tpm2

package
v0.0.0-...-697c051 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 24, 2024 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Overview

Package tpm2 provides 1:1 mapping to TPM 2.0 APIs.

Package tpm2 defines all the TPM 2.0 structures together to avoid import cycles

Package tpm2 contains TPM 2.0 commands and structures.

Index

Constants

View Source 
const (
	TPMAlgSHA          = TPMAlgSHA1
	TPMCCHMAC          = TPMCCMAC
	TPMCCHMACStart     = TPMCCMACStart
	TPMHTLoadedSession = TPMHTHMACSession
	TPMHTSavedSession  = TPMHTPolicySession
)

Hash algorithm IDs and command codes that got re-used.

View Source 
const (
	// EncryptIn specifies a decrypt session.
	EncryptIn parameterEncryptiontpm2ion = 1 + iota
	// EncryptOut specifies an encrypt session.
	EncryptOut
	// EncryptInOut specifies a decrypt+encrypt session.
	EncryptInOut
)

Variables

View Source 
var (
	// RSASRKTemplate contains the TCG reference RSA-2048 SRK template.
	// https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf
	RSASRKTemplate = TPMTPublic{
		Type:    TPMAlgRSA,
		NameAlg: TPMAlgSHA256,
		ObjectAttributes: TPMAObject{
			FixedTPM:             true,
			STClear:              false,
			FixedParent:          true,
			SensitiveDataOrigin:  true,
			UserWithAuth:         true,
			AdminWithPolicy:      false,
			NoDA:                 true,
			EncryptedDuplication: false,
			Restricted:           true,
			Decrypt:              true,
			SignEncrypt:          false,
		},
		Parameters: NewTPMUPublicParms(
			TPMAlgRSA,
			&TPMSRSAParms{
				Symmetric: TPMTSymDefObject{
					Algorithm: TPMAlgAES,
					KeyBits: NewTPMUSymKeyBits(
						TPMAlgAES,
						TPMKeyBits(128),
					),
					Mode: NewTPMUSymMode(
						TPMAlgAES,
						TPMAlgCFB,
					),
				},
				KeyBits: 2048,
			},
		),
		Unique: NewTPMUPublicID(
			TPMAlgRSA,
			&TPM2BPublicKeyRSA{
				Buffer: make([]byte, 256),
			},
		),
	}
	// RSAEKTemplate contains the TCG reference RSA-2048 EK template.
	RSAEKTemplate = TPMTPublic{
		Type:    TPMAlgRSA,
		NameAlg: TPMAlgSHA256,
		ObjectAttributes: TPMAObject{
			FixedTPM:             true,
			STClear:              false,
			FixedParent:          true,
			SensitiveDataOrigin:  true,
			UserWithAuth:         false,
			AdminWithPolicy:      true,
			NoDA:                 false,
			EncryptedDuplication: false,
			Restricted:           true,
			Decrypt:              true,
			SignEncrypt:          false,
		},
		AuthPolicy: TPM2BDigest{
			Buffer: []byte{

				0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xB3, 0xF8,
				0x1A, 0x90, 0xCC, 0x8D, 0x46, 0xA5, 0xD7, 0x24,
				0xFD, 0x52, 0xD7, 0x6E, 0x06, 0x52, 0x0B, 0x64,
				0xF2, 0xA1, 0xDA, 0x1B, 0x33, 0x14, 0x69, 0xAA,
			},
		},
		Parameters: NewTPMUPublicParms(
			TPMAlgRSA,
			&TPMSRSAParms{
				Symmetric: TPMTSymDefObject{
					Algorithm: TPMAlgAES,
					KeyBits: NewTPMUSymKeyBits(
						TPMAlgAES,
						TPMKeyBits(128),
					),
					Mode: NewTPMUSymMode(
						TPMAlgAES,
						TPMAlgCFB,
					),
				},
				KeyBits: 2048,
			},
		),
		Unique: NewTPMUPublicID(
			TPMAlgRSA,
			&TPM2BPublicKeyRSA{
				Buffer: make([]byte, 256),
			},
		),
	}

	// ECCSRKTemplate contains the TCG reference ECC-P256 SRK template.
	// https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf
	ECCSRKTemplate = TPMTPublic{
		Type:    TPMAlgECC,
		NameAlg: TPMAlgSHA256,
		ObjectAttributes: TPMAObject{
			FixedTPM:             true,
			STClear:              false,
			FixedParent:          true,
			SensitiveDataOrigin:  true,
			UserWithAuth:         true,
			AdminWithPolicy:      false,
			NoDA:                 true,
			EncryptedDuplication: false,
			Restricted:           true,
			Decrypt:              true,
			SignEncrypt:          false,
		},
		Parameters: NewTPMUPublicParms(
			TPMAlgECC,
			&TPMSECCParms{
				Symmetric: TPMTSymDefObject{
					Algorithm: TPMAlgAES,
					KeyBits: NewTPMUSymKeyBits(
						TPMAlgAES,
						TPMKeyBits(128),
					),
					Mode: NewTPMUSymMode(
						TPMAlgAES,
						TPMAlgCFB,
					),
				},
				CurveID: TPMECCNistP256,
			},
		),
		Unique: NewTPMUPublicID(
			TPMAlgECC,
			&TPMSECCPoint{
				X: TPM2BECCParameter{
					Buffer: make([]byte, 32),
				},
				Y: TPM2BECCParameter{
					Buffer: make([]byte, 32),
				},
			},
		),
	}

	// ECCEKTemplate contains the TCG reference ECC-P256 EK template.
	ECCEKTemplate = TPMTPublic{
		Type:    TPMAlgECC,
		NameAlg: TPMAlgSHA256,
		ObjectAttributes: TPMAObject{
			FixedTPM:             true,
			STClear:              false,
			FixedParent:          true,
			SensitiveDataOrigin:  true,
			UserWithAuth:         false,
			AdminWithPolicy:      true,
			NoDA:                 false,
			EncryptedDuplication: false,
			Restricted:           true,
			Decrypt:              true,
			SignEncrypt:          false,
		},
		AuthPolicy: TPM2BDigest{
			Buffer: []byte{

				0x83, 0x71, 0x97, 0x67, 0x44, 0x84, 0xB3, 0xF8,
				0x1A, 0x90, 0xCC, 0x8D, 0x46, 0xA5, 0xD7, 0x24,
				0xFD, 0x52, 0xD7, 0x6E, 0x06, 0x52, 0x0B, 0x64,
				0xF2, 0xA1, 0xDA, 0x1B, 0x33, 0x14, 0x69, 0xAA,
			},
		},
		Parameters: NewTPMUPublicParms(
			TPMAlgECC,
			&TPMSECCParms{
				Symmetric: TPMTSymDefObject{
					Algorithm: TPMAlgAES,
					KeyBits: NewTPMUSymKeyBits(
						TPMAlgAES,
						TPMKeyBits(128),
					),
					Mode: NewTPMUSymMode(
						TPMAlgAES,
						TPMAlgCFB,
					),
				},
				CurveID: TPMECCNistP256,
			},
		),
		Unique: NewTPMUPublicID(
			TPMAlgECC,
			&TPMSECCPoint{
				X: TPM2BECCParameter{
					Buffer: make([]byte, 32),
				},
				Y: TPM2BECCParameter{
					Buffer: make([]byte, 32),
				},
			},
		),
	}
)
View Source 
var PCClientCompatible pcrSelectionFormatter = pcClient{}

PCClientCompatible is a pcrSelectionFormatter that formats PCR selections suitable for use in PC Client PTP-compatible TPMs (the vast majority): https://trustedcomputinggroup.org/resource/pc-client-platform-tpm-profile-ptp-specification/ PC Client mandates at least 24 PCRs but does not provide an upper limit.

Functions

func AuditCommand 

func AuditCommand[C Command[R, *R], R any](a *CommandAudit, cmd C, rsp *R) error

AuditCommand extends the audit digest with the given command and response. Go Generics do not allow type parameters on methods, otherwise this would be a method on CommandAudit. See https://github.com/golang/go/issues/49085 for more information.

func KDFa 

func KDFa(h crypto.Hash, key []byte, label string, contextU, contextV []byte, bits int) []byte

KDFa implements TPM 2.0's default key derivation function, as defined in section 11.4.9.2 of the TPM revision 2 specification part 1. See: https://trustedcomputinggroup.org/resource/tpm-library-specification/ The key & label parameters must not be zero length. The label parameter is a non-null-terminated string. The contextU & contextV parameters are optional.

func KDFe 

func KDFe(h crypto.Hash, z []byte, use string, partyUInfo, partyVInfo []byte, bits int) []byte

KDFe implements TPM 2.0's ECDH key derivation function, as defined in section 11.4.9.3 of the TPM revision 2 specification part 1. See: https://trustedcomputinggroup.org/resource/tpm-library-specification/ The z parameter is the x coordinate of one party's private ECC key multiplied by the other party's public ECC point. The use parameter is a non-null-terminated string. The partyUInfo and partyVInfo are the x coordinates of the initiator's and the responder's ECC points, respectively.

func Marshal 

func Marshal(v Marshallable) []byte

Marshal will serialize the given values, returning them as a byte slice.

func PrimaryHandleName 

func PrimaryHandleName(h TPMHandle) []byte

PrimaryHandleName returns the TPM Name of a primary handle.

func RSAPub 

func RSAPub(parms *TPMSRSAParms, pub *TPM2BPublicKeyRSA) (*rsa.PublicKey, error)

RSAPub converts a TPM RSA public key into one recognized by the rsa package.

func Unmarshal 

func Unmarshal[T Marshallable, P interface {
	*T
	Unmarshallable
}](data []byte) (*T, error)

Unmarshal unmarshals the given type from the byte array. Returns an error if the buffer does not contain enough data to satisfy the types, or if the types are not unmarshallable.

Types

type ActivateCredential 

type ActivateCredential struct {
	// handle of the object associated with certificate in credentialBlob
	ActivateHandle handle `gotpm:"handle,auth"`
	// loaded key used to decrypt the TPMS_SENSITIVE in credentialBlob
	KeyHandle handle `gotpm:"handle,auth"`
	// the credential
	CredentialBlob TPM2BIDObject
	// keyHandle algorithm-dependent encrypted seed that protects credentialBlob
	Secret TPM2BEncryptedSecret
}

ActivateCredential is the input to TPM2_ActivateCredential. See definition in Part 3, Commands, section 12.5.

func (ActivateCredential) Command 

func (ActivateCredential) Command() TPMCC

Command implements the Command interface.

func (ActivateCredential) Execute 

func (cmd ActivateCredential) Execute(t transport.TPM, s ...Session) (*ActivateCredentialResponse, error)

Execute executes the command and returns the response.

type ActivateCredentialResponse 

type ActivateCredentialResponse struct {
	// the decrypted certificate information
	CertInfo TPM2BDigest
}

ActivateCredentialResponse is the response from TPM2_ActivateCredential.

type AsymSchemeContents 

type AsymSchemeContents interface {
	Marshallable
	*TPMSSigSchemeRSASSA | *TPMSEncSchemeRSAES | *TPMSSigSchemeRSAPSS | *TPMSEncSchemeOAEP |
		*TPMSSigSchemeECDSA | *TPMSKeySchemeECDH | *TPMSSchemeECDAA
}

AsymSchemeContents is a type constraint representing the possible contents of TPMUAsymScheme.

type AttestContents 

type AttestContents interface {
	Marshallable
	*TPMSNVCertifyInfo | *TPMSCommandAuditInfo | *TPMSSessionAuditInfo | *TPMSCertifyInfo |
		*TPMSQuoteInfo | *TPMSTimeAttestInfo | *TPMSCreationInfo | *TPMSNVDigestCertifyInfo
}

AttestContents is a type constraint representing the possible contents of TPMUAttest.

type AuthHandle 

type AuthHandle struct {
	Handle TPMHandle
	Name   TPM2BName
	Auth   Session
}

AuthHandle allows the caller to add an authorization session onto a handle.

func (AuthHandle) HandleValue 

func (h AuthHandle) HandleValue() uint32

HandleValue implements the handle interface.

func (AuthHandle) KnownName 

func (h AuthHandle) KnownName() *TPM2BName

KnownName implements the handle interface. If Name is not provided (i.e., only Auth), then rely on the underlying TPMHandle.

type AuthOption 

type AuthOption func(*sessionOptions)

AuthOption is an option for setting up an auth session variadically.

func AESEncryption 

func AESEncryption(keySize TPMKeyBits, dir parameterEncryptiontpm2ion) AuthOption

AESEncryption uses the session to encrypt the first parameter sent to/from the TPM. Note that only commands whose first command/response parameter is a 2B can support session encryption.

func Audit 

func Audit() AuthOption

Audit uses the session to compute extra HMACs. An Audit session can be used with GetSessionAuditDigest to obtain attestation over a sequence of commands.

func AuditExclusive 

func AuditExclusive() AuthOption

AuditExclusive is like an audit session, but even more powerful. This allows an audit session to additionally indicate that no other auditable commands were executed other than the ones described by the audit hash.

func Auth 

func Auth(auth []byte) AuthOption

Auth uses the session to prove knowledge of the object's auth value.

func Bound 

func Bound(handle TPMIDHEntity, name TPM2BName, auth []byte) AuthOption

Bound specifies that this session's session key should depend on the auth value of the given object.

func Password 

func Password(auth []byte) AuthOption

Password is a policy-session-only option that specifies to provide the object's auth value in place of the authorization HMAC when authorizing. For HMAC sessions, has the same effect as using Auth. Deprecated: This is not recommended and is only provided for completeness; use Auth instead.

func Salted 

func Salted(handle TPMIDHObject, pub TPMTPublic) AuthOption

Salted specifies that this session's session key should depend on an encrypted seed value using the given public key. 'handle' must refer to a loaded RSA or ECC key.

func Trial 

func Trial() AuthOption

Trial indicates that the policy session should be in trial-mode. This allows using the TPM to calculate policy hashes. This option has no effect on non-Policy sessions.

type BitGetter 

type BitGetter interface {
	Bitfield
	// GetReservedBit returns the value of the given reserved bit.
	// If the bit is not reserved, returns false.
	GetReservedBit(pos int) bool
}

BitGetter represents a TPM bitfield (i.e., TPMA_*) type that can be read.

type BitSetter 

type BitSetter interface {
	Bitfield
	// GetReservedBit sets the value of the given reserved bit.
	SetReservedBit(pos int, val bool)
}

BitSetter represents a TPM bitfield (i.e., TPMA_*) type that can be written.

type Bitfield 

type Bitfield interface {
	// Length returns the length of the bitfield.
	Length() int
}

Bitfield represents a TPM bitfield (i.e., TPMA_*) type.

type CapabilitiesContents 

type CapabilitiesContents interface {
	Marshallable
	*TPMLAlgProperty | *TPMLHandle | *TPMLCCA | *TPMLCC | *TPMLPCRSelection | *TPMLTaggedTPMProperty |
		*TPMLTaggedPCRProperty | *TPMLECCCurve | *TPMLTaggedPolicy | *TPMLACTData
}

CapabilitiesContents is a type constraint representing the possible contents of TPMUCapabilities.

type Certify 

type Certify struct {
	// handle of the object to be certified
	ObjectHandle handle `gotpm:"handle,auth"`
	// handle of the key used to sign the attestation structure
	SignHandle handle `gotpm:"handle,auth"`
	// user provided qualifying data
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
}

Certify is the input to TPM2_Certify. See definition in Part 3, Commands, section 18.2.

func (Certify) Command 

func (Certify) Command() TPMCC

Command implements the Command interface.

func (Certify) Execute 

func (cmd Certify) Execute(t transport.TPM, s ...Session) (*CertifyResponse, error)

Execute executes the command and returns the response.

type CertifyCreation 

type CertifyCreation struct {
	// handle of the key that will sign the attestation block
	SignHandle handle `gotpm:"handle,auth"`
	// the object associated with the creation data
	ObjectHandle handle `gotpm:"handle"`
	// user-provided qualifying data
	QualifyingData TPM2BData
	// hash of the creation data produced by TPM2_Create() or TPM2_CreatePrimary()
	CreationHash TPM2BDigest
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
	// ticket produced by TPM2_Create() or TPM2_CreatePrimary()
	CreationTicket TPMTTKCreation
}

CertifyCreation is the input to TPM2_CertifyCreation. See definition in Part 3, Commands, section 18.3.

func (CertifyCreation) Command 

func (CertifyCreation) Command() TPMCC

Command implements the Command interface.

func (CertifyCreation) Execute 

func (cmd CertifyCreation) Execute(t transport.TPM, s ...Session) (*CertifyCreationResponse, error)

Execute executes the command and returns the response.

type CertifyCreationResponse 

type CertifyCreationResponse struct {
	// the structure that was signed
	CertifyInfo TPM2BAttest
	// the signature over certifyInfo
	Signature TPMTSignature
}

CertifyCreationResponse is the response from TPM2_CertifyCreation.

type CertifyResponse 

type CertifyResponse struct {
	// the structure that was signed
	CertifyInfo TPM2BAttest
	// the asymmetric signature over certifyInfo using the key referenced by signHandle
	Signature TPMTSignature
}

CertifyResponse is the response from TPM2_Certify.

type Clear 

type Clear struct {
	// TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP}
	AuthHandle handle `gotpm:"handle,auth"`
}

Clear is the input to TPM2_Clear. See definition in Part 3, Commands, section 24.6

func (Clear) Command 

func (Clear) Command() TPMCC

Command implements the Command interface.

func (Clear) Execute 

func (cmd Clear) Execute(t transport.TPM, s ...Session) (*ClearResponse, error)

Execute executes the command and returns the response.

type ClearResponse 

type ClearResponse struct{}

ClearResponse is the response from TPM2_Clear.

type Command 

type Command[R any, PR *R] interface {
	// The TPM command code associated with this command.
	Command() TPMCC
	// Executes the command and returns the response.
	Execute(t transport.TPM, s ...Session) (PR, error)
}

Command is an interface for any TPM command, parameterized by its response type.

type CommandAudit 

type CommandAudit struct {
	// contains filtered or unexported fields
}

CommandAudit represents an audit session for attesting the execution of a series of commands in the TPM. It is useful for both command and session auditing.

func NewAudit 

func NewAudit(hash TPMIAlgHash) (*CommandAudit, error)

NewAudit initializes a new CommandAudit with the specified hash algorithm.

func (*CommandAudit) Digest 

func (a *CommandAudit) Digest() []byte

Digest returns the current digest of the audit.

type Commit 

type Commit struct {
	// handle of the key that will be used in the signing operation
	SignHandle handle `gotpm:"handle,auth"`
	// a point (M) on the curve used by signHandle
	P1 TPM2BECCPoint
	// octet array used to derive x-coordinate of a base point
	S2 TPM2BSensitiveData
	// y coordinate of the point associated with s2
	Y2 TPM2BECCParameter
}

Commit is the input to TPM2_Commit. See definition in Part 3, Commands, section 19.2.

func (Commit) Command 

func (Commit) Command() TPMCC

Command implements the Command interface.

func (Commit) Execute 

func (cmd Commit) Execute(t transport.TPM, s ...Session) (*CommitResponse, error)

Execute executes the command and returns the response.

type CommitResponse 

type CommitResponse struct {
	// ECC point K ≔ [ds](x2, y2)
	K TPM2BECCPoint
	// ECC point L ≔ [r](x2, y2)
	L TPM2BECCPoint
	// ECC point E ≔ [r]P1
	E TPM2BECCPoint
	// least-significant 16 bits of commitCount
	Counter uint16
}

CommitResponse is the response from TPM2_Commit.

type ContextLoad 

type ContextLoad struct {
	// the context blob
	Context TPMSContext
}

ContextLoad is the input to TPM2_ContextLoad. See definition in Part 3, Commands, section 28.3

func (ContextLoad) Command 

func (ContextLoad) Command() TPMCC

Command implements the Command interface.

func (ContextLoad) Execute 

func (cmd ContextLoad) Execute(t transport.TPM, s ...Session) (*ContextLoadResponse, error)

Execute executes the command and returns the response.

type ContextLoadResponse 

type ContextLoadResponse struct {
	// the handle assigned to the resource after it has been successfully loaded
	LoadedHandle TPMIDHContext
}

ContextLoadResponse is the response from TPM2_ContextLoad.

type ContextSave 

type ContextSave struct {
	// handle of the resource to save
	SaveHandle TPMIDHContext
}

ContextSave is the input to TPM2_ContextSave. See definition in Part 3, Commands, section 28.2

func (ContextSave) Command 

func (ContextSave) Command() TPMCC

Command implements the Command interface.

func (ContextSave) Execute 

func (cmd ContextSave) Execute(t transport.TPM, s ...Session) (*ContextSaveResponse, error)

Execute executes the command and returns the response.

type ContextSaveResponse 

type ContextSaveResponse struct {
	Context TPMSContext
}

ContextSaveResponse is the response from TPM2_ContextSave.

type Create 

type Create struct {
	// handle of parent for new object
	ParentHandle handle `gotpm:"handle,auth"`
	// the sensitive data
	InSensitive TPM2BSensitiveCreate
	// the public template
	InPublic TPM2BPublic
	// data that will be included in the creation data for this
	// object to provide permanent, verifiable linkage between this
	// object and some object owner data
	OutsideInfo TPM2BData
	// PCR that will be used in creation data
	CreationPCR TPMLPCRSelection
}

Create is the input to TPM2_Create. See definition in Part 3, Commands, section 12.1

func (Create) Command 

func (Create) Command() TPMCC

Command implements the Command interface.

func (Create) Execute 

func (cmd Create) Execute(t transport.TPM, s ...Session) (*CreateResponse, error)

Execute executes the command and returns the response.

type CreateLoaded 

type CreateLoaded struct {
	// Handle of a transient storage key, a persistent storage key,
	// TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL
	ParentHandle handle `gotpm:"handle,auth"`
	// the sensitive data, see TPM 2.0 Part 1 Sensitive Values
	InSensitive TPM2BSensitiveCreate
	// the public template
	InPublic TPM2BTemplate
}

CreateLoaded is the input to TPM2_CreateLoaded. See definition in Part 3, Commands, section 12.9

func (CreateLoaded) Command 

func (CreateLoaded) Command() TPMCC

Command implements the Command interface.

func (CreateLoaded) Execute 

func (cmd CreateLoaded) Execute(t transport.TPM, s ...Session) (*CreateLoadedResponse, error)

Execute executes the command and returns the response.

type CreateLoadedResponse 

type CreateLoadedResponse struct {
	// handle of type TPM_HT_TRANSIENT for loaded object
	ObjectHandle TPMHandle `gotpm:"handle"`
	// the sensitive area of the object (optional)
	OutPrivate TPM2BPrivate `gotpm:"optional"`
	// the public portion of the created object
	OutPublic TPM2BPublic
	// the name of the created object
	Name TPM2BName
}

CreateLoadedResponse is the response from TPM2_CreateLoaded.

type CreatePrimary 

type CreatePrimary struct {
	// TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP},
	// or TPM_RH_NULL
	PrimaryHandle handle `gotpm:"handle,auth"`
	// the sensitive data
	InSensitive TPM2BSensitiveCreate
	// the public template
	InPublic TPM2BPublic
	// data that will be included in the creation data for this
	// object to provide permanent, verifiable linkage between this
	// object and some object owner data
	OutsideInfo TPM2BData
	// PCR that will be used in creation data
	CreationPCR TPMLPCRSelection
}

CreatePrimary is the input to TPM2_CreatePrimary. See definition in Part 3, Commands, section 24.1

func (CreatePrimary) Command 

func (CreatePrimary) Command() TPMCC

Command implements the Command interface.

func (CreatePrimary) Execute 

func (cmd CreatePrimary) Execute(t transport.TPM, s ...Session) (*CreatePrimaryResponse, error)

Execute executes the command and returns the response.

type CreatePrimaryResponse 

type CreatePrimaryResponse struct {
	// handle of type TPM_HT_TRANSIENT for created Primary Object
	ObjectHandle TPMHandle `gotpm:"handle"`
	// the public portion of the created object
	OutPublic TPM2BPublic
	// contains a TPMS_CREATION_DATA
	CreationData tpm2bCreationData
	// digest of creationData using nameAlg of outPublic
	CreationHash TPM2BDigest
	// ticket used by TPM2_CertifyCreation() to validate that the
	// creation data was produced by the TPM.
	CreationTicket TPMTTKCreation
	// the name of the created object
	Name TPM2BName
}

