tpm2

package
v0.0.0-...-c97c955 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 15, 2021 License: BSD-3-Clause Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	EncryptIn parameterEncryptionDirection = 1 + iota
	EncryptOut
	EncryptInOut
)
View Source 
const (
	CommandCodeCreate uint32 = 0x00000153
)

Variables

View Source 
var (
	// RSASRKTemplate contains the TCG reference RSA-2048 SRK template.
	// https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf
	RSASRKTemplate = TPM2BPublic{
		PublicArea: TPMTPublic{
			Type:    TPMAlgRSA,
			NameAlg: TPMAlgSHA256,
			ObjectAttributes: TPMAObject{
				FixedTPM:             true,
				STClear:              false,
				FixedParent:          true,
				SensitiveDataOrigin:  true,
				UserWithAuth:         true,
				AdminWithPolicy:      false,
				NoDA:                 true,
				EncryptedDuplication: false,
				Restricted:           true,
				Decrypt:              true,
				SignEncrypt:          false,
			},
			Parameters: TPMUPublicParms{
				RSADetail: &TPMSRSAParms{
					Symmetric: TPMTSymDefObject{
						Algorithm: TPMAlgAES,
						KeyBits: TPMUSymKeyBits{
							AES: NewTPMKeyBits(128),
						},
						Mode: TPMUSymMode{
							AES: NewTPMAlgID(TPMAlgCFB),
						},
					},
					KeyBits: 2048,
				},
			},
			Unique: TPMUPublicID{
				RSA: &TPM2BPublicKeyRSA{
					Buffer: make([]byte, 256),
				},
			},
		},
	}
	// RSAEKTemplate contains the TCG reference RSA-2048 EK template.
	RSAEKTemplate = TPM2BPublic{
		PublicArea: TPMTPublic{
			Type:    TPMAlgRSA,
			NameAlg: TPMAlgSHA256,
			ObjectAttributes: TPMAObject{
				FixedTPM:             true,
				STClear:              false,
				FixedParent:          true,
				SensitiveDataOrigin:  true,
				UserWithAuth:         false,
				AdminWithPolicy:      true,
				NoDA:                 false,
				EncryptedDuplication: false,
				Restricted:           true,
				Decrypt:              true,
				SignEncrypt:          false,
			},
			AuthPolicy: TPM2BDigest{
				Buffer: []byte{

					0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xB3, 0xF8,
					0x1A, 0x90, 0xCC, 0x8D, 0x46, 0xA5, 0xD7, 0x24,
					0xFD, 0x52, 0xD7, 0x6E, 0x06, 0x52, 0x0B, 0x64,
					0xF2, 0xA1, 0xDA, 0x1B, 0x33, 0x14, 0x69, 0xAA,
				},
			},
			Parameters: TPMUPublicParms{
				RSADetail: &TPMSRSAParms{
					Symmetric: TPMTSymDefObject{
						Algorithm: TPMAlgAES,
						KeyBits: TPMUSymKeyBits{
							AES: NewTPMKeyBits(128),
						},
						Mode: TPMUSymMode{
							AES: NewTPMAlgID(TPMAlgCFB),
						},
					},
					KeyBits: 2048,
				},
			},
			Unique: TPMUPublicID{
				RSA: &TPM2BPublicKeyRSA{
					Buffer: make([]byte, 256),
				},
			},
		},
	}
	// ECCSRKTemplate contains the TCG reference ECC-P256 SRK template.
	// https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf
	ECCSRKTemplate = TPM2BPublic{
		PublicArea: TPMTPublic{
			Type:    TPMAlgECC,
			NameAlg: TPMAlgSHA256,
			ObjectAttributes: TPMAObject{
				FixedTPM:             true,
				STClear:              false,
				FixedParent:          true,
				SensitiveDataOrigin:  true,
				UserWithAuth:         true,
				AdminWithPolicy:      false,
				NoDA:                 true,
				EncryptedDuplication: false,
				Restricted:           true,
				Decrypt:              true,
				SignEncrypt:          false,
			},
			Parameters: TPMUPublicParms{
				ECCDetail: &TPMSECCParms{
					Symmetric: TPMTSymDefObject{
						Algorithm: TPMAlgAES,
						KeyBits: TPMUSymKeyBits{
							AES: NewTPMKeyBits(128),
						},
						Mode: TPMUSymMode{
							AES: NewTPMAlgID(TPMAlgCFB),
						},
					},
					CurveID: TPMECCNistP256,
				},
			},
			Unique: TPMUPublicID{
				ECC: &TPMSECCPoint{
					X: TPM2BECCParameter{
						Buffer: make([]byte, 32),
					},
					Y: TPM2BECCParameter{
						Buffer: make([]byte, 32),
					},
				},
			},
		},
	}
	// ECCEKTemplate contains the TCG reference ECC-P256 EK template.
	ECCEKTemplate = TPM2BPublic{
		PublicArea: TPMTPublic{
			Type:    TPMAlgECC,
			NameAlg: TPMAlgSHA256,
			ObjectAttributes: TPMAObject{
				FixedTPM:             true,
				STClear:              false,
				FixedParent:          true,
				SensitiveDataOrigin:  true,
				UserWithAuth:         false,
				AdminWithPolicy:      true,
				NoDA:                 false,
				EncryptedDuplication: false,
				Restricted:           true,
				Decrypt:              true,
				SignEncrypt:          false,
			},
			AuthPolicy: TPM2BDigest{
				Buffer: []byte{

					0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xB3, 0xF8,
					0x1A, 0x90, 0xCC, 0x8D, 0x46, 0xA5, 0xD7, 0x24,
					0xFD, 0x52, 0xD7, 0x6E, 0x06, 0x52, 0x0B, 0x64,
					0xF2, 0xA1, 0xDA, 0x1B, 0x33, 0x14, 0x69, 0xAA,
				},
			},
			Parameters: TPMUPublicParms{
				ECCDetail: &TPMSECCParms{
					Symmetric: TPMTSymDefObject{
						Algorithm: TPMAlgAES,
						KeyBits: TPMUSymKeyBits{
							AES: NewTPMKeyBits(128),
						},
						Mode: TPMUSymMode{
							AES: NewTPMAlgID(TPMAlgCFB),
						},
					},
					CurveID: TPMECCNistP256,
				},
			},
			Unique: TPMUPublicID{
				ECC: &TPMSECCPoint{
					X: TPM2BECCParameter{
						Buffer: make([]byte, 32),
					},
					Y: TPM2BECCParameter{
						Buffer: make([]byte, 32),
					},
				},
			},
		},
	}
)

Functions

func KDFA 

func KDFA(alg TPMIAlgHash, key, label, contextU, contextV []byte, lenBytes int) []byte

KDFA implements the SP800-108A-CTR KDF as decribed in Part 1, 11.4.10

func KDFe 

func KDFe(alg TPMIAlgHash, zx, label, contextU, contextV []byte, lenBytes int) []byte

KDFe implements the SP800-56A KDF as decribed in Part 1, 11.4.10.3

func Marshal 

func Marshal(w io.Writer, vs ...interface{}) error

Marshal will serialize the given values, appending them onto the given writer. Returns an error if any of the values are not marshallable.

func PrimaryHandleName 

func PrimaryHandleName(h TPMHandle) []byte

func Unmarshal 

func Unmarshal(r io.Reader, vs ...interface{}) error

Unmarshal deserializes the given values from the reader. Returns an error if the buffer does not contain enough data to satisfy the types, or if the types are not unmarshallable.

Types

type AuthHandle 

type AuthHandle struct {
	// The handle that is authorized.
	// If zero, treated as TPM_RH_NULL.
	Handle TPMIDHObject `tpmdirect:"nullable"`
	// The Name of the object expected at the given handle value.
	// If Name contains a nil buffer, the effective Name will be
	// the big-endian UINT32 representation of Handle, as in
	// Part 1, section 16 "Names" for PCRs, sessions, and
	// permanent values.
	Name TPM2BName `tpmdirect:"skip"`
	// The session used to authorize the object.
	// If the 'UserWithAuth' attribute is not set on the object,
	// must be a Policy session.
	// For ADMIN-role commands, if 'AdminWithPolicy' is set on
	// the object, must be a Policy session.
	// For DUP-role commands, must be a Policy session that
	// sets the policy command code to TPM_CC_DUPLICATE.
	// If nil, the effective Session will be a password session
	// with NULL authorization.
	Auth Session `tpmdirect:"skip"`
}

Convenience type to wrap an authorized handle.

type AuthOption 

type AuthOption func(*sessionOptions)

AuthOption is an option for setting up an auth session variadically.

func AESEncryption 

func AESEncryption(keySize TPMKeyBits, dir parameterEncryptionDirection) AuthOption

AESEncryption uses the session to encrypt the first parameter sent to/from the TPM. Note that only commands whose first command/response parameter is a 2B can support session encryption.

func Audit 

func Audit() AuthOption

Audit uses the session to compute extra HMACs. An Audit session can be used with GetSessionAuditDigest to obtain attestation over a sequence of commands.

func AuditExclusive 

func AuditExclusive() AuthOption

AuditExclusive is like an audit session, but even more powerful. This allows an audit session to additionally indicate that no other auditable commands were executed other than the ones described by the audit hash.

func Auth 

func Auth(auth []byte) AuthOption

Auth uses the session to prove knowledge of the object's auth value.

func Bound 

func Bound(handle TPMIDHEntity, name TPM2BName, auth []byte) AuthOption

Auth specifies that this session's session key should depend on the auth value of the given object.

func Password 

func Password(auth []byte) AuthOption

Password is a policy-session-only option that specifies to provide the object's auth value in place of the authorization HMAC when authorizing. Deprecated: This is not recommended and is only provided for completeness; use Auth instead. For HMAC sessions, has the same effect as using Auth.

func Salted 

func Salted(handle TPMIDHObject, pub TPMTPublic) AuthOption

Salted specifies that this session's session key should depend on an encrypted seed value using the given public key. 'handle' must refer to a loaded RSA or ECC key.

type Command 

type Command interface {
	// The TPM command code associated with this command.
	Command() TPMCC
}

Dummy interface for TPM command structures so that they can be easily distinguished from other types of structures.

type CommandAudit 

type CommandAudit struct {
	// contains filtered or unexported fields
}

CommandAudit represents an audit session for attesting the execution of a series of commands in the TPM. It is useful for both command and session auditing.

func NewAudit 

func NewAudit(hash TPMIAlgHash) CommandAudit

NewAudit initializes a new CommandAudit with the specified hash algorithm.

func (*CommandAudit) Digest 

func (a *CommandAudit) Digest() []byte

Digest returns the current digest of the audit.

func (*CommandAudit) Extend 

func (a *CommandAudit) Extend(cmd Command, rsp Response) error

Extend extends the audit digest with the given command and response.

type CreateCommand 

type CreateCommand struct {
	// handle of parent for new object
	ParentHandle AuthHandle `tpmdirect:"handle,auth"`
	// the sensitive data
	InSensitive TPM2BSensitiveCreate
	// the public template
	InPublic TPM2BPublic
	// data that will be included in the creation data for this
	// object to provide permanent, verifiable linkage between this
	// object and some object owner data
	OutsideInfo TPM2BData
	// PCR that will be used in creation data
	CreationPCR TPMLPCRSelection
}

12.1

func (*CreateCommand) Command 

func (_ *CreateCommand) Command() TPMCC

type CreatePrimaryCommand 

type CreatePrimaryCommand struct {
	// TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP},
	// or TPM_RH_NULL
	PrimaryHandle AuthHandle `tpmdirect:"handle,auth"`
	// the sensitive data
	InSensitive TPM2BSensitiveCreate
	// the public template
	InPublic TPM2BPublic
	// data that will be included in the creation data for this
	// object to provide permanent, verifiable linkage between this
	// object and some object owner data
	OutsideInfo TPM2BData
	// PCR that will be used in creation data
	CreationPCR TPMLPCRSelection
}

24.1

func (*CreatePrimaryCommand) Command 

func (_ *CreatePrimaryCommand) Command() TPMCC

type CreatePrimaryResponse 

type CreatePrimaryResponse struct {
	// handle of type TPM_HT_TRANSIENT for created Primary Object
	ObjectHandle TPMHandle `tpmdirect:"handle"`
	// the public portion of the created object
	OutPublic TPM2BPublic
	// contains a TPMS_CREATION_DATA
	CreationData TPM2BCreationData
	// digest of creationData using nameAlg of outPublic
	CreationHash TPM2BDigest
	// ticket used by TPM2_CertifyCreation() to validate that the
	// creation data was produced by the TPM
	CreationTicket TPMTTKCreation
	// the name of the created object
	Name TPM2BName
}

func (*CreatePrimaryResponse) Response 

func (_ *CreatePrimaryResponse) Response() TPMCC

type CreateResponse 

type CreateResponse struct {
	// the private portion of the object
	OutPrivate TPM2BPrivate
	// the public portion of the created object
	OutPublic TPM2BPublic
	// contains a TPMS_CREATION_DATA
	CreationData TPM2BCreationData
	// digest of creationData using nameAlg of outPublic
	CreationHash TPM2BDigest
	// ticket used by TPM2_CertifyCreation() to validate that the
	// creation data was produced by the TPM
	CreationTicket TPMTTKCreation
}

func (*CreateResponse) Response 

func (_ *CreateResponse) Response() TPMCC

type FlushContextCommand 

type FlushContextCommand struct {
	// the handle of the item to flush
	FlushHandle TPMIDHContext
}

