-/** @file \r
- TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 94)\r
+/** @file\r
+ TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 103)\r
See http://trustedcomputinggroup.org for latest specification updates\r
\r
- Copyright (c) 2006 - 2008, Intel Corporation\r
- All rights reserved. This program and the accompanying materials \r
- are licensed and made available under the terms and conditions of the BSD License \r
- which accompanies this distribution. The full text of the license may be found at \r
- http://opensource.org/licenses/bsd-license.php \r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
+ SPDX-License-Identifier: BSD-2-Clause-Patent\r
**/\r
\r
\r
///\r
/// The start of TPM return codes\r
///\r
-#define TPM_BASE (MAX_BIT + (MAX_BIT >> 1))\r
+#define TPM_BASE 0\r
\r
//\r
// All structures MUST be packed on a byte boundary.\r
///\r
typedef UINT8 TPM_VERSION_BYTE;\r
///\r
+/// The state of the dictionary attack mitigation logic\r
+///\r
+typedef UINT8 TPM_DA_STATE;\r
+///\r
/// The request or response authorization type\r
///\r
typedef UINT16 TPM_TAG;\r
///\r
typedef UINT32 TPM_NV_INDEX;\r
///\r
-/// The family ID. Family IDs are automatically assigned a sequence number by the TPM. \r
-/// A trusted process can set the FamilyID value in an individual row to NULL, which \r
+/// The family ID. Family IDs are automatically assigned a sequence number by the TPM.\r
+/// A trusted process can set the FamilyID value in an individual row to NULL, which\r
/// invalidates that row. The family ID resets to NULL on each change of TPM Owner.\r
///\r
typedef UINT32 TPM_FAMILY_ID;\r
#define TPM_TAG_CMK_SIGTICKET ((TPM_STRUCTURE_TAG) 0x0034)\r
#define TPM_TAG_CMK_MA_APPROVAL ((TPM_STRUCTURE_TAG) 0x0035)\r
#define TPM_TAG_QUOTE_INFO2 ((TPM_STRUCTURE_TAG) 0x0036)\r
+#define TPM_TAG_DA_INFO ((TPM_STRUCTURE_TAG) 0x0037)\r
+#define TPM_TAG_DA_LIMITED ((TPM_STRUCTURE_TAG) 0x0038)\r
+#define TPM_TAG_DA_ACTION_TYPE ((TPM_STRUCTURE_TAG) 0x0039)\r
\r
//\r
// Part 2, section 4: TPM Types\r
#define TPM_ET_DEL_KEY_BLOB ((UINT16) 0x0009) ///< The entity is a delegate key blob\r
#define TPM_ET_COUNTER ((UINT16) 0x000A) ///< The entity is a counter\r
#define TPM_ET_NV ((UINT16) 0x000B) ///< The entity is a NV index\r
+#define TPM_ET_OPERATOR ((UINT16) 0x000C) ///< The entity is the operator\r
#define TPM_ET_RESERVED_HANDLE ((UINT16) 0x0040) ///< Reserved. This value avoids collisions with the handle MSB setting.\r
//\r
// TPM_ENTITY_TYPE MSB Values: The MSB is used to indicate the ADIP encryption sheme when applicable\r
/// This SHALL be the value of the current internal audit state\r
///\r
typedef TPM_DIGEST TPM_AUDITDIGEST;\r