CreatePrimaryResponse is the response from TPM2_CreatePrimary.

type CreateResponse 

type CreateResponse struct {
	// the private portion of the object
	OutPrivate TPM2BPrivate
	// the public portion of the created object
	OutPublic TPM2BPublic
	// contains a TPMS_CREATION_DATA
	CreationData tpm2bCreationData
	// digest of creationData using nameAlg of outPublic
	CreationHash TPM2BDigest
	// ticket used by TPM2_CertifyCreation() to validate that the
	// creation data was produced by the TPM.
	CreationTicket TPMTTKCreation
}

CreateResponse is the response from TPM2_Create.

type ECDHPub 

type ECDHPub struct {
	Curve elliptic.Curve
	X, Y  *big.Int
}

ECDHPub is a convenience wrapper around the necessary info to perform point multiplication with the elliptic package.

func ECCPub 

func ECCPub(parms *TPMSECCParms, pub *TPMSECCPoint) (*ECDHPub, error)

ECCPub converts a TPM ECC public key into one recognized by the elliptic package's point-multiplication functions, for use in ECDH.

type ECDHZGen 

type ECDHZGen struct {
	// handle of a loaded ECC key
	KeyHandle handle `gotpm:"handle,auth"`
	// a public key
	InPoint TPM2BECCPoint
}

ECDHZGen is the input to TPM2_ECDHZGen. See definition in Part 3, Commands, section 14.5

func (ECDHZGen) Command 

func (ECDHZGen) Command() TPMCC

Command implements the Command interface.

func (ECDHZGen) Execute 

func (cmd ECDHZGen) Execute(t transport.TPM, s ...Session) (*ECDHZGenResponse, error)

Execute executes the command and returns the response.

type ECDHZGenResponse 

type ECDHZGenResponse struct {
	// X and Y coordinates of the product of the multiplication
	OutPoint TPM2BECCPoint
}

ECDHZGenResponse is the response from TPM2_ECDHZGen.

type EvictControl 

type EvictControl struct {
	// TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}
	Auth             handle `gotpm:"handle,auth"`
	ObjectHandle     handle `gotpm:"handle"`
	PersistentHandle TPMIDHPersistent
}

EvictControl is the input to TPM2_EvictControl. See definition in Part 3, Commands, section 28.5

func (EvictControl) Command 

func (EvictControl) Command() TPMCC

Command implements the Command interface.

func (EvictControl) Execute 

func (cmd EvictControl) Execute(t transport.TPM, s ...Session) (*EvictControlResponse, error)

Execute executes the command and returns the response.

type EvictControlResponse 

type EvictControlResponse struct{}

EvictControlResponse is the response from TPM2_EvictControl.

type FlushContext 

type FlushContext struct {
	// the handle of the item to flush
	FlushHandle handle `gotpm:"handle"`
}

FlushContext is the input to TPM2_FlushContext. See definition in Part 3, Commands, section 28.4

func (FlushContext) Command 

func (FlushContext) Command() TPMCC

Command implements the Command interface.

func (FlushContext) Execute 

func (cmd FlushContext) Execute(t transport.TPM, s ...Session) (*FlushContextResponse, error)

Execute executes the command and returns the response.

type FlushContextResponse 

type FlushContextResponse struct{}

FlushContextResponse is the response from TPM2_FlushContext.

type GetCapability 

type GetCapability struct {
	// group selection; determines the format of the response
	Capability TPMCap
	// further definition of information
	Property uint32
	// number of properties of the indicated type to return
	PropertyCount uint32
}

GetCapability is the input to TPM2_GetCapability. See definition in Part 3, Commands, section 30.2

func (GetCapability) Command 

func (GetCapability) Command() TPMCC

Command implements the Command interface.

func (GetCapability) Execute 

func (cmd GetCapability) Execute(t transport.TPM, s ...Session) (*GetCapabilityResponse, error)

Execute executes the command and returns the response.

type GetCapabilityResponse 

type GetCapabilityResponse struct {
	// flag to indicate if there are more values of this type
	MoreData TPMIYesNo
	// the capability data
	CapabilityData TPMSCapabilityData
}

GetCapabilityResponse is the response from TPM2_GetCapability.

type GetRandom 

type GetRandom struct {
	// number of octets to return
	BytesRequested uint16
}

GetRandom is the input to TPM2_GetRandom. See definition in Part 3, Commands, section 16.1

func (GetRandom) Command 

func (GetRandom) Command() TPMCC

Command implements the Command interface.

func (GetRandom) Execute 

func (cmd GetRandom) Execute(t transport.TPM, s ...Session) (*GetRandomResponse, error)

Execute executes the command and returns the response.

type GetRandomResponse 

type GetRandomResponse struct {
	// the random octets
	RandomBytes TPM2BDigest
}

GetRandomResponse is the response from TPM2_GetRandom.

type GetSessionAuditDigest 

type GetSessionAuditDigest struct {
	// handle of the privacy administrator (TPM_RH_ENDORSEMENT)
	PrivacyAdminHandle handle `gotpm:"handle,auth"`
	// handle of the signing key
	SignHandle handle `gotpm:"handle,auth"`
	// handle of the audit session
	SessionHandle handle `gotpm:"handle"`
	// user-provided qualifying data – may be zero-length
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
}

GetSessionAuditDigest is the input to TPM2_GetSessionAuditDigest. See definition in Part 3, Commands, section 18.5

func (GetSessionAuditDigest) Command 

func (GetSessionAuditDigest) Command() TPMCC

Command implements the Command interface.

func (GetSessionAuditDigest) Execute 

func (cmd GetSessionAuditDigest) Execute(t transport.TPM, s ...Session) (*GetSessionAuditDigestResponse, error)

Execute executes the command and returns the response.

type GetSessionAuditDigestResponse 

type GetSessionAuditDigestResponse struct {
	// the audit information that was signed
	AuditInfo TPM2BAttest
	// the signature over auditInfo
	Signature TPMTSignature
}

GetSessionAuditDigestResponse is the response from TPM2_GetSessionAuditDigest.

type Hash 

type Hash struct {
	//data to be hashed
	Data TPM2BMaxBuffer
	// algorithm for the hash being computed - shall not be TPM_ALH_NULL
	HashAlg TPMIAlgHash
	// hierarchy to use for the ticket (TPM_RH_NULL_allowed)
	Hierarchy TPMIRHHierarchy `gotpm:"nullable"`
}

Hash is the input to TPM2_Hash. See definition in Part 3, Commands, section 15.4

func (Hash) Command 

func (Hash) Command() TPMCC

Command implements the Command interface.

func (Hash) Execute 

func (cmd Hash) Execute(t transport.TPM, s ...Session) (*HashResponse, error)

Execute executes the command and returns the response.

type HashResponse 

type HashResponse struct {
	// results
	OutHash TPM2BDigest
	// ticket indicating that the sequence of octets used to
	// compute outDigest did not start with TPM_GENERATED_VALUE
	Validation TPMTTKHashCheck
}

HashResponse is the response from TPM2_Hash.

type HashSequenceStart 

type HashSequenceStart struct {
	// authorization value for subsequent use of the sequence
	Auth TPM2BAuth
	// the hash algorithm to use for the hash sequence
	// An Event Sequence starts if this is TPM_ALG_NULL.
	HashAlg TPMIAlgHash
}

HashSequenceStart is the input to TPM2_HashSequenceStart. See definition in Part 3, Commands, section 17.3

func (HashSequenceStart) Command 

func (HashSequenceStart) Command() TPMCC

Command implements the Command interface.

func (HashSequenceStart) Execute 

func (cmd HashSequenceStart) Execute(t transport.TPM, s ...Session) (*HashSequenceStartResponse, error)

Execute executes the command and returns the response.

type HashSequenceStartResponse 

type HashSequenceStartResponse struct {
	// a handle to reference the sequence
	SequenceHandle TPMIDHObject
}

HashSequenceStartResponse is the response from TPM2_StartHashSequence.

type Import 

type Import struct {
	// handle of parent for new object
	ParentHandle handle `gotpm:"handle,auth"`

	// The optional symmetric encryption key used as the inner wrapper for duplicate
	// If SymmetricAlg is TPM_ALG_NULL, then this parametert shall be the Empty Buffer
	EncryptionKey TPM2BData

	// The public area of the object to be imported
	ObjectPublic TPM2BPublic

	// The symmetrically encrypted duplicate object that may contain an inner
	// symmetric wrapper
	Duplicate TPM2BPrivate

	// The seed for the symmetric key and HMAC key
	InSymSeed TPM2BEncryptedSecret

	// Definition of the symmetric algorithm to use for the inner wrapper
	Symmetric TPMTSymDef
}

Import is the input to TPM2_Import. See definition in Part 3, Commands, section 13.3

func (Import) Command 

func (Import) Command() TPMCC

Command implements the Command interface.

func (Import) Execute 

func (cmd Import) Execute(t transport.TPM, s ...Session) (*ImportResponse, error)

Execute executes the command and returns the response.

type ImportResponse 

type ImportResponse struct {
	// the private portion of the object
	OutPrivate TPM2BPrivate
}

ImportResponse is the response from TPM2_Import.

type KDFSchemeContents 

type KDFSchemeContents interface {
	Marshallable
	*TPMSKDFSchemeMGF1 | *TPMSKDFSchemeECDH | *TPMSKDFSchemeKDF1SP80056A |
		*TPMSKDFSchemeKDF2 | *TPMSKDFSchemeKDF1SP800108
}

KDFSchemeContents is a type constraint representing the possible contents of TPMUKDFScheme.

type Load 

type Load struct {
	// handle of parent for new object
	ParentHandle handle `gotpm:"handle,auth"`
	// the private portion of the object
	InPrivate TPM2BPrivate
	// the public portion of the object
	InPublic TPM2BPublic
}

Load is the input to TPM2_Load. See definition in Part 3, Commands, section 12.2

func (Load) Command 

func (Load) Command() TPMCC

Command implements the Command interface.

func (Load) Execute 

func (cmd Load) Execute(t transport.TPM, s ...Session) (*LoadResponse, error)

Execute executes the command and returns the response.

type LoadExternal 

type LoadExternal struct {
	// the sensitive portion of the object (optional)
	InPrivate TPM2BSensitive `gotpm:"optional"`
	// the public portion of the object
	InPublic TPM2BPublic
	// hierarchy with which the object area is associated
	Hierarchy TPMIRHHierarchy `gotpm:"nullable"`
}

LoadExternal is the input to TPM2_LoadExternal. See definition in Part 3, Commands, section 12.3

func (LoadExternal) Command 

func (LoadExternal) Command() TPMCC

Command implements the Command interface.

func (LoadExternal) Execute 

func (cmd LoadExternal) Execute(t transport.TPM, s ...Session) (*LoadExternalResponse, error)

Execute executes the command and returns the response.

type LoadExternalResponse 

type LoadExternalResponse struct {
	// handle of type TPM_HT_TRANSIENT for loaded object
	ObjectHandle TPMHandle `gotpm:"handle"`
	// Name of the loaded object
	Name TPM2BName
}

LoadExternalResponse is the response from TPM2_LoadExternal.

type LoadResponse 

type LoadResponse struct {
	// handle of type TPM_HT_TRANSIENT for loaded object
	ObjectHandle TPMHandle `gotpm:"handle"`
	// Name of the loaded object
	Name TPM2BName
}

LoadResponse is the response from TPM2_Load.

type MakeCredential 

type MakeCredential struct {
	// loaded public area, used to encrypt the sensitive area containing the credential key
	Handle TPMIDHObject `gotpm:"handle"`
	// the credential information
	Credential TPM2BDigest
	// Name of the object to which the credential applies
	ObjectNamae TPM2BName
}

MakeCredential is the input to TPM2_MakeCredential. See definition in Part 3, Commands, section 12.6.

func (MakeCredential) Command 

func (MakeCredential) Command() TPMCC

Command implements the Command interface.

func (MakeCredential) Execute 

func (cmd MakeCredential) Execute(t transport.TPM, s ...Session) (*MakeCredentialResponse, error)

Execute executes the command and returns the response.

type MakeCredentialResponse 

type MakeCredentialResponse struct {
	// the credential
	CredentialBlob TPM2BIDObject
	// handle algorithm-dependent data that wraps the key that encrypts credentialBlob
	Secret TPM2BEncryptedSecret
}

MakeCredentialResponse is the response from TPM2_MakeCredential.

type Marshallable 

type Marshallable interface {
	// contains filtered or unexported methods
}

Marshallable represents any TPM type that can be marshalled.

type NVCertify 

type NVCertify struct {
	// handle of the key used to sign the attestation structure
	SignHandle handle `gotpm:"handle,auth"`
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// Index for the area to be certified
	NVIndex handle `gotpm:"handle"`
	// user-provided qualifying data
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme `gotpm:"nullable"`
	// number of octets to certify
	Size uint16
	// octet offset into the NV area
	Offset uint16
}

NVCertify is the input to TPM2_NV_Certify. See definition in Part 3, Commands, section 31.16.

func (NVCertify) Command 

func (NVCertify) Command() TPMCC

Command implements the Command interface.

func (NVCertify) Execute 

func (cmd NVCertify) Execute(t transport.TPM, s ...Session) (*NVCertifyResponse, error)

Execute executes the command and returns the response.

type NVCertifyResponse 

type NVCertifyResponse struct {
	// the structure that was signed
	CertifyInfo TPM2BAttest
	// the asymmetric signature over certifyInfo using the key referenced by signHandle
	Signature TPMTSignature
}

NVCertifyResponse is the response from TPM2_NV_Read.

type NVDefineSpace 

type NVDefineSpace struct {
	// TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}
	AuthHandle handle `gotpm:"handle,auth"`
	// the authorization value
	Auth TPM2BAuth
	// the public parameters of the NV area
	PublicInfo TPM2BNVPublic
}

NVDefineSpace is the input to TPM2_NV_DefineSpace. See definition in Part 3, Commands, section 31.3.

func (NVDefineSpace) Command 

func (NVDefineSpace) Command() TPMCC

Command implements the Command interface.

func (NVDefineSpace) Execute 

func (cmd NVDefineSpace) Execute(t transport.TPM, s ...Session) (*NVDefineSpaceResponse, error)

Execute executes the command and returns the response.

type NVDefineSpaceResponse 

type NVDefineSpaceResponse struct{}

NVDefineSpaceResponse is the response from TPM2_NV_DefineSpace.

type NVIncrement 

type NVIncrement struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV index of the area to write
	NVIndex handle `gotpm:"handle"`
}

NVIncrement is the input to TPM2_NV_Increment. See definition in Part 3, Commands, section 31.8.

func (NVIncrement) Command 

func (NVIncrement) Command() TPMCC

Command implements the Command interface.

func (NVIncrement) Execute 

func (cmd NVIncrement) Execute(t transport.TPM, s ...Session) (*NVIncrementResponse, error)

Execute executes the command and returns the response.

type NVIncrementResponse 

type NVIncrementResponse struct{}

NVIncrementResponse is the response from TPM2_NV_Increment.

type NVRead 

type NVRead struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV index to read
	NVIndex handle `gotpm:"handle"`
	// number of octets to read
	Size uint16
	// octet offset into the NV area
	Offset uint16
}

NVRead is the input to TPM2_NV_Read. See definition in Part 3, Commands, section 31.13.

func (NVRead) Command 

func (NVRead) Command() TPMCC

Command implements the Command interface.

func (NVRead) Execute 

func (cmd NVRead) Execute(t transport.TPM, s ...Session) (*NVReadResponse, error)

Execute executes the command and returns the response.

type NVReadPublic 

type NVReadPublic struct {
	// the NV index
	NVIndex handle `gotpm:"handle"`
}

NVReadPublic is the input to TPM2_NV_ReadPublic. See definition in Part 3, Commands, section 31.6.

func (NVReadPublic) Command 

func (NVReadPublic) Command() TPMCC

Command implements the Command interface.

func (NVReadPublic) Execute 

func (cmd NVReadPublic) Execute(t transport.TPM, s ...Session) (*NVReadPublicResponse, error)

Execute executes the command and returns the response.

type NVReadPublicResponse 

type NVReadPublicResponse struct {
	NVPublic TPM2BNVPublic
	NVName   TPM2BName
}

NVReadPublicResponse is the response from TPM2_NV_ReadPublic.

type NVReadResponse 

type NVReadResponse struct {
	// the data read
	Data TPM2BMaxNVBuffer
}

NVReadResponse is the response from TPM2_NV_Read.

type NVUndefineSpace 

type NVUndefineSpace struct {
	// TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV Index to remove from NV space
	NVIndex handle `gotpm:"handle"`
}

NVUndefineSpace is the input to TPM2_NV_UndefineSpace. See definition in Part 3, Commands, section 31.4.

func (NVUndefineSpace) Command 

func (NVUndefineSpace) Command() TPMCC

Command implements the Command interface.

func (NVUndefineSpace) Execute 

func (cmd NVUndefineSpace) Execute(t transport.TPM, s ...Session) (*NVUndefineSpaceResponse, error)

Execute executes the command and returns the response.

type NVUndefineSpaceResponse 

type NVUndefineSpaceResponse struct{}

NVUndefineSpaceResponse is the response from TPM2_NV_UndefineSpace.

type NVUndefineSpaceSpecial 

type NVUndefineSpaceSpecial struct {
	// Index to be deleted
	NVIndex handle `gotpm:"handle,auth"`
	// TPM_RH_PLATFORM+{PP}
	Platform handle `gotpm:"handle,auth"`
}

NVUndefineSpaceSpecial is the input to TPM2_NV_UndefineSpaceSpecial. See definition in Part 3, Commands, section 31.5.

func (NVUndefineSpaceSpecial) Command 

func (NVUndefineSpaceSpecial) Command() TPMCC

Command implements the Command interface.

func (NVUndefineSpaceSpecial) Execute 

func (cmd NVUndefineSpaceSpecial) Execute(t transport.TPM, s ...Session) (*NVUndefineSpaceSpecialResponse, error)

Execute executes the command and returns the response.

type NVUndefineSpaceSpecialResponse 

type NVUndefineSpaceSpecialResponse struct{}

NVUndefineSpaceSpecialResponse is the response from TPM2_NV_UndefineSpaceSpecial.

type NVWrite 

type NVWrite struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV index of the area to write
	NVIndex handle `gotpm:"handle"`
	// the data to write
	Data TPM2BMaxNVBuffer
	// the octet offset into the NV Area
	Offset uint16
}

NVWrite is the input to TPM2_NV_Write. See definition in Part 3, Commands, section 31.7.

func (NVWrite) Command 

func (NVWrite) Command() TPMCC

Command implements the Command interface.

func (NVWrite) Execute 

func (cmd NVWrite) Execute(t transport.TPM, s ...Session) (*NVWriteResponse, error)

Execute executes the command and returns the response.

type NVWriteLock 

type NVWriteLock struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV index of the area to lock
	NVIndex handle `gotpm:"handle"`
}

NVWriteLock is the input to TPM2_NV_WriteLock. See definition in Part 3, Commands, section 31.11.

func (NVWriteLock) Command 

func (NVWriteLock) Command() TPMCC

Command implements the Command interface.

func (NVWriteLock) Execute 

func (cmd NVWriteLock) Execute(t transport.TPM, s ...Session) (*NVWriteLockResponse, error)

Execute executes the command and returns the response.

type NVWriteLockResponse 

type NVWriteLockResponse struct{}

NVWriteLockResponse is the response from TPM2_NV_WriteLock.

type NVWriteResponse 

type NVWriteResponse struct{}

NVWriteResponse is the response from TPM2_NV_Write.

type NamedHandle 

type NamedHandle struct {
	Handle TPMHandle
	Name   TPM2BName
}

NamedHandle represents an associated pairing of TPM handle and known Name.

func (NamedHandle) HandleValue 

func (h NamedHandle) HandleValue() uint32

HandleValue implements the handle interface.

func (NamedHandle) KnownName 

func (h NamedHandle) KnownName() *TPM2BName

KnownName implements the handle interface.

type PCREvent 

type PCREvent struct {
	// Handle of the PCR
	PCRHandle handle `gotpm:"handle,auth"`
	// Event data in sized buffer
	EventData TPM2BEvent
}

PCREvent is the input to TPM2_PCR_Event. See definition in Part 3, Commands, section 22.3

func (PCREvent) Command 

func (PCREvent) Command() TPMCC

Command implements the Command interface.

func (PCREvent) Execute 

func (cmd PCREvent) Execute(t transport.TPM, s ...Session) (*PCREventResponse, error)

Execute executes the command and returns the response.

type PCREventResponse 

type PCREventResponse struct{}

PCREventResponse is the response from TPM2_PCR_Event.

type PCRExtend 

type PCRExtend struct {
	// handle of the PCR
	PCRHandle handle `gotpm:"handle,auth"`
	// list of tagged digest values to be extended
	Digests TPMLDigestValues
}

PCRExtend is the input to TPM2_PCR_Extend. See definition in Part 3, Commands, section 22.2

func (PCRExtend) Command 

func (PCRExtend) Command() TPMCC

Command implements the Command interface.

func (PCRExtend) Execute 

func (cmd PCRExtend) Execute(t transport.TPM, s ...Session) (*PCRExtendResponse, error)

Execute executes the command and returns the response.

type PCRExtendResponse 

type PCRExtendResponse struct{}

PCRExtendResponse is the response from TPM2_PCR_Extend.

type PCRRead 

type PCRRead struct {
	// The selection of PCR to read
	PCRSelectionIn TPMLPCRSelection
}

PCRRead is the input to TPM2_PCR_Read. See definition in Part 3, Commands, section 22.4

func (PCRRead) Command 

func (PCRRead) Command() TPMCC

Command implements the Command interface.

func (PCRRead) Execute 

func (cmd PCRRead) Execute(t transport.TPM, s ...Session) (*PCRReadResponse, error)

Execute executes the command and returns the response.

type PCRReadResponse 

type PCRReadResponse struct {
	// the current value of the PCR update counter
	PCRUpdateCounter uint32
	// the PCR in the returned list
	PCRSelectionOut TPMLPCRSelection
	// the contents of the PCR indicated in pcrSelectOut-> pcrSelection[] as tagged digests
	PCRValues TPMLDigest
}

PCRReadResponse is the response from TPM2_PCR_Read.

type PCRReset 

type PCRReset struct {
	// the PCR to reset
	PCRHandle handle `gotpm:"handle,auth"`
}

PCRReset is the input to TPM2_PCRReset. See definition in Part 3, Commands, section 22.8.

func (PCRReset) Command 

func (PCRReset) Command() TPMCC

Command implements the Command interface.

func (PCRReset) Execute 

func (cmd PCRReset) Execute(t transport.TPM, s ...Session) (*PCRResetResponse, error)

Execute executes the command and returns the response.

type PCRResetResponse 

type PCRResetResponse struct{}

PCRResetResponse is the response from TPM2_PCRReset.

type PolicyAuthorize 

type PolicyAuthorize struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// digest of the policy being approved
	ApprovedPolicy TPM2BDigest
	// a policy qualifier
	PolicyRef TPM2BDigest
	// Name of a key that can sign a policy addition
	KeySign TPM2BName
	// ticket validating that approvedPolicy and policyRef were signed by keySign
	CheckTicket TPMTTKVerified
}

PolicyAuthorize is the input to TPM2_PolicySigned. See definition in Part 3, Commands, section 23.16.

func (PolicyAuthorize) Command 

func (PolicyAuthorize) Command() TPMCC

Command implements the Command interface.

func (PolicyAuthorize) Execute 

func (cmd PolicyAuthorize) Execute(t transport.TPM, s ...Session) (*PolicyAuthorizeResponse, error)

Execute executes the command and returns the response.

func (PolicyAuthorize) Update 

func (cmd PolicyAuthorize) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyAuthorizeNV 

type PolicyAuthorizeNV struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV Index of the area to read
	NVIndex handle `gotpm:"handle"`
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
}

PolicyAuthorizeNV is the input to TPM2_PolicyAuthorizeNV. See definition in Part 3, Commands, section 23.22.

func (PolicyAuthorizeNV) Command 

func (PolicyAuthorizeNV) Command() TPMCC

Command implements the Command interface.

func (PolicyAuthorizeNV) Execute 

func (cmd PolicyAuthorizeNV) Execute(t transport.TPM, s ...Session) (*PolicyAuthorizeNVResponse, error)