28.4

func (*FlushContextCommand) Command 

func (_ *FlushContextCommand) Command() TPMCC

type FlushContextResponse 

type FlushContextResponse struct {
}

func (*FlushContextResponse) Response 

func (_ *FlushContextResponse) Response() TPMCC

type Fmt1Error 

type Fmt1Error struct {
	// contains filtered or unexported fields
}

Fmt1Error represents a TPM 2.0 format-1 error, with additional information.

func (Fmt1Error) Error 

func (e Fmt1Error) Error() string

Error returns the string representation of the error.

func (Fmt1Error) Handle 

func (e Fmt1Error) Handle() (bool, int)

Handle returns whether the error is handle-related and if so, which handle is in error.

func (Fmt1Error) Parameter 

func (e Fmt1Error) Parameter() (bool, int)

Parameter returns whether the error is handle-related and if so, which handle is in error.

func (Fmt1Error) Session 

func (e Fmt1Error) Session() (bool, int)

Session returns whether the error is handle-related and if so, which handle is in error.

type GetCapabilityCommand 

type GetCapabilityCommand struct {
	// group selection; determines the format of the response
	Capability TPMCap
	// further definition of information
	Property uint32
	// number of properties of the indicated type to return
	PropertyCount uint32
}

30.2

func (*GetCapabilityCommand) Command 

func (_ *GetCapabilityCommand) Command() TPMCC

type GetCapabilityResponse 

type GetCapabilityResponse struct {
	// flag to indicate if there are more values of this type
	MoreData TPMIYesNo
	// the capability data
	CapabilityData TPMSCapabilityData
}

func (*GetCapabilityResponse) Response 

func (_ *GetCapabilityResponse) Response() TPMCC

type GetSessionAuditDigestCommand 

type GetSessionAuditDigestCommand struct {
	// handle of the privacy administrator (TPM_RH_ENDORSEMENT)
	PrivacyAdminHandle AuthHandle `tpmdirect:"handle,auth"`
	// handle of the signing key
	SignHandle AuthHandle `tpmdirect:"handle,auth"`
	// handle of the audit session
	SessionHandle TPMISHHMAC `tpmdirect:"handle"`
	// user-provided qualifying data – may be zero-length
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
}

18.5

func (*GetSessionAuditDigestCommand) Command 

func (_ *GetSessionAuditDigestCommand) Command() TPMCC

type GetSessionAuditDigestResponse 

type GetSessionAuditDigestResponse struct {
	// the audit information that was signed
	AuditInfo TPM2BAttest
	// the signature over auditInfo
	Signature TPMTSignature
}

func (*GetSessionAuditDigestResponse) Response 

func (_ *GetSessionAuditDigestResponse) Response() TPMCC

type Interface 

type Interface interface {
	io.Closer
	// Dispatch serializes a request struct, sends it to the TPM, and then
	// deserializes the response struct.
	// sessions may be 0 to three Session objects. See the TPM
	// specification for what types of sessions are supported.
	// An error inside the TPM response stream is parsed at this layer.
	Execute(cmd Command, rsp Response, sess ...Session) error
}

Interface represents a logical connection to a TPM.

func Open 

func Open(opener func() (Transport, error)) (Interface, error)

Open opens a TPM connection using the provided transport open function. When this TPM connection is closed, the transport is closed.

type LoadCommand 

type LoadCommand struct {
	// handle of parent for new object
	ParentHandle AuthHandle `tpmdirect:"handle,auth"`
	// the private portion of the object
	InPrivate TPM2BPrivate
	// the public portion of the object
	InPublic TPM2BPublic
}

12.2

func (*LoadCommand) Command 

func (_ *LoadCommand) Command() TPMCC

type LoadResponse 

type LoadResponse struct {
	// handle of type TPM_HT_TRANSIENT for loaded object
	ObjectHandle TPMHandle `tpmdirect:"handle"`
	// Name of the loaded object
	Name TPM2BName
}

func (*LoadResponse) Response 

func (_ *LoadResponse) Response() TPMCC

type PCREventCommand 

type PCREventCommand struct {
	// Handle of the PCR
	PCRHandle AuthHandle `tpmdirect:"handle,auth"`
	// Event data in sized buffer
	EventData TPM2BEvent
}

22.3

func (*PCREventCommand) Command 

func (_ *PCREventCommand) Command() TPMCC

type PCREventResponse 

type PCREventResponse struct {
}

func (*PCREventResponse) Response 

func (_ *PCREventResponse) Response() TPMCC

type PCRExtendCommand 

type PCRExtendCommand struct {
	// handle of the PCR
	PCRHandle AuthHandle `tpmdirect:"handle,auth"`
	// list of tagged digest values to be extended
	Digests TPMLDigestValues
}

22.2

func (*PCRExtendCommand) Command 

func (_ *PCRExtendCommand) Command() TPMCC

type PCRExtendResponse 

type PCRExtendResponse struct {
}

func (*PCRExtendResponse) Response 

func (_ *PCRExtendResponse) Response() TPMCC

type PCRReadCommand 

type PCRReadCommand struct {
	// The selection of PCR to read
	PCRSelectionIn TPMLPCRSelection
}

22.4

func (*PCRReadCommand) Command 

func (_ *PCRReadCommand) Command() TPMCC

type PCRReadResponse 

type PCRReadResponse struct {
	// the current value of the PCR update counter
	PCRUpdateCounter uint32
	// the PCR in the returned list
	PCRSelectionOut TPMLPCRSelection
	// the contents of the PCR indicated in pcrSelectOut-> pcrSelection[] as tagged digests
	PCRValues TPMLDigest
}

func (*PCRReadResponse) Response 

func (_ *PCRReadResponse) Response() TPMCC

type PolicyCallback 

type PolicyCallback = func(tpm Interface, handle TPMISHPolicy, nonceTPM TPM2BNonce) error

PolicyCallback represents an object's policy in the form of a function. This function makes zero or more TPM policy commands and returns error.

type PolicySecretCommand 

type PolicySecretCommand struct {
	// handle for an entity providing the authorization
	AuthHandle AuthHandle `tpmdirect:"handle,auth"`
	// handle for the policy session being extended
	PolicySession TPMISHPolicy `tpmdirect:"handle"`
	// the policy nonce for the session
	NonceTPM TPM2BNonce
	// digest of the command parameters to which this authorization is limited
	CPHashA TPM2BDigest
	// a reference to a policy relating to the authorization – may be the Empty Buffer
	PolicyRef TPM2BNonce
	// time when authorization will expire, measured in seconds from the time
	// that nonceTPM was generated
	Expiration int32
}

23.4

func (*PolicySecretCommand) Command 

func (_ *PolicySecretCommand) Command() TPMCC

type PolicySecretResponse 

type PolicySecretResponse struct {
	// implementation-specific time value used to indicate to the TPM when the ticket expires
	Timeout TPM2BTimeout
	// produced if the command succeeds and expiration in the command was non-zero
	PolicyTicket TPMTTKAuth
}

func (*PolicySecretResponse) Response 

func (_ *PolicySecretResponse) Response() TPMCC

type QuoteCommand 

type QuoteCommand struct {
	// handle of key that will perform signature
	SignHandle AuthHandle `tpmdirect:"handle,auth"`
	// data supplied by the caller
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
	// PCR set to quote
	PCRSelect TPMLPCRSelection
}

18.4

func (*QuoteCommand) Command 

func (_ *QuoteCommand) Command() TPMCC

type QuoteResponse 

type QuoteResponse struct {
	// the quoted information
	Quoted TPM2BAttest
	// the signature over quoted
	Signature TPMTSignature
}

func (*QuoteResponse) Response 

func (_ *QuoteResponse) Response() TPMCC

type Response 

type Response interface {
	// The TPM command code associated with this response.
	Response() TPMCC
}

Dummy interface for TPM response structures so that they can be easily distinguished from other types of structures. All implementations of this interface are pointers to structures, for settability. See https://go.dev/blog/laws-of-reflection

type Session 

type Session interface {
	// Initializes the session, if needed. Has no effect if not needed or
	// already done. Some types of sessions may need to be initialized
	// just-in-time, e.g., to support calling patterns that help the user
	// securely authorize their actions without writing a lot of code.
	Init(tpm Interface) error
	// Cleans up the session, if needed.
	// Some types of session need to be cleaned up if the command failed,
	// again to support calling patterns that help the user securely
	// authorize their actions without writing a lot of code.
	CleanupFailure(tpm Interface) error
	// The last nonceTPM for this session.
	NonceTPM() TPM2BNonce
	// Updates nonceCaller to a new random value.
	NewNonceCaller() error
	// Computes the authorization HMAC for the session.
	// If this is the first authorization session for a command, and
	// there is another session (or sessions) for parameter
	// decryption and/or encryption, then addNonces contains the
	// nonceTPMs from each of them, respectively (see Part 1, 19.6.5)
	Authorize(cc TPMCC, parms, addNonces []byte, names []TPM2BName, authIndex int) (*TPMSAuthCommand, error)
	// Validates the response for the session.
	// Updates NonceTPM for the session.
	Validate(rc TPMRC, cc TPMCC, parms []byte, names []TPM2BName, authIndex int, auth *TPMSAuthResponse) error
	// Returns true if this is an encryption session.
	IsEncryption() bool
	// Returns true if this is a decryption session.
	IsDecryption() bool
	// If this session is used for parameter decryption, encrypts the
	// parameter. Otherwise, does not modify the parameter.
	Encrypt(parameter []byte) error
	// If this session is used for parameter encryption, encrypts the
	// parameter. Otherwise, does not modify the parameter.
	Decrypt(parameter []byte) error
	// Returns the handle value of this session.
	Handle() TPMHandle
}

Session represents a session in the TPM.

func HMAC 

func HMAC(hash TPMIAlgHash, nonceSize int, opts ...AuthOption) Session

HMAC sets up a just-in-time HMAC session that is used only once. A real session is created, but just in time and it is flushed when used.

func HMACSession 

func HMACSession(tpm Interface, hash TPMIAlgHash, nonceSize int, opts ...AuthOption) (s Session, close func() error, err error)

HMACSession sets up a reusable HMAC session that needs to be closed.

func PasswordAuth 

func PasswordAuth(auth []byte) Session

PasswordAuth assembles a password pseudo-session with the given auth value.

func Policy 

func Policy(hash TPMIAlgHash, nonceSize int, callback PolicyCallback, opts ...AuthOption) Session

Policy sets up a just-in-time policy session that created each time it's needed. Each time the policy is created, the callback is invoked to authorize the session. A real session is created, but just in time, and it is flushed when used.

func PolicySession 

func PolicySession(tpm Interface, hash TPMIAlgHash, nonceSize int, opts ...AuthOption) (s Session, close func() error, err error)

PolicySession opens a policy session that needs to be closed. The caller is responsible to call whichever policy commands they want in the session. Note that the TPM resets a policy session after it is successfully used.

type Simulator 

type Simulator struct {
	// contains filtered or unexported fields
}

func (*Simulator) Close 

func (s *Simulator) Close() error

func (*Simulator) Send 

func (s *Simulator) Send(command []byte) ([]byte, error)

type StartAuthSessionCommand 

type StartAuthSessionCommand struct {
	// handle of a loaded decrypt key used to encrypt salt
	// may be TPM_RH_NULL
	TPMKey TPMIDHObject `tpmdirect:"handle,nullable"`
	// entity providing the authValue
	// may be TPM_RH_NULL
	Bind TPMIDHEntity `tpmdirect:"handle,nullable"`
	// initial nonceCaller, sets nonceTPM size for the session
	// shall be at least 16 octets
	NonceCaller TPM2BNonce
	// value encrypted according to the type of tpmKey
	// If tpmKey is TPM_RH_NULL, this shall be the Empty Buffer.
	EncryptedSalt TPM2BEncryptedSecret
	// indicates the type of the session; simple HMAC or policy (including a trial policy)
	SessionType TPMSE
	// the algorithm and key size for parameter encryption
	// may select TPM_ALG_NULL
	Symmetric TPMTSymDef
	// hash algorithm to use for the session
	// Shall be a hash algorithm supported by the TPM and not TPM_ALG_NULL
	AuthHash TPMIAlgHash
}