-///\r
-/// This SHALL be a random value generated by a TPM immediately after the EK is installed\r
-/// in that TPM, whenever an EK is installed in that TPM\r
-///\r
-typedef TPM_DIGEST TPM_DAA_TPM_SEED;\r
-///\r
-/// This SHALL be a random value\r
-///\r
-typedef TPM_DIGEST TPM_DAA_CONTEXT_SEED;\r
\r
///\r
/// Part 2, section 5.5: TPM_NONCE\r
UINT8 nonce[20];\r
} TPM_NONCE;\r
\r
+///\r
+/// This SHALL be a random value generated by a TPM immediately after the EK is installed\r
+/// in that TPM, whenever an EK is installed in that TPM\r
+///\r
+typedef TPM_NONCE TPM_DAA_TPM_SEED;\r
+///\r
+/// This SHALL be a random value\r
+///\r
+typedef TPM_NONCE TPM_DAA_CONTEXT_SEED;\r
+\r
//\r
// Part 2, section 5.6: TPM_AUTHDATA\r
//\r
#define TPM_ES_NONE ((TPM_ENC_SCHEME) 0x0001)\r
#define TPM_ES_RSAESPKCSv15 ((TPM_ENC_SCHEME) 0x0002)\r
#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((TPM_ENC_SCHEME) 0x0003)\r
-#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004)\r
+#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004) ///< rev94 defined\r
+#define TPM_ES_SYM_CTR ((TPM_ENC_SCHEME) 0x0004)\r
#define TPM_ES_SYM_OFB ((TPM_ENC_SCHEME) 0x0005)\r
\r
#define TPM_SS_NONE ((TPM_SIG_SCHEME) 0x0001)\r
BOOLEAN readSRKPub;\r
BOOLEAN tpmEstablished;\r
BOOLEAN maintenanceDone;\r
+ BOOLEAN disableFullDALogicInfo;\r
} TPM_PERMANENT_FLAGS;\r
\r
//\r
#define TPM_PF_READSRKPUB ((TPM_CAPABILITY_AREA) 17)\r
#define TPM_PF_TPMESTABLISHED ((TPM_CAPABILITY_AREA) 18)\r
#define TPM_PF_MAINTENANCEDONE ((TPM_CAPABILITY_AREA) 19)\r
+#define TPM_PF_DISABLEFULLDALOGICINFO ((TPM_CAPABILITY_AREA) 20)\r
\r
///\r
/// Part 2, section 7.2: TPM_STCLEAR_FLAGS\r
#define TPM_AF_TOSPRESENT ((TPM_CAPABILITY_AREA) 4)\r
\r
//\r
-// All those structures defined in section 7.4, 7.5, 7.6 are not normative and \r
+// All those structures defined in section 7.4, 7.5, 7.6 are not normative and\r
// thus no definitions here\r
//\r
+// Part 2, section 7.4: TPM_PERMANENT_DATA\r
+//\r
+#define TPM_MIN_COUNTERS 4 ///< the minimum number of counters is 4\r
+#define TPM_DELEGATE_KEY TPM_KEY\r
+#define TPM_NUM_PCR 16\r
+#define TPM_MAX_NV_WRITE_NOOWNER 64\r
+\r
+//\r
+// Part 2, section 7.4.1: PERMANENT_DATA Subcap for SetCapability\r
+//\r
+#define TPM_PD_REVMAJOR ((TPM_CAPABILITY_AREA) 1)\r
+#define TPM_PD_REVMINOR ((TPM_CAPABILITY_AREA) 2)\r
+#define TPM_PD_TPMPROOF ((TPM_CAPABILITY_AREA) 3)\r
+#define TPM_PD_OWNERAUTH ((TPM_CAPABILITY_AREA) 4)\r
+#define TPM_PD_OPERATORAUTH ((TPM_CAPABILITY_AREA) 5)\r
+#define TPM_PD_MANUMAINTPUB ((TPM_CAPABILITY_AREA) 6)\r
+#define TPM_PD_ENDORSEMENTKEY ((TPM_CAPABILITY_AREA) 7)\r
+#define TPM_PD_SRK ((TPM_CAPABILITY_AREA) 8)\r