Execute executes the command and returns the response.

func (PolicyAuthorizeNV) Update 

func (cmd PolicyAuthorizeNV) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyAuthorizeNVResponse 

type PolicyAuthorizeNVResponse struct{}

PolicyAuthorizeNVResponse is the response from TPM2_PolicyAuthorizeNV.

type PolicyAuthorizeResponse 

type PolicyAuthorizeResponse struct{}

PolicyAuthorizeResponse is the response from TPM2_PolicyAuthorize.

type PolicyCPHash 

type PolicyCPHash struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the cpHash added to the policy
	CPHashA TPM2BDigest
}

PolicyCPHash is the input to TPM2_PolicyCpHash. See definition in Part 3, Commands, section 23.13.

func (PolicyCPHash) Command 

func (PolicyCPHash) Command() TPMCC

Command implements the Command interface.

func (PolicyCPHash) Execute 

func (cmd PolicyCPHash) Execute(t transport.TPM, s ...Session) (*PolicyCPHashResponse, error)

Execute executes the command and returns the response.

func (PolicyCPHash) Update 

func (cmd PolicyCPHash) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyCPHashResponse 

type PolicyCPHashResponse struct{}

PolicyCPHashResponse is the response from TPM2_PolicyCpHash.

type PolicyCalculator 

type PolicyCalculator struct {
	// contains filtered or unexported fields
}

PolicyCalculator represents a TPM 2.0 policy that needs to be calculated synthetically (i.e., without a TPM).

func NewPolicyCalculator 

func NewPolicyCalculator(alg TPMIAlgHash) (*PolicyCalculator, error)

NewPolicyCalculator creates a fresh policy using the given hash algorithm.

func (*PolicyCalculator) Hash 

func (p *PolicyCalculator) Hash() *TPMTHA

Hash returns the current state of the policy hash.

func (*PolicyCalculator) Reset 

func (p *PolicyCalculator) Reset()

Reset resets the internal state of the policy hash to all 0x00.

func (*PolicyCalculator) Update 

func (p *PolicyCalculator) Update(data ...interface{}) error

Update updates the internal state of the policy hash by appending the current state with the given contents, and updating the new state to the hash of that.

type PolicyCallback 

type PolicyCallback = func(tpm transport.TPM, handle TPMISHPolicy, nonceTPM TPM2BNonce) error

PolicyCallback represents an object's policy in the form of a function. This function makes zero or more TPM policy commands and returns error.

type PolicyCommand 

type PolicyCommand interface {
	// Update updates the given policy hash according to the command
	// parameters.
	Update(policy *PolicyCalculator) error
}

PolicyCommand is a TPM command that can be part of a TPM policy.

type PolicyCommandCode 

type PolicyCommandCode struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the allowed commandCode
	Code TPMCC
}

PolicyCommandCode is the input to TPM2_PolicyCommandCode. See definition in Part 3, Commands, section 23.11.

func (PolicyCommandCode) Command 

func (PolicyCommandCode) Command() TPMCC

Command implements the Command interface.

func (PolicyCommandCode) Execute 

func (cmd PolicyCommandCode) Execute(t transport.TPM, s ...Session) (*PolicyCommandCodeResponse, error)

Execute executes the command and returns the response.

func (PolicyCommandCode) Update 

func (cmd PolicyCommandCode) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyCommandCodeResponse 

type PolicyCommandCodeResponse struct{}

PolicyCommandCodeResponse is the response from TPM2_PolicyCommandCode.

type PolicyGetDigest 

type PolicyGetDigest struct {
	// handle for the policy session
	PolicySession handle `gotpm:"handle"`
}

PolicyGetDigest is the input to TPM2_PolicyGetDigest. See definition in Part 3, Commands, section 23.19.

func (PolicyGetDigest) Command 

func (PolicyGetDigest) Command() TPMCC

Command implements the Command interface.

func (PolicyGetDigest) Execute 

func (cmd PolicyGetDigest) Execute(t transport.TPM, s ...Session) (*PolicyGetDigestResponse, error)

Execute executes the command and returns the response.

type PolicyGetDigestResponse 

type PolicyGetDigestResponse struct {
	// the current value of the policySession→policyDigest
	PolicyDigest TPM2BDigest
}

PolicyGetDigestResponse is the response from TPM2_PolicyGetDigest.

type PolicyNV 

type PolicyNV struct {
	// handle indicating the source of the authorization value
	AuthHandle handle `gotpm:"handle,auth"`
	// the NV Index of the area to read
	NVIndex handle `gotpm:"handle"`
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the second operand
	OperandB TPM2BOperand
	// the octet offset in the NV Index for the start of operand A
	Offset uint16
	// the comparison to make
	Operation TPMEO
}

PolicyNV is the input to TPM2_PolicyNV. See definition in Part 3, Commands, section 23.9.

func (PolicyNV) Command 

func (PolicyNV) Command() TPMCC

Command implements the Command interface.

func (PolicyNV) Execute 

func (cmd PolicyNV) Execute(t transport.TPM, s ...Session) (*PolicyNVResponse, error)

Execute executes the command and returns the response.

func (PolicyNV) Update 

func (cmd PolicyNV) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyNVResponse 

type PolicyNVResponse struct{}

PolicyNVResponse is the response from TPM2_PolicyPCR.

type PolicyNVWritten 

type PolicyNVWritten struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// YES if NV Index is required to have been written
	// NO if NV Index is required not to have been written
	WrittenSet TPMIYesNo
}

PolicyNVWritten is the input to TPM2_PolicyNvWritten. See definition in Part 3, Commands, section 23.20.

func (PolicyNVWritten) Command 

func (PolicyNVWritten) Command() TPMCC

Command implements the Command interface.

func (PolicyNVWritten) Execute 

func (cmd PolicyNVWritten) Execute(t transport.TPM, s ...Session) (*PolicyNVWrittenResponse, error)

Execute executes the command and returns the response.

func (PolicyNVWritten) Update 

func (cmd PolicyNVWritten) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyNVWrittenResponse 

type PolicyNVWrittenResponse struct {
}

PolicyNVWrittenResponse is the response from TPM2_PolicyNvWritten.

type PolicyOr 

type PolicyOr struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the list of hashes to check for a match
	PHashList TPMLDigest
}

PolicyOr is the input to TPM2_PolicyOR. See definition in Part 3, Commands, section 23.6.

func (PolicyOr) Command 

func (PolicyOr) Command() TPMCC

Command implements the Command interface.

func (PolicyOr) Execute 

func (cmd PolicyOr) Execute(t transport.TPM, s ...Session) (*PolicyOrResponse, error)

Execute executes the command and returns the response.

func (PolicyOr) Update 

func (cmd PolicyOr) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyOrResponse 

type PolicyOrResponse struct{}

PolicyOrResponse is the response from TPM2_PolicyOr.

type PolicyPCR 

type PolicyPCR struct {
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// expected digest value of the selected PCR using the
	// hash algorithm of the session; may be zero length
	PcrDigest TPM2BDigest
	// the PCR to include in the check digest
	Pcrs TPMLPCRSelection
}

PolicyPCR is the input to TPM2_PolicyPCR. See definition in Part 3, Commands, section 23.7.

func (PolicyPCR) Command 

func (PolicyPCR) Command() TPMCC

Command implements the Command interface.

func (PolicyPCR) Execute 

func (cmd PolicyPCR) Execute(t transport.TPM, s ...Session) (*PolicyPCRResponse, error)

Execute executes the command and returns the response.

func (PolicyPCR) Update 

func (cmd PolicyPCR) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicyPCRResponse 

type PolicyPCRResponse struct{}

PolicyPCRResponse is the response from TPM2_PolicyPCR.

type PolicySecret 

type PolicySecret struct {
	// handle for an entity providing the authorization
	AuthHandle handle `gotpm:"handle,auth"`
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the policy nonce for the session
	NonceTPM TPM2BNonce
	// digest of the command parameters to which this authorization is limited
	CPHashA TPM2BDigest
	// a reference to a policy relating to the authorization – may be the Empty Buffer
	PolicyRef TPM2BNonce
	// time when authorization will expire, measured in seconds from the time
	// that nonceTPM was generated
	Expiration int32
}

PolicySecret is the input to TPM2_PolicySecret. See definition in Part 3, Commands, section 23.4.

func (PolicySecret) Command 

func (PolicySecret) Command() TPMCC

Command implements the Command interface.

func (PolicySecret) Execute 

func (cmd PolicySecret) Execute(t transport.TPM, s ...Session) (*PolicySecretResponse, error)

Execute executes the command and returns the response.

func (PolicySecret) Update 

func (cmd PolicySecret) Update(policy *PolicyCalculator)

Update implements the PolicyCommand interface.

type PolicySecretResponse 

type PolicySecretResponse struct {
	// implementation-specific time value used to indicate to the TPM when the ticket expires
	Timeout TPM2BTimeout
	// produced if the command succeeds and expiration in the command was non-zero
	PolicyTicket TPMTTKAuth
}

PolicySecretResponse is the response from TPM2_PolicySecret.

type PolicySigned 

type PolicySigned struct {
	// handle for an entity providing the authorization
	AuthObject handle `gotpm:"handle"`
	// handle for the policy session being extended
	PolicySession handle `gotpm:"handle"`
	// the policy nonce for the session
	NonceTPM TPM2BNonce
	// digest of the command parameters to which this authorization is limited
	CPHashA TPM2BDigest
	// a reference to a policy relating to the authorization – may be the Empty Buffer
	PolicyRef TPM2BNonce
	// time when authorization will expire, measured in seconds from the time
	// that nonceTPM was generated
	Expiration int32
	// signed authorization (not optional)
	Auth TPMTSignature
}

PolicySigned is the input to TPM2_PolicySigned. See definition in Part 3, Commands, section 23.3.

func (PolicySigned) Command 

func (PolicySigned) Command() TPMCC

Command implements the Command interface.

func (PolicySigned) Execute 

func (cmd PolicySigned) Execute(t transport.TPM, s ...Session) (*PolicySignedResponse, error)

Execute executes the command and returns the response.

func (PolicySigned) Update 

func (cmd PolicySigned) Update(policy *PolicyCalculator) error

Update implements the PolicyCommand interface.

type PolicySignedResponse 

type PolicySignedResponse struct {
	// implementation-specific time value used to indicate to the TPM when the ticket expires
	Timeout TPM2BTimeout
	// produced if the command succeeds and expiration in the command was non-zero
	PolicyTicket TPMTTKAuth
}

PolicySignedResponse is the response from TPM2_PolicySigned.

type PublicIDContents 

type PublicIDContents interface {
	Marshallable
	*TPM2BDigest | *TPM2BPublicKeyRSA | *TPMSECCPoint
}

PublicIDContents is a type constraint representing the possible contents of TPMUPublicID.

type PublicParmsContents 

type PublicParmsContents interface {
	Marshallable
	*TPMSKeyedHashParms | *TPMSSymCipherParms | *TPMSRSAParms |
		*TPMSECCParms
}

PublicParmsContents is a type constraint representing the possible contents of TPMUPublicParms.

type Quote 

type Quote struct {
	// handle of key that will perform signature
	SignHandle handle `gotpm:"handle,auth"`
	// data supplied by the caller
	QualifyingData TPM2BData
	// signing scheme to use if the scheme for signHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme
	// PCR set to quote
	PCRSelect TPMLPCRSelection
}

Quote is the input to TPM2_Quote. See definition in Part 3, Commands, section 18.4

func (Quote) Command 

func (Quote) Command() TPMCC

Command implements the Command interface.

func (Quote) Execute 

func (cmd Quote) Execute(t transport.TPM, s ...Session) (*QuoteResponse, error)

Execute executes the command and returns the response.

type QuoteResponse 

type QuoteResponse struct {
	// the quoted information
	Quoted TPM2BAttest
	// the signature over quoted
	Signature TPMTSignature
}

QuoteResponse is the response from TPM2_Quote.

type ReadPublic 

type ReadPublic struct {
	// TPM handle of an object
	ObjectHandle TPMIDHObject `gotpm:"handle"`
}

ReadPublic is the input to TPM2_ReadPublic. See definition in Part 3, Commands, section 12.4

func (ReadPublic) Command 

func (ReadPublic) Command() TPMCC

Command implements the Command interface.

func (ReadPublic) Execute 

func (cmd ReadPublic) Execute(t transport.TPM, s ...Session) (*ReadPublicResponse, error)

Execute executes the command and returns the response.

type ReadPublicResponse 

type ReadPublicResponse struct {
	// structure containing the public area of an object
	OutPublic TPM2BPublic
	// name of object
	Name TPM2BName
	// the Qualified Name of the object
	QualifiedName TPM2BName
}

ReadPublicResponse is the response from TPM2_ReadPublic.

type SchemeKeyedHashContents 

type SchemeKeyedHashContents interface {
	Marshallable
	*TPMSSchemeHMAC | *TPMSSchemeXOR
}

SchemeKeyedHashContents is a type constraint representing the possible contents of TPMUSchemeKeyedHash.

type SensitiveCompositeContents 

type SensitiveCompositeContents interface {
	Marshallable
	*TPM2BPrivateKeyRSA | *TPM2BECCParameter | *TPM2BSensitiveData | *TPM2BSymKey
}

SensitiveCompositeContents is a type constraint representing the possible contents of TPMUSensitiveComposite.

type SensitiveCreateContents 

type SensitiveCreateContents interface {
	Marshallable
	*TPM2BDerive | *TPM2BSensitiveData
}

SensitiveCreateContents is a type constraint representing the possible contents of TPMUSensitiveCreate.

type SequenceComplete 

type SequenceComplete struct {
	// authorization for the sequence
	SequenceHandle handle `gotpm:"handle,auth"`
	// data to be added to the hash/HMAC
	Buffer TPM2BMaxBuffer
	// hierarchy of the ticket for a hash
	Hierarchy TPMIRHHierarchy `gotpm:"nullable"`
}

SequenceComplete is the input to TPM2_SequenceComplete. See definition in Part 3, Commands, section 17.5

func (SequenceComplete) Command 

func (SequenceComplete) Command() TPMCC

Command implements the Command interface.

func (SequenceComplete) Execute 

func (cmd SequenceComplete) Execute(t transport.TPM, s ...Session) (*SequenceCompleteResponse, error)

Execute executes the command and returns the response.

type SequenceCompleteResponse 

type SequenceCompleteResponse struct {
	// the returned HMAC or digest in a sized buffer
	Result TPM2BDigest
	// 	ticket indicating that the sequence of octets used to
	// compute outDigest did not start with TPM_GENERATED_VALUE
	Validation TPMTTKHashCheck
}

SequenceCompleteResponse is the response from TPM2_SequenceComplete.

type SequenceUpdate 

type SequenceUpdate struct {
	// handle for the sequence object
	SequenceHandle handle `gotpm:"handle,auth"`
	// data to be added to hash
	Buffer TPM2BMaxBuffer
}

SequenceUpdate is the input to TPM2_SequenceUpdate. See definition in Part 3, Commands, section 17.4

func (SequenceUpdate) Command 

func (SequenceUpdate) Command() TPMCC

Command implements the Command interface.

func (SequenceUpdate) Execute 

func (cmd SequenceUpdate) Execute(t transport.TPM, s ...Session) (*SequenceUpdateResponse, error)

Execute executes the command and returns the response.

type SequenceUpdateResponse 

type SequenceUpdateResponse struct{}

SequenceUpdateResponse is the response from TPM2_SequenceUpdate.

type Session 

type Session interface {
	// Initializes the session, if needed. Has no effect if not needed or
	// already done. Some types of sessions may need to be initialized
	// just-in-time, e.g., to support calling patterns that help the user
	// securely authorize their actions without writing a lot of code.
	Init(tpm transport.TPM) error
	// Cleans up the session, if needed.
	// Some types of session need to be cleaned up if the command failed,
	// again to support calling patterns that help the user securely
	// authorize their actions without writing a lot of code.
	CleanupFailure(tpm transport.TPM) error
	// The last nonceTPM for this session.
	NonceTPM() TPM2BNonce
	// Updates nonceCaller to a new random value.
	NewNonceCaller() error
	// Computes the authorization HMAC for the session.
	// If this is the first authorization session for a command, and
	// there is another session (or sessions) for parameter
	// decryption and/or encryption, then addNonces contains the
	// nonceTPMs from each of them, respectively (see Part 1, 19.6.5)
	Authorize(cc TPMCC, parms, addNonces []byte, names []TPM2BName, authIndex int) (*TPMSAuthCommand, error)
	// Validates the response for the session.
	// Updates NonceTPM for the session.
	Validate(rc TPMRC, cc TPMCC, parms []byte, names []TPM2BName, authIndex int, auth *TPMSAuthResponse) error
	// Returns true if this is an encryption session.
	IsEncryption() bool
	// Returns true if this is a decryption session.
	IsDecryption() bool
	// If this session is used for parameter decryption, encrypts the
	// parameter. Otherwise, does not modify the parameter.
	Encrypt(parameter []byte) error
	// If this session is used for parameter encryption, encrypts the
	// parameter. Otherwise, does not modify the parameter.
	Decrypt(parameter []byte) error
	// Returns the handle value of this session.
	Handle() TPMHandle
}

Session represents a session in the TPM.

func HMAC 

func HMAC(hash TPMIAlgHash, nonceSize int, opts ...AuthOption) Session

HMAC sets up a just-in-time HMAC session that is used only once. A real session is created, but just in time and it is flushed when used.

func HMACSession 

func HMACSession(t transport.TPM, hash TPMIAlgHash, nonceSize int, opts ...AuthOption) (s Session, close func() error, err error)

HMACSession sets up a reusable HMAC session that needs to be closed.

func PasswordAuth 

func PasswordAuth(auth []byte) Session

PasswordAuth assembles a password pseudo-session with the given auth value.

func Policy 

func Policy(hash TPMIAlgHash, nonceSize int, callback PolicyCallback, opts ...AuthOption) Session

Policy sets up a just-in-time policy session that created each time it's needed. Each time the policy is created, the callback is invoked to authorize the session. A real session is created, but just in time, and it is flushed when used.

func PolicySession 

func PolicySession(t transport.TPM, hash TPMIAlgHash, nonceSize int, opts ...AuthOption) (s Session, close func() error, err error)

PolicySession opens a policy session that needs to be closed. The caller is responsible to call whichever policy commands they want in the session. Note that the TPM resets a policy session after it is successfully used.

type Shutdown 

type Shutdown struct {
	// TPM_SU_CLEAR or TPM_SU_STATE
	ShutdownType TPMSU
}

Shutdown is the input to TPM2_Shutdown. See definition in Part 3, Commands, section 9.4.

func (Shutdown) Command 

func (Shutdown) Command() TPMCC

Command implements the Command interface.

func (Shutdown) Execute 

func (cmd Shutdown) Execute(t transport.TPM, s ...Session) (*ShutdownResponse, error)

Execute executes the command and returns the response.

type ShutdownResponse 

type ShutdownResponse struct{}

ShutdownResponse is the response from TPM2_Shutdown.

type SigSchemeContents 

type SigSchemeContents interface {
	Marshallable
	*TPMSSchemeHMAC | *TPMSSchemeHash | *TPMSSchemeECDAA
}

SigSchemeContents is a type constraint representing the possible contents of TPMUSigScheme.

type Sign 

type Sign struct {
	// Handle of key that will perform signing
	KeyHandle handle `gotpm:"handle,auth"`
	// digest to be signed
	Digest TPM2BDigest
	// signing scheme to use if the scheme for keyHandle is TPM_ALG_NULL
	InScheme TPMTSigScheme `gotpm:"nullable"`
	// proof that digest was created by the TPM.
	// If keyHandle is not a restricted signing key, then this
	// may be a NULL Ticket with tag = TPM_ST_CHECKHASH.
	Validation TPMTTKHashCheck
}

Sign is the input to TPM2_Sign. See definition in Part 3, Commands, section 20.2.

func (Sign) Command 

func (Sign) Command() TPMCC

Command implements the Command interface.

func (Sign) Execute 

func (cmd Sign) Execute(t transport.TPM, s ...Session) (*SignResponse, error)

Execute executes the command and returns the response.

type SignResponse 

type SignResponse struct {
	// the signature
	Signature TPMTSignature
}

SignResponse is the response from TPM2_Sign.

type SignatureContents 

type SignatureContents interface {
	Marshallable
	*TPMTHA | *TPMSSignatureRSA | *TPMSSignatureECC
}

SignatureContents is a type constraint representing the possible contents of TPMUSignature.

type StartAuthSession 

type StartAuthSession struct {
	// handle of a loaded decrypt key used to encrypt salt
	// may be TPM_RH_NULL
	TPMKey handle `gotpm:"handle"`
	// entity providing the authValue
	// may be TPM_RH_NULL
	Bind handle `gotpm:"handle"`
	// initial nonceCaller, sets nonceTPM size for the session
	// shall be at least 16 octets
	NonceCaller TPM2BNonce
	// value encrypted according to the type of tpmKey
	// If tpmKey is TPM_RH_NULL, this shall be the Empty Buffer.
	EncryptedSalt TPM2BEncryptedSecret
	// indicates the type of the session; simple HMAC or policy (including
	// a trial policy)
	SessionType TPMSE
	// the algorithm and key size for parameter encryption
	// may select transport.TPM_ALG_NULL
	Symmetric TPMTSymDef
	// hash algorithm to use for the session
	// Shall be a hash algorithm supported by the TPM and not transport.TPM_ALG_NULL
	AuthHash TPMIAlgHash
}

StartAuthSession is the input to TPM2_StartAuthSession. See definition in Part 3, Commands, section 11.1

func (StartAuthSession) Command 

func (StartAuthSession) Command() TPMCC

Command implements the Command interface.

func (StartAuthSession) Execute 

func (cmd StartAuthSession) Execute(t transport.TPM, s ...Session) (*StartAuthSessionResponse, error)

Execute executes the command and returns the response.

type StartAuthSessionResponse 

type StartAuthSessionResponse struct {
	// handle for the newly created session
	SessionHandle TPMISHAuthSession `gotpm:"handle"`
	// the initial nonce from the TPM, used in the computation of the sessionKey
	NonceTPM TPM2BNonce
}

StartAuthSessionResponse is the response from TPM2_StartAuthSession.

type Startup 

type Startup struct {
	// TPM_SU_CLEAR or TPM_SU_STATE
	StartupType TPMSU
}

Startup is the input to TPM2_Startup. See definition in Part 3, Commands, section 9.3.

func (Startup) Command 

func (Startup) Command() TPMCC

Command implements the Command interface.

func (Startup) Execute 

func (cmd Startup) Execute(t transport.TPM, s ...Session) (*StartupResponse, error)

Execute executes the command and returns the response.

type StartupResponse 

type StartupResponse struct{}

StartupResponse is the response from TPM2_Startup.

type SymDetailsContents 

type SymDetailsContents interface {
	TPMSEmpty
}

SymDetailsContents is a type constraint representing the possible contents of TPMUSymDetails.

type SymKeyBitsContents 

type SymKeyBitsContents interface {
	TPMKeyBits | TPMAlgID
}

SymKeyBitsContents is a type constraint representing the possible contents of TPMUSymKeyBits.

type SymModeContents 

type SymModeContents interface {
	TPMIAlgSymMode | TPMSEmpty
}

SymModeContents is a type constraint representing the possible contents of TPMUSymMode.

type TPM2B 

type TPM2B[T Marshallable, P interface {
	*T
	Unmarshallable
}] struct {
	// contains filtered or unexported fields
}

TPM2B is a helper type for all sized TPM structures. It can be instantiated with either a raw byte buffer or the actual struct.

func BytesAs2B 

func BytesAs2B[T Marshallable, P interface {
	*T
	Unmarshallable
}](b []byte) TPM2B[T, P]

BytesAs2B creates a new TPM2B containing the given byte array.

func New2B 

func New2B[T Marshallable, P interface {
	*T
	Unmarshallable
}](t T) TPM2B[T, P]

New2B creates a new TPM2B containing the given contents.

func (*TPM2B[T, P]) Bytes 

func (value *TPM2B[T, P]) Bytes() []byte

Bytes returns the inner contents of the TPM2B as a byte array, not including the length field.

func (*TPM2B[T, P]) Contents 

func (value *TPM2B[T, P]) Contents() (*T, error)