11.1

func (*StartAuthSessionCommand) Command 

func (_ *StartAuthSessionCommand) Command() TPMCC

type StartAuthSessionResponse 

type StartAuthSessionResponse struct {
	// handle for the newly created session
	SessionHandle TPMISHAuthSession `tpmdirect:"handle"`
	// the initial nonce from the TPM, used in the computation of the sessionKey
	NonceTPM TPM2BNonce
}

func (*StartAuthSessionResponse) Response 

func (_ *StartAuthSessionResponse) Response() TPMCC

type TPM 

type TPM struct {
	// contains filtered or unexported fields
}

TPM represents a logical connection to a TPM. Support for various commands is provided at runtime using reflection.

func (*TPM) Close 

func (t *TPM) Close() error

Close closes the connection to the TPM and its underlying transport.

func (*TPM) Execute 

func (t *TPM) Execute(cmd Command, rsp Response, extraSess ...Session) error

Execute sends the provided command and returns the provided response.

type TPM2BAttest 

type TPM2BAttest struct {
	// the signed structure
	AttestationData TPMSAttest `tpmdirect:"sized"`
}

10.12.13 Note that in the spec, this is just a 2B_DATA with enough room for an S_ATTEST. For ergonomics, pretend that TPM2B_Attest wraps a TPMS_Attest just like other 2Bs.

type TPM2BAuth 

type TPM2BAuth TPM2BDigest

10.4.5

type TPM2BCreationData 

type TPM2BCreationData struct {
	CreationData TPMSCreationData `tpmdirect:"sized"`
}

15.2

type TPM2BData 

type TPM2BData struct {
	// size in octets of the buffer field; may be 0
	Buffer []byte `tpmdirect:"sized"`
}

10.4.3

type TPM2BDigest 

type TPM2BDigest TPM2BData

10.4.2

type TPM2BECCParameter 

type TPM2BECCParameter TPM2BData

11.2.5.1

type TPM2BEncryptedSecret 

type TPM2BEncryptedSecret TPM2BData

11.4.33

type TPM2BEvent 

type TPM2BEvent TPM2BData

10.4.7

type TPM2BName 

type TPM2BName TPM2BData

10.5.3 NOTE: This structure does not contain a TPMUName, because that union is not tagged with a selector. Instead, TPM2B_Name is flattened and all TPMDirect helpers that deal with names will deal with them as so.

type TPM2BNonce 

type TPM2BNonce TPM2BDigest

10.4.4

type TPM2BPrivate 

type TPM2BPrivate TPM2BData

12.3.7

type TPM2BPublic 

type TPM2BPublic struct {
	// the public area
	PublicArea TPMTPublic `tpmdirect:"sized"`
}

12.2.5

type TPM2BPublicKeyRSA 

type TPM2BPublicKeyRSA TPM2BData

11.2.4.5

type TPM2BSensitiveCreate 

type TPM2BSensitiveCreate struct {
	// data to be sealed or a symmetric key value.
	Sensitive TPMSSensitiveCreate `tpmdirect:"sized"`
}

11.1.16

type TPM2BSensitiveData 

type TPM2BSensitiveData TPM2BData

11.1.14

type TPM2BTimeout 

type TPM2BTimeout TPM2BData

10.4.10

type TPMAACT 

type TPMAACT struct {
	// SET (1): The ACT has signaled
	// CLEAR (0): The ACT has not signaled
	Signaled bool `tpmdirect:"bit=0"`
	// SET (1): The ACT signaled bit is preserved over a power cycle
	// CLEAR (0): The ACT signaled bit is not preserved over a power cycle
	PreserveSignaled bool `tpmdirect:"bit=1"`
	// shall be zero
	Reserved uint32 `tpmdirect:"bit=31:2"`
}

8.12

type TPMAAlgorithm 

type TPMAAlgorithm struct {
	// SET (1): an asymmetric algorithm with public and private portions
	// CLEAR (0): not an asymmetric algorithm
	Asymmetric bool `tpmdirect:"bit=0"`
	// SET (1): a symmetric block cipher
	// CLEAR (0): not a symmetric block cipher
	Symmetric bool `tpmdirect:"bit=1"`
	// SET (1): a hash algorithm
	// CLEAR (0): not a hash algorithm
	Hash bool `tpmdirect:"bit=2"`
	// SET (1): an algorithm that may be used as an object type
	// CLEAR (0): an algorithm that is not used as an object type
	Object    bool  `tpmdirect:"bit=3"`
	Reserved1 uint8 `tpmdirect:"bit=7:4"`
	// SET (1): a signing algorithm. The setting of asymmetric,
	// symmetric, and hash will indicate the type of signing algorithm.
	// CLEAR (0): not a signing algorithm
	Signing bool `tpmdirect:"bit=8"`
	// SET (1): an encryption/decryption algorithm. The setting of
	// asymmetric, symmetric, and hash will indicate the type of
	// encryption/decryption algorithm.
	// CLEAR (0): not an encryption/decryption algorithm
	Encrypting bool `tpmdirect:"bit=9"`
	// SET (1): a method such as a key derivative function (KDF)
	// CLEAR (0): not a method
	Method    bool   `tpmdirect:"bit=10"`
	Reserved2 uint32 `tpmdirect:"bit=31:11"`
}

8.2

type TPMACC 

type TPMACC struct {
	// indicates the command being selected
	CommandIndex uint16 `tpmdirect:"bit=15:0"`
	// shall be zero
	Reserved1 uint16 `tpmdirect:"bit=21:16"`
	// SET (1): indicates that the command may write to NV
	// CLEAR (0): indicates that the command does not write to NV
	NV bool `tpmdirect:"bit=22"`
	// SET (1): This command could flush any number of loaded contexts.
	// CLEAR (0): no additional changes other than indicated by the flushed attribute
	Extensive bool `tpmdirect:"bit=23"`
	// SET (1): The context associated with any transient handle in the command will be flushed when this command completes.
	// CLEAR (0): No context is flushed as a side effect of this command.
	Flushed bool `tpmdirect="bit=24"`
	// indicates the number of the handles in the handle area for this command
	CHandles uint8 `tpmdirect="bit=27:25"`
	// SET (1): indicates the presence of the handle area in the response
	RHandle bool `tpmdirect="bit=28"`
	// SET (1): indicates that the command is vendor-specific
	// CLEAR (0): indicates that the command is defined in a version of this specification
	V bool `tpmdirect="bit=29"`
	// allocated for software; shall be zero
	Reserved2 uint8 `tpmdirect:"bit=31:30"`
}

8.9

type TPMALocality 

type TPMALocality struct {
	TPMLocZero  bool `tpmdirect:"bit=0"`
	TPMLocOne   bool `tpmdirect:"bit=1"`
	TPMLocTwo   bool `tpmdirect:"bit=2"`
	TPMLocThree bool `tpmdirect:"bit=3"`
	TPMLocFour  bool `tpmdirect:"bit=4"`
	// If any of these bits is set, an extended locality is indicated
	Extended uint8 `tpmdirect:"bit=7:5"`
}

8.5

type TPMAObject 

type TPMAObject struct {
	// shall be zero
	Reserved1 uint8 `tpmdirect:"bit=0"`
	// SET (1): The hierarchy of the object, as indicated by its
	// Qualified Name, may not change.
	// CLEAR (0): The hierarchy of the object may change as a result
	// of this object or an ancestor key being duplicated for use in
	// another hierarchy.
	FixedTPM bool `tpmdirect:"bit=1"`
	// SET (1): Previously saved contexts of this object may not be
	// loaded after Startup(CLEAR).
	// CLEAR (0): Saved contexts of this object may be used after a
	// Shutdown(STATE) and subsequent Startup().
	STClear bool `tpmdirect:"bit=2"`
	// shall be zero
	Reserved2 uint8 `tpmdirect:"bit=3"`
	// SET (1): The parent of the object may not change.
	// CLEAR (0): The parent of the object may change as the result of
	// a TPM2_Duplicate() of the object.
	FixedParent bool `tpmdirect:"bit=4"`
	// SET (1): Indicates that, when the object was created with
	// TPM2_Create() or TPM2_CreatePrimary(), the TPM generated all of
	// the sensitive data other than the authValue.
	// CLEAR (0): A portion of the sensitive data, other than the
	// authValue, was provided by the caller.
	SensitiveDataOrigin bool `tpmdirect:"bit=5"`
	// SET (1): Approval of USER role actions with this object may be
	// with an HMAC session or with a password using the authValue of
	// the object or a policy session.
	// CLEAR (0): Approval of USER role actions with this object may
	// only be done with a policy session.
	UserWithAuth bool `tpmdirect:"bit=6"`
	// SET (1): Approval of ADMIN role actions with this object may
	// only be done with a policy session.
	// CLEAR (0): Approval of ADMIN role actions with this object may
	// be with an HMAC session or with a password using the authValue
	// of the object or a policy session.
	AdminWithPolicy bool `tpmdirect:"bit=7"`
	// shall be zero
	Reserved3 uint8 `tpmdirect:"bit=9:8"`
	// SET (1): The object is not subject to dictionary attack
	// protections.
	// CLEAR (0): The object is subject to dictionary attack
	// protections.
	NoDA bool `tpmdirect:"bit=10"`
	// SET (1): If the object is duplicated, then symmetricAlg shall
	// not be TPM_ALG_NULL and newParentHandle shall not be
	// TPM_RH_NULL.
	// CLEAR (0): The object may be duplicated without an inner
	// wrapper on the private portion of the object and the new parent
	// may be TPM_RH_NULL.
	EncryptedDuplication bool `tpmdirect:"bit=11"`
	// shall be zero
	Reserved4 uint8 `tpmdirect:"bit=15:12"`
	// SET (1): Key usage is restricted to manipulate structures of
	// known format; the parent of this key shall have restricted SET.
	// CLEAR (0): Key usage is not restricted to use on special
	// formats.
	Restricted bool `tpmdirect:"bit=16"`
	// SET (1): The private portion of the key may be used to decrypt.
	// CLEAR (0): The private portion of the key may not be used to
	// decrypt.
	Decrypt bool `tpmdirect:"bit=17"`
	// SET (1): For a symmetric cipher object, the private portion of
	// the key may be used to encrypt. For other objects, the private
	// portion of the key may be used to sign.
	// CLEAR (0): The private portion of the key may not be used to
	// sign or encrypt.
	SignEncrypt bool `tpmdirect:"bit=18"`
	// SET (1): An asymmetric key that may not be used to sign with
	// TPM2_Sign() CLEAR (0): A key that may be used with TPM2_Sign()
	// if sign is SET
	// NOTE: This attribute only has significance if sign is SET.
	X509Sign bool `tpmdirect:"bit=19"`
	// shall be zero
	Reserved5 uint16 `tpmdirect:"bit=31:20"`
}

8.3.2

type TPMASession 

type TPMASession struct {
	// SET (1): In a command, this setting indicates that the session
	// is to remain active after successful completion of the command.
	// In a response, it indicates that the session is still active.
	// If SET in the command, this attribute shall be SET in the response.
	// CLEAR (0): In a command, this setting indicates that the TPM should
	// close the session and flush any related context when the command
	// completes successfully. In a response, it indicates that the
	// session is closed and the context is no longer active.
	// This attribute has no meaning for a password authorization and the
	// TPM will allow any setting of the attribute in the command and SET
	// the attribute in the response.
	ContinueSession bool `tpmdirect:"bit=0"`
	// SET (1): In a command, this setting indicates that the command
	// should only be executed if the session is exclusive at the start of
	// the command. In a response, it indicates that the session is
	// exclusive. This setting is only allowed if the audit attribute is
	// SET (TPM_RC_ATTRIBUTES).
	// CLEAR (0): In a command, indicates that the session need not be
	// exclusive at the start of the command. In a response, indicates that
	// the session is not exclusive.
	AuditExclusive bool `tpmdirect:"bit=1"`
	// SET (1): In a command, this setting indicates that the audit digest
	// of the session should be initialized and the exclusive status of the
	// session SET. This setting is only allowed if the audit attribute is
	// SET (TPM_RC_ATTRIBUTES).
	// CLEAR (0): In a command, indicates that the audit digest should not
	// be initialized. This bit is always CLEAR in a response.
	AuditReset bool `tpmdirect:"bit=2"`
	// shall be CLEAR
	Reserved1 bool `tpmdirect:"bit=3"`
	// shall be CLEAR
	Reserved2 bool `tpmdirect:"bit=4"`
	// SET (1): In a command, this setting indicates that the first
	// parameter in the command is symmetrically encrypted using the
	// parameter encryption scheme described in TPM 2.0 Part 1. The TPM will
	// decrypt the parameter after performing any HMAC computations and
	// before unmarshaling the parameter. In a response, the attribute is
	// copied from the request but has no effect on the response.
	// CLEAR (0): Session not used for encryption.
	// For a password authorization, this attribute will be CLEAR in both the
	// command and response.
	Decrypt bool `tpmdirect:"bit=5"`
	// SET (1): In a command, this setting indicates that the TPM should use
	// this session to encrypt the first parameter in the response. In a
	// response, it indicates that the attribute was set in the command and
	// that the TPM used the session to encrypt the first parameter in the
	// response using the parameter encryption scheme described in TPM 2.0
	// Part 1.
	// CLEAR (0): Session not used for encryption.
	// For a password authorization, this attribute will be CLEAR in both the
	// command and response.
	Encrypt bool `tpmdirect:"bit=6"`
	// SET (1): In a command or response, this setting indicates that the
	// session is for audit and that auditExclusive and auditReset have
	// meaning. This session may also be used for authorization, encryption,
	// or decryption. The encrypted and encrypt fields may be SET or CLEAR.
	// CLEAR (0): Session is not used for audit.
	// If SET in the command, then this attribute will be SET in the response.
	Audit bool `tpmdirect:"bit=7"`
}