+#define TPM_PD_DELEGATEKEY ((TPM_CAPABILITY_AREA) 9)\r
+#define TPM_PD_CONTEXTKEY ((TPM_CAPABILITY_AREA) 10)\r
+#define TPM_PD_AUDITMONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 11)\r
+#define TPM_PD_MONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 12)\r
+#define TPM_PD_PCRATTRIB ((TPM_CAPABILITY_AREA) 13)\r
+#define TPM_PD_ORDINALAUDITSTATUS ((TPM_CAPABILITY_AREA) 14)\r
+#define TPM_PD_AUTHDIR ((TPM_CAPABILITY_AREA) 15)\r
+#define TPM_PD_RNGSTATE ((TPM_CAPABILITY_AREA) 16)\r
+#define TPM_PD_FAMILYTABLE ((TPM_CAPABILITY_AREA) 17)\r
+#define TPM_DELEGATETABLE ((TPM_CAPABILITY_AREA) 18)\r
+#define TPM_PD_EKRESET ((TPM_CAPABILITY_AREA) 19)\r
+#define TPM_PD_MAXNVBUFSIZE ((TPM_CAPABILITY_AREA) 20)\r
+#define TPM_PD_LASTFAMILYID ((TPM_CAPABILITY_AREA) 21)\r
+#define TPM_PD_NOOWNERNVWRITE ((TPM_CAPABILITY_AREA) 22)\r
+#define TPM_PD_RESTRICTDELEGATE ((TPM_CAPABILITY_AREA) 23)\r
+#define TPM_PD_TPMDAASEED ((TPM_CAPABILITY_AREA) 24)\r
+#define TPM_PD_DAAPROOF ((TPM_CAPABILITY_AREA) 25)\r
+\r
+///\r
+/// Part 2, section 7.5: TPM_STCLEAR_DATA\r
+/// available inside TPM only\r
+///\r
+ typedef struct tdTPM_STCLEAR_DATA{\r
+ TPM_STRUCTURE_TAG tag;\r
+ TPM_NONCE contextNonceKey;\r
+ TPM_COUNT_ID countID;\r
+ UINT32 ownerReference;\r
+ BOOLEAN disableResetLock;\r
+ TPM_PCRVALUE PCR[TPM_NUM_PCR];\r
+ UINT32 deferredPhysicalPresence;\r
+ }TPM_STCLEAR_DATA;\r
+\r
+//\r
+// Part 2, section 7.5.1: STCLEAR_DATA Subcap for SetCapability\r
+//\r
+#define TPM_SD_CONTEXTNONCEKEY ((TPM_CAPABILITY_AREA)0x00000001)\r
+#define TPM_SD_COUNTID ((TPM_CAPABILITY_AREA)0x00000002)\r
+#define TPM_SD_OWNERREFERENCE ((TPM_CAPABILITY_AREA)0x00000003)\r
+#define TPM_SD_DISABLERESETLOCK ((TPM_CAPABILITY_AREA)0x00000004)\r
+#define TPM_SD_PCR ((TPM_CAPABILITY_AREA)0x00000005)\r
+#define TPM_SD_DEFERREDPHYSICALPRESENCE ((TPM_CAPABILITY_AREA)0x00000006)\r
+\r
+//\r
+// Part 2, section 7.6.1: STANY_DATA Subcap for SetCapability\r
+//\r
+#define TPM_AD_CONTEXTNONCESESSION ((TPM_CAPABILITY_AREA) 1)\r
+#define TPM_AD_AUDITDIGEST ((TPM_CAPABILITY_AREA) 2)\r
+#define TPM_AD_CURRENTTICKS ((TPM_CAPABILITY_AREA) 3)\r
+#define TPM_AD_CONTEXTCOUNT ((TPM_CAPABILITY_AREA) 4)\r
+#define TPM_AD_CONTEXTLIST ((TPM_CAPABILITY_AREA) 5)\r
+#define TPM_AD_SESSIONS ((TPM_CAPABILITY_AREA) 6)\r
\r
//\r
// Part 2, section 8: PCR Structures\r
-// \r
+//\r
\r
///\r
/// Part 2, section 8.1: TPM_PCR_SELECTION\r
\r
//\r
// Part 2 section 10: TPM_KEY complex\r
-// \r
+//\r
\r
//\r
// Section 10.1, 10.4, and 10.5 have been defined previously\r
#define TPM_DELEGATE_SetOrdinalAuditStatus (BIT30)\r
#define TPM_DELEGATE_DirWriteAuth (BIT29)\r
#define TPM_DELEGATE_CMK_ApproveMA (BIT28)\r