Contents returns the structured contents of the TPM2B. It can fail if the TPM2B was instantiated with an invalid byte buffer.

type TPM2BAttest 

type TPM2BAttest = TPM2B[TPMSAttest, *TPMSAttest]

TPM2BAttest represents a TPM2B_ATTEST. See definition in Part 2: Structures, section 10.12.13.

type TPM2BAuth 

type TPM2BAuth TPM2BDigest

TPM2BAuth represents a TPM2B_AUTH. See definition in Part 2: Structures, section 10.4.5.

type TPM2BContextData 

type TPM2BContextData TPM2BData

TPM2BContextData represents a TPM2B_CONTEXT_DATA See definition in Part 2: Structures, section 14.4. Represented here as a flat buffer because how a TPM chooses to represent its context data is implementation-dependent.

type TPM2BContextSensitive 

type TPM2BContextSensitive TPM2BData

TPM2BContextSensitive represents a TPM2B_CONTEXT_SENSITIVE See definition in Part 2: Structures, section 14.2.

type TPM2BData 

type TPM2BData struct {

	// size in octets of the buffer field; may be 0
	Buffer []byte `gotpm:"sized"`
	// contains filtered or unexported fields
}

TPM2BData represents a TPM2B_DATA. See definition in Part 2: Structures, section 10.4.3.

type TPM2BDerive 

type TPM2BDerive = TPM2B[TPMSDerive, *TPMSDerive]

TPM2BDerive represents a TPM2B_DERIVE. See definition in Part 2: Structures, section 11.1.12.

type TPM2BDigest 

type TPM2BDigest TPM2BData

TPM2BDigest represents a TPM2B_DIGEST. See definition in Part 2: Structures, section 10.4.2.

func CPHash 

func CPHash[R any](alg TPMIAlgHash, cmd Command[R, *R]) (*TPM2BDigest, error)

CPHash calculates the TPM command parameter hash for a given Command. N.B. Authorization sessions on handles are ignored, but names aren't.

type TPM2BECCParameter 

type TPM2BECCParameter TPM2BData

TPM2BECCParameter represents a TPM2B_ECC_PARAMETER. See definition in Part 2: Structures, section 11.2.5.1.

type TPM2BECCPoint 

type TPM2BECCPoint = TPM2B[TPMSECCPoint, *TPMSECCPoint]

TPM2BECCPoint represents a TPM2B_ECC_POINT. See definition in Part 2: Structures, section 11.2.5.3.

type TPM2BEncryptedSecret 

type TPM2BEncryptedSecret TPM2BData

TPM2BEncryptedSecret represents a TPM2B_ENCRYPTED_SECRET. See definition in Part 2: Structures, section 11.4.33.

type TPM2BEvent 

type TPM2BEvent TPM2BData

TPM2BEvent represents a TPM2B_EVENT. See definition in Part 2: Structures, section 10.4.7.

type TPM2BIDObject 

type TPM2BIDObject TPM2BData

TPM2BIDObject represents a TPM2B_ID_OBJECT. See definition in Part 2: Structures, section 12.4.3.

type TPM2BLabel 

type TPM2BLabel TPM2BData

TPM2BLabel represents a TPM2B_LABEL. See definition in Part 2: Structures, section 11.1.10.

type TPM2BMaxBuffer 

type TPM2BMaxBuffer TPM2BData

TPM2BMaxBuffer represents a TPM2B_MAX_BUFFER. See definition in Part 2: Structures, section 10.4.8.

type TPM2BMaxNVBuffer 

type TPM2BMaxNVBuffer TPM2BData

TPM2BMaxNVBuffer represents a TPM2B_MAX_NV_BUFFER. See definition in Part 2: Structures, section 10.4.9.

type TPM2BNVPublic 

type TPM2BNVPublic = TPM2B[TPMSNVPublic, *TPMSNVPublic]

TPM2BNVPublic represents a TPM2B_NV_PUBLIC. See definition in Part 2: Structures, section 13.6.

type TPM2BName 

type TPM2BName TPM2BData

TPM2BName represents a TPM2B_NAME. See definition in Part 2: Structures, section 10.5.3. NOTE: This structure does not contain a TPMUName, because that union is not tagged with a selector. Instead, TPM2B_Name is flattened and all TPMDirect helpers that deal with names will deal with them as so.

func HandleName 

func HandleName(h TPMHandle) TPM2BName

HandleName returns the TPM Name of a PCR, session, or permanent value (e.g., hierarchy) handle.

func NVName 

func NVName(p *TPMSNVPublic) (*TPM2BName, error)

NVName returns the TPM Name of an NV index.

func ObjectName 

func ObjectName(p *TPMTPublic) (*TPM2BName, error)

ObjectName returns the TPM Name of an object.

type TPM2BNonce 

type TPM2BNonce TPM2BDigest

TPM2BNonce represents a TPM2B_NONCE. See definition in Part 2: Structures, section 10.4.4.

type TPM2BOperand 

type TPM2BOperand TPM2BDigest

TPM2BOperand represents a TPM2B_Operand. See definition in Part 2: Structures, section 10.4.6.

type TPM2BPrivate 

type TPM2BPrivate TPM2BData

TPM2BPrivate represents a TPM2B_PRIVATE. See definition in Part 2: Structures, section 12.3.7.

type TPM2BPrivateKeyRSA 

type TPM2BPrivateKeyRSA TPM2BData

TPM2BPrivateKeyRSA representsa a TPM2B_PRIVATE_KEY_RSA. See definition in Part 2: Structures, section 11.2.4.7.

type TPM2BPublic 

type TPM2BPublic = TPM2B[TPMTPublic, *TPMTPublic]

TPM2BPublic represents a TPM2B_PUBLIC. See definition in Part 2: Structures, section 12.2.5.

type TPM2BPublicKeyRSA 

type TPM2BPublicKeyRSA TPM2BData

TPM2BPublicKeyRSA represents a TPM2B_PUBLIC_KEY_RSA. See definition in Part 2: Structures, section 11.2.4.5.

type TPM2BSensitive 

type TPM2BSensitive = TPM2B[TPMTSensitive, *TPMTSensitive]

TPM2BSensitive represents a TPM2B_SENSITIVE. See definition in Part 2: Structures, section 12.3.3.

type TPM2BSensitiveCreate 

type TPM2BSensitiveCreate struct {
	Sensitive *TPMSSensitiveCreate
}

TPM2BSensitiveCreate represents a TPM2B_SENSITIVE_CREATE. See definition in Part 2: Structures, section 11.1.16. This is a structure instead of an alias to TPM2B[TPMSSensitiveCreate], because it has custom marshalling logic for zero-valued parameters.

type TPM2BSensitiveData 

type TPM2BSensitiveData TPM2BData

TPM2BSensitiveData represents a TPM2B_SENSITIVE_DATA. See definition in Part 2: Structures, section 11.1.14.

type TPM2BSymKey 

type TPM2BSymKey TPM2BData

TPM2BSymKey represents a TPM2B_SYM_KEY. See definition in Part 2: Structures, section 11.1.8.

type TPM2BTemplate 

type TPM2BTemplate TPM2BData

TPM2BTemplate represents a TPM2B_TEMPLATE. See definition in Part 2: Structures, section 12.2.6.

func New2BTemplate 

func New2BTemplate[C TemplateContents](data C) TPM2BTemplate

New2BTemplate creates a TPM2BTemplate with the given data.

type TPM2BTimeout 

type TPM2BTimeout TPM2BData

TPM2BTimeout represents a TPM2B_TIMEOUT. See definition in Part 2: Structures, section 10.4.10.

type TPMAACT 

type TPMAACT struct {

	// SET (1): The ACT has signaled
	// CLEAR (0): The ACT has not signaled
	Signaled bool `gotpm:"bit=0"`
	// SET (1): The ACT signaled bit is preserved over a power cycle
	// CLEAR (0): The ACT signaled bit is not preserved over a power cycle
	PreserveSignaled bool `gotpm:"bit=1"`
	// contains filtered or unexported fields
}

TPMAACT represents a TPMA_ACT. See definition in Part 2: Structures, section 8.12.

func (TPMAACT) GetReservedBit 

func (r TPMAACT) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMAACT) Length 

func (TPMAACT) Length() int

Length implements the Bitfield interface.

func (*TPMAACT) SetReservedBit 

func (r *TPMAACT) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMAAlgorithm 

type TPMAAlgorithm struct {

	// SET (1): an asymmetric algorithm with public and private portions
	// CLEAR (0): not an asymmetric algorithm
	Asymmetric bool `gotpm:"bit=0"`
	// SET (1): a symmetric block cipher
	// CLEAR (0): not a symmetric block cipher
	Symmetric bool `gotpm:"bit=1"`
	// SET (1): a hash algorithm
	// CLEAR (0): not a hash algorithm
	Hash bool `gotpm:"bit=2"`
	// SET (1): an algorithm that may be used as an object type
	// CLEAR (0): an algorithm that is not used as an object type
	Object bool `gotpm:"bit=3"`
	// SET (1): a signing algorithm. The setting of asymmetric,
	// symmetric, and hash will indicate the type of signing algorithm.
	// CLEAR (0): not a signing algorithm
	Signing bool `gotpm:"bit=8"`
	// SET (1): an encryption/decryption algorithm. The setting of
	// asymmetric, symmetric, and hash will indicate the type of
	// encryption/decryption algorithm.
	// CLEAR (0): not an encryption/decryption algorithm
	Encrypting bool `gotpm:"bit=9"`
	// SET (1): a method such as a key derivative function (KDF)
	// CLEAR (0): not a method
	Method bool `gotpm:"bit=10"`
	// contains filtered or unexported fields
}

TPMAAlgorithm represents a TPMA_ALGORITHM. See definition in Part 2: Structures, section 8.2.

func (TPMAAlgorithm) GetReservedBit 

func (r TPMAAlgorithm) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMAAlgorithm) Length 

func (TPMAAlgorithm) Length() int

Length implements the Bitfield interface.

func (*TPMAAlgorithm) SetReservedBit 

func (r *TPMAAlgorithm) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMACC 

type TPMACC struct {

	// indicates the command being selected
	CommandIndex uint16 `gotpm:"bit=15:0"`
	// SET (1): indicates that the command may write to NV
	// CLEAR (0): indicates that the command does not write to NV
	NV bool `gotpm:"bit=22"`
	// SET (1): This command could flush any number of loaded contexts.
	// CLEAR (0): no additional changes other than indicated by the flushed attribute
	Extensive bool `gotpm:"bit=23"`
	// SET (1): The context associated with any transient handle in the command will be flushed when this command completes.
	// CLEAR (0): No context is flushed as a side effect of this command.
	Flushed bool `gotpm:"bit=24"`
	// indicates the number of the handles in the handle area for this command
	CHandles uint8 `gotpm:"bit=27:25"`
	// SET (1): indicates the presence of the handle area in the response
	RHandle bool `gotpm:"bit=28"`
	// SET (1): indicates that the command is vendor-specific
	// CLEAR (0): indicates that the command is defined in a version of this specification
	V bool `gotpm:"bit=29"`
	// contains filtered or unexported fields
}

TPMACC represents a TPMA_CC. See definition in Part 2: Structures, section 8.9.

func (TPMACC) GetReservedBit 

func (r TPMACC) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMACC) Length 

func (TPMACC) Length() int

Length implements the Bitfield interface.

func (*TPMACC) SetReservedBit 

func (r *TPMACC) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMALocality 

type TPMALocality struct {
	TPMLocZero  bool `gotpm:"bit=0"`
	TPMLocOne   bool `gotpm:"bit=1"`
	TPMLocTwo   bool `gotpm:"bit=2"`
	TPMLocThree bool `gotpm:"bit=3"`
	TPMLocFour  bool `gotpm:"bit=4"`
	// If any of these bits is set, an extended locality is indicated
	Extended uint8 `gotpm:"bit=7:5"`
	// contains filtered or unexported fields
}

TPMALocality represents a TPMA_LOCALITY. See definition in Part 2: Structures, section 8.5.

func (TPMALocality) GetReservedBit 

func (r TPMALocality) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMALocality) Length 

func (TPMALocality) Length() int

Length implements the Bitfield interface.

func (*TPMALocality) SetReservedBit 

func (r *TPMALocality) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMANV 

type TPMANV struct {

	// SET (1): The Index data can be written if Platform Authorization is
	// provided.
	// CLEAR (0): Writing of the Index data cannot be authorized with
	// Platform Authorization.
	PPWrite bool `gotpm:"bit=0"`
	// SET (1): The Index data can be written if Owner Authorization is
	// provided.
	// CLEAR (0): Writing of the Index data cannot be authorized with Owner
	// Authorization.
	OwnerWrite bool `gotpm:"bit=1"`
	// SET (1): Authorizations to change the Index contents that require
	// USER role may be provided with an HMAC session or password.
	// CLEAR (0): Authorizations to change the Index contents that require
	// USER role may not be provided with an HMAC session or password.
	AuthWrite bool `gotpm:"bit=2"`
	// SET (1): Authorizations to change the Index contents that require
	// USER role may be provided with a policy session.
	// CLEAR (0): Authorizations to change the Index contents that require
	// USER role may not be provided with a policy session.
	PolicyWrite bool `gotpm:"bit=3"`
	// The type of the index.
	NT TPMNT `gotpm:"bit=7:4"`
	// SET (1): Index may not be deleted unless the authPolicy is satisfied
	// using TPM2_NV_UndefineSpaceSpecial().
	// CLEAR (0): Index may be deleted with proper platform or owner
	// authorization using TPM2_NV_UndefineSpace().
	PolicyDelete bool `gotpm:"bit=10"`
	// SET (1): Index cannot be written.
	// CLEAR (0): Index can be written.
	WriteLocked bool `gotpm:"bit=11"`
	// SET (1): A partial write of the Index data is not allowed. The write
	// size shall match the defined space size.
	// CLEAR (0): Partial writes are allowed. This setting is required if
	// the .dataSize of the Index is larger than NV_MAX_BUFFER_SIZE for the
	// implementation.
	WriteAll bool `gotpm:"bit=12"`
	// SET (1): TPM2_NV_WriteLock() may be used to prevent further writes
	// to this location.
	// CLEAR (0): TPM2_NV_WriteLock() does not block subsequent writes if
	// TPMA_NV_WRITE_STCLEAR is also CLEAR.
	WriteDefine bool `gotpm:"bit=13"`
	// SET (1): TPM2_NV_WriteLock() may be used to prevent further writes
	// to this location until the next TPM Reset or TPM Restart.
	// CLEAR (0): TPM2_NV_WriteLock() does not block subsequent writes if
	// TPMA_NV_WRITEDEFINE is also CLEAR.
	WriteSTClear bool `gotpm:"bit=14"`
	// SET (1): If TPM2_NV_GlobalWriteLock() is successful,
	// TPMA_NV_WRITELOCKED is set.
	// CLEAR (0): TPM2_NV_GlobalWriteLock() has no effect on the writing of
	// the data at this Index.
	GlobalLock bool `gotpm:"bit=15"`
	// SET (1): The Index data can be read if Platform Authorization is
	// provided.
	// CLEAR (0): Reading of the Index data cannot be authorized with
	// Platform Authorization.
	PPRead bool `gotpm:"bit=16"`
	// SET (1): The Index data can be read if Owner Authorization is
	// provided.
	// CLEAR (0): Reading of the Index data cannot be authorized with Owner
	// Authorization.
	OwnerRead bool `gotpm:"bit=17"`
	// SET (1): The Index data may be read if the authValue is provided.
	// CLEAR (0): Reading of the Index data cannot be authorized with the
	// Index authValue.
	AuthRead bool `gotpm:"bit=18"`
	// SET (1): The Index data may be read if the authPolicy is satisfied.
	// CLEAR (0): Reading of the Index data cannot be authorized with the
	// Index authPolicy.
	PolicyRead bool `gotpm:"bit=19"`
	// SET (1): Authorization failures of the Index do not affect the DA
	// logic and authorization of the Index is not blocked when the TPM is
	// in Lockout mode.
	// CLEAR (0): Authorization failures of the Index will increment the
	// authorization failure counter and authorizations of this Index are
	// not allowed when the TPM is in Lockout mode.
	NoDA bool `gotpm:"bit=25"`
	// SET (1): NV Index state is only required to be saved when the TPM
	// performs an orderly shutdown (TPM2_Shutdown()).
	// CLEAR (0): NV Index state is required to be persistent after the
	// command to update the Index completes successfully (that is, the NV
	// update is synchronous with the update command).
	Orderly bool `gotpm:"bit=26"`
	// SET (1): TPMA_NV_WRITTEN for the Index is CLEAR by TPM Reset or TPM
	// Restart.
	// CLEAR (0): TPMA_NV_WRITTEN is not changed by TPM Restart.
	ClearSTClear bool `gotpm:"bit=27"`
	// SET (1): Reads of the Index are blocked until the next TPM Reset or
	// TPM Restart.
	// CLEAR (0): Reads of the Index are allowed if proper authorization is
	// provided.
	ReadLocked bool `gotpm:"bit=28"`
	// SET (1): Index has been written.
	// CLEAR (0): Index has not been written.
	Written bool `gotpm:"bit=29"`
	// SET (1): This Index may be undefined with Platform Authorization
	// but not with Owner Authorization.
	// CLEAR (0): This Index may be undefined using Owner Authorization but
	// not with Platform Authorization.
	PlatformCreate bool `gotpm:"bit=30"`
	// SET (1): TPM2_NV_ReadLock() may be used to SET TPMA_NV_READLOCKED
	// for this Index.
	// CLEAR (0): TPM2_NV_ReadLock() has no effect on this Index.
	ReadSTClear bool `gotpm:"bit=31"`
	// contains filtered or unexported fields
}

TPMANV represents a TPMA_NV. See definition in Part 2: Structures, section 13.4.

func (TPMANV) GetReservedBit 

func (r TPMANV) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMANV) Length 

func (TPMANV) Length() int

Length implements the Bitfield interface.

func (*TPMANV) SetReservedBit 

func (r *TPMANV) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMAObject 

type TPMAObject struct {

	// SET (1): The hierarchy of the object, as indicated by its
	// Qualified Name, may not change.
	// CLEAR (0): The hierarchy of the object may change as a result
	// of this object or an ancestor key being duplicated for use in
	// another hierarchy.
	FixedTPM bool `gotpm:"bit=1"`
	// SET (1): Previously saved contexts of this object may not be
	// loaded after Startup(CLEAR).
	// CLEAR (0): Saved contexts of this object may be used after a
	// Shutdown(STATE) and subsequent Startup().
	STClear bool `gotpm:"bit=2"`
	// SET (1): The parent of the object may not change.
	// CLEAR (0): The parent of the object may change as the result of
	// a TPM2_Duplicate() of the object.
	FixedParent bool `gotpm:"bit=4"`
	// SET (1): Indicates that, when the object was created with
	// TPM2_Create() or TPM2_CreatePrimary(), the TPM generated all of
	// the sensitive data other than the authValue.
	// CLEAR (0): A portion of the sensitive data, other than the
	// authValue, was provided by the caller.
	SensitiveDataOrigin bool `gotpm:"bit=5"`
	// SET (1): Approval of USER role actions with this object may be
	// with an HMAC session or with a password using the authValue of
	// the object or a policy session.
	// CLEAR (0): Approval of USER role actions with this object may
	// only be done with a policy session.
	UserWithAuth bool `gotpm:"bit=6"`
	// SET (1): Approval of ADMIN role actions with this object may
	// only be done with a policy session.
	// CLEAR (0): Approval of ADMIN role actions with this object may
	// be with an HMAC session or with a password using the authValue
	// of the object or a policy session.
	AdminWithPolicy bool `gotpm:"bit=7"`
	// SET (1): The object is not subject to dictionary attack
	// protections.
	// CLEAR (0): The object is subject to dictionary attack
	// protections.
	NoDA bool `gotpm:"bit=10"`
	// SET (1): If the object is duplicated, then symmetricAlg shall
	// not be TPM_ALG_NULL and newParentHandle shall not be
	// TPM_RH_NULL.
	// CLEAR (0): The object may be duplicated without an inner
	// wrapper on the private portion of the object and the new parent
	// may be TPM_RH_NULL.
	EncryptedDuplication bool `gotpm:"bit=11"`
	// SET (1): Key usage is restricted to manipulate structures of
	// known format; the parent of this key shall have restricted SET.
	// CLEAR (0): Key usage is not restricted to use on special
	// formats.
	Restricted bool `gotpm:"bit=16"`
	// SET (1): The private portion of the key may be used to decrypt.
	// CLEAR (0): The private portion of the key may not be used to
	// decrypt.
	Decrypt bool `gotpm:"bit=17"`
	// SET (1): For a symmetric cipher object, the private portion of
	// the key may be used to encrypt. For other objects, the private
	// portion of the key may be used to sign.
	// CLEAR (0): The private portion of the key may not be used to
	// sign or encrypt.
	SignEncrypt bool `gotpm:"bit=18"`
	// SET (1): An asymmetric key that may not be used to sign with
	// TPM2_Sign() CLEAR (0): A key that may be used with TPM2_Sign()
	// if sign is SET
	// NOTE: This attribute only has significance if sign is SET.
	X509Sign bool `gotpm:"bit=19"`
	// contains filtered or unexported fields
}

TPMAObject represents a TPMA_OBJECT. See definition in Part 2: Structures, section 8.3.2.

func (TPMAObject) GetReservedBit 

func (r TPMAObject) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMAObject) Length 

func (TPMAObject) Length() int

Length implements the Bitfield interface.

func (*TPMAObject) SetReservedBit 

func (r *TPMAObject) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMASession 

type TPMASession struct {

	// SET (1): In a command, this setting indicates that the session
	// is to remain active after successful completion of the command.
	// In a response, it indicates that the session is still active.
	// If SET in the command, this attribute shall be SET in the response.
	// CLEAR (0): In a command, this setting indicates that the TPM should
	// close the session and flush any related context when the command
	// completes successfully. In a response, it indicates that the
	// session is closed and the context is no longer active.
	// This attribute has no meaning for a password authorization and the
	// TPM will allow any setting of the attribute in the command and SET
	// the attribute in the response.
	ContinueSession bool `gotpm:"bit=0"`
	// SET (1): In a command, this setting indicates that the command
	// should only be executed if the session is exclusive at the start of
	// the command. In a response, it indicates that the session is
	// exclusive. This setting is only allowed if the audit attribute is
	// SET (TPM_RC_ATTRIBUTES).
	// CLEAR (0): In a command, indicates that the session need not be
	// exclusive at the start of the command. In a response, indicates that
	// the session is not exclusive.
	AuditExclusive bool `gotpm:"bit=1"`
	// SET (1): In a command, this setting indicates that the audit digest
	// of the session should be initialized and the exclusive status of the
	// session SET. This setting is only allowed if the audit attribute is
	// SET (TPM_RC_ATTRIBUTES).
	// CLEAR (0): In a command, indicates that the audit digest should not
	// be initialized. This bit is always CLEAR in a response.
	AuditReset bool `gotpm:"bit=2"`
	// SET (1): In a command, this setting indicates that the first
	// parameter in the command is symmetrically encrypted using the
	// parameter encryption scheme described in TPM 2.0 Part 1. The TPM will
	// decrypt the parameter after performing any HMAC computations and
	// before unmarshaling the parameter. In a response, the attribute is
	// copied from the request but has no effect on the response.
	// CLEAR (0): Session not used for encryption.
	// For a password authorization, this attribute will be CLEAR in both the
	// command and response.
	Decrypt bool `gotpm:"bit=5"`
	// SET (1): In a command, this setting indicates that the TPM should use
	// this session to encrypt the first parameter in the response. In a
	// response, it indicates that the attribute was set in the command and
	// that the TPM used the session to encrypt the first parameter in the
	// response using the parameter encryption scheme described in TPM 2.0
	// Part 1.
	// CLEAR (0): Session not used for encryption.
	// For a password authorization, this attribute will be CLEAR in both the
	// command and response.
	Encrypt bool `gotpm:"bit=6"`
	// SET (1): In a command or response, this setting indicates that the
	// session is for audit and that auditExclusive and auditReset have
	// meaning. This session may also be used for authorization, encryption,
	// or decryption. The encrypted and encrypt fields may be SET or CLEAR.
	// CLEAR (0): Session is not used for audit.
	// If SET in the command, then this attribute will be SET in the response.
	Audit bool `gotpm:"bit=7"`
	// contains filtered or unexported fields
}