8.4

type TPMAlgID 

type TPMAlgID uint16

6.3 

const (
	TPMAlgRSA          TPMAlgID = 0x0001
	TPMAlgTDES         TPMAlgID = 0x0003
	TPMAlgSHA          TPMAlgID = 0x0004
	TPMAlgSHA1                  = TPMAlgSHA
	TPMAlgHMAC         TPMAlgID = 0x0005
	TPMAlgAES          TPMAlgID = 0x0006
	TPMAlgMGF1         TPMAlgID = 0x0007
	TPMAlgKeyedHash    TPMAlgID = 0x0008
	TPMAlgXOR          TPMAlgID = 0x000A
	TPMAlgSHA256       TPMAlgID = 0x000B
	TPMAlgSHA384       TPMAlgID = 0x000C
	TPMAlgSHA512       TPMAlgID = 0x000D
	TPMAlgNull         TPMAlgID = 0x0010
	TPMAlgSM3256       TPMAlgID = 0x0012
	TPMAlgSM4          TPMAlgID = 0x0013
	TPMAlgRSASSA       TPMAlgID = 0x0014
	TPMAlgRSAES        TPMAlgID = 0x0015
	TPMAlgRSAPSS       TPMAlgID = 0x0016
	TPMAlgOAEP         TPMAlgID = 0x0017
	TPMAlgECDSA        TPMAlgID = 0x0018
	TPMAlgECDH         TPMAlgID = 0x0019
	TPMAlgECDAA        TPMAlgID = 0x001A
	TPMAlgSM2          TPMAlgID = 0x001B
	TPMAlgECSchnorr    TPMAlgID = 0x001C
	TPMAlgECMQV        TPMAlgID = 0x001D
	TPMAlgKDF1SP80056A TPMAlgID = 0x0020
	TPMAlgKDF2         TPMAlgID = 0x0021
	TPMAlgKDF1SP800108 TPMAlgID = 0x0022
	TPMAlgECC          TPMAlgID = 0x0023
	TPMAlgSymCipher    TPMAlgID = 0x0025
	TPMAlgCamellia     TPMAlgID = 0x0026
	TPMAlgSHA3256      TPMAlgID = 0x0027
	TPMAlgSHA3384      TPMAlgID = 0x0028
	TPMAlgSHA3512      TPMAlgID = 0x0029
	TPMAlgCTR          TPMAlgID = 0x0040
	TPMAlgOFB          TPMAlgID = 0x0041
	TPMAlgCBC          TPMAlgID = 0x0042
	TPMAlgCFB          TPMAlgID = 0x0043
	TPMAlgECB          TPMAlgID = 0x0044
)

6.3

func NewTPMAlgID 

func NewTPMAlgID(v TPMAlgID) *TPMAlgID

type TPMAlgorithmID 

type TPMAlgorithmID uint32

this is the 1.2 compatible form of the TPM_ALG_ID

type TPMAuthorizationSize 

type TPMAuthorizationSize uint32

the authorizationSize parameter in a command

type TPMCC 

type TPMCC uint32

6.5.2 

const (
	TPMCCNVUndefineSpaceSpecial     TPMCC = 0x0000011F
	TPMCCEvictControl               TPMCC = 0x00000120
	TPMCCHierarchyControl           TPMCC = 0x00000121
	TPMCCNVUndefineSpace            TPMCC = 0x00000122
	TPMCCChangeEPS                  TPMCC = 0x00000124
	TPMCCChangePPS                  TPMCC = 0x00000125
	TPMCCClear                      TPMCC = 0x00000126
	TPMCCClearControl               TPMCC = 0x00000127
	TPMCCClockSet                   TPMCC = 0x00000128
	TPMCCHierarchyChanegAuth        TPMCC = 0x00000129
	TPMCCNVDefineSpace              TPMCC = 0x0000012A
	TPMCCPCRAllocate                TPMCC = 0x0000012B
	TPMCCPCRSetAuthPolicy           TPMCC = 0x0000012C
	TPMCCPPCommands                 TPMCC = 0x0000012D
	TPMCCSetPrimaryPolicy           TPMCC = 0x0000012E
	TPMCCFieldUpgradeStart          TPMCC = 0x0000012F
	TPMCCClockRateAdjust            TPMCC = 0x00000130
	TPMCCCreatePrimary              TPMCC = 0x00000131
	TPMCCNVGlobalWriteLock          TPMCC = 0x00000132
	TPMCCGetCommandAuditDigest      TPMCC = 0x00000133
	TPMCCNVIncrement                TPMCC = 0x00000134
	TPMCCNVSetBits                  TPMCC = 0x00000135
	TPMCCNVExtend                   TPMCC = 0x00000136
	TPMCCNVWrite                    TPMCC = 0x00000137
	TPMCCNVWriteLock                TPMCC = 0x00000138
	TPMCCDictionaryAttackLockReset  TPMCC = 0x00000139
	TPMCCDictionaryAttackParameters TPMCC = 0x0000013A
	TPMCCNVChangeAuth               TPMCC = 0x0000013B
	TPMCCPCREvent                   TPMCC = 0x0000013C
	TPMCCPCRReset                   TPMCC = 0x0000013D
	TPMCCSequenceComplete           TPMCC = 0x0000013E
	TPMCCSetAlgorithmSet            TPMCC = 0x0000013F
	TPMCCSetCommandCodeAuditStatus  TPMCC = 0x00000140
	TPMCCFieldUpgradeData           TPMCC = 0x00000141
	TPMCCIncrementalSelfTest        TPMCC = 0x00000142
	TPMCCSelfTest                   TPMCC = 0x00000143
	TPMCCStartup                    TPMCC = 0x00000144
	TPMCCShutdown                   TPMCC = 0x00000145
	TPMCCStirRandom                 TPMCC = 0x00000146
	TPMCCActivateCredential         TPMCC = 0x00000147
	TPMCCCertify                    TPMCC = 0x00000148
	TPMCCPolicyNV                   TPMCC = 0x00000149
	TPMCCCertifyCreation            TPMCC = 0x0000014A
	TPMCCDuplicate                  TPMCC = 0x0000014B
	TPMCCGetTime                    TPMCC = 0x0000014C
	TPMCCGetSessionAuditDigest      TPMCC = 0x0000014D
	TPMCCNVRead                     TPMCC = 0x0000014E
	TPMCCNVReadLock                 TPMCC = 0x0000014F
	TPMCCObjectChangeAuth           TPMCC = 0x00000150
	TPMCCPolicySecret               TPMCC = 0x00000151
	TPMCCRewrap                     TPMCC = 0x00000152
	TPMCCCreate                     TPMCC = 0x00000153
	TPMCCECDHZGen                   TPMCC = 0x00000154
	TPMCCHMAC                       TPMCC = 0x00000155
	TPMCCMAC                        TPMCC = TPMCCHMAC
	TPMCCImport                     TPMCC = 0x00000156
	TPMCCLoad                       TPMCC = 0x00000157
	TPMCCQuote                      TPMCC = 0x00000158
	TPMCCRSADecrypt                 TPMCC = 0x00000159
	TPMCCHMACStart                  TPMCC = 0x0000015B
	TPMCCMACStart                   TPMCC = TPMCCHMACStart
	TPMCCSequenceUpdate             TPMCC = 0x0000015C
	TPMCCSign                       TPMCC = 0x0000015D
	TPMCCUnseal                     TPMCC = 0x0000015E
	TPMCCPolicySigned               TPMCC = 0x00000160
	TPMCCContextLoad                TPMCC = 0x00000161
	TPMCCContextSave                TPMCC = 0x00000162
	TPMCCECDHKeyGen                 TPMCC = 0x00000163
	TPMCCEncryptDecrypt             TPMCC = 0x00000164
	TPMCCFlushContext               TPMCC = 0x00000165
	TPMCCLoadExternal               TPMCC = 0x00000167
	TPMCCMakeCredential             TPMCC = 0x00000168
	TPMCCNVReadPublic               TPMCC = 0x00000169
	TPMCCPolicyAuthorize            TPMCC = 0x0000016A
	TPMCCPolicyAuthValue            TPMCC = 0x0000016B
	TPMCCPolicyCommandCode          TPMCC = 0x0000016C
	TPMCCPolicyCounterTimer         TPMCC = 0x0000016D
	TPMCCPolicyCpHash               TPMCC = 0x0000016E
	TPMCCPolicyLocality             TPMCC = 0x0000016F
	TPMCCPolicyNameHash             TPMCC = 0x00000170
	TPMCCPolicyOR                   TPMCC = 0x00000171
	TPMCCPolicyTicket               TPMCC = 0x00000172
	TPMCCReadPublic                 TPMCC = 0x00000173
	TPMCCRSAEncrypt                 TPMCC = 0x00000174
	TPMCCStartAuthSession           TPMCC = 0x00000176
	TPMCCVerifySignature            TPMCC = 0x00000177
	TPMCCECCParameters              TPMCC = 0x00000178
	TPMCCFirmwareRead               TPMCC = 0x00000179
	TPMCCGetCapability              TPMCC = 0x0000017A
	TPMCCGetRandom                  TPMCC = 0x0000017B
	TPMCCGetTestResult              TPMCC = 0x0000017C
	TPMCCHash                       TPMCC = 0x0000017D
	TPMCCPCRRead                    TPMCC = 0x0000017E
	TPMCCPolicyPCR                  TPMCC = 0x0000017F
	TPMCCPolicyRestart              TPMCC = 0x00000180
	TPMCCReadClock                  TPMCC = 0x00000181
	TPMCCPCRExtend                  TPMCC = 0x00000182
	TPMCCPCRSetAuthValue            TPMCC = 0x00000183
	TPMCCNVCertify                  TPMCC = 0x00000184
	TPMCCEventSequenceComplete      TPMCC = 0x00000185
	TPMCCHashSequenceStart          TPMCC = 0x00000186
	TPMCCPolicyPhysicalPresence     TPMCC = 0x00000187
	TPMCCPolicyDuplicationSelect    TPMCC = 0x00000188
	TPMCCPolicyGetDigest            TPMCC = 0x00000189
	TPMCCTestParams                 TPMCC = 0x0000018A
	TPMCCCommit                     TPMCC = 0x0000018B
	TPMCCPolicyPassword             TPMCC = 0x0000018C
	TPMCCZGen2Phase                 TPMCC = 0x0000018D
	TPMCCECEphemeral                TPMCC = 0x0000018E
	TPMCCPolicyNvWritten            TPMCC = 0x0000018F
	TPMCCPolicyTemplate             TPMCC = 0x00000190
	TPMCCCreateLoaded               TPMCC = 0x00000191
	TPMCCPolicyAuthorizeNV          TPMCC = 0x00000192
	TPMCCEncryptDecrypt2            TPMCC = 0x00000193
	TPMCCACGetCapability            TPMCC = 0x00000194
	TPMCCACSend                     TPMCC = 0x00000195
	TPMCCPolicyACSendSelect         TPMCC = 0x00000196
	TPMCCCertifyX509                TPMCC = 0x00000197
	TPMCCACTSetTimeout              TPMCC = 0x00000198
)

6.5.2

type TPMCap 

type TPMCap uint32

6.12 

const (
	TPMCapAlgs          TPMCap = 0x00000000
	TPMCapHandles       TPMCap = 0x00000001
	TPMCapCommands      TPMCap = 0x00000002
	TPMCapPPCommands    TPMCap = 0x00000003
	TPMCapAuditCommands TPMCap = 0x00000004
	TPMCapPCRs          TPMCap = 0x00000005
	TPMCapTPMProperties TPMCap = 0x00000006
	TPMCapPCRProperties TPMCap = 0x00000007
	TPMCapECCCurves     TPMCap = 0x00000008
	TPMCapAuthPolicies  TPMCap = 0x00000009
	TPMCapACT           TPMCap = 0x0000000A
)

6.12

type TPMCmdHeader 

type TPMCmdHeader struct {
	Tag         TPMISTCommandTag
	Length      uint32
	CommandCode TPMCC
}

