_TABLE_ROW\r
1852///\r
4135253b 1853typedef struct tdTPM_DELEGATE_TABLE_ROW {\r
1854 TPM_STRUCTURE_TAG tag;\r
1855 TPM_DELEGATE_PUBLIC pub;\r
1856 TPM_SECRET authValue;\r
267669ba
LG		 1857} TPM_DELEGATE_TABLE_ROW;\r
1858\r
4135253b 1859//\r
1860// Part 2, section 20.10: TPM_DELEGATE_TABLE\r
1861//\r
267669ba 1862#define TPM_NUM_DELEGATE_TABLE_ENTRY_MIN 2\r
4135253b 1863\r
1864typedef struct tdTPM_DELEGATE_TABLE{\r
1865 TPM_DELEGATE_TABLE_ROW delRow[TPM_NUM_DELEGATE_TABLE_ENTRY_MIN];\r
1866} TPM_DELEGATE_TABLE;\r
1867\r
427987f5 1868///\r
1869/// Part 2, section 20.11: TPM_DELEGATE_SENSITIVE\r
1870///\r
4135253b 1871typedef struct tdTPM_DELEGATE_SENSITIVE {\r
1872 TPM_STRUCTURE_TAG tag;\r
1873 TPM_SECRET authValue;\r
267669ba
LG		 1874} TPM_DELEGATE_SENSITIVE;\r
1875\r
427987f5 1876///\r
1877/// Part 2, section 20.12: TPM_DELEGATE_OWNER_BLOB\r
1878///\r
4135253b 1879typedef struct tdTPM_DELEGATE_OWNER_BLOB {\r
1880 TPM_STRUCTURE_TAG tag;\r
1881 TPM_DELEGATE_PUBLIC pub;\r
1882 TPM_DIGEST integrityDigest;\r
1883 UINT32 additionalSize;\r
1884 UINT8 *additionalArea;\r
1885 UINT32 sensitiveSize;\r
1886 UINT8 *sensitiveArea;\r
267669ba
LG		 1887} TPM_DELEGATE_OWNER_BLOB;\r
1888\r
427987f5 1889///\r
1890/// Part 2, section 20.13: TTPM_DELEGATE_KEY_BLOB\r
1891///\r
4135253b 1892typedef struct tdTPM_DELEGATE_KEY_BLOB {\r
1893 TPM_STRUCTURE_TAG tag;\r
1894 TPM_DELEGATE_PUBLIC pub;\r
1895 TPM_DIGEST integrityDigest;\r
1896 TPM_DIGEST pubKeyDigest;\r
1897 UINT32 additionalSize;\r
1898 UINT8 *additionalArea;\r
1899 UINT32 sensitiveSize;\r
1900 UINT8 *sensitiveArea;\r
267669ba
LG		 1901} TPM_DELEGATE_KEY_BLOB;\r
1902\r
4135253b 1903//\r
1904// Part 2, section 20.14: TPM_FAMILY_OPERATION Values\r
1905//\r
1906#define TPM_FAMILY_CREATE ((UINT32)0x00000001)\r
1907#define TPM_FAMILY_ENABLE ((UINT32)0x00000002)\r
1908#define TPM_FAMILY_ADMIN ((UINT32)0x00000003)\r
1909#define TPM_FAMILY_INVALIDATE ((UINT32)0x00000004)\r
1910\r
267669ba
LG		 1911//\r
1912// Part 2, section 21.1: TPM_CAPABILITY_AREA for GetCapability\r
1913//\r
1914#define TPM_CAP_ORD ((TPM_CAPABILITY_AREA) 0x00000001)\r
1915#define TPM_CAP_ALG ((TPM_CAPABILITY_AREA) 0x00000002)\r
1916#define TPM_CAP_PID ((TPM_CAPABILITY_AREA) 0x00000003)\r
1917#define TPM_CAP_FLAG ((TPM_CAPABILITY_AREA) 0x00000004)\r
1918#define TPM_CAP_PROPERTY ((TPM_CAPABILITY_AREA) 0x00000005)\r
1919#define TPM_CAP_VERSION ((TPM_CAPABILITY_AREA) 0x00000006)\r