TPMASession represents a TPMA_SESSION. See definition in Part 2: Structures, section 8.4.

func (TPMASession) GetReservedBit 

func (r TPMASession) GetReservedBit(pos int) bool

GetReservedBit implements the BitGetter interface.

func (TPMASession) Length 

func (TPMASession) Length() int

Length implements the Bitfield interface.

func (*TPMASession) SetReservedBit 

func (r *TPMASession) SetReservedBit(pos int, val bool)

SetReservedBit implements the BitSetter interface.

type TPMAlgID 

type TPMAlgID uint16

TPMAlgID represents a TPM_ALG_ID. See definition in Part 2: Structures, section 6.3. 

const (
	TPMAlgRSA          TPMAlgID = 0x0001
	TPMAlgTDES         TPMAlgID = 0x0003
	TPMAlgSHA1         TPMAlgID = 0x0004
	TPMAlgHMAC         TPMAlgID = 0x0005
	TPMAlgAES          TPMAlgID = 0x0006
	TPMAlgMGF1         TPMAlgID = 0x0007
	TPMAlgKeyedHash    TPMAlgID = 0x0008
	TPMAlgXOR          TPMAlgID = 0x000A
	TPMAlgSHA256       TPMAlgID = 0x000B
	TPMAlgSHA384       TPMAlgID = 0x000C
	TPMAlgSHA512       TPMAlgID = 0x000D
	TPMAlgNull         TPMAlgID = 0x0010
	TPMAlgSM3256       TPMAlgID = 0x0012
	TPMAlgSM4          TPMAlgID = 0x0013
	TPMAlgRSASSA       TPMAlgID = 0x0014
	TPMAlgRSAES        TPMAlgID = 0x0015
	TPMAlgRSAPSS       TPMAlgID = 0x0016
	TPMAlgOAEP         TPMAlgID = 0x0017
	TPMAlgECDSA        TPMAlgID = 0x0018
	TPMAlgECDH         TPMAlgID = 0x0019
	TPMAlgECDAA        TPMAlgID = 0x001A
	TPMAlgSM2          TPMAlgID = 0x001B
	TPMAlgECSchnorr    TPMAlgID = 0x001C
	TPMAlgECMQV        TPMAlgID = 0x001D
	TPMAlgKDF1SP80056A TPMAlgID = 0x0020
	TPMAlgKDF2         TPMAlgID = 0x0021
	TPMAlgKDF1SP800108 TPMAlgID = 0x0022
	TPMAlgECC          TPMAlgID = 0x0023
	TPMAlgSymCipher    TPMAlgID = 0x0025
	TPMAlgCamellia     TPMAlgID = 0x0026
	TPMAlgSHA3256      TPMAlgID = 0x0027
	TPMAlgSHA3384      TPMAlgID = 0x0028
	TPMAlgSHA3512      TPMAlgID = 0x0029
	TPMAlgCMAC         TPMAlgID = 0x003F
	TPMAlgCTR          TPMAlgID = 0x0040
	TPMAlgOFB          TPMAlgID = 0x0041
	TPMAlgCBC          TPMAlgID = 0x0042
	TPMAlgCFB          TPMAlgID = 0x0043
	TPMAlgECB          TPMAlgID = 0x0044
)

TPMAlgID values come from Part 2: Structures, section 6.3.

type TPMAlgorithmID 

type TPMAlgorithmID uint32

TPMAlgorithmID represents a TPM_ALGORITHM_ID this is the 1.2 compatible form of the TPM_ALG_ID See definition in Part 2, Structures, section 5.3.

type TPMAuthorizationSize 

type TPMAuthorizationSize uint32

TPMAuthorizationSize represents a TPM_AUTHORIZATION_SIZE. the authorizationSize parameter in a command See definition in Part 2, Structures, section 5.3.

type TPMCC 

type TPMCC uint32

TPMCC represents a TPM_CC. See definition in Part 2: Structures, section 6.5.2. 

const (
	TPMCCNVUndefineSpaceSpecial     TPMCC = 0x0000011F
	TPMCCEvictControl               TPMCC = 0x00000120
	TPMCCHierarchyControl           TPMCC = 0x00000121
	TPMCCNVUndefineSpace            TPMCC = 0x00000122
	TPMCCChangeEPS                  TPMCC = 0x00000124
	TPMCCChangePPS                  TPMCC = 0x00000125
	TPMCCClear                      TPMCC = 0x00000126
	TPMCCClearControl               TPMCC = 0x00000127
	TPMCCClockSet                   TPMCC = 0x00000128
	TPMCCHierarchyChanegAuth        TPMCC = 0x00000129
	TPMCCNVDefineSpace              TPMCC = 0x0000012A
	TPMCCPCRAllocate                TPMCC = 0x0000012B
	TPMCCPCRSetAuthPolicy           TPMCC = 0x0000012C
	TPMCCPPCommands                 TPMCC = 0x0000012D
	TPMCCSetPrimaryPolicy           TPMCC = 0x0000012E
	TPMCCFieldUpgradeStart          TPMCC = 0x0000012F
	TPMCCClockRateAdjust            TPMCC = 0x00000130
	TPMCCCreatePrimary              TPMCC = 0x00000131
	TPMCCNVGlobalWriteLock          TPMCC = 0x00000132
	TPMCCGetCommandAuditDigest      TPMCC = 0x00000133
	TPMCCNVIncrement                TPMCC = 0x00000134
	TPMCCNVSetBits                  TPMCC = 0x00000135
	TPMCCNVExtend                   TPMCC = 0x00000136
	TPMCCNVWrite                    TPMCC = 0x00000137
	TPMCCNVWriteLock                TPMCC = 0x00000138
	TPMCCDictionaryAttackLockReset  TPMCC = 0x00000139
	TPMCCDictionaryAttackParameters TPMCC = 0x0000013A
	TPMCCNVChangeAuth               TPMCC = 0x0000013B
	TPMCCPCREvent                   TPMCC = 0x0000013C
	TPMCCPCRReset                   TPMCC = 0x0000013D
	TPMCCSequenceComplete           TPMCC = 0x0000013E
	TPMCCSetAlgorithmSet            TPMCC = 0x0000013F
	TPMCCSetCommandCodeAuditStatus  TPMCC = 0x00000140
	TPMCCFieldUpgradeData           TPMCC = 0x00000141
	TPMCCIncrementalSelfTest        TPMCC = 0x00000142
	TPMCCSelfTest                   TPMCC = 0x00000143
	TPMCCStartup                    TPMCC = 0x00000144
	TPMCCShutdown                   TPMCC = 0x00000145
	TPMCCStirRandom                 TPMCC = 0x00000146
	TPMCCActivateCredential         TPMCC = 0x00000147
	TPMCCCertify                    TPMCC = 0x00000148
	TPMCCPolicyNV                   TPMCC = 0x00000149
	TPMCCCertifyCreation            TPMCC = 0x0000014A
	TPMCCDuplicate                  TPMCC = 0x0000014B
	TPMCCGetTime                    TPMCC = 0x0000014C
	TPMCCGetSessionAuditDigest      TPMCC = 0x0000014D
	TPMCCNVRead                     TPMCC = 0x0000014E
	TPMCCNVReadLock                 TPMCC = 0x0000014F
	TPMCCObjectChangeAuth           TPMCC = 0x00000150
	TPMCCPolicySecret               TPMCC = 0x00000151
	TPMCCRewrap                     TPMCC = 0x00000152
	TPMCCCreate                     TPMCC = 0x00000153
	TPMCCECDHZGen                   TPMCC = 0x00000154
	TPMCCMAC                        TPMCC = 0x00000155
	TPMCCImport                     TPMCC = 0x00000156
	TPMCCLoad                       TPMCC = 0x00000157
	TPMCCQuote                      TPMCC = 0x00000158
	TPMCCRSADecrypt                 TPMCC = 0x00000159
	TPMCCMACStart                   TPMCC = 0x0000015B
	TPMCCSequenceUpdate             TPMCC = 0x0000015C
	TPMCCSign                       TPMCC = 0x0000015D
	TPMCCUnseal                     TPMCC = 0x0000015E
	TPMCCPolicySigned               TPMCC = 0x00000160
	TPMCCContextLoad                TPMCC = 0x00000161
	TPMCCContextSave                TPMCC = 0x00000162
	TPMCCECDHKeyGen                 TPMCC = 0x00000163
	TPMCCEncryptDecrypt             TPMCC = 0x00000164
	TPMCCFlushContext               TPMCC = 0x00000165
	TPMCCLoadExternal               TPMCC = 0x00000167
	TPMCCMakeCredential             TPMCC = 0x00000168
	TPMCCNVReadPublic               TPMCC = 0x00000169
	TPMCCPolicyAuthorize            TPMCC = 0x0000016A
	TPMCCPolicyAuthValue            TPMCC = 0x0000016B
	TPMCCPolicyCommandCode          TPMCC = 0x0000016C
	TPMCCPolicyCounterTimer         TPMCC = 0x0000016D
	TPMCCPolicyCpHash               TPMCC = 0x0000016E
	TPMCCPolicyLocality             TPMCC = 0x0000016F
	TPMCCPolicyNameHash             TPMCC = 0x00000170
	TPMCCPolicyOR                   TPMCC = 0x00000171
	TPMCCPolicyTicket               TPMCC = 0x00000172
	TPMCCReadPublic                 TPMCC = 0x00000173
	TPMCCRSAEncrypt                 TPMCC = 0x00000174
	TPMCCStartAuthSession           TPMCC = 0x00000176
	TPMCCVerifySignature            TPMCC = 0x00000177
	TPMCCECCParameters              TPMCC = 0x00000178
	TPMCCFirmwareRead               TPMCC = 0x00000179
	TPMCCGetCapability              TPMCC = 0x0000017A
	TPMCCGetRandom                  TPMCC = 0x0000017B
	TPMCCGetTestResult              TPMCC = 0x0000017C
	TPMCCHash                       TPMCC = 0x0000017D
	TPMCCPCRRead                    TPMCC = 0x0000017E
	TPMCCPolicyPCR                  TPMCC = 0x0000017F
	TPMCCPolicyRestart              TPMCC = 0x00000180
	TPMCCReadClock                  TPMCC = 0x00000181
	TPMCCPCRExtend                  TPMCC = 0x00000182
	TPMCCPCRSetAuthValue            TPMCC = 0x00000183
	TPMCCNVCertify                  TPMCC = 0x00000184
	TPMCCEventSequenceComplete      TPMCC = 0x00000185
	TPMCCHashSequenceStart          TPMCC = 0x00000186
	TPMCCPolicyPhysicalPresence     TPMCC = 0x00000187
	TPMCCPolicyDuplicationSelect    TPMCC = 0x00000188
	TPMCCPolicyGetDigest            TPMCC = 0x00000189
	TPMCCTestParams                 TPMCC = 0x0000018A
	TPMCCCommit                     TPMCC = 0x0000018B
	TPMCCPolicyPassword             TPMCC = 0x0000018C
	TPMCCZGen2Phase                 TPMCC = 0x0000018D
	TPMCCECEphemeral                TPMCC = 0x0000018E
	TPMCCPolicyNvWritten            TPMCC = 0x0000018F
	TPMCCPolicyTemplate             TPMCC = 0x00000190
	TPMCCCreateLoaded               TPMCC = 0x00000191
	TPMCCPolicyAuthorizeNV          TPMCC = 0x00000192
	TPMCCEncryptDecrypt2            TPMCC = 0x00000193
	TPMCCACGetCapability            TPMCC = 0x00000194
	TPMCCACSend                     TPMCC = 0x00000195
	TPMCCPolicyACSendSelect         TPMCC = 0x00000196
	TPMCCCertifyX509                TPMCC = 0x00000197
	TPMCCACTSetTimeout              TPMCC = 0x00000198
)

TPMCC values come from Part 2: Structures, section 6.5.2.

type TPMCap 

type TPMCap uint32

TPMCap represents a TPM_CAP. See definition in Part 2: Structures, section 6.12. 

const (
	TPMCapAlgs          TPMCap = 0x00000000
	TPMCapHandles       TPMCap = 0x00000001
	TPMCapCommands      TPMCap = 0x00000002
	TPMCapPPCommands    TPMCap = 0x00000003
	TPMCapAuditCommands TPMCap = 0x00000004
	TPMCapPCRs          TPMCap = 0x00000005
	TPMCapTPMProperties TPMCap = 0x00000006
	TPMCapPCRProperties TPMCap = 0x00000007
	TPMCapECCCurves     TPMCap = 0x00000008
	TPMCapAuthPolicies  TPMCap = 0x00000009
	TPMCapACT           TPMCap = 0x0000000A
)

TPMCap values come from Part 2: Structures, section 6.12.

type TPMCmdHeader 

type TPMCmdHeader struct {
	Tag         TPMISTCommandTag
	Length      uint32
	CommandCode TPMCC
	// contains filtered or unexported fields
}

TPMCmdHeader is the header structure in front of any TPM command. It is described in Part 1, Architecture.

type TPMECCCurve 

type TPMECCCurve uint16

TPMECCCurve represents a TPM_ECC_Curve. See definition in Part 2: Structures, section 6.4. 

const (
	TPMECCNone     TPMECCCurve = 0x0000
	TPMECCNistP192 TPMECCCurve = 0x0001
	TPMECCNistP224 TPMECCCurve = 0x0002
	TPMECCNistP256 TPMECCCurve = 0x0003
	TPMECCNistP384 TPMECCCurve = 0x0004
	TPMECCNistP521 TPMECCCurve = 0x0005
	TPMECCBNP256   TPMECCCurve = 0x0010
	TPMECCBNP638   TPMECCCurve = 0x0011
	TPMECCSM2P256  TPMECCCurve = 0x0020
)

TPMECCCurve values come from Part 2: Structures, section 6.4.

func (TPMECCCurve) Curve 

func (c TPMECCCurve) Curve() (elliptic.Curve, error)

Curve returns the elliptic.Curve associated with a TPMECCCurve.

type TPMEO 

type TPMEO uint16

TPMEO represents a TPM_EO. See definition in Part 2: Structures, section 6.8. 

const (
	TPMEOEq         TPMEO = 0x0000
	TPMEONeq        TPMEO = 0x0001
	TPMEOSignedGT   TPMEO = 0x0002
	TPMEOUnsignedGT TPMEO = 0x0003
	TPMEOSignedLT   TPMEO = 0x0004
	TPMEOUnsignedLT TPMEO = 0x0005
	TPMEOSignedGE   TPMEO = 0x0006
	TPMEOUnsignedGE TPMEO = 0x0007
	TPMEOSignedLE   TPMEO = 0x0008
	TPMEOUnsignedLE TPMEO = 0x0009
	TPMEOBitSet     TPMEO = 0x000A
	TPMEOBitClear   TPMEO = 0x000B
)

TPMEO values come from Part 2: Structures, section 6.8.

type TPMFmt1Error 

type TPMFmt1Error struct {
	// contains filtered or unexported fields
}

TPMFmt1Error represents a TPM 2.0 format-1 error, with additional information.

func (TPMFmt1Error) Error 

func (e TPMFmt1Error) Error() string

Error returns the string representation of the error.

func (TPMFmt1Error) Handle 

func (e TPMFmt1Error) Handle() (bool, int)

Handle returns whether the error is handle-related and if so, which handle is in error.

func (TPMFmt1Error) Parameter 

func (e TPMFmt1Error) Parameter() (bool, int)

Parameter returns whether the error is handle-related and if so, which handle is in error.

func (TPMFmt1Error) Session 

func (e TPMFmt1Error) Session() (bool, int)

Session returns whether the error is handle-related and if so, which handle is in error.

type TPMGenerated 

type TPMGenerated uint32

TPMGenerated represents a TPM_GENERATED. See definition in Part 2: Structures, section 6.2. 

const (
	TPMGeneratedValue TPMGenerated = 0xff544347
)

Generated values come from Part 2: Structures, section 6.2.

func (TPMGenerated) Check 

func (g TPMGenerated) Check() error

Check verifies that a TPMGenerated value is correct, and returns an error otherwise.

type TPMHT 

type TPMHT uint8

TPMHT represents a TPM_HT. See definition in Part 2: Structures, section 7.2. 

const (
	TPMHTPCR           TPMHT = 0x00
	TPMHTNVIndex       TPMHT = 0x01
	TPMHTHMACSession   TPMHT = 0x02
	TPMHTPolicySession TPMHT = 0x03
	TPMHTPermanent     TPMHT = 0x40
	TPMHTTransient     TPMHT = 0x80
	TPMHTPersistent    TPMHT = 0x81
	TPMHTAC            TPMHT = 0x90
)

TPMHT values come from Part 2: Structures, section 7.2.

type TPMHandle 

type TPMHandle uint32

TPMHandle represents a TPM_HANDLE. See definition in Part 2: Structures, section 7.1. 

const (
	TPMRHOwner       TPMHandle = 0x40000001
	TPMRHNull        TPMHandle = 0x40000007
	TPMRSPW          TPMHandle = 0x40000009
	TPMRHLockout     TPMHandle = 0x4000000A
	TPMRHEndorsement TPMHandle = 0x4000000B
	TPMRHPlatform    TPMHandle = 0x4000000C
	TPMRHPlatformNV  TPMHandle = 0x4000000D
)

TPMHandle values come from Part 2: Structures, section 7.4.

func (TPMHandle) HandleValue 

func (h TPMHandle) HandleValue() uint32

HandleValue returns the handle value. This behavior is intended to satisfy an interface that can be implemented by other, more complex types as well.

func (TPMHandle) KnownName 

func (h TPMHandle) KnownName() *TPM2BName

KnownName returns the TPM Name associated with the handle, if it can be known based only on the handle. This depends upon the value of the handle: only PCR, session, and permanent values have known constant Names. See definition in part 1: Architecture, section 16.

type TPMIAlgECCScheme 

type TPMIAlgECCScheme = TPMAlgID

TPMIAlgECCScheme represents a TPMI_ALG_ECC_SCHEME. See definition in Part 2: Structures, section 11.2.5.4.

type TPMIAlgHash 

type TPMIAlgHash = TPMAlgID

TPMIAlgHash represents a TPMI_ALG_HASH. See definition in Part 2: Structures, section 9.27.

func (TPMIAlgHash) Hash 

func (a TPMIAlgHash) Hash() (crypto.Hash, error)

Hash returns the crypto.Hash associated with a TPMIAlgHash.

type TPMIAlgKDF 

type TPMIAlgKDF = TPMAlgID

TPMIAlgKDF represents a TPMI_ALG_KDF. See definition in Part 2: Structures, section 9.32.

type TPMIAlgKeyedHashScheme 

type TPMIAlgKeyedHashScheme = TPMAlgID

TPMIAlgKeyedHashScheme represents a TPMI_ALG_KEYEDHASH_SCHEME. See definition in Part 2: Structures, section 11.1.19.

type TPMIAlgPublic 

type TPMIAlgPublic = TPMAlgID

TPMIAlgPublic represents a TPMI_ALG_PUBLIC. See definition in Part 2: Structures, section 12.2.2.

type TPMIAlgRSAScheme 

type TPMIAlgRSAScheme = TPMAlgID

TPMIAlgRSAScheme represents a TPMI_ALG_RSA_SCHEME. See definition in Part 2: Structures, section 11.2.4.1.

type TPMIAlgSigScheme 

type TPMIAlgSigScheme = TPMAlgID

TPMIAlgSigScheme represents a TPMI_ALG_SIG_SCHEME. See definition in Part 2: Structures, section 9.33.

type TPMIAlgSym 

type TPMIAlgSym = TPMAlgID

TPMIAlgSym represents a TPMI_ALG_SYM. See definition in Part 2: Structures, section 9.29.

type TPMIAlgSymMode 

type TPMIAlgSymMode = TPMAlgID

TPMIAlgSymMode represents a TPMI_ALG_SYM_MODE. See definition in Part 2: Structures, section 9.31.

type TPMIAlgSymObject 

type TPMIAlgSymObject = TPMAlgID

TPMIAlgSymObject represents a TPMI_ALG_SYM_OBJECT. See definition in Part 2: Structures, section 9.30.

type TPMIDHContext 

type TPMIDHContext = TPMHandle

TPMIDHContext represents a TPMI_DH_CONTEXT. See definition in Part 2: Structures, section 9.11.

type TPMIDHEntity 

type TPMIDHEntity = TPMHandle

TPMIDHEntity represents a TPMI_DH_ENTITY. See definition in Part 2: Structures, section 9.6.

type TPMIDHObject 

type TPMIDHObject = TPMHandle

TPMIDHObject represents a TPMI_DH_OBJECT. See definition in Part 2: Structures, section 9.3.

type TPMIDHPersistent 

type TPMIDHPersistent = TPMHandle

TPMIDHPersistent represents a TPMI_DH_PERSISTENT. See definition in Part 2: Structures, section 9.5.

type TPMIDHSaved 

type TPMIDHSaved = TPMHandle

TPMIDHSaved represents a TPMI_DH_SAVED. See definition in Part 2: Structures, section 9.12.

type TPMIECCCurve 

type TPMIECCCurve = TPMECCCurve

TPMIECCCurve represents a TPMI_ECC_CURVE. See definition in Part 2: Structures, section 11.2.5.5.

type TPMIRHAC 

type TPMIRHAC = TPMHandle

TPMIRHAC represents a TPMI_RH_AC. See definition in Part 2: Structures, section 9.25.

type TPMIRHACT 

type TPMIRHACT = TPMHandle

TPMIRHACT represents a TPMI_RH_ACT. See definition in Part 2: Structures, section 9.26.

type TPMIRHClear 

type TPMIRHClear = TPMHandle

TPMIRHClear represents a TPMI_RH_CLEAR. See definition in Part 2: Structures, section 9.21.

type TPMIRHEnables 

type TPMIRHEnables = TPMHandle

TPMIRHEnables represents a TPMI_RH_ENABLES. See definition in Part 2: Structures, section 9.14.

type TPMIRHEndorsement 

type TPMIRHEndorsement = TPMHandle

TPMIRHEndorsement represents a TPMI_RH_ENDORSEMENT. See definition in Part 2: Structures, section 9.19.

type TPMIRHHierarchy 

type TPMIRHHierarchy = TPMHandle

TPMIRHHierarchy represents a TPMI_RH_HIERARCHY. See definition in Part 2: Structures, section 9.13.

type TPMIRHHierarchyAuth 

type TPMIRHHierarchyAuth = TPMHandle

TPMIRHHierarchyAuth represents a TPMI_RH_HIERARCHY_AUTH. See definition in Part 2: Structures, section 9.15.

type TPMIRHHierarchyPolicy 

type TPMIRHHierarchyPolicy = TPMHandle

TPMIRHHierarchyPolicy represents a TPMI_RH_HIERARCHY_POLICY. See definition in Part 2: Structures, section 9.16.

type TPMIRHLockout 

type TPMIRHLockout = TPMHandle

TPMIRHLockout represents a TPMI_RH_LOCKOUT. See definition in Part 2: Structures, section 9.23.

type TPMIRHNVAuth 

type TPMIRHNVAuth = TPMHandle

TPMIRHNVAuth represents a TPMI_RH_NV_AUTH. See definition in Part 2: Structures, section 9.22.

type TPMIRHNVIndex 

type TPMIRHNVIndex = TPMHandle

TPMIRHNVIndex represents a TPMI_RH_NV_INDEX. See definition in Part 2: Structures, section 9.24.

type TPMIRHOwner 

type TPMIRHOwner = TPMHandle

TPMIRHOwner represents a TPMI_RH_OWNER. See definition in Part 2: Structures, section 9.18.

type TPMIRHPlatform 

type TPMIRHPlatform = TPMHandle

TPMIRHPlatform represents a TPMI_RH_PLATFORM. See definition in Part 2: Structures, section 9.17.

type TPMIRHProvision 

type TPMIRHProvision = TPMHandle

TPMIRHProvision represents a TPMI_RH_PROVISION. See definition in Part 2: Structures, section 9.20.

type TPMIRSAKeyBits 

type TPMIRSAKeyBits = TPMKeyBits

TPMIRSAKeyBits represents a TPMI_RSA_KEY_BITS. See definition in Part 2: Structures, section 11.2.4.6.