Part 1 structures that aren't defined in Part 2

type TPMECCCurve 

type TPMECCCurve uint16

6.4 

const (
	TPMECCNone     TPMECCCurve = 0x0000
	TPMECCNistP192 TPMECCCurve = 0x0001
	TPMECCNistP224 TPMECCCurve = 0x0002
	TPMECCNistP256 TPMECCCurve = 0x0003
	TPMECCNistP384 TPMECCCurve = 0x0004
	TPMECCNistP521 TPMECCCurve = 0x0005
	TPMECCBNP256   TPMECCCurve = 0x0010
	TPMECCBNP638   TPMECCCurve = 0x0011
	TPMECCSM2P256  TPMECCCurve = 0x0020
)

6.4

func (TPMECCCurve) Curve 

func (c TPMECCCurve) Curve() (elliptic.Curve, error)

Enumerate the curves in TPMECCCurve so that we can define functions on them.

type TPMGenerated 

type TPMGenerated uint32

6.2 

const (
	TPMGeneratedValue TPMGenerated = 0xff544347
)

6.2

func (TPMGenerated) Check 

func (g TPMGenerated) Check() error

type TPMHandle 

type TPMHandle uint32

7.1 

const (
	TPMRHOwner       TPMHandle = 0x40000001
	TPMRHNull        TPMHandle = 0x40000007
	TPMRSPW          TPMHandle = 0x40000009
	TPMRHLockout     TPMHandle = 0x4000000A
	TPMRHEndorsement TPMHandle = 0x4000000B
	TPMRHPlatform    TPMHandle = 0x4000000C
	TPMRHPlatformNV  TPMHandle = 0x4000000D
)

7.4

type TPMIAlgECCScheme 

type TPMIAlgECCScheme = TPMAlgID

11.2.5.4

type TPMIAlgHash 

type TPMIAlgHash = TPMAlgID

9.27

func (TPMIAlgHash) Hash 

func (a TPMIAlgHash) Hash() hash.Hash

Enumerate the algorithms in TPMIAlgHash so that we can define functions on them.

type TPMIAlgKDF 

type TPMIAlgKDF = TPMAlgID

9.32

type TPMIAlgKeyedHashScheme 

type TPMIAlgKeyedHashScheme = TPMAlgID

11.1.10

type TPMIAlgPublic 

type TPMIAlgPublic = TPMAlgID

12.2.2

type TPMIAlgRSAScheme 

type TPMIAlgRSAScheme = TPMAlgID

11.2.4.1

type TPMIAlgSigScheme 

type TPMIAlgSigScheme = TPMAlgID

9.33

type TPMIAlgSym 

type TPMIAlgSym = TPMAlgID

9.29

type TPMIAlgSymMode 

type TPMIAlgSymMode = TPMAlgID

9.31

type TPMIAlgSymObject 

type TPMIAlgSymObject = TPMAlgID

9.30

type TPMIDHContext 

type TPMIDHContext = TPMHandle

9.11

type TPMIDHEntity 

type TPMIDHEntity = TPMHandle

9.6

type TPMIDHObject 

type TPMIDHObject = TPMHandle

9.3

type TPMIECCCurve 

type TPMIECCCurve = TPMECCCurve

11.2.5.5

type TPMIRHHierarchy 

type TPMIRHHierarchy = TPMHandle

9.13

type TPMIRSAKeyBits 

type TPMIRSAKeyBits = TPMKeyBits

11.2.4.6

type TPMISHAuthSession 

type TPMISHAuthSession = TPMHandle

9.8

type TPMISHHMAC 

type TPMISHHMAC = TPMHandle

9.9

type TPMISHPolicy 

type TPMISHPolicy = TPMHandle

9.10

type TPMISTAttest 

type TPMISTAttest = TPMST

10.12.10

type TPMISTCommandTag 

type TPMISTCommandTag = TPMST

9.35

type TPMIYesNo 

type TPMIYesNo = bool

9.2 Use native bool for TPMI_YES_NO; encoding/binary already treats this as 8 bits wide.

type TPMKeyBits 

type TPMKeyBits uint16

a key size in bits

func NewTPMKeyBits 

func NewTPMKeyBits(v TPMKeyBits) *TPMKeyBits

type TPMKeySize 

type TPMKeySize uint16

a key size in octets

type TPMLACTData 

type TPMLACTData struct {
	ACTData []TPMSACTData `tpmdirect:"list"`
}

10.9.13

type TPMLAlg 

type TPMLAlg struct {
	Algorithms []TPMAlgID `tpmdirect:"list"`
}

10.9.3

type TPMLAlgProperty 

type TPMLAlgProperty struct {
	AlgProperties []TPMSAlgProperty `tpmdirect:"list"`
}

10.9.8

type TPMLCC 

type TPMLCC struct {
	CommandCodes []TPMCC `tpmdirect:"list"`
}

10.9.1

type TPMLCCA 

type TPMLCCA struct {
	CommandAttributes []TPMACC `tpmdirect:"list"`
}

10.9.2

type TPMLDigest 

type TPMLDigest struct {
	// a list of digests
	Digests []TPM2BDigest `tpmdirect:"list"`
}

10.9.5

type TPMLDigestValues 

type TPMLDigestValues struct {
	// a list of tagged digests
	Digests []TPMTHA `tpmdirect:"list"`
}

10.9.6

type TPMLECCCurve 

type TPMLECCCurve struct {
	ECCCurves []TPMECCCurve `tpmdirect:"list"`
}

10.9.11

type TPMLHandle 

type TPMLHandle struct {
	Handle []TPMHandle `tpmdirect:"list"`
}

10.9.4

type TPMLPCRSelection 

type TPMLPCRSelection struct {
	PCRSelections []TPMSPCRSelection `tpmdirect:"list"`
}

10.9.7

type TPMLTaggedPCRProperty 

type TPMLTaggedPCRProperty struct {
	PCRProperty []TPMSTaggedPCRSelect `tpmdirect:"list"`
}

10.9.10

type TPMLTaggedPolicy 

type TPMLTaggedPolicy struct {
	Policies []TPMSTaggedPolicy `tpmdirect:"list"`
}

10.9.12

type TPMLTaggedTPMProperty 

type TPMLTaggedTPMProperty struct {
	TPMProperty []TPMSTaggedProperty `tpmdirect:"list"`
}

10.9.9

type TPMModifierIndicator 

type TPMModifierIndicator uint32

type TPMPT 

type TPMPT uint32

6.13 

const (
	// a 4-octet character string containing the TPM Family value (TPM_SPEC_FAMILY)
	TPMPTFamilyIndicator TPMPT = 0x00000100
	// the level of the specification
	TPMPTLevel TPMPT = 0x00000101
	// the specification Revision times 100
	TPMPTRevision TPMPT = 0x00000102
	// the specification day of year using TCG calendar
	TPMPTDayofYear TPMPT = 0x00000103
	// the specification year using the CE
	TPMPTYear TPMPT = 0x00000104
	// the vendor ID unique to each TPM manufacturer
	TPMPTManufacturer TPMPT = 0x00000105
	// the first four characters of the vendor ID string
	TPMPTVendorString1 TPMPT = 0x00000106
	// the second four characters of the vendor ID string
	TPMPTVendorString2 TPMPT = 0x00000107
	// the third four characters of the vendor ID string
	TPMPTVendorString3 TPMPT = 0x00000108
	// the fourth four characters of the vendor ID sting
	TPMPTVendorString4 TPMPT = 0x00000109
	// vendor-defined value indicating the TPM model
	TPMPTVendorTPMType TPMPT = 0x0000010A
	// the most-significant 32 bits of a TPM vendor-specific value
	// indicating the version number of the firmware.
	TPMPTFirmwareVersion1 TPMPT = 0x0000010B
	// the least-significant 32 bits of a TPM vendor-specific value
	// indicating the version number of the firmware.
	TPMPTFirmwareVersion2 TPMPT = 0x0000010C
	// the maximum size of a parameter TPM2B_MAX_BUFFER)
	TPMPTInputBuffer TPMPT = 0x0000010D
	// the minimum number of transient objects that can be held in TPM RAM
	TPMPTHRTransientMin TPMPT = 0x0000010E
	// the minimum number of persistent objects that can be held in TPM NV memory
	TPMPTHRPersistentMin TPMPT = 0x0000010F
	// the minimum number of authorization sessions that can be held in TPM RAM
	TPMPTHRLoadedMin TPMPT = 0x00000110
	// the number of authorization sessions that may be active at a time
	TPMPTActiveSessionsMax TPMPT = 0x00000111
	// the number of PCR implemented
	TPMPTPCRCount TPMPT = 0x00000112
	// the minimum number of octets in a TPMS_PCR_SELECT.sizeOfSelect
	TPMPTPCRSelectMin TPMPT = 0x00000113
	// the maximum allowed difference (unsigned) between the contextID values of two saved session contexts
	TPMPTContextGapMax TPMPT = 0x00000114

	// the maximum number of NV Indexes that are allowed to have the TPM_NT_COUNTER attribute
	TPMPTNVCountersMax TPMPT = 0x00000116
	// the maximum size of an NV Index data area
	TPMPTNVIndexMax TPMPT = 0x00000117
	// a TPMA_MEMORY indicating the memory management method for the TPM
	TPMPTMemory TPMPT = 0x00000118
	// interval, in milliseconds, between updates to the copy of TPMS_CLOCK_INFO.clock in NV
	TPMPTClockUpdate TPMPT = 0x00000119
	// the algorithm used for the integrity HMAC on saved contexts and for hashing the fuData of TPM2_FirmwareRead()
	TPMPTContextHash TPMPT = 0x0000011A
	// TPM_ALG_ID, the algorithm used for encryption of saved contexts
	TPMPTContextSym TPMPT = 0x0000011B
	// TPM_KEY_BITS, the size of the key used for encryption of saved contexts
	TPMPTContextSymSize TPMPT = 0x0000011C
	// the modulus - 1 of the count for NV update of an orderly counter
	TPMPTOrderlyCount TPMPT = 0x0000011D
	// the maximum value for commandSize in a command
	TPMPTMaxCommandSize TPMPT = 0x0000011E
	// the maximum value for responseSize in a response
	TPMPTMaxResponseSize TPMPT = 0x0000011F
	// the maximum size of a digest that can be produced by the TPM
	TPMPTMaxDigest TPMPT = 0x00000120
	// the maximum size of an object context that will be returned by TPM2_ContextSave
	TPMPTMaxObjectContext TPMPT = 0x00000121
	// the maximum size of a session context that will be returned by TPM2_ContextSave
	TPMPTMaxSessionContext TPMPT = 0x00000122
	// platform-specific family (a TPM_PS value)(see Table 25)
	TPMPTPSFamilyIndicator TPMPT = 0x00000123
	// the level of the platform-specific specification
	TPMPTPSLevel TPMPT = 0x00000124
	// a platform specific value
	TPMPTPSRevision TPMPT = 0x00000125
	// the platform-specific TPM specification day of year using TCG calendar
	TPMPTPSDayOfYear TPMPT = 0x00000126
	// the platform-specific TPM specification year using the CE
	TPMPTPSYear TPMPT = 0x00000127
	// the number of split signing operations supported by the TPM
	TPMPTSplitMax TPMPT = 0x00000128
	// total number of commands implemented in the TPM
	TPMPTTotalCommands TPMPT = 0x00000129
	// number of commands from the TPM library that are implemented
	TPMPTLibraryCommands TPMPT = 0x0000012A
	// number of vendor commands that are implemented
	TPMPTVendorCommands TPMPT = 0x0000012B
	// the maximum data size in one NV write, NV read, NV extend, or NV certify command
	TPMPTNVBufferMax TPMPT = 0x0000012C
	// a TPMA_MODES value, indicating that the TPM is designed for these modes.
	TPMPTModes TPMPT = 0x0000012D
	// the maximum size of a TPMS_CAPABILITY_DATA structure returned in TPM2_GetCapability().
	TPMPTMaxCapBuffer TPMPT = 0x0000012E
	// TPMA_PERMANENT
	TPMPTPermanent TPMPT = 0x00000200
	// TPMA_STARTUP_CLEAR
	TPMPTStartupClear TPMPT = 0x00000201
	// the number of NV Indexes currently defined
	TPMPTHRNVIndex TPMPT = 0x00000202
	// the number of authorization sessions currently loaded into TPM RAM
	TPMPTHRLoaded TPMPT = 0x00000203
	// the number of additional authorization sessions, of any type, that could be loaded into TPM RAM
	TPMPTHRLoadedAvail TPMPT = 0x00000204
	// the number of active authorization sessions currently being tracked by the TPM
	TPMPTHRActive TPMPT = 0x00000205
	// the number of additional authorization sessions, of any type, that could be created
	TPMPTHRActiveAvail TPMPT = 0x00000206
	// estimate of the number of additional transient objects that could be loaded into TPM RAM
	TPMPTHRTransientAvail TPMPT = 0x00000207
	// the number of persistent objects currently loaded into TPM NV memory
	TPMPTHRPersistent TPMPT = 0x00000208
	// the number of additional persistent objects that could be loaded into NV memory
	TPMPTHRPersistentAvail TPMPT = 0x00000209
	// the number of defined NV Indexes that have NV the TPM_NT_COUNTER attribute
	TPMPTNVCounters TPMPT = 0x0000020A
	// the number of additional NV Indexes that can be defined with their TPM_NT of TPM_NV_COUNTER and the TPMA_NV_ORDERLY attribute SET
	TPMPTNVCountersAvail TPMPT = 0x0000020B
	// code that limits the algorithms that may be used with the TPM
	TPMPTAlgorithmSet TPMPT = 0x0000020C
	// the number of loaded ECC curves
	TPMPTLoadedCurves TPMPT = 0x0000020D
	// the current value of the lockout counter (failedTries)
	TPMPTLockoutCounter TPMPT = 0x0000020E
	// the number of authorization failures before DA lockout is invoked
	TPMPTMaxAuthFail TPMPT = 0x0000020F
	// the number of seconds before the value reported by TPM_PT_LOCKOUT_COUNTER is decremented
	TPMPTLockoutInterval TPMPT = 0x00000210
	// the number of seconds after a lockoutAuth failure before use of lockoutAuth may be attempted again
	TPMPTLockoutRecovery TPMPT = 0x00000211
	// number of milliseconds before the TPM will accept another command that will modify NV
	TPMPTNVWriteRecovery TPMPT = 0x00000212
	// the high-order 32 bits of the command audit counter
	TPMPTAuditCounter0 TPMPT = 0x00000213
	// the low-order 32 bits of the command audit counter
	TPMPTAuditCounter1 TPMPT = 0x00000214
)