1920#define TPM_CAP_KEY_HANDLE ((TPM_CAPABILITY_AREA) 0x00000007)\r
1921#define TPM_CAP_CHECK_LOADED ((TPM_CAPABILITY_AREA) 0x00000008)\r
1922#define TPM_CAP_SYM_MODE ((TPM_CAPABILITY_AREA) 0x00000009)\r
1923#define TPM_CAP_KEY_STATUS ((TPM_CAPABILITY_AREA) 0x0000000C)\r
1924#define TPM_CAP_NV_LIST ((TPM_CAPABILITY_AREA) 0x0000000D)\r
1925#define TPM_CAP_MFR ((TPM_CAPABILITY_AREA) 0x00000010)\r
1926#define TPM_CAP_NV_INDEX ((TPM_CAPABILITY_AREA) 0x00000011)\r
1927#define TPM_CAP_TRANS_ALG ((TPM_CAPABILITY_AREA) 0x00000012)\r
1928#define TPM_CAP_HANDLE ((TPM_CAPABILITY_AREA) 0x00000014)\r
1929#define TPM_CAP_TRANS_ES ((TPM_CAPABILITY_AREA) 0x00000015)\r
1930#define TPM_CAP_AUTH_ENCRYPT ((TPM_CAPABILITY_AREA) 0x00000017)\r
1931#define TPM_CAP_SELECT_SIZE ((TPM_CAPABILITY_AREA) 0x00000018)\r
1932#define TPM_CAP_VERSION_VAL ((TPM_CAPABILITY_AREA) 0x0000001A)\r
1933\r
1934#define TPM_CAP_FLAG_PERMANENT ((TPM_CAPABILITY_AREA) 0x00000108)\r
1935#define TPM_CAP_FLAG_VOLATILE ((TPM_CAPABILITY_AREA) 0x00000109)\r
1936\r
1937//\r
1938// Part 2, section 21.2: CAP_PROPERTY Subcap values for GetCapability\r
1939//\r
1940#define TPM_CAP_PROP_PCR ((TPM_CAPABILITY_AREA) 0x00000101)\r
1941#define TPM_CAP_PROP_DIR ((TPM_CAPABILITY_AREA) 0x00000102)\r
1942#define TPM_CAP_PROP_MANUFACTURER ((TPM_CAPABILITY_AREA) 0x00000103)\r
1943#define TPM_CAP_PROP_KEYS ((TPM_CAPABILITY_AREA) 0x00000104)\r
1944#define TPM_CAP_PROP_MIN_COUNTER ((TPM_CAPABILITY_AREA) 0x00000107)\r
1945#define TPM_CAP_PROP_AUTHSESS ((TPM_CAPABILITY_AREA) 0x0000010A)\r
1946#define TPM_CAP_PROP_TRANSESS ((TPM_CAPABILITY_AREA) 0x0000010B)\r
1947#define TPM_CAP_PROP_COUNTERS ((TPM_CAPABILITY_AREA) 0x0000010C)\r
1948#define TPM_CAP_PROP_MAX_AUTHSESS ((TPM_CAPABILITY_AREA) 0x0000010D)\r
1949#define TPM_CAP_PROP_MAX_TRANSESS ((TPM_CAPABILITY_AREA) 0x0000010E)\r
1950#define TPM_CAP_PROP_MAX_COUNTERS ((TPM_CAPABILITY_AREA) 0x0000010F)\r
1951#define TPM_CAP_PROP_MAX_KEYS ((TPM_CAPABILITY_AREA) 0x00000110)\r
1952#define TPM_CAP_PROP_OWNER ((TPM_CAPABILITY_AREA) 0x00000111)\r
1953#define TPM_CAP_PROP_CONTEXT ((TPM_CAPABILITY_AREA) 0x00000112)\r
1954#define TPM_CAP_PROP_MAX_CONTEXT ((TPM_CAPABILITY_AREA) 0x00000113)\r
1955#define TPM_CAP_PROP_FAMILYROWS ((TPM_CAPABILITY_AREA) 0x00000114)\r
1956#define TPM_CAP_PROP_TIS_TIMEOUT ((TPM_CAPABILITY_AREA) 0x00000115)\r