+#define TPM_DELEGATE_NV_WriteValue (BIT27)\r
#define TPM_DELEGATE_CMK_CreateTicket (BIT26)\r
+#define TPM_DELEGATE_NV_ReadValue (BIT25)\r
#define TPM_DELEGATE_Delegate_LoadOwnerDelegation (BIT24)\r
#define TPM_DELEGATE_DAA_Join (BIT23)\r
#define TPM_DELEGATE_AuthorizeMigrationKey (BIT22)\r
#define TPM_DELEGATE_ResetLockValue (BIT17)\r
#define TPM_DELEGATE_OwnerClear (BIT16)\r
#define TPM_DELEGATE_DisableOwnerClear (BIT15)\r
+#define TPM_DELEGATE_NV_DefineSpace (BIT14)\r
#define TPM_DELEGATE_OwnerSetDisable (BIT13)\r
#define TPM_DELEGATE_SetCapability (BIT12)\r
#define TPM_DELEGATE_MakeIdentity (BIT11)\r
#define TPM_CAP_PROP_MAX_NV_AVAILABLE ((TPM_CAPABILITY_AREA) 0x00000123)\r
#define TPM_CAP_PROP_INPUT_BUFFER ((TPM_CAPABILITY_AREA) 0x00000124)\r
\r
+//\r
+// Part 2, section 21.4: TPM_CAPABILITY_AREA for SetCapability\r
+//\r
+#define TPM_SET_PERM_FLAGS ((TPM_CAPABILITY_AREA) 0x00000001)\r
+#define TPM_SET_PERM_DATA ((TPM_CAPABILITY_AREA) 0x00000002)\r
+#define TPM_SET_STCLEAR_FLAGS ((TPM_CAPABILITY_AREA) 0x00000003)\r
+#define TPM_SET_STCLEAR_DATA ((TPM_CAPABILITY_AREA) 0x00000004)\r
+#define TPM_SET_STANY_FLAGS ((TPM_CAPABILITY_AREA) 0x00000005)\r
+#define TPM_SET_STANY_DATA ((TPM_CAPABILITY_AREA) 0x00000006)\r
+\r
///\r
/// Part 2, section 21.6: TPM_CAP_VERSION_INFO\r
/// [size_is(vendorSpecificSize)] BYTE* vendorSpecific;\r
UINT8 *vendorSpecific;\r
} TPM_CAP_VERSION_INFO;\r
\r
+///\r
+/// Part 2, section 21.10: TPM_DA_ACTION_TYPE\r
+///\r
+typedef struct tdTPM_DA_ACTION_TYPE {\r
+ TPM_STRUCTURE_TAG tag;\r
+ UINT32 actions;\r
+} TPM_DA_ACTION_TYPE;\r
+\r
+#define TPM_DA_ACTION_FAILURE_MODE (((UINT32)1)<<3)\r
+#define TPM_DA_ACTION_DEACTIVATE (((UINT32)1)<<2)\r
+#define TPM_DA_ACTION_DISABLE (((UINT32)1)<<1)\r
+#define TPM_DA_ACTION_TIMEOUT (((UINT32)1)<<0)\r
+\r
+///\r
+/// Part 2, section 21.7: TPM_DA_INFO\r
+///\r
+typedef struct tdTPM_DA_INFO {\r
+ TPM_STRUCTURE_TAG tag;\r
+ TPM_DA_STATE state;\r
+ UINT16 currentCount;\r
+ UINT16 thresholdCount;\r
+ TPM_DA_ACTION_TYPE actionAtThreshold;\r
+ UINT32 actionDependValue;\r
+ UINT32 vendorDataSize;\r
+ UINT8 *vendorData;\r
+} TPM_DA_INFO;\r
+\r
+///\r
+/// Part 2, section 21.8: TPM_DA_INFO_LIMITED\r
+///\r
+typedef struct tdTPM_DA_INFO_LIMITED {\r
+ TPM_STRUCTURE_TAG tag;\r
+ TPM_DA_STATE state;\r
+ TPM_DA_ACTION_TYPE actionAtThreshold;\r
+ UINT32 vendorDataSize;\r
+ UINT8 *vendorData;\r
+} TPM_DA_INFO_LIMITED;\r
+\r
+//\r
+// Part 2, section 21.9: CAP_PROPERTY Subcap values for GetCapability\r
+//\r
+#define TPM_DA_STATE_INACTIVE ((UINT8)0x00)\r
+#define TPM_DA_STATE_ACTIVE ((UINT8)0x01)\r
+\r
//\r
// Part 2, section 22: DAA Structures\r
//\r
projects / mirror_edk2.git / blobdiff