6.13

type TPMPTPCR 

type TPMPTPCR uint32

6.14 

const (
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is saved and restored by TPM_SU_STATE
	TPMPTPCRSave TPMPTPCR = 0x00000000
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be extended from locality 0
	TPMPTPCRExtendL0 TPMPTPCR = 0x00000001
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset by TPM2_PCR_Reset() from locality 0
	TPMPTPCRResetL0 TPMPTPCR = 0x00000002
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be extended from locality 1
	TPMPTPCRExtendL1 TPMPTPCR = 0x00000003
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset by TPM2_PCR_Reset() from locality 1
	TPMPTPCRResetL1 TPMPTPCR = 0x00000004
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be extended from locality 2
	TPMPTPCRExtendL2 TPMPTPCR = 0x00000005
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset by TPM2_PCR_Reset() from locality 2
	TPMPTPCRResetL2 TPMPTPCR = 0x00000006
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be extended from locality 3
	TPMPTPCRExtendL3 TPMPTPCR = 0x00000007
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset by TPM2_PCR_Reset() from locality 3
	TPMPTPCRResetL3 TPMPTPCR = 0x00000008
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be extended from locality 4
	TPMPTPCRExtendL4 TPMPTPCR = 0x00000009
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset by TPM2_PCR_Reset() from locality 4
	TPMPTPCRResetL4 TPMPTPCR = 0x0000000A
	// a SET bit in the TPMS_PCR_SELECT indicates that modifications to this PCR (reset or Extend) will not increment the pcrUpdateCounter
	TPMPTPCRNoIncrement TPMPTPCR = 0x00000011
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is reset by a D-RTM event
	TPMPTPCRDRTMRest TPMPTPCR = 0x00000012
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is controlled by policy
	TPMPTPCRPolicy TPMPTPCR = 0x00000013
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is controlled by an authorization value
	TPMPTPCRAuth TPMPTPCR = 0x00000014
)

6.14

type TPMParameterSize 

type TPMParameterSize uint32

the parameterSize parameter in a command

type TPMRC 

type TPMRC uint32

6.6 

const (
	TPMRCSuccess TPMRC = 0x00000000

	// FMT0 error codes
	TPMRCInitialize      TPMRC = rcVer1 + 0x000
	TPMRCFailure         TPMRC = rcVer1 + 0x001
	TPMRCSequence        TPMRC = rcVer1 + 0x003
	TPMRCPrivate         TPMRC = rcVer1 + 0x00B
	TPMRCHMAC            TPMRC = rcVer1 + 0x019
	TPMRCDisabled        TPMRC = rcVer1 + 0x020
	TPMRCExclusive       TPMRC = rcVer1 + 0x021
	TPMRCAuthType        TPMRC = rcVer1 + 0x024
	TPMRCAuthMissing     TPMRC = rcVer1 + 0x025
	TPMRCPolicy          TPMRC = rcVer1 + 0x026
	TPMRCPCR             TPMRC = rcVer1 + 0x027
	TPMRCPCRChanged      TPMRC = rcVer1 + 0x028
	TPMRCUpgrade         TPMRC = rcVer1 + 0x02D
	TPMRCTooManyContexts TPMRC = rcVer1 + 0x02E
	TPMRCAuthUnavailable TPMRC = rcVer1 + 0x02F
	TPMRCReboot          TPMRC = rcVer1 + 0x030
	TPMRCUnbalanced      TPMRC = rcVer1 + 0x031
	TPMRCCommandSize     TPMRC = rcVer1 + 0x042
	TPMRCCommandCode     TPMRC = rcVer1 + 0x043
	TPMRCAuthSize        TPMRC = rcVer1 + 0x044
	TPMRCAuthContext     TPMRC = rcVer1 + 0x045
	TPMRCNVRange         TPMRC = rcVer1 + 0x046
	TPMRCNVSize          TPMRC = rcVer1 + 0x047
	TPMRCNVLocked        TPMRC = rcVer1 + 0x048
	TPMRCNVAuthorization TPMRC = rcVer1 + 0x049
	TPMRCNVUninitialized TPMRC = rcVer1 + 0x04A
	TPMRCNVSpace         TPMRC = rcVer1 + 0x04B
	TPMRCNVDefined       TPMRC = rcVer1 + 0x04C
	TPMRCBadContext      TPMRC = rcVer1 + 0x050
	TPMRCCPHash          TPMRC = rcVer1 + 0x051
	TPMRCParent          TPMRC = rcVer1 + 0x052
	TPMRCNeedsTest       TPMRC = rcVer1 + 0x053
	TPMRCNoResult        TPMRC = rcVer1 + 0x054
	TPMRCSensitive       TPMRC = rcVer1 + 0x055

	// FMT1 error codes
	TPMRCAsymmetric   TPMRC = rcFmt1 + 0x001
	TPMRCAttributes   TPMRC = rcFmt1 + 0x002
	TPMRCHash         TPMRC = rcFmt1 + 0x003
	TPMRCValue        TPMRC = rcFmt1 + 0x004
	TPMRCHierarchy    TPMRC = rcFmt1 + 0x005
	TPMRCKeySize      TPMRC = rcFmt1 + 0x007
	TPMRCMGF          TPMRC = rcFmt1 + 0x008
	TPMRCMode         TPMRC = rcFmt1 + 0x009
	TPMRCType         TPMRC = rcFmt1 + 0x00A
	TPMRCHandle       TPMRC = rcFmt1 + 0x00B
	TPMRCKDF          TPMRC = rcFmt1 + 0x00C
	TPMRCRange        TPMRC = rcFmt1 + 0x00D
	TPMRCAuthFail     TPMRC = rcFmt1 + 0x00E
	TPMRCNonce        TPMRC = rcFmt1 + 0x00F
	TPMRCPP           TPMRC = rcFmt1 + 0x010
	TPMRCScheme       TPMRC = rcFmt1 + 0x012
	TPMRCSize         TPMRC = rcFmt1 + 0x015
	TPMRCSymmetric    TPMRC = rcFmt1 + 0x016
	TPMRCTag          TPMRC = rcFmt1 + 0x017
	TPMRCSelector     TPMRC = rcFmt1 + 0x018
	TPMRCInsufficient TPMRC = rcFmt1 + 0x01A
	TPMRCSignature    TPMRC = rcFmt1 + 0x01B
	TPMRCKey          TPMRC = rcFmt1 + 0x01C
	TPMRCPolicyFail   TPMRC = rcFmt1 + 0x01D
	TPMRCIntegrity    TPMRC = rcFmt1 + 0x01F
	TPMRCTicket       TPMRC = rcFmt1 + 0x020
	TPMRCReservedBits TPMRC = rcFmt1 + 0x021
	TPMRCBadAuth      TPMRC = rcFmt1 + 0x022
	TPMRCExpired      TPMRC = rcFmt1 + 0x023
	TPMRCPolicyCC     TPMRC = rcFmt1 + 0x024
	TPMRCBinding      TPMRC = rcFmt1 + 0x025
	TPMRCCurve        TPMRC = rcFmt1 + 0x026
	TPMRCECCPoint     TPMRC = rcFmt1 + 0x027

	TPMRCContextGap     TPMRC = rcWarn + 0x001
	TPMRCObjectMemory   TPMRC = rcWarn + 0x002
	TPMRCSessionMemory  TPMRC = rcWarn + 0x003
	TPMRCMemory         TPMRC = rcWarn + 0x004
	TPMRCSessionHandles TPMRC = rcWarn + 0x005
	TPMRCObjectHandles  TPMRC = rcWarn + 0x006
	TPMRCLocality       TPMRC = rcWarn + 0x007
	TPMRCYielded        TPMRC = rcWarn + 0x008
	TPMRCCanceled       TPMRC = rcWarn + 0x009
	TPMRCTesting        TPMRC = rcWarn + 0x00A
	TPMRCReferenceH0    TPMRC = rcWarn + 0x010
	TPMRCReferenceH1    TPMRC = rcWarn + 0x011
	TPMRCReferenceH2    TPMRC = rcWarn + 0x012
	TPMRCReferenceH3    TPMRC = rcWarn + 0x013
	TPMRCReferenceH4    TPMRC = rcWarn + 0x014
	TPMRCReferenceH5    TPMRC = rcWarn + 0x015
	TPMRCReferenceH6    TPMRC = rcWarn + 0x016
	TPMRCReferenceS0    TPMRC = rcWarn + 0x018
	TPMRCReferenceS1    TPMRC = rcWarn + 0x019
	TPMRCReferenceS2    TPMRC = rcWarn + 0x01A
	TPMRCReferenceS3    TPMRC = rcWarn + 0x01B
	TPMRCReferenceS4    TPMRC = rcWarn + 0x01C
	TPMRCReferenceS5    TPMRC = rcWarn + 0x01D
	TPMRCReferenceS6    TPMRC = rcWarn + 0x01E
	TPMRCNVRate         TPMRC = rcWarn + 0x020
	TPMRCLockout        TPMRC = rcWarn + 0x021
	TPMRCRetry          TPMRC = rcWarn + 0x022
	TPMRCNVUnavailable  TPMRC = rcWarn + 0x023
)

6.6.3

func (TPMRC) As 

func (r TPMRC) As(target interface{}) bool

As returns whether the error can be assigned to the given interface type. If supported, it updates the value pointed at by target. Supports the Fmt1Error type.

func (TPMRC) Error 

func (r TPMRC) Error() string

Error produces a nice human-readable representation of the error, parsing TPM FMT1 errors as needed.

func (TPMRC) Is 

func (r TPMRC) Is(target error) bool

Is returns whether the TPMRC (which may be a FMT1 error) is equal to the given canonical error.

func (TPMRC) IsWarning 

func (r TPMRC) IsWarning() bool

IsWarning returns true if the error is a warning code. This usually indicates a problem with the TPM state, and not the command. Retrying the command later may succeed.

type TPMRspHeader 

type TPMRspHeader struct {
	Tag          TPMISTCommandTag
	Length       uint32
	ResponseCode TPMRC
}

type TPMSACTData 

type TPMSACTData struct {
	// a permanent handle
	Handle TPMHandle
	// the current timeout of the ACT
	Timeout uint32
	// the state of the ACT
	Attributes TPMAACT
}

10.8.5

type TPMSAlgProperty 

type TPMSAlgProperty struct {
	// an algorithm identifier
	Alg TPMAlgID
	// the attributes of the algorithm
	AlgProperties TPMAAlgorithm
}

10.8.1

type TPMSAttest 

type TPMSAttest struct {
	// the indication that this structure was created by a TPM (always TPM_GENERATED_VALUE)
	Magic TPMGenerated `tpmdirect:"check"`
	// type of the attestation structure
	Type TPMISTAttest
	// Qualified Name of the signing key
	QualifiedSigner TPM2BName
	// external information supplied by caller
	ExtraData TPM2BData
	// Clock, resetCount, restartCount, and Safe
	ClockInfo TPMSClockInfo
	// TPM-vendor-specific value identifying the version number of the firmware
	FirmwareVersion uint64
	// the type-specific attestation information
	Attested TPMUAttest `tpmdirect:"tag=Type"`
}

10.12.12

type TPMSAuthCommand 

type TPMSAuthCommand struct {
	Handle        TPMISHAuthSession
	Nonce         TPM2BNonce
	Attributes    TPMASession
	Authorization TPM2BData
}