1957#define TPM_CAP_PROP_STARTUP_EFFECT ((TPM_CAPABILITY_AREA) 0x00000116)\r
1958#define TPM_CAP_PROP_DELEGATE_ROW ((TPM_CAPABILITY_AREA) 0x00000117)\r
1959#define TPM_CAP_PROP_DAA_MAX ((TPM_CAPABILITY_AREA) 0x00000119)\r
1960#define CAP_PROP_SESSION_DAA ((TPM_CAPABILITY_AREA) 0x0000011A)\r
1961#define TPM_CAP_PROP_CONTEXT_DIST ((TPM_CAPABILITY_AREA) 0x0000011B)\r
1962#define TPM_CAP_PROP_DAA_INTERRUPT ((TPM_CAPABILITY_AREA) 0x0000011C)\r
1963#define TPM_CAP_PROP_SESSIONS ((TPM_CAPABILITY_AREA) 0x0000011D)\r
1964#define TPM_CAP_PROP_MAX_SESSIONS ((TPM_CAPABILITY_AREA) 0x0000011E)\r
1965#define TPM_CAP_PROP_CMK_RESTRICTION ((TPM_CAPABILITY_AREA) 0x0000011F)\r
1966#define TPM_CAP_PROP_DURATION ((TPM_CAPABILITY_AREA) 0x00000120)\r
1967#define TPM_CAP_PROP_ACTIVE_COUNTER ((TPM_CAPABILITY_AREA) 0x00000122)\r
1968#define TPM_CAP_PROP_MAX_NV_AVAILABLE ((TPM_CAPABILITY_AREA) 0x00000123)\r
1969#define TPM_CAP_PROP_INPUT_BUFFER ((TPM_CAPABILITY_AREA) 0x00000124)\r
1970\r
1919913f 1971//\r
1972// Part 2, section 21.4: TPM_CAPABILITY_AREA for SetCapability\r
1973//\r
1974#define TPM_SET_PERM_FLAGS ((TPM_CAPABILITY_AREA) 0x00000001)\r
1975#define TPM_SET_PERM_DATA ((TPM_CAPABILITY_AREA) 0x00000002)\r
1976#define TPM_SET_STCLEAR_FLAGS ((TPM_CAPABILITY_AREA) 0x00000003)\r
1977#define TPM_SET_STCLEAR_DATA ((TPM_CAPABILITY_AREA) 0x00000004)\r
1978#define TPM_SET_STANY_FLAGS ((TPM_CAPABILITY_AREA) 0x00000005)\r
1979#define TPM_SET_STANY_DATA ((TPM_CAPABILITY_AREA) 0x00000006)\r
1980\r
427987f5 1981///\r
1982/// Part 2, section 21.6: TPM_CAP_VERSION_INFO\r
1983/// [size_is(vendorSpecificSize)] BYTE* vendorSpecific;\r
1984///\r
267669ba
LG		 1985typedef struct tdTPM_CAP_VERSION_INFO {\r
1986 TPM_STRUCTURE_TAG tag;\r
1987 TPM_VERSION version;\r
1988 UINT16 specLevel;\r
1989 UINT8 errataRev;\r
1990 UINT8 tpmVendorID[4];\r
1991 UINT16 vendorSpecificSize;\r
1992 UINT8 *vendorSpecific;\r
1993} TPM_CAP_VERSION_INFO;\r
1994\r
1919913f 1995///\r
1996/// Part 2, section 21.10: TPM_DA_ACTION_TYPE\r
1997///\r
1998typedef struct tdTPM_DA_ACTION_TYPE {\r
1999 TPM_STRUCTURE_TAG tag;\r
2000 UINT32 actions;\r
2001} TPM_DA_ACTION_TYPE;\r
2002\r
2003#define TPM_DA_ACTION_FAILURE_MODE (((UINT32)1)<<3)\r
2004#define TPM_DA_ACTION_DEACTIVATE (((UINT32)1)<<2)\r
2005#define TPM_DA_ACTION_DISABLE (((UINT32)1)<<1)\r
2006#define TPM_DA_ACTION_TIMEOUT (((UINT32)1)<<0)\r
2007\r
2008///\r
2009/// Part 2, section 21.7: TPM_DA_INFO\r