type TPMISHAuthSession 

type TPMISHAuthSession = TPMHandle

TPMISHAuthSession represents a TPMI_SH_AUTH_SESSION. See definition in Part 2: Structures, section 9.8.

type TPMISHHMAC 

type TPMISHHMAC = TPMHandle

TPMISHHMAC represents a TPMI_SH_HMAC. See definition in Part 2: Structures, section 9.9.

type TPMISHPolicy 

type TPMISHPolicy = TPMHandle

TPMISHPolicy represents a TPMI_SH_POLICY. See definition in Part 2: Structures, section 9.10.

type TPMISTAttest 

type TPMISTAttest = TPMST

TPMISTAttest represents a TPMI_ST_ATTEST. See definition in Part 2: Structures, section 10.12.10.

type TPMISTCommandTag 

type TPMISTCommandTag = TPMST

TPMISTCommandTag represents a TPMI_ST_COMMAND_TAG. See definition in Part 2: Structures, section 9.35.

type TPMIYesNo 

type TPMIYesNo = bool

TPMIYesNo represents a TPMI_YES_NO. See definition in Part 2: Structures, section 9.2. Use native bool for TPMI_YES_NO; encoding/binary already treats this as 8 bits wide.

type TPMKeyBits 

type TPMKeyBits uint16

TPMKeyBits represents a TPM_KEY_BITS. a key size in bits See definition in Part 2, Structures, section 5.3.

type TPMKeySize 

type TPMKeySize uint16

TPMKeySize represents a TPM_KEY_SIZE. a key size in octets See definition in Part 2, Structures, section 5.3.

type TPMLACTData 

type TPMLACTData struct {
	ACTData []TPMSACTData `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLACTData represents a TPML_ACT_DATA. See definition in Part 2: Structures, section 10.9.13.

type TPMLAlg 

type TPMLAlg struct {
	Algorithms []TPMAlgID `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLAlg represents a TPML_ALG. See definition in Part 2: Structures, section 10.9.3.

type TPMLAlgProperty 

type TPMLAlgProperty struct {
	AlgProperties []TPMSAlgProperty `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLAlgProperty represents a TPML_ALG_PROPERTY. See definition in Part 2: Structures, section 10.9.8.

type TPMLCC 

type TPMLCC struct {
	CommandCodes []TPMCC `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLCC represents a TPML_CC. See definition in Part 2: Structures, section 10.9.1.

type TPMLCCA 

type TPMLCCA struct {
	CommandAttributes []TPMACC `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLCCA represents a TPML_CCA. See definition in Part 2: Structures, section 10.9.2.

type TPMLDigest 

type TPMLDigest struct {

	// a list of digests
	Digests []TPM2BDigest `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLDigest represents a TPML_DIGEST. See definition in Part 2: Structures, section 10.9.5.

type TPMLDigestValues 

type TPMLDigestValues struct {

	// a list of tagged digests
	Digests []TPMTHA `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLDigestValues represents a TPML_DIGEST_VALUES. See definition in Part 2: Structures, section 10.9.6.

type TPMLECCCurve 

type TPMLECCCurve struct {
	ECCCurves []TPMECCCurve `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLECCCurve represents a TPML_ECC_CURVE. See definition in Part 2: Structures, section 10.9.11.

type TPMLHandle 

type TPMLHandle struct {
	Handle []TPMHandle `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLHandle represents a TPML_HANDLE. See definition in Part 2: Structures, section 10.9.4.

type TPMLPCRSelection 

type TPMLPCRSelection struct {
	PCRSelections []TPMSPCRSelection `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLPCRSelection represents a TPML_PCR_SELECTION. See definition in Part 2: Structures, section 10.9.7.

type TPMLTaggedPCRProperty 

type TPMLTaggedPCRProperty struct {
	PCRProperty []TPMSTaggedPCRSelect `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLTaggedPCRProperty represents a TPML_TAGGED_PCR_PROPERTY. See definition in Part 2: Structures, section 10.9.10.

type TPMLTaggedPolicy 

type TPMLTaggedPolicy struct {
	Policies []TPMSTaggedPolicy `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLTaggedPolicy represents a TPML_TAGGED_POLICY. See definition in Part 2: Structures, section 10.9.12.

type TPMLTaggedTPMProperty 

type TPMLTaggedTPMProperty struct {
	TPMProperty []TPMSTaggedProperty `gotpm:"list"`
	// contains filtered or unexported fields
}

TPMLTaggedTPMProperty represents a TPML_TAGGED_TPM_PROPERTY. See definition in Part 2: Structures, section 10.9.9.

type TPMModifierIndicator 

type TPMModifierIndicator uint32

TPMModifierIndicator represents a TPM_MODIFIER_INDICATOR. See definition in Part 2, Structures, section 5.3.

type TPMNT 

type TPMNT uint8

TPMNT represents a TPM_NT. See definition in Part 2: Structures, section 13.4. 

const (
	// contains data that is opaque to the TPM that can only be modified
	// using TPM2_NV_Write().
	TPMNTOrdinary TPMNT = 0x0
	// contains an 8-octet value that is to be used as a counter and can
	// only be modified with TPM2_NV_Increment()
	TPMNTCounter TPMNT = 0x1
	// contains an 8-octet value to be used as a bit field and can only be
	// modified with TPM2_NV_SetBits().
	TPMNTBits TPMNT = 0x2
	// contains a digest-sized value used like a PCR. The Index can only be
	// modified using TPM2_NV_Extend(). The extend will use the nameAlg of
	// the Index.
	TPMNTExtend TPMNT = 0x4
	// contains pinCount that increments on a PIN authorization failure and
	// a pinLimit
	TPMNTPinFail TPMNT = 0x8
	// contains pinCount that increments on a PIN authorization success and
	// a pinLimit
	TPMNTPinPass TPMNT = 0x9
)

TPMNT values come from Part 2: Structures, section 13.2.

type TPMPT 

type TPMPT uint32

TPMPT represents a TPM_PT. See definition in Part 2: Structures, section 6.13. 

const (
	// a 4-octet character string containing the TPM Family value
	// (TPM_SPEC_FAMILY)
	TPMPTFamilyIndicator TPMPT = 0x00000100
	// the level of the specification
	TPMPTLevel TPMPT = 0x00000101
	// the specification Revision times 100
	TPMPTRevision TPMPT = 0x00000102
	// the specification day of year using TCG calendar
	TPMPTDayofYear TPMPT = 0x00000103
	// the specification year using the CE
	TPMPTYear TPMPT = 0x00000104
	// the vendor ID unique to each TPM manufacturer
	TPMPTManufacturer TPMPT = 0x00000105
	// the first four characters of the vendor ID string
	TPMPTVendorString1 TPMPT = 0x00000106
	// the second four characters of the vendor ID string
	TPMPTVendorString2 TPMPT = 0x00000107
	// the third four characters of the vendor ID string
	TPMPTVendorString3 TPMPT = 0x00000108
	// the fourth four characters of the vendor ID sting
	TPMPTVendorString4 TPMPT = 0x00000109
	// vendor-defined value indicating the TPM model
	TPMPTVendorTPMType TPMPT = 0x0000010A
	// the most-significant 32 bits of a TPM vendor-specific value
	// indicating the version number of the firmware.
	TPMPTFirmwareVersion1 TPMPT = 0x0000010B
	// the least-significant 32 bits of a TPM vendor-specific value
	// indicating the version number of the firmware.
	TPMPTFirmwareVersion2 TPMPT = 0x0000010C
	// the maximum size of a parameter TPM2B_MAX_BUFFER)
	TPMPTInputBuffer TPMPT = 0x0000010D
	// the minimum number of transient objects that can be held in TPM RAM
	TPMPTHRTransientMin TPMPT = 0x0000010E
	// the minimum number of persistent objects that can be held in TPM NV
	// memory
	TPMPTHRPersistentMin TPMPT = 0x0000010F
	// the minimum number of authorization sessions that can be held in TPM
	// RAM
	TPMPTHRLoadedMin TPMPT = 0x00000110
	// the number of authorization sessions that may be active at a time
	TPMPTActiveSessionsMax TPMPT = 0x00000111
	// the number of PCR implemented
	TPMPTPCRCount TPMPT = 0x00000112
	// the minimum number of octets in a TPMS_PCR_SELECT.sizeOfSelect
	TPMPTPCRSelectMin TPMPT = 0x00000113
	// the maximum allowed difference (unsigned) between the contextID
	// values of two saved session contexts
	TPMPTContextGapMax TPMPT = 0x00000114
	// the maximum number of NV Indexes that are allowed to have the
	// TPM_NT_COUNTER attribute
	TPMPTNVCountersMax TPMPT = 0x00000116
	// the maximum size of an NV Index data area
	TPMPTNVIndexMax TPMPT = 0x00000117
	// a TPMA_MEMORY indicating the memory management method for the TPM
	TPMPTMemory TPMPT = 0x00000118
	// interval, in milliseconds, between updates to the copy of
	// TPMS_CLOCK_INFO.clock in NV
	TPMPTClockUpdate TPMPT = 0x00000119
	// the algorithm used for the integrity HMAC on saved contexts and for
	// hashing the fuData of TPM2_FirmwareRead()
	TPMPTContextHash TPMPT = 0x0000011A
	// TPM_ALG_ID, the algorithm used for encryption of saved contexts
	TPMPTContextSym TPMPT = 0x0000011B
	// TPM_KEY_BITS, the size of the key used for encryption of saved
	// contexts
	TPMPTContextSymSize TPMPT = 0x0000011C
	// the modulus - 1 of the count for NV update of an orderly counter
	TPMPTOrderlyCount TPMPT = 0x0000011D
	// the maximum value for commandSize in a command
	TPMPTMaxCommandSize TPMPT = 0x0000011E
	// the maximum value for responseSize in a response
	TPMPTMaxResponseSize TPMPT = 0x0000011F
	// the maximum size of a digest that can be produced by the TPM
	TPMPTMaxDigest TPMPT = 0x00000120
	// the maximum size of an object context that will be returned by
	// TPM2_ContextSave
	TPMPTMaxObjectContext TPMPT = 0x00000121
	// the maximum size of a session context that will be returned by
	// TPM2_ContextSave
	TPMPTMaxSessionContext TPMPT = 0x00000122
	// platform-specific family (a TPM_PS value)(see Table 25)
	TPMPTPSFamilyIndicator TPMPT = 0x00000123
	// the level of the platform-specific specification
	TPMPTPSLevel TPMPT = 0x00000124
	// a platform specific value
	TPMPTPSRevision TPMPT = 0x00000125
	// the platform-specific TPM specification day of year using TCG
	// calendar
	TPMPTPSDayOfYear TPMPT = 0x00000126
	// the platform-specific TPM specification year using the CE
	TPMPTPSYear TPMPT = 0x00000127
	// the number of split signing operations supported by the TPM
	TPMPTSplitMax TPMPT = 0x00000128
	// total number of commands implemented in the TPM
	TPMPTTotalCommands TPMPT = 0x00000129
	// number of commands from the TPM library that are implemented
	TPMPTLibraryCommands TPMPT = 0x0000012A
	// number of vendor commands that are implemented
	TPMPTVendorCommands TPMPT = 0x0000012B
	// the maximum data size in one NV write, NV read, NV extend, or NV
	// certify command
	TPMPTNVBufferMax TPMPT = 0x0000012C
	// a TPMA_MODES value, indicating that the TPM is designed for these
	// modes.
	TPMPTModes TPMPT = 0x0000012D
	// the maximum size of a TPMS_CAPABILITY_DATA structure returned in
	// TPM2_GetCapability().
	TPMPTMaxCapBuffer TPMPT = 0x0000012E
	// TPMA_PERMANENT
	TPMPTPermanent TPMPT = 0x00000200
	// TPMA_STARTUP_CLEAR
	TPMPTStartupClear TPMPT = 0x00000201
	// the number of NV Indexes currently defined
	TPMPTHRNVIndex TPMPT = 0x00000202
	// the number of authorization sessions currently loaded into TPM RAM
	TPMPTHRLoaded TPMPT = 0x00000203
	// the number of additional authorization sessions, of any type, that
	// could be loaded into TPM RAM
	TPMPTHRLoadedAvail TPMPT = 0x00000204
	// the number of active authorization sessions currently being tracked
	// by the TPM
	TPMPTHRActive TPMPT = 0x00000205
	// the number of additional authorization sessions, of any type, that
	// could be created
	TPMPTHRActiveAvail TPMPT = 0x00000206
	// estimate of the number of additional transient objects that could be
	// loaded into TPM RAM
	TPMPTHRTransientAvail TPMPT = 0x00000207
	// the number of persistent objects currently loaded into TPM NV memory
	TPMPTHRPersistent TPMPT = 0x00000208
	// the number of additional persistent objects that could be loaded into
	// NV memory
	TPMPTHRPersistentAvail TPMPT = 0x00000209
	// the number of defined NV Indexes that have NV the TPM_NT_COUNTER
	// attribute
	TPMPTNVCounters TPMPT = 0x0000020A
	// the number of additional NV Indexes that can be defined with their
	// TPM_NT of TPM_NV_COUNTER and the TPMA_NV_ORDERLY attribute SET
	TPMPTNVCountersAvail TPMPT = 0x0000020B
	// code that limits the algorithms that may be used with the TPM
	TPMPTAlgorithmSet TPMPT = 0x0000020C
	// the number of loaded ECC curves
	TPMPTLoadedCurves TPMPT = 0x0000020D
	// the current value of the lockout counter (failedTries)
	TPMPTLockoutCounter TPMPT = 0x0000020E
	// the number of authorization failures before DA lockout is invoked
	TPMPTMaxAuthFail TPMPT = 0x0000020F
	// the number of seconds before the value reported by
	// TPM_PT_LOCKOUT_COUNTER is decremented
	TPMPTLockoutInterval TPMPT = 0x00000210
	// the number of seconds after a lockoutAuth failure before use of
	// lockoutAuth may be attempted again
	TPMPTLockoutRecovery TPMPT = 0x00000211
	// number of milliseconds before the TPM will accept another command
	// that will modify NV
	TPMPTNVWriteRecovery TPMPT = 0x00000212
	// the high-order 32 bits of the command audit counter
	TPMPTAuditCounter0 TPMPT = 0x00000213
	// the low-order 32 bits of the command audit counter
	TPMPTAuditCounter1 TPMPT = 0x00000214
)

TPMPT values come from Part 2: Structures, section 6.13.

type TPMPTPCR 

type TPMPTPCR uint32

TPMPTPCR represents a TPM_PT_PCR. See definition in Part 2: Structures, section 6.14. 

const (
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is saved and
	// restored by TPM_SU_STATE
	TPMPTPCRSave TPMPTPCR = 0x00000000
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be
	// extended from locality 0
	TPMPTPCRExtendL0 TPMPTPCR = 0x00000001
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset
	// by TPM2_PCR_Reset() from locality 0
	TPMPTPCRResetL0 TPMPTPCR = 0x00000002
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be
	// extended from locality 1
	TPMPTPCRExtendL1 TPMPTPCR = 0x00000003
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset
	// by TPM2_PCR_Reset() from locality 1
	TPMPTPCRResetL1 TPMPTPCR = 0x00000004
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be
	// extended from locality 2
	TPMPTPCRExtendL2 TPMPTPCR = 0x00000005
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset
	// by TPM2_PCR_Reset() from locality 2
	TPMPTPCRResetL2 TPMPTPCR = 0x00000006
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be
	// extended from locality 3
	TPMPTPCRExtendL3 TPMPTPCR = 0x00000007
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset
	// by TPM2_PCR_Reset() from locality 3
	TPMPTPCRResetL3 TPMPTPCR = 0x00000008
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be
	// extended from locality 4
	TPMPTPCRExtendL4 TPMPTPCR = 0x00000009
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR may be reset
	// by TPM2_PCR_Reset() from locality 4
	TPMPTPCRResetL4 TPMPTPCR = 0x0000000A
	// a SET bit in the TPMS_PCR_SELECT indicates that modifications to this
	// PCR (reset or Extend) will not increment the pcrUpdateCounter
	TPMPTPCRNoIncrement TPMPTPCR = 0x00000011
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is reset by a
	// D-RTM event
	TPMPTPCRDRTMRest TPMPTPCR = 0x00000012
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is controlled
	// by policy
	TPMPTPCRPolicy TPMPTPCR = 0x00000013
	// a SET bit in the TPMS_PCR_SELECT indicates that the PCR is controlled
	// by an authorization value
	TPMPTPCRAuth TPMPTPCR = 0x00000014
)

TPMPTPCR values come from Part 2: Structures, section 6.14.

type TPMParameterSize 

type TPMParameterSize uint32

TPMParameterSize represents a TPM_PARAMETER_SIZE. the parameterSize parameter in a command See definition in Part 2, Structures, section 5.3.

type TPMRC 

type TPMRC uint32

TPMRC represents a TPM_RC. See definition in Part 2: Structures, section 6.6. 

const (
	TPMRCSuccess TPMRC = 0x00000000
	// FMT0 error codes
	TPMRCInitialize      TPMRC = rcVer1 + 0x000
	TPMRCFailure         TPMRC = rcVer1 + 0x001
	TPMRCSequence        TPMRC = rcVer1 + 0x003
	TPMRCPrivate         TPMRC = rcVer1 + 0x00B
	TPMRCHMAC            TPMRC = rcVer1 + 0x019
	TPMRCDisabled        TPMRC = rcVer1 + 0x020
	TPMRCExclusive       TPMRC = rcVer1 + 0x021
	TPMRCAuthType        TPMRC = rcVer1 + 0x024
	TPMRCAuthMissing     TPMRC = rcVer1 + 0x025
	TPMRCPolicy          TPMRC = rcVer1 + 0x026
	TPMRCPCR             TPMRC = rcVer1 + 0x027
	TPMRCPCRChanged      TPMRC = rcVer1 + 0x028
	TPMRCUpgrade         TPMRC = rcVer1 + 0x02D
	TPMRCTooManyContexts TPMRC = rcVer1 + 0x02E
	TPMRCAuthUnavailable TPMRC = rcVer1 + 0x02F
	TPMRCReboot          TPMRC = rcVer1 + 0x030
	TPMRCUnbalanced      TPMRC = rcVer1 + 0x031
	TPMRCCommandSize     TPMRC = rcVer1 + 0x042
	TPMRCCommandCode     TPMRC = rcVer1 + 0x043
	TPMRCAuthSize        TPMRC = rcVer1 + 0x044
	TPMRCAuthContext     TPMRC = rcVer1 + 0x045
	TPMRCNVRange         TPMRC = rcVer1 + 0x046
	TPMRCNVSize          TPMRC = rcVer1 + 0x047
	TPMRCNVLocked        TPMRC = rcVer1 + 0x048
	TPMRCNVAuthorization TPMRC = rcVer1 + 0x049
	TPMRCNVUninitialized TPMRC = rcVer1 + 0x04A
	TPMRCNVSpace         TPMRC = rcVer1 + 0x04B
	TPMRCNVDefined       TPMRC = rcVer1 + 0x04C
	TPMRCBadContext      TPMRC = rcVer1 + 0x050
	TPMRCCPHash          TPMRC = rcVer1 + 0x051
	TPMRCParent          TPMRC = rcVer1 + 0x052
	TPMRCNeedsTest       TPMRC = rcVer1 + 0x053
	TPMRCNoResult        TPMRC = rcVer1 + 0x054
	TPMRCSensitive       TPMRC = rcVer1 + 0x055
	// FMT1 error codes
	TPMRCAsymmetric   TPMRC = rcFmt1 + 0x001
	TPMRCAttributes   TPMRC = rcFmt1 + 0x002
	TPMRCHash         TPMRC = rcFmt1 + 0x003
	TPMRCValue        TPMRC = rcFmt1 + 0x004
	TPMRCHierarchy    TPMRC = rcFmt1 + 0x005
	TPMRCKeySize      TPMRC = rcFmt1 + 0x007
	TPMRCMGF          TPMRC = rcFmt1 + 0x008
	TPMRCMode         TPMRC = rcFmt1 + 0x009
	TPMRCType         TPMRC = rcFmt1 + 0x00A
	TPMRCHandle       TPMRC = rcFmt1 + 0x00B
	TPMRCKDF          TPMRC = rcFmt1 + 0x00C
	TPMRCRange        TPMRC = rcFmt1 + 0x00D
	TPMRCAuthFail     TPMRC = rcFmt1 + 0x00E
	TPMRCNonce        TPMRC = rcFmt1 + 0x00F
	TPMRCPP           TPMRC = rcFmt1 + 0x010
	TPMRCScheme       TPMRC = rcFmt1 + 0x012
	TPMRCSize         TPMRC = rcFmt1 + 0x015
	TPMRCSymmetric    TPMRC = rcFmt1 + 0x016
	TPMRCTag          TPMRC = rcFmt1 + 0x017
	TPMRCSelector     TPMRC = rcFmt1 + 0x018
	TPMRCInsufficient TPMRC = rcFmt1 + 0x01A
	TPMRCSignature    TPMRC = rcFmt1 + 0x01B
	TPMRCKey          TPMRC = rcFmt1 + 0x01C
	TPMRCPolicyFail   TPMRC = rcFmt1 + 0x01D
	TPMRCIntegrity    TPMRC = rcFmt1 + 0x01F
	TPMRCTicket       TPMRC = rcFmt1 + 0x020
	TPMRCReservedBits TPMRC = rcFmt1 + 0x021
	TPMRCBadAuth      TPMRC = rcFmt1 + 0x022
	TPMRCExpired      TPMRC = rcFmt1 + 0x023
	TPMRCPolicyCC     TPMRC = rcFmt1 + 0x024
	TPMRCBinding      TPMRC = rcFmt1 + 0x025
	TPMRCCurve        TPMRC = rcFmt1 + 0x026
	TPMRCECCPoint     TPMRC = rcFmt1 + 0x027
	// Warnings
	TPMRCContextGap     TPMRC = rcWarn + 0x001
	TPMRCObjectMemory   TPMRC = rcWarn + 0x002
	TPMRCSessionMemory  TPMRC = rcWarn + 0x003
	TPMRCMemory         TPMRC = rcWarn + 0x004
	TPMRCSessionHandles TPMRC = rcWarn + 0x005
	TPMRCObjectHandles  TPMRC = rcWarn + 0x006
	TPMRCLocality       TPMRC = rcWarn + 0x007
	TPMRCYielded        TPMRC = rcWarn + 0x008
	TPMRCCanceled       TPMRC = rcWarn + 0x009
	TPMRCTesting        TPMRC = rcWarn + 0x00A
	TPMRCReferenceH0    TPMRC = rcWarn + 0x010
	TPMRCReferenceH1    TPMRC = rcWarn + 0x011
	TPMRCReferenceH2    TPMRC = rcWarn + 0x012
	TPMRCReferenceH3    TPMRC = rcWarn + 0x013
	TPMRCReferenceH4    TPMRC = rcWarn + 0x014
	TPMRCReferenceH5    TPMRC = rcWarn + 0x015
	TPMRCReferenceH6    TPMRC = rcWarn + 0x016
	TPMRCReferenceS0    TPMRC = rcWarn + 0x018
	TPMRCReferenceS1    TPMRC = rcWarn + 0x019
	TPMRCReferenceS2    TPMRC = rcWarn + 0x01A
	TPMRCReferenceS3    TPMRC = rcWarn + 0x01B
	TPMRCReferenceS4    TPMRC = rcWarn + 0x01C
	TPMRCReferenceS5    TPMRC = rcWarn + 0x01D
	TPMRCReferenceS6    TPMRC = rcWarn + 0x01E
	TPMRCNVRate         TPMRC = rcWarn + 0x020
	TPMRCLockout        TPMRC = rcWarn + 0x021
	TPMRCRetry          TPMRC = rcWarn + 0x022
	TPMRCNVUnavailable  TPMRC = rcWarn + 0x023
)

TPMRC values come from Part 2: Structures, section 6.6.3.

func (TPMRC) As 

func (r TPMRC) As(target interface{}) bool

As returns whether the error can be assigned to the given interface type. If supported, it updates the value pointed at by target. Supports the Fmt1Error type.

func (TPMRC) Error 

func (r TPMRC) Error() string

Error produces a nice human-readable representation of the error, parsing TPM FMT1 errors as needed.

func (TPMRC) Is 

func (r TPMRC) Is(target error) bool

Is returns whether the TPMRC (which may be a FMT1 error) is equal to the given canonical error.