10.13.2

type TPMSAuthResponse 

type TPMSAuthResponse struct {
	Nonce         TPM2BNonce
	Attributes    TPMASession
	Authorization TPM2BData
}

10.13.3

type TPMSCapabilityData 

type TPMSCapabilityData struct {
	// the capability
	Capability TPMCap
	// the capability data
	Data TPMUCapabilities `tpmdirect:"tag=Capability"`
}

10.10.2

type TPMSCertifyInfo 

type TPMSCertifyInfo struct {
	// Name of the certified object
	Name TPM2BName
	// Qualified Name of the certified object
	QualifiedName TPM2BName
}

10.12.3

type TPMSClockInfo 

type TPMSClockInfo struct {
	// time value in milliseconds that advances while the TPM is powered
	Clock uint64
	// number of occurrences of TPM Reset since the last TPM2_Clear()
	ResetCount uint32
	// number of times that TPM2_Shutdown() or _TPM_Hash_Start have
	// occurred since the last TPM Reset or TPM2_Clear().
	RestartCount uint32
	// no value of Clock greater than the current value of Clock has been
	// previously reported by the TPM. Set to YES on TPM2_Clear().
	Safe TPMIYesNo
}

10.11.1

type TPMSCommandAuditInfo 

type TPMSCommandAuditInfo struct {
	// the monotonic audit counter
	AuditCounter uint64
	// hash algorithm used for the command audit
	DigestAlg TPMAlgID
	// the current value of the audit digest
	AuditDigest TPM2BDigest
	// digest of the command codes being audited using digestAlg
	CommandDigest TPM2BDigest
}

10.12.5

type TPMSCreationData 

type TPMSCreationData struct {
	// list indicating the PCR included in pcrDigest
	PCRSelect TPMLPCRSelection
	// digest of the selected PCR using nameAlg of the object for which
	// this structure is being created
	PCRDigest TPM2BDigest
	// the locality at which the object was created
	Locality TPMALocality
	// nameAlg of the parent
	ParentNameAlg TPMAlgID
	// Name of the parent at time of creation
	ParentName TPM2BName
	// Qualified Name of the parent at the time of creation
	ParentQualifiedName TPM2BName
	// association with additional information added by the key
	OutsideInfo TPM2BData
}

15.1

type TPMSCreationInfo 

type TPMSCreationInfo struct {
	// Name of the object
	ObjectName TPM2BName
	// creationHash
	CreationHash TPM2BDigest
}

10.12.7

type TPMSE 

type TPMSE uint8

6.11 

const (
	TPMSEHMAC   TPMSE = 0x00
	TPMSEPolicy TPMSE = 0x01
	TPMXETrial  TPMSE = 0x03
)

6.11

type TPMSECCParms 

type TPMSECCParms struct {
	// for a restricted decryption key, shall be set to a supported
	// symmetric algorithm, key size. and mode.
	// if the key is not a restricted decryption key, this field shall
	// be set to TPM_ALG_NULL.
	Symmetric TPMTSymDefObject
	// If the sign attribute of the key is SET, then this shall be a
	// valid signing scheme.
	Scheme TPMTECCScheme
	// ECC curve ID
	CurveID TPMIECCCurve
	// an optional key derivation scheme for generating a symmetric key
	// from a Z value
	// If the kdf parameter associated with curveID is not TPM_ALG_NULL
	// then this is required to be NULL.
	KDF TPMTKDFScheme
}

12.2.3.6

type TPMSECCPoint 

type TPMSECCPoint struct {
	// X coordinate
	X TPM2BECCParameter
	// Y coordinate
	Y TPM2BECCParameter
}

11.2.5.2

type TPMSEmpty 

type TPMSEmpty = struct{}

10.1

type TPMSEncSchemeOAEP 

type TPMSEncSchemeOAEP TPMSSchemeHash

type TPMSEncSchemeRSAES 

type TPMSEncSchemeRSAES TPMSEmpty

11.2.2.2

type TPMSKDFSchemeECDH 

type TPMSKDFSchemeECDH TPMSSchemeHash

type TPMSKDFSchemeKDF1SP800108 

type TPMSKDFSchemeKDF1SP800108 TPMSSchemeHash

type TPMSKDFSchemeKDF1SP80056A 

type TPMSKDFSchemeKDF1SP80056A TPMSSchemeHash

type TPMSKDFSchemeKDF2 

type TPMSKDFSchemeKDF2 TPMSSchemeHash

type TPMSKDFSchemeMGF1 

type TPMSKDFSchemeMGF1 TPMSSchemeHash

11.2.3.1

type TPMSKeySchemeECDH 

type TPMSKeySchemeECDH TPMSSchemeHash

11.2.2.3

type TPMSKeyedHashParms 

type TPMSKeyedHashParms struct {
	// Indicates the signing method used for a keyedHash signing
	// object. This field also determines the size of the data field
	// for a data object created with TPM2_Create() or
	// TPM2_CreatePrimary().
	Scheme TPMTKeyedHashScheme
}

12.2.3.3

type TPMSNVCertifyInfo 

type TPMSNVCertifyInfo struct {
	// Name of the NV Index
	IndexName TPM2BName
	// the offset parameter of TPM2_NV_Certify()
	Offset uint16
	// contents of the NV Index
	NVContents TPM2BData
}

10.12.8

type TPMSNVDigestCertifyInfo 

type TPMSNVDigestCertifyInfo struct {
	// Name of the NV Index
	IndexName TPM2BName
	// hash of the contents of the index
	NVDigest TPM2BDigest
}

10.12.9

type TPMSPCRSelection 

type TPMSPCRSelection struct {
	Hash      TPMIAlgHash
	PCRSelect []byte `tpmdirect:"sized8"`
}

10.6.2

type TPMSQuoteInfo 

type TPMSQuoteInfo struct {
	// information on algID, PCR selected and digest
	PCRSelect TPMLPCRSelection
	// digest of the selected PCR using the hash of the signing key
	PCRDigest TPM2BDigest
}

10.12.4

type TPMSRSAParms 

type TPMSRSAParms struct {
	// for a restricted decryption key, shall be set to a supported
	// symmetric algorithm, key size, and mode.
	// if the key is not a restricted decryption key, this field shall
	// be set to TPM_ALG_NULL.
	Symmetric TPMTSymDefObject
	// scheme.scheme shall be:
	// for an unrestricted signing key, either TPM_ALG_RSAPSS
	// TPM_ALG_RSASSA or TPM_ALG_NULL
	// for a restricted signing key, either TPM_ALG_RSAPSS or
	// TPM_ALG_RSASSA
	// for an unrestricted decryption key, TPM_ALG_RSAES, TPM_ALG_OAEP,
	// or TPM_ALG_NULL unless the object also has the sign attribute
	// for a restricted decryption key, TPM_ALG_NULL
	Scheme TPMTRSAScheme
	// number of bits in the public modulus
	KeyBits TPMIRSAKeyBits
	// the public exponent
	// A prime number greater than 2.
	Exponent uint32
}

12.2.3.5

type TPMSSchemeHMAC 

type TPMSSchemeHMAC TPMSSchemeHash

11.1.20

type TPMSSchemeHash 

type TPMSSchemeHash struct {
	// the hash algorithm used to digest the message
	HashAlg TPMIAlgHash
}

11.1.17

type TPMSSchemeXOR 

type TPMSSchemeXOR struct {
	// the hash algorithm used to digest the message
	HashAlg TPMIAlgHash
	// the key derivation function
	KDF TPMIAlgKDF
}

11.1.21

type TPMSSensitiveCreate 

type TPMSSensitiveCreate struct {
	// the USER auth secret value.
	UserAuth TPM2BAuth
	// data to be sealed, a key, or derivation values.
	Data TPM2BData
}

11.1.15

type TPMSSessionAuditInfo 

type TPMSSessionAuditInfo struct {
	// current exclusive status of the session
	ExclusiveSession TPMIYesNo
	// the current value of the session audit digest
	SessionDigest TPM2BDigest
}

10.12.6

type TPMSSigSchemeECDSA 

type TPMSSigSchemeECDSA TPMSSchemeHash

11.2.1.3

type TPMSSigSchemeRSAPSS 

type TPMSSigSchemeRSAPSS TPMSSchemeHash

type TPMSSigSchemeRSASSA 

type TPMSSigSchemeRSASSA TPMSSchemeHash

11.2.1.2

type TPMSSignatureECC 

type TPMSSignatureECC struct {
	// the hash algorithm used in the signature process
	Hash       TPMIAlgHash
	SignatureR TPM2BECCParameter
	SignatureS TPM2BECCParameter
}

11.3.2

type TPMSSignatureRSA 

type TPMSSignatureRSA struct {
	// the hash algorithm used to digest the message
	Hash TPMIAlgHash
	// The signature is the size of a public key.
	Sig TPM2BPublicKeyRSA
}

11.3.1

type TPMSSymCipherParms 

type TPMSSymCipherParms struct {
	// a symmetric block cipher
	Sym TPMTSymDefObject
}

11.1.9

type TPMST 

type TPMST uint16

6.9 

const (
	TPMSTRspCommand         TPMST = 0x00C4
	TPMSTNull               TPMST = 0x8000
	TPMSTNoSessions         TPMST = 0x8001
	TPMSTSessions           TPMST = 0x8002
	TPMSTAttestNV           TPMST = 0x8014
	TPMSTAttestCommandAudit TPMST = 0x8015
	TPMSTAttestSessionAudit TPMST = 0x8016
	TPMSTAttestCertify      TPMST = 0x8017
	TPMSTAttestQuote        TPMST = 0x8018
	TPMSTAttestTime         TPMST = 0x8019
	TPMSTAttestCreation     TPMST = 0x801A
	TPMSTAttestNVDigest     TPMST = 0x801C
	TPMSTCreation           TPMST = 0x8021
	TPMSTVerified           TPMST = 0x8022
	TPMSTAuthSecret         TPMST = 0x8023
	TPMSTHashCheck          TPMST = 0x8024
	TPMSTAuthSigned         TPMST = 0x8025
	TPMSTFuManifest         TPMST = 0x8029
)

6.9

type TPMSTaggedPCRSelect 

type TPMSTaggedPCRSelect struct {
	// the property identifier
	Tag TPMPTPCR
	// the bit map of PCR with the identified property
	PCRSelect []byte `tpmdirect:"sized8"`
}

10.8.3

type TPMSTaggedPolicy 

type TPMSTaggedPolicy struct {
	// a permanent handle
	Handle TPMHandle
	// the policy algorithm and hash
	PolicyHash TPMTHA
}

10.8.4

type TPMSTaggedProperty 

type TPMSTaggedProperty struct {
	// a property identifier
	Property TPMPT
	// the value of the property
	Value uint32
}

10.8.2

type TPMSTimeAttestInfo 

type TPMSTimeAttestInfo struct {
	// the Time, Clock, resetCount, restartCount, and Safe indicator
	Time TPMSTimeInfo
	// a TPM vendor-specific value indicating the version number of the firmware
	FirmwareVersion uint64
}

10.12.2

type TPMSTimeInfo 

type TPMSTimeInfo struct {
	// time in milliseconds since the TIme circuit was last reset
	Time uint64
	// a structure containing the clock information
	ClockInfo TPMSClockInfo
}

10.11.6

type TPMTECCScheme 

type TPMTECCScheme struct {
	// scheme selector
	Scheme TPMIAlgECCScheme `tpmdirect:"nullable"`
	// scheme parameters
	Details TPMUAsymScheme `tpmdirect:"tag=Scheme"`
}

11.2.5.6

type TPMTHA 

type TPMTHA struct {
	// selector of the hash contained in the digest that implies the size of the digest
	HashAlg TPMIAlgHash `tpmdirect:"nullable"`
	// the digest data
	Digest TPMUHA `tpmdirect:"tag=HashAlg"`
}

10.3.2

type TPMTKDFScheme 

type TPMTKDFScheme struct {
	// scheme selector
	Scheme TPMIAlgKDF `tpmdirect:"nullable"`
	// scheme parameters
	Details TPMUKDFScheme `tpmdirect:"tag=Scheme"`
}

11.2.3.3

type TPMTKeyedHashScheme 

type TPMTKeyedHashScheme struct {
	Scheme  TPMIAlgKeyedHashScheme `tpmdirect:"nullable"`
	Details TPMUSchemeKeyedHash    `tpmdirect:"tag=Scheme"`
}

11.1.23

type TPMTPublic 

type TPMTPublic struct {
	// “algorithm” associated with this object
	Type TPMIAlgPublic
	// algorithm used for computing the Name of the object
	NameAlg TPMIAlgHash
	// attributes that, along with type, determine the manipulations
	// of this object
	ObjectAttributes TPMAObject
	// optional policy for using this key
	// The policy is computed using the nameAlg of the object.
	AuthPolicy TPM2BDigest
	// the algorithm or structure details
	Parameters TPMUPublicParms `tpmdirect:"tag=Type"`
	// the unique identifier of the structure
	// For an asymmetric key, this would be the public key.
	Unique TPMUPublicID `tpmdirect:"tag=Type"`
}