2010///\r
2011typedef struct tdTPM_DA_INFO {\r
2012 TPM_STRUCTURE_TAG tag;\r
2013 TPM_DA_STATE state;\r
2014 UINT16 currentCount;\r
2015 UINT16 thresholdCount;\r
2016 TPM_DA_ACTION_TYPE actionAtThreshold;\r
2017 UINT32 actionDependValue;\r
2018 UINT32 vendorDataSize;\r
2019 UINT8 *vendorData;\r
2020} TPM_DA_INFO;\r
2021\r
2022///\r
2023/// Part 2, section 21.8: TPM_DA_INFO_LIMITED\r
2024///\r
2025typedef struct tdTPM_DA_INFO_LIMITED {\r
2026 TPM_STRUCTURE_TAG tag;\r
2027 TPM_DA_STATE state;\r
2028 TPM_DA_ACTION_TYPE actionAtThreshold;\r
2029 UINT32 vendorDataSize;\r
2030 UINT8 *vendorData;\r
2031} TPM_DA_INFO_LIMITED;\r
2032\r
2033//\r
2034// Part 2, section 21.9: CAP_PROPERTY Subcap values for GetCapability\r
2035//\r
2036#define TPM_DA_STATE_INACTIVE ((UINT8)0x00)\r
2037#define TPM_DA_STATE_ACTIVE ((UINT8)0x01)\r
2038\r
267669ba
LG		 2039//\r
2040// Part 2, section 22: DAA Structures\r
2041//\r
2042\r
4135253b 2043//\r
2044// Part 2, section 22.1: Size definitions\r
2045//\r
267669ba
LG		 2046#define TPM_DAA_SIZE_r0 (43)\r
2047#define TPM_DAA_SIZE_r1 (43)\r
2048#define TPM_DAA_SIZE_r2 (128)\r
2049#define TPM_DAA_SIZE_r3 (168)\r
2050#define TPM_DAA_SIZE_r4 (219)\r
2051#define TPM_DAA_SIZE_NT (20)\r
2052#define TPM_DAA_SIZE_v0 (128)\r
2053#define TPM_DAA_SIZE_v1 (192)\r
2054#define TPM_DAA_SIZE_NE (256)\r
2055#define TPM_DAA_SIZE_w (256)\r
2056#define TPM_DAA_SIZE_issuerModulus (256)\r
4135253b 2057//\r
2058// Part 2, section 22.2: Constant definitions\r
2059//\r
267669ba
LG		 2060#define TPM_DAA_power0 (104)\r
2061#define TPM_DAA_power1 (1024)\r
2062\r
427987f5 2063///\r
2064/// Part 2, section 22.3: TPM_DAA_ISSUER\r
2065///\r
4135253b 2066typedef struct tdTPM_DAA_ISSUER {\r
2067 TPM_STRUCTURE_TAG tag;\r
2068 TPM_DIGEST DAA_digest_R0;\r
2069 TPM_DIGEST DAA_digest_R1;\r
2070 TPM_DIGEST DAA_digest_S0;\r
2071 TPM_DIGEST DAA_digest_S1;\r
2072 TPM_DIGEST DAA_digest_n;\r
2073 TPM_DIGEST DAA_digest_gamma;\r
2074 UINT8 DAA_generic_q[26];\r
267669ba
LG		 2075} TPM_DAA_ISSUER;\r
2076\r
427987f5 2077///\r
2078/// Part 2, section 22.4: TPM_DAA_TPM\r
2079///\r
4135253b 2080typedef struct tdTPM_DAA_TPM {\r
2081 TPM_STRUCTURE_TAG tag;\r
2082 TPM_DIGEST DAA_digestIssuer;\r
2083 TPM_DIGEST DAA_digest_v0;\r
2084 TPM_DIGEST DAA_digest_v1;\r
2085 TPM_DIGEST DAA_rekey;\r
2086 UINT32 DAA_count;\r
267669ba
LG		 2087} TPM_DAA_TPM;\r
2088\r
427987f5 2089///\r