func (TPMRC) IsWarning 

func (r TPMRC) IsWarning() bool

IsWarning returns true if the error is a warning code. This usually indicates a problem with the TPM state, and not the command. Retrying the command later may succeed.

type TPMRspHeader 

type TPMRspHeader struct {
	Tag          TPMISTCommandTag
	Length       uint32
	ResponseCode TPMRC
	// contains filtered or unexported fields
}

TPMRspHeader is the header structure in front of any TPM response. It is described in Part 1, Architecture.

type TPMSACTData 

type TPMSACTData struct {

	// a permanent handle
	Handle TPMHandle
	// the current timeout of the ACT
	Timeout uint32
	// the state of the ACT
	Attributes TPMAACT
	// contains filtered or unexported fields
}

TPMSACTData represents a TPMS_ACT_DATA. See definition in Part 2: Structures, section 10.8.5.

type TPMSAlgProperty 

type TPMSAlgProperty struct {

	// an algorithm identifier
	Alg TPMAlgID
	// the attributes of the algorithm
	AlgProperties TPMAAlgorithm
	// contains filtered or unexported fields
}

TPMSAlgProperty represents a TPMS_ALG_PROPERTY. See definition in Part 2: Structures, section 10.8.1.

type TPMSAttest 

type TPMSAttest struct {

	// the indication that this structure was created by a TPM (always TPM_GENERATED_VALUE)
	Magic TPMGenerated `gotpm:"check"`
	// type of the attestation structure
	Type TPMISTAttest
	// Qualified Name of the signing key
	QualifiedSigner TPM2BName
	// external information supplied by caller
	ExtraData TPM2BData
	// Clock, resetCount, restartCount, and Safe
	ClockInfo TPMSClockInfo
	// TPM-vendor-specific value identifying the version number of the firmware
	FirmwareVersion uint64
	// the type-specific attestation information
	Attested TPMUAttest `gotpm:"tag=Type"`
	// contains filtered or unexported fields
}

TPMSAttest represents a TPMS_ATTEST. See definition in Part 2: Structures, section 10.12.12.

type TPMSAuthCommand 

type TPMSAuthCommand struct {
	Handle        TPMISHAuthSession
	Nonce         TPM2BNonce
	Attributes    TPMASession
	Authorization TPM2BData
	// contains filtered or unexported fields
}

TPMSAuthCommand represents a TPMS_AUTH_COMMAND. See definition in Part 2: Structures, section 10.13.2.

type TPMSAuthResponse 

type TPMSAuthResponse struct {
	Nonce         TPM2BNonce
	Attributes    TPMASession
	Authorization TPM2BData
	// contains filtered or unexported fields
}

TPMSAuthResponse represents a TPMS_AUTH_RESPONSE. See definition in Part 2: Structures, section 10.13.3.

type TPMSCapabilityData 

type TPMSCapabilityData struct {

	// the capability
	Capability TPMCap
	// the capability data
	Data TPMUCapabilities `gotpm:"tag=Capability"`
	// contains filtered or unexported fields
}

TPMSCapabilityData represents a TPMS_CAPABILITY_DATA. See definition in Part 2: Structures, section 10.10.2.

type TPMSCertifyInfo 

type TPMSCertifyInfo struct {

	// Name of the certified object
	Name TPM2BName
	// Qualified Name of the certified object
	QualifiedName TPM2BName
	// contains filtered or unexported fields
}

TPMSCertifyInfo represents a TPMS_CERTIFY_INFO. See definition in Part 2: Structures, section 10.12.3.

type TPMSClockInfo 

type TPMSClockInfo struct {

	// time value in milliseconds that advances while the TPM is powered
	Clock uint64
	// number of occurrences of TPM Reset since the last TPM2_Clear()
	ResetCount uint32
	// number of times that TPM2_Shutdown() or _TPM_Hash_Start have
	// occurred since the last TPM Reset or TPM2_Clear().
	RestartCount uint32
	// no value of Clock greater than the current value of Clock has been
	// previously reported by the TPM. Set to YES on TPM2_Clear().
	Safe TPMIYesNo
	// contains filtered or unexported fields
}

TPMSClockInfo represents a TPMS_CLOCK_INFO. See definition in Part 2: Structures, section 10.11.1.

type TPMSCommandAuditInfo 

type TPMSCommandAuditInfo struct {

	// the monotonic audit counter
	AuditCounter uint64
	// hash algorithm used for the command audit
	DigestAlg TPMAlgID
	// the current value of the audit digest
	AuditDigest TPM2BDigest
	// digest of the command codes being audited using digestAlg
	CommandDigest TPM2BDigest
	// contains filtered or unexported fields
}

TPMSCommandAuditInfo represents a TPMS_COMMAND_AUDIT_INFO. See definition in Part 2: Structures, section 10.12.5.

type TPMSContext 

type TPMSContext struct {

	// the sequence number of the context
	Sequence uint64
	// a handle indicating if the context is a session, object, or sequence object
	SavedHandle TPMIDHSaved
	// the hierarchy of the context
	Hierarchy TPMIRHHierarchy
	// the context data and integrity HMAC
	ContextBlob TPM2BContextData
	// contains filtered or unexported fields
}

TPMSContext represents a TPMS_CONTEXT See definition in Part 2: Structures, section 14.5.

type TPMSContextData 

type TPMSContextData struct {

	// the integrity value
	Integrity TPM2BDigest
	// the sensitive area
	Encrypted TPM2BContextSensitive
	// contains filtered or unexported fields
}

TPMSContextData represents a TPMS_CONTEXT_DATA See definition in Part 2: Structures, section 14.3.

type TPMSCreationData 

type TPMSCreationData struct {

	// list indicating the PCR included in pcrDigest
	PCRSelect TPMLPCRSelection
	// digest of the selected PCR using nameAlg of the object for which
	// this structure is being created
	PCRDigest TPM2BDigest
	// the locality at which the object was created
	Locality TPMALocality
	// nameAlg of the parent
	ParentNameAlg TPMAlgID
	// Name of the parent at time of creation
	ParentName TPM2BName
	// Qualified Name of the parent at the time of creation
	ParentQualifiedName TPM2BName
	// association with additional information added by the key
	OutsideInfo TPM2BData
	// contains filtered or unexported fields
}

TPMSCreationData represents a TPMS_CREATION_DATA. See definition in Part 2: Structures, section 15.1.

type TPMSCreationInfo 

type TPMSCreationInfo struct {

	// Name of the object
	ObjectName TPM2BName
	// creationHash
	CreationHash TPM2BDigest
	// contains filtered or unexported fields
}

TPMSCreationInfo represents a TPMS_CREATION_INFO. See definition in Part 2: Structures, section 10.12.7.

type TPMSDerive 

type TPMSDerive struct {
	Label   TPM2BLabel
	Context TPM2BLabel
	// contains filtered or unexported fields
}

TPMSDerive represents a TPMS_DERIVE. See definition in Part 2: Structures, section 11.1.11.

type TPMSE 

type TPMSE uint8

TPMSE represents a TPM_SE. See definition in Part 2: Structures, section 6.11. 

const (
	TPMSEHMAC   TPMSE = 0x00
	TPMSEPolicy TPMSE = 0x01
	TPMSETrial  TPMSE = 0x03
)

TPMSE values come from Part 2: Structures, section 6.11.

type TPMSECCParms 

type TPMSECCParms struct {

	// for a restricted decryption key, shall be set to a supported
	// symmetric algorithm, key size. and mode.
	// if the key is not a restricted decryption key, this field shall
	// be set to TPM_ALG_NULL.
	Symmetric TPMTSymDefObject
	// If the sign attribute of the key is SET, then this shall be a
	// valid signing scheme.
	Scheme TPMTECCScheme
	// ECC curve ID
	CurveID TPMIECCCurve
	// an optional key derivation scheme for generating a symmetric key
	// from a Z value
	// If the kdf parameter associated with curveID is not TPM_ALG_NULL
	// then this is required to be NULL.
	KDF TPMTKDFScheme
	// contains filtered or unexported fields
}

TPMSECCParms represents a TPMS_ECC_PARMS. See definition in Part 2: Structures, section 12.2.3.6.

type TPMSECCPoint 

type TPMSECCPoint struct {

	// X coordinate
	X TPM2BECCParameter
	// Y coordinate
	Y TPM2BECCParameter
	// contains filtered or unexported fields
}

TPMSECCPoint represents a TPMS_ECC_POINT. See definition in Part 2: Structures, section 11.2.5.2.

type TPMSEmpty 

type TPMSEmpty struct {
	// contains filtered or unexported fields
}

TPMSEmpty represents a TPMS_EMPTY. See definition in Part 2: Structures, section 10.1.

type TPMSEncSchemeOAEP 

type TPMSEncSchemeOAEP TPMSSchemeHash

TPMSEncSchemeOAEP represents a TPMS_ENC_SCHEME_OAEP. See definition in Part 2: Structures, section 11.2.2.2.

type TPMSEncSchemeRSAES 

type TPMSEncSchemeRSAES TPMSEmpty

TPMSEncSchemeRSAES represents a TPMS_ENC_SCHEME_RSAES. See definition in Part 2: Structures, section 11.2.2.2.

type TPMSKDFSchemeECDH 

type TPMSKDFSchemeECDH TPMSSchemeHash

TPMSKDFSchemeECDH represents a TPMS_KDF_SCHEME_ECDH. See definition in Part 2: Structures, section 11.2.3.1.

type TPMSKDFSchemeKDF1SP800108 

type TPMSKDFSchemeKDF1SP800108 TPMSSchemeHash

TPMSKDFSchemeKDF1SP800108 represents a TPMS_KDF_SCHEME_KDF1SP800108. See definition in Part 2: Structures, section 11.2.3.1.

type TPMSKDFSchemeKDF1SP80056A 

type TPMSKDFSchemeKDF1SP80056A TPMSSchemeHash

TPMSKDFSchemeKDF1SP80056A represents a TPMS_KDF_SCHEME_KDF1SP80056A. See definition in Part 2: Structures, section 11.2.3.1.

type TPMSKDFSchemeKDF2 

type TPMSKDFSchemeKDF2 TPMSSchemeHash

TPMSKDFSchemeKDF2 represents a TPMS_KDF_SCHEME_KDF2. See definition in Part 2: Structures, section 11.2.3.1.

type TPMSKDFSchemeMGF1 

type TPMSKDFSchemeMGF1 TPMSSchemeHash

TPMSKDFSchemeMGF1 represents a TPMS_KDF_SCHEME_MGF1. See definition in Part 2: Structures, section 11.2.3.1.

type TPMSKeySchemeECDH 

type TPMSKeySchemeECDH TPMSSchemeHash

TPMSKeySchemeECDH represents a TPMS_KEY_SCHEME_ECDH. See definition in Part 2: Structures, section 11.2.2.3.

type TPMSKeyedHashParms 

type TPMSKeyedHashParms struct {

	// Indicates the signing method used for a keyedHash signing
	// object. This field also determines the size of the data field
	// for a data object created with TPM2_Create() or
	// TPM2_CreatePrimary().
	Scheme TPMTKeyedHashScheme
	// contains filtered or unexported fields
}

TPMSKeyedHashParms represents a TPMS_KEYEDHASH_PARMS. See definition in Part 2: Structures, section 12.2.3.3.

type TPMSNVCertifyInfo 

type TPMSNVCertifyInfo struct {

	// Name of the NV Index
	IndexName TPM2BName
	// the offset parameter of TPM2_NV_Certify()
	Offset uint16
	// contents of the NV Index
	NVContents TPM2BData
	// contains filtered or unexported fields
}

TPMSNVCertifyInfo represents a TPMS_NV_CERTIFY_INFO. See definition in Part 2: Structures, section 10.12.8.

type TPMSNVDigestCertifyInfo 

type TPMSNVDigestCertifyInfo struct {

	// Name of the NV Index
	IndexName TPM2BName
	// hash of the contents of the index
	NVDigest TPM2BDigest
	// contains filtered or unexported fields
}

TPMSNVDigestCertifyInfo represents a TPMS_NV_DIGEST_CERTIFY_INFO. See definition in Part 2: Structures, section 10.12.9.

type TPMSNVPublic 

type TPMSNVPublic struct {

	// the handle of the data area
	NVIndex TPMIRHNVIndex
	// hash algorithm used to compute the name of the Index and used for
	// the authPolicy. For an extend index, the hash algorithm used for the
	// extend.
	NameAlg TPMIAlgHash
	// the Index attributes
	Attributes TPMANV
	// optional access policy for the Index
	AuthPolicy TPM2BDigest
	// the size of the data area
	DataSize uint16
	// contains filtered or unexported fields
}

TPMSNVPublic represents a TPMS_NV_PUBLIC. See definition in Part 2: Structures, section 13.5.

type TPMSPCRSelection 

type TPMSPCRSelection struct {
	Hash      TPMIAlgHash
	PCRSelect []byte `gotpm:"sized8"`
	// contains filtered or unexported fields
}

TPMSPCRSelection represents a TPMS_PCR_SELECTION. See definition in Part 2: Structures, section 10.6.2.

type TPMSQuoteInfo 

type TPMSQuoteInfo struct {

	// information on algID, PCR selected and digest
	PCRSelect TPMLPCRSelection
	// digest of the selected PCR using the hash of the signing key
	PCRDigest TPM2BDigest
	// contains filtered or unexported fields
}

TPMSQuoteInfo represents a TPMS_QUOTE_INFO. See definition in Part 2: Structures, section 10.12.4.

type TPMSRSAParms 

type TPMSRSAParms struct {

	// for a restricted decryption key, shall be set to a supported
	// symmetric algorithm, key size, and mode.
	// if the key is not a restricted decryption key, this field shall
	// be set to TPM_ALG_NULL.
	Symmetric TPMTSymDefObject
	// scheme.scheme shall be:
	// for an unrestricted signing key, either TPM_ALG_RSAPSS
	// TPM_ALG_RSASSA or TPM_ALG_NULL
	// for a restricted signing key, either TPM_ALG_RSAPSS or
	// TPM_ALG_RSASSA
	// for an unrestricted decryption key, TPM_ALG_RSAES, TPM_ALG_OAEP,
	// or TPM_ALG_NULL unless the object also has the sign attribute
	// for a restricted decryption key, TPM_ALG_NULL
	Scheme TPMTRSAScheme
	// number of bits in the public modulus
	KeyBits TPMIRSAKeyBits
	// the public exponent
	// A prime number greater than 2.
	Exponent uint32
	// contains filtered or unexported fields
}

TPMSRSAParms represents a TPMS_RSA_PARMS. See definition in Part 2: Structures, section 12.2.3.5.

type TPMSSchemeECDAA 

type TPMSSchemeECDAA struct {

	// the hash algorithm used to digest the message
	HashAlg TPMIAlgHash
	// the counter value that is used between TPM2_Commit()
	// and the sign operation
	Count uint16
	// contains filtered or unexported fields
}

TPMSSchemeECDAA represents a TPMS_SCHEME_ECDAA. See definition in Part 2: Structures, section 11.1.18.

type TPMSSchemeHMAC 

type TPMSSchemeHMAC TPMSSchemeHash

TPMSSchemeHMAC represents a TPMS_SCHEME_HMAC. See definition in Part 2: Structures, section 11.1.20.

type TPMSSchemeHash 

type TPMSSchemeHash struct {

	// the hash algorithm used to digest the message
	HashAlg TPMIAlgHash
	// contains filtered or unexported fields
}

TPMSSchemeHash represents a TPMS_SCHEME_HASH. See definition in Part 2: Structures, section 11.1.17.

type TPMSSchemeXOR 

type TPMSSchemeXOR struct {

	// the hash algorithm used to digest the message
	HashAlg TPMIAlgHash
	// the key derivation function
	KDF TPMIAlgKDF
	// contains filtered or unexported fields
}

TPMSSchemeXOR represents a TPMS_SCHEME_XOR. See definition in Part 2: Structures, section 11.1.21.

type TPMSSensitiveCreate 

type TPMSSensitiveCreate struct {

	// the USER auth secret value.
	UserAuth TPM2BAuth
	// data to be sealed, a key, or derivation values.
	Data TPMUSensitiveCreate
	// contains filtered or unexported fields
}

TPMSSensitiveCreate represents a TPMS_SENSITIVE_CREATE. See definition in Part 2: Structures, section 11.1.15.

type TPMSSessionAuditInfo 

type TPMSSessionAuditInfo struct {

	// current exclusive status of the session
	ExclusiveSession TPMIYesNo
	// the current value of the session audit digest
	SessionDigest TPM2BDigest
	// contains filtered or unexported fields
}

TPMSSessionAuditInfo represents a TPMS_SESSION_AUDIT_INFO. See definition in Part 2: Structures, section 10.12.6.

type TPMSSigSchemeECDSA 

type TPMSSigSchemeECDSA TPMSSchemeHash

TPMSSigSchemeECDSA represents a TPMS_SIG_SCHEME_ECDSA. See definition in Part 2: Structures, section 11.2.1.3.

type TPMSSigSchemeRSAPSS 

type TPMSSigSchemeRSAPSS TPMSSchemeHash

TPMSSigSchemeRSAPSS represents a TPMS_SIG_SCHEME_RSAPSS. See definition in Part 2: Structures, section 11.2.1.2.

type TPMSSigSchemeRSASSA 

type TPMSSigSchemeRSASSA TPMSSchemeHash

TPMSSigSchemeRSASSA represents a TPMS_SIG_SCHEME_RSASSA. See definition in Part 2: Structures, section 11.2.1.2.

type TPMSSignatureECC 

type TPMSSignatureECC struct {

	// the hash algorithm used in the signature process
	Hash       TPMIAlgHash
	SignatureR TPM2BECCParameter
	SignatureS TPM2BECCParameter
	// contains filtered or unexported fields
}

TPMSSignatureECC represents a TPMS_SIGNATURE_ECC. See definition in Part 2: Structures, section 11.3.2.

type TPMSSignatureRSA 

type TPMSSignatureRSA struct {

	// the hash algorithm used to digest the message
	Hash TPMIAlgHash
	// The signature is the size of a public key.
	Sig TPM2BPublicKeyRSA
	// contains filtered or unexported fields
}

TPMSSignatureRSA represents a TPMS_SIGNATURE_RSA. See definition in Part 2: Structures, section 11.3.1.

type TPMSSymCipherParms 

type TPMSSymCipherParms struct {

	// a symmetric block cipher
	Sym TPMTSymDefObject
	// contains filtered or unexported fields
}

TPMSSymCipherParms represents a TPMS_SYMCIPHER_PARMS. See definition in Part 2: Structures, section 11.1.9.

type TPMST 

type TPMST uint16

TPMST represents a TPM_ST. See definition in Part 2: Structures, section 6.9. 

const (
	TPMSTRspCommand         TPMST = 0x00C4
	TPMSTNull               TPMST = 0x8000
	TPMSTNoSessions         TPMST = 0x8001
	TPMSTSessions           TPMST = 0x8002
	TPMSTAttestNV           TPMST = 0x8014
	TPMSTAttestCommandAudit TPMST = 0x8015
	TPMSTAttestSessionAudit TPMST = 0x8016
	TPMSTAttestCertify      TPMST = 0x8017
	TPMSTAttestQuote        TPMST = 0x8018
	TPMSTAttestTime         TPMST = 0x8019
	TPMSTAttestCreation     TPMST = 0x801A
	TPMSTAttestNVDigest     TPMST = 0x801C
	TPMSTCreation           TPMST = 0x8021
	TPMSTVerified           TPMST = 0x8022
	TPMSTAuthSecret         TPMST = 0x8023
	TPMSTHashCheck          TPMST = 0x8024
	TPMSTAuthSigned         TPMST = 0x8025
	TPMSTFuManifest         TPMST = 0x8029
)

TPMST values come from Part 2: Structures, section 6.9.

type TPMSTaggedPCRSelect 

type TPMSTaggedPCRSelect struct {

	// the property identifier
	Tag TPMPTPCR
	// the bit map of PCR with the identified property
	PCRSelect []byte `gotpm:"sized8"`
	// contains filtered or unexported fields
}

TPMSTaggedPCRSelect represents a TPMS_TAGGED_PCR_SELECT. See definition in Part 2: Structures, section 10.8.3.

type TPMSTaggedPolicy 

type TPMSTaggedPolicy struct {

	// a permanent handle
	Handle TPMHandle
	// the policy algorithm and hash
	PolicyHash TPMTHA
	// contains filtered or unexported fields
}

TPMSTaggedPolicy represents a TPMS_TAGGED_POLICY. See definition in Part 2: Structures, section 10.8.4.

type TPMSTaggedProperty 

type TPMSTaggedProperty struct {

	// a property identifier
	Property TPMPT
	// the value of the property
	Value uint32
	// contains filtered or unexported fields
}

TPMSTaggedProperty represents a TPMS_TAGGED_PROPERTY. See definition in Part 2: Structures, section 10.8.2.

type TPMSTimeAttestInfo 

type TPMSTimeAttestInfo struct {

	// the Time, Clock, resetCount, restartCount, and Safe indicator
	Time TPMSTimeInfo
	// a TPM vendor-specific value indicating the version number of the firmware
	FirmwareVersion uint64
	// contains filtered or unexported fields
}

TPMSTimeAttestInfo represents a TPMS_TIME_ATTEST_INFO. See definition in Part 2: Structures, section 10.12.2.

type TPMSTimeInfo 

type TPMSTimeInfo struct {

	// time in milliseconds since the TIme circuit was last reset
	Time uint64
	// a structure containing the clock information
	ClockInfo TPMSClockInfo
	// contains filtered or unexported fields
}

TPMSTimeInfo represents a TPMS_TIMEzINFO. See definition in Part 2: Structures, section 10.11.6.

type TPMSU 

type TPMSU uint16

TPMSU represents a TPM_SU. See definition in Part 2: Structures, section 6.10. 

const (
	TPMSUClear TPMSU = 0x0000
	TPMSUState TPMSU = 0x0001
)

TPMSU values come from Part 2: Structures, section 6.10.

type TPMTECCScheme 

type TPMTECCScheme struct {

	// scheme selector
	Scheme TPMIAlgECCScheme `gotpm:"nullable"`
	// scheme parameters
	Details TPMUAsymScheme `gotpm:"tag=Scheme"`
	// contains filtered or unexported fields
}

TPMTECCScheme represents a TPMT_ECC_SCHEME. See definition in Part 2: Structures, section 11.2.5.6.

type TPMTHA 

type TPMTHA struct {

	// selector of the hash contained in the digest that implies the size of the digest
	HashAlg TPMIAlgHash `gotpm:"nullable"`
	// the digest data
	// NOTE: For convenience, this is not implemented as a union.
	Digest []byte
	// contains filtered or unexported fields
}

TPMTHA represents a TPMT_HA. See definition in Part 2: Structures, section 10.3.2.

type TPMTKDFScheme 

type TPMTKDFScheme struct {

	// scheme selector
	Scheme TPMIAlgKDF `gotpm:"nullable"`
	// scheme parameters
	Details TPMUKDFScheme `gotpm:"tag=Scheme"`
	// contains filtered or unexported fields
}

TPMTKDFScheme represents a TPMT_KDF_SCHEME. See definition in Part 2: Structures, section 11.2.3.3.

type TPMTKeyedHashScheme 

type TPMTKeyedHashScheme struct {
	Scheme  TPMIAlgKeyedHashScheme `gotpm:"nullable"`
	Details TPMUSchemeKeyedHash    `gotpm:"tag=Scheme"`
	// contains filtered or unexported fields
}

TPMTKeyedHashScheme represents a TPMT_KEYEDHASH_SCHEME. See definition in Part 2: Structures, section 11.1.23.

type TPMTPublic 

type TPMTPublic struct {

	// “algorithm” associated with this object
	Type TPMIAlgPublic
	// algorithm used for computing the Name of the object
	NameAlg TPMIAlgHash
	// attributes that, along with type, determine the manipulations
	// of this object
	ObjectAttributes TPMAObject
	// optional policy for using this key
	// The policy is computed using the nameAlg of the object.
	AuthPolicy TPM2BDigest
	// the algorithm or structure details
	Parameters TPMUPublicParms `gotpm:"tag=Type"`
	// the unique identifier of the structure
	// For an asymmetric key, this would be the public key.
	Unique TPMUPublicID `gotpm:"tag=Type"`
	// contains filtered or unexported fields
}