12.2.4

type TPMTRSAScheme 

type TPMTRSAScheme struct {
	// scheme selector
	Scheme TPMIAlgRSAScheme `tpmdirect:"nullable"`
	// scheme parameters
	Details TPMUAsymScheme `tpmdirect:"tag=Scheme"`
}

11.2.4.2

type TPMTSigScheme 

type TPMTSigScheme struct {
	Scheme  TPMIAlgSigScheme `tpmdirect:"nullable"`
	Details TPMUSigScheme    `tpmdirect:"tag=Scheme"`
}

11.2.1.5

type TPMTSignature 

type TPMTSignature struct {
	// selector of the algorithm used to construct the signature
	SigAlg TPMIAlgSigScheme `tpmdirect:"nullable"`
	// This shall be the actual signature information.
	Signature TPMUSignature `tpmdirect:"tag=SigAlg"`
}

11.3.4

type TPMTSymDef 

type TPMTSymDef struct {
	// indicates a symmetric algorithm
	Algorithm TPMIAlgSym `tpmdirect:"nullable"`
	// the key size
	KeyBits TPMUSymKeyBits `tpmdirect:"tag=Algorithm"`
	// the mode for the key
	Mode TPMUSymMode `tpmdirect:"tag=Algorithm"`
	// contains the additional algorithm details
	Details TPMUSymDetails `tpmdirect:"tag=Algorithm"`
}

11.1.6

type TPMTSymDefObject 

type TPMTSymDefObject struct {
	// selects a symmetric block cipher
	// When used in the parameter area of a parent object, this shall
	// be a supported block cipher and not TPM_ALG_NULL
	Algorithm TPMIAlgSymObject `tpmdirect:"nullable"`
	// the key size
	KeyBits TPMUSymKeyBits `tpmdirect:"tag=Algorithm"`
	// default mode
	// When used in the parameter area of a parent object, this shall
	// be TPM_ALG_CFB.
	Mode TPMUSymMode `tpmdirect:"tag=Algorithm"`
	// contains the additional algorithm details, if any
	Details TPMUSymDetails `tpmdirect:"tag=Algorithm"`
}

11.1.7

type TPMTTKAuth 

type TPMTTKAuth struct {
	// ticket structure tag
	Tag TPMST
	// the hierarchy of the object used to produce the ticket
	Hierarchy TPMIRHHierarchy
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
}

10.7.5

type TPMTTKCreation 

type TPMTTKCreation struct {
	// ticket structure tag
	Tag TPMST
	// the hierarchy containing name
	Hierarchy TPMIRHHierarchy
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
}

10.7.3

type TPMUAsymScheme 

type TPMUAsymScheme struct {
	// TODO every asym scheme gets an entry in this union.
	RSASSA *TPMSSigSchemeRSASSA `tpmdirect:"selector=0x0014"` // TPM_ALG_RSASSA
	RSAES  *TPMSEncSchemeRSAES  `tpmdirect:"selector=0x0015"` // TPM_ALG_RSAES
	RSAPSS *TPMSSigSchemeRSAPSS `tpmdirect:"selector=0x0016"` // TPM_ALG_RSAPSS
	OAEP   *TPMSEncSchemeOAEP   `tpmdirect:"selector=0x0017"` // TPM_ALG_OAEP
	ECDSA  *TPMSSigSchemeECDSA  `tpmdirect:"selector=0x0018"` // TPM_ALG_ECDSA
	ECDH   *TPMSKeySchemeECDH   `tpmdirect:"selector=0x0019"` // TPM_ALG_ECDH
}

11.2.3.5

type TPMUAttest 

type TPMUAttest struct {
	NV           *TPMSNVCertifyInfo       `tpmdirect:"selector=0x8014"` // TPM_ST_ATTEST_NV
	CommandAudit *TPMSCommandAuditInfo    `tpmdirect:"selector=0x8015"` // TPM_ST_ATTEST_COMMAND_AUDIT
	SessionAudit *TPMSSessionAuditInfo    `tpmdirect:"selector=0x8016"` // TPM_ST_ATTEST_SESSION_AUDIT
	Certify      *TPMSCertifyInfo         `tpmdirect:"selector=0x8017"` // TPM_ST_ATTEST_CERTIFY
	Quote        *TPMSQuoteInfo           `tpmdirect:"selector=0x8018"` // TPM_ST_ATTEST_QUOTE
	Time         *TPMSTimeAttestInfo      `tpmdirect:"selector=0x8019"` // TPM_ST_ATTEST_TIME
	Creation     *TPMSCreationInfo        `tpmdirect:"selector=0x801A"` // TPM_ST_ATTEST_CREATION
	NVDigest     *TPMSNVDigestCertifyInfo `tpmdirect:"selector=0x801C"` // TPM_ST_ATTEST_NV_DIGEST
}

10.12.11

type TPMUCapabilities 

type TPMUCapabilities struct {
	Algorithms    *TPMLAlgProperty       `tpmdirect:"selector=0x00000000"` // TPM_CAP_ALGS
	Handles       *TPMLHandle            `tpmdirect:"selector=0x00000001"` // TPM_CAP_HANDLES
	Command       *TPMLCCA               `tpmdirect:"selector=0x00000002"` // TPM_CAP_COMMANDS
	PPCommands    *TPMLCC                `tpmdirect:"selector=0x00000003"` // TPM_CAP_PP_COMMANDS
	AuditCommands *TPMLCC                `tpmdirect:"selector=0x00000004"` // TPM_CAP_AUDIT_COMMANDS
	AssignedPCR   *TPMLPCRSelection      `tpmdirect:"selector=0x00000005"` // TPM_CAP_PCRS
	TPMProperties *TPMLTaggedTPMProperty `tpmdirect:"selector=0x00000006"` // TPM_CAP_TPM_PROPERTIES
	PCRProperties *TPMLTaggedPCRProperty `tpmdirect:"selector=0x00000007"` // TPM_CAP_PCR_PROPERTIES
	ECCCurves     *TPMLECCCurve          `tpmdirect:"selector=0x00000008"` // TPM_CAP_ECC_CURVES
	AuthPolicies  *TPMLTaggedPolicy      `tpmdirect:"selector=0x00000009"` // TPM_CAP_AUTH_POLICIES
	ACTData       *TPMLACTData           `tpmdirect:"selector=0x0000000A"` // TPM_CAP_ACT
}

10.10.1

type TPMUHA 

type TPMUHA struct {
	SHA1     *[20]byte `tpmdirect:"selector=0x0004"` // TPM_ALG_SHA1
	SHA256   *[32]byte `tpmdirect:"selector=0x000B"` // TPM_ALG_SHA256
	SHA384   *[48]byte `tpmdirect:"selector=0x000C"` // TPM_ALG_SHA384
	SHA512   *[64]byte `tpmdirect:"selector=0x000D"` // TPM_ALG_SHA512
	SHA3_256 *[32]byte `tpmdirect:"selector=0x0027"` // TPM_ALG_SHA3_256
	SHA3_384 *[48]byte `tpmdirect:"selector=0x0028"` // TPM_ALG_SHA3_384
	SHA3_512 *[64]byte `tpmdirect:"selector=0x0029"` // TPM_ALG_SHA3_512
}

10.3.1

type TPMUKDFScheme 

type TPMUKDFScheme struct {
	MGF1         *TPMSKDFSchemeMGF1         `tpmdirect:"selector=0x0007"` // TPM_ALG_MGF1
	ECDH         *TPMSKDFSchemeECDH         `tpmdirect:"selector=0x0019"` // TPM_ALG_ECDH
	KDF1SP80056A *TPMSKDFSchemeKDF1SP80056A `tpmdirect:"selector=0x0020"` // TPM_ALG_KDF1_SP800_56A
	KDF2         *TPMSKDFSchemeKDF2         `tpmdirect:"selector=0x0021"` // TPM_ALG_KDF2
	KDF1SP800108 *TPMSKDFSchemeKDF1SP800108 `tpmdirect:"selector=0x0022"` // TPM_ALG_KDF1_SP800_108
}

11.2.3.2

type TPMUPublicID 

type TPMUPublicID struct {
	KeyedHash *TPM2BDigest       `tpmdirect:"selector=0x0008"` // TPM_ALG_KEYEDHASH
	Sym       *TPM2BDigest       `tpmdirect:"selector=0x0025"` // TPM_ALG_SYMCIPHER
	RSA       *TPM2BPublicKeyRSA `tpmdirect:"selector=0x0001"` // TPM_ALG_RSA
	ECC       *TPMSECCPoint      `tpmdirect:"selector=0x0023"` // TPM_ALG_ECC
}

12.2.3.2

type TPMUPublicParms 

type TPMUPublicParms struct {
	// sign | decrypt | neither
	KeyedHashDetail *TPMSKeyedHashParms `tpmdirect:"selector=0x0008"` // TPM_ALG_KEYEDHASH
	// sign | decrypt | neither
	SymCipherDetail *TPMSSymCipherParms `tpmdirect:"selector=0x0025"` // TPM_ALG_SYMCIPHER
	// decrypt + sign
	RSADetail *TPMSRSAParms `tpmdirect:"selector=0x0001"` // TPM_ALG_RSA
	// decrypt + sign
	ECCDetail *TPMSECCParms `tpmdirect:"selector=0x0023"` // TPM_ALG_ECC
}

12.2.3.7

type TPMUSchemeKeyedHash 

type TPMUSchemeKeyedHash struct {
	HMAC *TPMSSchemeHMAC `tpmdirect:"selector=0x0005"` // TPM_ALG_HMAC
	XOR  *TPMSSchemeXOR  `tpmdirect:"selector=0x000A"` // TPM_ALG_XOR
}

11.1.22

type TPMUSigScheme 

type TPMUSigScheme struct {
	HMAC   *TPMSSchemeHMAC `tpmdirect:"selector=0x0005"` // TPM_ALG_HMAC
	RSASSA *TPMSSchemeHash `tpmdirect:"selector=0x0014"` // TPM_ALG_RSASSA
	RSAPSS *TPMSSchemeHash `tpmdirect:"selector=0x0016"` // TPM_ALG_RSAPSS
	ECDSA  *TPMSSchemeHash `tpmdirect:"selector=0x0018"` // TPM_ALG_ECDSA
}

11.2.1.4

type TPMUSignature 

type TPMUSignature struct {
	HMAC   *TPMTHA           `tpmdirect:"selector=0x0005"` // TPM_ALG_HMAC
	RSASSA *TPMSSignatureRSA `tpmdirect:"selector=0x0014"` // TPM_ALG_RSASSA
	RSAPSS *TPMSSignatureRSA `tpmdirect:"selector=0x0016"` // TPM_ALG_RSAPSS
	ECDSA  *TPMSSignatureECC `tpmdirect:"selector=0x0018"` // TPM_ALG_ECDSA
}

11.3.3

type TPMUSymDetails 

type TPMUSymDetails struct {
	// TODO: The rest of the symmetric algorithms get their own entry
	// in this union.
	AES *struct{} `tpmdirect:"selector=0x0006"` // TPM_ALG_AES
	XOR *struct{} `tpmdirect:"selector=0x000A"` // TPM_ALG_XOR
}

11.1.5

type TPMUSymKeyBits 

type TPMUSymKeyBits struct {
	// TODO: The rest of the symmetric algorithms get their own entry
	// in this union.
	AES *TPMKeyBits  `tpmdirect:"selector=0x0006"` // TPM_ALG_AES
	XOR *TPMIAlgHash `tpmdirect:"selector=0x000A"` // TPM_ALG_XOR
}

11.1.3

type TPMUSymMode 

type TPMUSymMode struct {
	// TODO: The rest of the symmetric algorithms get their own entry
	// in this union.
	AES *TPMIAlgSymMode `tpmdirect:"selector=0x0006"` // TPM_ALG_AES
	XOR *struct{}       `tpmdirect:"selector=0x000A"` // TPM_ALG_XOR
}

11.1.4

type Transport 

type Transport interface {
	io.Closer
	// Send sends a command stream to the TPM and receives back a response.
	// Errors from the TPM itself (i.e., in the response stream) are not
	// parsed. Only errors from actually sending the command.
	Send(command []byte) ([]byte, error)
}

Transport represents a physical connection to a TPM.

func LocalSimulator 

func LocalSimulator() (Transport, error)

type UnsealCommand 

type UnsealCommand struct {
	ItemHandle AuthHandle `tpmdirect:"handle,auth"`
}

12.7

func (*UnsealCommand) Command 

func (_ *UnsealCommand) Command() TPMCC

type UnsealResponse 

type UnsealResponse struct {
	OutData TPM2BSensitiveData
}

func (*UnsealResponse) Response 

func (_ *UnsealResponse) Response() TPMCC

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.