2090/// Part 2, section 22.5: TPM_DAA_CONTEXT\r
2091///\r
4135253b 2092typedef struct tdTPM_DAA_CONTEXT {\r
2093 TPM_STRUCTURE_TAG tag;\r
2094 TPM_DIGEST DAA_digestContext;\r
2095 TPM_DIGEST DAA_digest;\r
2096 TPM_DAA_CONTEXT_SEED DAA_contextSeed;\r
2097 UINT8 DAA_scratch[256];\r
2098 UINT8 DAA_stage;\r
267669ba
LG		 2099} TPM_DAA_CONTEXT;\r
2100\r
427987f5 2101///\r
2102/// Part 2, section 22.6: TPM_DAA_JOINDATA\r
2103///\r
4135253b 2104typedef struct tdTPM_DAA_JOINDATA {\r
2105 UINT8 DAA_join_u0[128];\r
2106 UINT8 DAA_join_u1[138];\r
2107 TPM_DIGEST DAA_digest_n0;\r
267669ba
LG		 2108} TPM_DAA_JOINDATA;\r
2109\r
427987f5 2110///\r
2111/// Part 2, section 22.8: TPM_DAA_BLOB\r
2112///\r
4135253b 2113typedef struct tdTPM_DAA_BLOB {\r
2114 TPM_STRUCTURE_TAG tag;\r
2115 TPM_RESOURCE_TYPE resourceType;\r
2116 UINT8 label[16];\r
2117 TPM_DIGEST blobIntegrity;\r
2118 UINT32 additionalSize;\r
2119 UINT8 *additionalData;\r
2120 UINT32 sensitiveSize;\r
2121 UINT8 *sensitiveData;\r
267669ba
LG		 2122} TPM_DAA_BLOB;\r
2123\r
427987f5 2124///\r
2125/// Part 2, section 22.9: TPM_DAA_SENSITIVE\r
2126///\r
4135253b 2127typedef struct tdTPM_DAA_SENSITIVE {\r
2128 TPM_STRUCTURE_TAG tag;\r
2129 UINT32 internalSize;\r
2130 UINT8 *internalData;\r
267669ba
LG		 2131} TPM_DAA_SENSITIVE;\r
2132\r
2133\r
2134//\r
2135// Part 2, section 23: Redirection\r
2136//\r
2137\r
427987f5 2138///\r
2139/// Part 2 section 23.1: TPM_REDIR_COMMAND\r
2140/// This section defines exactly one value but does not\r
2141/// give it a name. The definition of TPM_SetRedirection in Part3\r
2142/// refers to exactly one name but does not give its value. We join\r
2143/// them here.\r
2144///\r
267669ba
LG		 2145#define TPM_REDIR_GPIO (0x00000001)\r
2146\r
427987f5 2147///\r
cc078d72 2148/// TPM Command Headers defined in Part 3\r
427987f5 2149///\r
267669ba
LG		 2150typedef struct tdTPM_RQU_COMMAND_HDR {\r
2151 TPM_STRUCTURE_TAG tag;\r
2152 UINT32 paramSize;\r
2153 TPM_COMMAND_CODE ordinal;\r
2154} TPM_RQU_COMMAND_HDR;\r
2155\r
cc078d72 2156///\r
2157/// TPM Response Headers defined in Part 3\r
2158///\r
267669ba
LG		 2159typedef struct tdTPM_RSP_COMMAND_HDR {\r
2160 TPM_STRUCTURE_TAG tag;\r
2161 UINT32 paramSize;\r
2162 TPM_RESULT returnCode;\r
2163} TPM_RSP_COMMAND_HDR;\r
2164\r
a04ad3f0 2165#pragma pack ()\r
267669ba 2166\r
4135253b 2167#endif\r
EFI Development Kit II mirror for PVE