TPMTPublic represents a TPMT_PUBLIC. See definition in Part 2: Structures, section 12.2.4.

type TPMTRSAScheme 

type TPMTRSAScheme struct {

	// scheme selector
	Scheme TPMIAlgRSAScheme `gotpm:"nullable"`
	// scheme parameters
	Details TPMUAsymScheme `gotpm:"tag=Scheme"`
	// contains filtered or unexported fields
}

TPMTRSAScheme represents a TPMT_RSA_SCHEME. See definition in Part 2: Structures, section 11.2.4.2.

type TPMTSensitive 

type TPMTSensitive struct {

	// identifier for the sensitive area
	SensitiveType TPMIAlgPublic
	// user authorization data
	AuthValue TPM2BAuth
	// for a parent object, the optional protection seed; for other objects,
	// the obfuscation value
	SeedValue TPM2BDigest
	// the type-specific private data
	Sensitive TPMUSensitiveComposite `gotpm:"tag=SensitiveType"`
	// contains filtered or unexported fields
}

TPMTSensitive represents a TPMT_SENSITIVE. See definition in Part 2: Structures, section 12.3.2.4.

type TPMTSigScheme 

type TPMTSigScheme struct {
	Scheme  TPMIAlgSigScheme `gotpm:"nullable"`
	Details TPMUSigScheme    `gotpm:"tag=Scheme"`
	// contains filtered or unexported fields
}

TPMTSigScheme represents a TPMT_SIG_SCHEME. See definition in Part 2: Structures, section 11.2.1.5.

type TPMTSignature 

type TPMTSignature struct {

	// selector of the algorithm used to construct the signature
	SigAlg TPMIAlgSigScheme `gotpm:"nullable"`
	// This shall be the actual signature information.
	Signature TPMUSignature `gotpm:"tag=SigAlg"`
	// contains filtered or unexported fields
}

TPMTSignature represents a TPMT_SIGNATURE. See definition in Part 2: Structures, section 11.3.4.

type TPMTSymDef 

type TPMTSymDef struct {

	// indicates a symmetric algorithm
	Algorithm TPMIAlgSym `gotpm:"nullable"`
	// the key size
	KeyBits TPMUSymKeyBits `gotpm:"tag=Algorithm"`
	// the mode for the key
	Mode TPMUSymMode `gotpm:"tag=Algorithm"`
	// contains the additional algorithm details
	Details TPMUSymDetails `gotpm:"tag=Algorithm"`
	// contains filtered or unexported fields
}

TPMTSymDef represents a TPMT_SYM_DEF. See definition in Part 2: Structures, section 11.1.6.

type TPMTSymDefObject 

type TPMTSymDefObject struct {

	// selects a symmetric block cipher
	// When used in the parameter area of a parent object, this shall
	// be a supported block cipher and not TPM_ALG_NULL
	Algorithm TPMIAlgSymObject `gotpm:"nullable"`
	// the key size
	KeyBits TPMUSymKeyBits `gotpm:"tag=Algorithm"`
	// default mode
	// When used in the parameter area of a parent object, this shall
	// be TPM_ALG_CFB.
	Mode TPMUSymMode `gotpm:"tag=Algorithm"`
	// contains the additional algorithm details, if any
	Details TPMUSymDetails `gotpm:"tag=Algorithm"`
	// contains filtered or unexported fields
}

TPMTSymDefObject represents a TPMT_SYM_DEF_OBJECT. See definition in Part 2: Structures, section 11.1.7.

type TPMTTKAuth 

type TPMTTKAuth struct {

	// ticket structure tag
	Tag TPMST
	// the hierarchy of the object used to produce the ticket
	Hierarchy TPMIRHHierarchy `gotpm:"nullable"`
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
	// contains filtered or unexported fields
}

TPMTTKAuth represents a TPMT_TK_AUTH. See definition in Part 2: Structures, section 10.7.5.

type TPMTTKCreation 

type TPMTTKCreation struct {

	// ticket structure tag
	Tag TPMST
	// the hierarchy containing name
	Hierarchy TPMIRHHierarchy
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
	// contains filtered or unexported fields
}

TPMTTKCreation represents a TPMT_TK_CREATION. See definition in Part 2: Structures, section 10.7.3.

type TPMTTKHashCheck 

type TPMTTKHashCheck struct {

	// ticket structure tag
	Tag TPMST
	// the hierarchy
	Hierarchy TPMIRHHierarchy `gotpm:"nullable"`
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
	// contains filtered or unexported fields
}

TPMTTKHashCheck represents a TPMT_TK_HASHCHECK. See definition in Part 2: Structures, section 10.7.6.

type TPMTTKVerified 

type TPMTTKVerified struct {

	// ticket structure tag
	Tag TPMST
	// the hierarchy containing keyName
	Hierarchy TPMIRHHierarchy
	// This shall be the HMAC produced using a proof value of hierarchy.
	Digest TPM2BDigest
	// contains filtered or unexported fields
}

TPMTTKVerified represents a TPMT_TK_Verified. See definition in Part 2: Structures, section 10.7.4.

type TPMTTemplate 

type TPMTTemplate struct {

	// “algorithm” associated with this object
	Type TPMIAlgPublic
	// algorithm used for computing the Name of the object
	NameAlg TPMIAlgHash
	// attributes that, along with type, determine the manipulations
	// of this object
	ObjectAttributes TPMAObject
	// optional policy for using this key
	// The policy is computed using the nameAlg of the object.
	AuthPolicy TPM2BDigest
	// the algorithm or structure details
	Parameters TPMUPublicParms `gotpm:"tag=Type"`
	// the derivation parameters
	Unique TPMSDerive
	// contains filtered or unexported fields
}

TPMTTemplate represents a TPMT_TEMPLATE. It is not defined in the spec. It represents the alternate form of TPMT_PUBLIC for TPM2B_TEMPLATE as described in Part 2: Structures, 12.2.6.

type TPMUAsymScheme 

type TPMUAsymScheme struct {
	// contains filtered or unexported fields
}

TPMUAsymScheme represents a TPMU_ASYM_SCHEME. See definition in Part 2: Structures, section 11.2.3.5.

func NewTPMUAsymScheme 

func NewTPMUAsymScheme[C AsymSchemeContents](selector TPMAlgID, contents C) TPMUAsymScheme

NewTPMUAsymScheme instantiates a TPMUAsymScheme with the given contents.

func (*TPMUAsymScheme) ECDAA 

func (u *TPMUAsymScheme) ECDAA() (*TPMSSchemeECDAA, error)

ECDAA returns the 'ecdaa' member of the union.

func (*TPMUAsymScheme) ECDH 

func (u *TPMUAsymScheme) ECDH() (*TPMSKeySchemeECDH, error)

ECDH returns the 'ecdh' member of the union.

func (*TPMUAsymScheme) ECDSA 

func (u *TPMUAsymScheme) ECDSA() (*TPMSSigSchemeECDSA, error)

ECDSA returns the 'ecdsa' member of the union.

func (*TPMUAsymScheme) OAEP 

func (u *TPMUAsymScheme) OAEP() (*TPMSEncSchemeOAEP, error)

OAEP returns the 'oaep' member of the union.

func (*TPMUAsymScheme) RSAES 

func (u *TPMUAsymScheme) RSAES() (*TPMSEncSchemeRSAES, error)

RSAES returns the 'rsaes' member of the union.

func (*TPMUAsymScheme) RSAPSS 

func (u *TPMUAsymScheme) RSAPSS() (*TPMSSigSchemeRSAPSS, error)

RSAPSS returns the 'rsapss' member of the union.

func (*TPMUAsymScheme) RSASSA 

func (u *TPMUAsymScheme) RSASSA() (*TPMSSigSchemeRSASSA, error)

RSASSA returns the 'rsassa' member of the union.

type TPMUAttest 

type TPMUAttest struct {
	// contains filtered or unexported fields
}

TPMUAttest represents a TPMU_ATTEST. See definition in Part 2: Structures, section 10.12.11.

func NewTPMUAttest 

func NewTPMUAttest[C AttestContents](selector TPMST, contents C) TPMUAttest

NewTPMUAttest instantiates a TPMUAttest with the given contents.

func (*TPMUAttest) Certify 

func (u *TPMUAttest) Certify() (*TPMSCertifyInfo, error)

Certify returns the 'certify' member of the union.

func (*TPMUAttest) CommandAudit 

func (u *TPMUAttest) CommandAudit() (*TPMSCommandAuditInfo, error)

CommandAudit returns the 'commandAudit' member of the union.

func (*TPMUAttest) Creation 

func (u *TPMUAttest) Creation() (*TPMSCreationInfo, error)

Creation returns the 'creation' member of the union.

func (*TPMUAttest) NV 

func (u *TPMUAttest) NV() (*TPMSNVCertifyInfo, error)

NV returns the 'nv' member of the union.

func (*TPMUAttest) NVDigest 

func (u *TPMUAttest) NVDigest() (*TPMSNVDigestCertifyInfo, error)

NVDigest returns the 'nvDigest' member of the union.

func (*TPMUAttest) Quote 

func (u *TPMUAttest) Quote() (*TPMSQuoteInfo, error)

Quote returns the 'quote' member of the union.

func (*TPMUAttest) SessionAudit 

func (u *TPMUAttest) SessionAudit() (*TPMSSessionAuditInfo, error)

SessionAudit returns the 'sessionAudit' member of the union.

func (*TPMUAttest) Time 

func (u *TPMUAttest) Time() (*TPMSTimeAttestInfo, error)

Time returns the 'time' member of the union.

type TPMUCapabilities 

type TPMUCapabilities struct {
	// contains filtered or unexported fields
}

TPMUCapabilities represents a TPMU_CAPABILITIES. See definition in Part 2: Structures, section 10.10.1.

func NewTPMUCapabilities 

func NewTPMUCapabilities[C CapabilitiesContents](selector TPMCap, contents C) TPMUCapabilities

NewTPMUCapabilities instantiates a TPMUCapabilities with the given contents.

func (*TPMUCapabilities) ACTData 

func (u *TPMUCapabilities) ACTData() (*TPMLACTData, error)

ACTData returns the 'actData' member of the union.

func (*TPMUCapabilities) Algorithms 

func (u *TPMUCapabilities) Algorithms() (*TPMLAlgProperty, error)

Algorithms returns the 'algorithms' member of the union.

func (*TPMUCapabilities) AssignedPCR 

func (u *TPMUCapabilities) AssignedPCR() (*TPMLPCRSelection, error)

AssignedPCR returns the 'assignedPCR' member of the union.

func (*TPMUCapabilities) AuditCommands 

func (u *TPMUCapabilities) AuditCommands() (*TPMLCC, error)

AuditCommands returns the 'auditCommands' member of the union.

func (*TPMUCapabilities) AuthPolicies 

func (u *TPMUCapabilities) AuthPolicies() (*TPMLTaggedPolicy, error)

AuthPolicies returns the 'authPolicies' member of the union.

func (*TPMUCapabilities) Command 

func (u *TPMUCapabilities) Command() (*TPMLCCA, error)

Command returns the 'command' member of the union.

func (*TPMUCapabilities) ECCCurves 

func (u *TPMUCapabilities) ECCCurves() (*TPMLECCCurve, error)

ECCCurves returns the 'eccCurves' member of the union.

func (*TPMUCapabilities) Handles 

func (u *TPMUCapabilities) Handles() (*TPMLHandle, error)

Handles returns the 'handles' member of the union.

func (*TPMUCapabilities) PCRProperties 

func (u *TPMUCapabilities) PCRProperties() (*TPMLTaggedPCRProperty, error)

PCRProperties returns the 'pcrProperties' member of the union.

func (*TPMUCapabilities) PPCommands 

func (u *TPMUCapabilities) PPCommands() (*TPMLCC, error)

PPCommands returns the 'ppCommands' member of the union.

func (*TPMUCapabilities) TPMProperties 

func (u *TPMUCapabilities) TPMProperties() (*TPMLTaggedTPMProperty, error)

TPMProperties returns the 'tpmProperties' member of the union.

type TPMUKDFScheme 

type TPMUKDFScheme struct {
	// contains filtered or unexported fields
}

TPMUKDFScheme represents a TPMU_KDF_SCHEME. See definition in Part 2: Structures, section 11.2.3.2.

func NewTPMUKDFScheme 

func NewTPMUKDFScheme[C KDFSchemeContents](selector TPMAlgID, contents C) TPMUKDFScheme

NewTPMUKDFScheme instantiates a TPMUKDFScheme with the given contents.

func (*TPMUKDFScheme) Bits 

func (u *TPMUKDFScheme) Bits() (*TPM2BSensitiveData, error)

Bits returns the 'bits' member of the union.

func (*TPMUKDFScheme) ECC 

func (u *TPMUKDFScheme) ECC() (*TPM2BECCParameter, error)

ECC returns the 'ecc' member of the union.

func (*TPMUKDFScheme) ECDH 

func (u *TPMUKDFScheme) ECDH() (*TPMSKDFSchemeECDH, error)

ECDH returns the 'ecdh' member of the union.

func (*TPMUKDFScheme) KDF1SP800108 

func (u *TPMUKDFScheme) KDF1SP800108() (*TPMSKDFSchemeKDF1SP800108, error)

KDF1SP800108 returns the 'kdf1sp800108' member of the union.

func (*TPMUKDFScheme) KDF1SP80056A 

func (u *TPMUKDFScheme) KDF1SP80056A() (*TPMSKDFSchemeKDF1SP80056A, error)

KDF1SP80056A returns the 'kdf1sp80056a' member of the union.

func (*TPMUKDFScheme) KDF2 

func (u *TPMUKDFScheme) KDF2() (*TPMSKDFSchemeKDF2, error)

KDF2 returns the 'kdf2' member of the union.

func (*TPMUKDFScheme) MGF1 

func (u *TPMUKDFScheme) MGF1() (*TPMSKDFSchemeMGF1, error)

MGF1 returns the 'mgf1' member of the union.

func (*TPMUKDFScheme) RSA 

func (u *TPMUKDFScheme) RSA() (*TPM2BPrivateKeyRSA, error)

RSA returns the 'rsa' member of the union.

func (*TPMUKDFScheme) Sym 

func (u *TPMUKDFScheme) Sym() (*TPM2BSymKey, error)

Sym returns the 'sym' member of the union.

type TPMUPublicID 

type TPMUPublicID struct {
	// contains filtered or unexported fields
}

TPMUPublicID represents a TPMU_PUBLIC_ID. See definition in Part 2: Structures, section 12.2.3.2.

func NewTPMUPublicID 

func NewTPMUPublicID[C PublicIDContents](selector TPMAlgID, contents C) TPMUPublicID

NewTPMUPublicID instantiates a TPMUPublicID with the given contents.

func (*TPMUPublicID) ECC 

func (u *TPMUPublicID) ECC() (*TPMSECCPoint, error)

ECC returns the 'ecc' member of the union.

func (*TPMUPublicID) KeyedHash 

func (u *TPMUPublicID) KeyedHash() (*TPM2BDigest, error)

KeyedHash returns the 'keyedHash' member of the union.

func (*TPMUPublicID) RSA 

func (u *TPMUPublicID) RSA() (*TPM2BPublicKeyRSA, error)

RSA returns the 'rsa' member of the union.

func (*TPMUPublicID) SymCipher 

func (u *TPMUPublicID) SymCipher() (*TPM2BDigest, error)

SymCipher returns the 'symCipher' member of the union.

type TPMUPublicParms 

type TPMUPublicParms struct {
	// contains filtered or unexported fields
}

TPMUPublicParms represents a TPMU_PUBLIC_PARMS. See definition in Part 2: Structures, section 12.2.3.7.

func NewTPMUPublicParms 

func NewTPMUPublicParms[C PublicParmsContents](selector TPMAlgID, contents C) TPMUPublicParms

NewTPMUPublicParms instantiates a TPMUPublicParms with the given contents.

func (*TPMUPublicParms) ECCDetail 

func (u *TPMUPublicParms) ECCDetail() (*TPMSECCParms, error)

ECCDetail returns the 'eccDetail' member of the union.

func (*TPMUPublicParms) KeyedHashDetail 

func (u *TPMUPublicParms) KeyedHashDetail() (*TPMSKeyedHashParms, error)

KeyedHashDetail returns the 'keyedHashDetail' member of the union.

func (*TPMUPublicParms) RSADetail 

func (u *TPMUPublicParms) RSADetail() (*TPMSRSAParms, error)

RSADetail returns the 'rsaDetail' member of the union.

func (*TPMUPublicParms) SymDetail 

func (u *TPMUPublicParms) SymDetail() (*TPMSSymCipherParms, error)

SymDetail returns the 'symDetail' member of the union.

type TPMUSchemeKeyedHash 

type TPMUSchemeKeyedHash struct {
	// contains filtered or unexported fields
}

TPMUSchemeKeyedHash represents a TPMU_SCHEME_KEYEDHASH. See definition in Part 2: Structures, section 11.1.22.

func NewTPMUSchemeKeyedHash 

func NewTPMUSchemeKeyedHash[C SchemeKeyedHashContents](selector TPMAlgID, contents C) TPMUSchemeKeyedHash

NewTPMUSchemeKeyedHash instantiates a TPMUSchemeKeyedHash with the given contents.

func (*TPMUSchemeKeyedHash) HMAC 

func (u *TPMUSchemeKeyedHash) HMAC() (*TPMSSchemeHMAC, error)

HMAC returns the 'hmac' member of the union.

func (*TPMUSchemeKeyedHash) XOR 

func (u *TPMUSchemeKeyedHash) XOR() (*TPMSSchemeXOR, error)

XOR returns the 'xor' member of the union.

type TPMUSensitiveComposite 

type TPMUSensitiveComposite struct {
	// contains filtered or unexported fields
}

TPMUSensitiveComposite represents a TPMU_SENSITIVE_COMPOSITE. See definition in Part 2: Structures, section 12.3.2.3.

func NewTPMUSensitiveComposite 

func NewTPMUSensitiveComposite[C SensitiveCompositeContents](selector TPMAlgID, contents C) TPMUSensitiveComposite

NewTPMUSensitiveComposite instantiates a TPMUSensitiveComposite with the given contents.

type TPMUSensitiveCreate 

type TPMUSensitiveCreate struct {
	// contains filtered or unexported fields
}

TPMUSensitiveCreate represents a TPMU_SENSITIVE_CREATE. See definition in Part 2: Structures, section 11.1.13.

func NewTPMUSensitiveCreate 

func NewTPMUSensitiveCreate[C SensitiveCreateContents](contents C) TPMUSensitiveCreate

NewTPMUSensitiveCreate instantiates a TPMUSensitiveCreate with the given contents.

type TPMUSigScheme 

type TPMUSigScheme struct {
	// contains filtered or unexported fields
}

TPMUSigScheme represents a TPMU_SIG_SCHEME. See definition in Part 2: Structures, section 11.2.1.4.

func NewTPMUSigScheme 

func NewTPMUSigScheme[C SigSchemeContents](selector TPMAlgID, contents C) TPMUSigScheme

NewTPMUSigScheme instantiates a TPMUSigScheme with the given contents.

func (*TPMUSigScheme) ECDAA 

func (u *TPMUSigScheme) ECDAA() (*TPMSSchemeECDAA, error)

ECDAA returns the 'ecdaa' member of the union.

func (*TPMUSigScheme) ECDSA 

func (u *TPMUSigScheme) ECDSA() (*TPMSSchemeHash, error)

ECDSA returns the 'ecdsa' member of the union.

func (*TPMUSigScheme) HMAC 

func (u *TPMUSigScheme) HMAC() (*TPMSSchemeHMAC, error)

HMAC returns the 'hmac' member of the union.

func (*TPMUSigScheme) RSAPSS 

func (u *TPMUSigScheme) RSAPSS() (*TPMSSchemeHash, error)

RSAPSS returns the 'rsapss' member of the union.

func (*TPMUSigScheme) RSASSA 

func (u *TPMUSigScheme) RSASSA() (*TPMSSchemeHash, error)

RSASSA returns the 'rsassa' member of the union.

type TPMUSignature 

type TPMUSignature struct {
	// contains filtered or unexported fields
}

TPMUSignature represents a TPMU_SIGNATURE. See definition in Part 2: Structures, section 11.3.3.

func NewTPMUSignature 

func NewTPMUSignature[C SignatureContents](selector TPMAlgID, contents C) TPMUSignature

NewTPMUSignature instantiates a TPMUSignature with the given contents.

func (*TPMUSignature) ECDAA 

func (u *TPMUSignature) ECDAA() (*TPMSSignatureECC, error)

ECDAA returns the 'ecdaa' member of the union.

func (*TPMUSignature) ECDSA 

func (u *TPMUSignature) ECDSA() (*TPMSSignatureECC, error)

ECDSA returns the 'ecdsa' member of the union.

func (*TPMUSignature) HMAC 

func (u *TPMUSignature) HMAC() (*TPMTHA, error)

HMAC returns the 'hmac' member of the union.

func (*TPMUSignature) RSAPSS 

func (u *TPMUSignature) RSAPSS() (*TPMSSignatureRSA, error)

RSAPSS returns the 'rsapss' member of the union.

func (*TPMUSignature) RSASSA 

func (u *TPMUSignature) RSASSA() (*TPMSSignatureRSA, error)

RSASSA returns the 'rsassa' member of the union.

type TPMUSymDetails 

type TPMUSymDetails struct {
	// contains filtered or unexported fields
}

TPMUSymDetails represents a TPMU_SYM_DETAILS. See definition in Part 2: Structures, section 11.1.5.

func NewTPMUSymDetails 

func NewTPMUSymDetails[C SymDetailsContents](selector TPMAlgID, contents C) TPMUSymDetails

NewTPMUSymDetails instantiates a TPMUSymDetails with the given contents.

type TPMUSymKeyBits 

type TPMUSymKeyBits struct {
	// contains filtered or unexported fields
}

TPMUSymKeyBits represents a TPMU_SYM_KEY_BITS. See definition in Part 2: Structures, section 11.1.3.

func NewTPMUSymKeyBits 

func NewTPMUSymKeyBits[C SymKeyBitsContents](selector TPMAlgID, contents C) TPMUSymKeyBits

NewTPMUSymKeyBits instantiates a TPMUSymKeyBits with the given contents.

func (*TPMUSymKeyBits) AES 

func (u *TPMUSymKeyBits) AES() (*TPMKeyBits, error)

AES returns the 'aes' member of the union.

func (*TPMUSymKeyBits) XOR 

func (u *TPMUSymKeyBits) XOR() (*TPMAlgID, error)

XOR returns the 'xor' member of the union.

type TPMUSymMode 

type TPMUSymMode struct {
	// contains filtered or unexported fields
}

TPMUSymMode represents a TPMU_SYM_MODE. See definition in Part 2: Structures, section 11.1.4.

func NewTPMUSymMode 

func NewTPMUSymMode[C SymModeContents](selector TPMAlgID, contents C) TPMUSymMode

NewTPMUSymMode instantiates a TPMUSymMode with the given contents.

func (*TPMUSymMode) AES 

func (u *TPMUSymMode) AES() (*TPMIAlgSymMode, error)

AES returns the 'aes' member of the union.

type TemplateContents 

type TemplateContents interface {
	Marshallable
	*TPMTPublic | *TPMTTemplate
}

TemplateContents is a type constraint representing the possible contents of TPMUTemplate.

type Unmarshallable 

type Unmarshallable interface {
	Marshallable
	// contains filtered or unexported methods
}

Unmarshallable represents any TPM type that can be marshalled or unmarshalled.

type Unseal 

type Unseal struct {
	ItemHandle handle `gotpm:"handle,auth"`
}

Unseal is the input to TPM2_Unseal. See definition in Part 3, Commands, section 12.7

func (Unseal) Command 

func (Unseal) Command() TPMCC

Command implements the Command interface.

func (Unseal) Execute 

func (cmd Unseal) Execute(t transport.TPM, s ...Session) (*UnsealResponse, error)

Execute executes the command and returns the response.

type UnsealResponse 

type UnsealResponse struct {
	OutData TPM2BSensitiveData
}

UnsealResponse is the response from TPM2_Unseal.

type VerifySignature 

type VerifySignature struct {
	// handle of public key that will be used in the validation
	KeyHandle handle `gotpm:"handle"`
	// digest of the signed message
	Digest TPM2BDigest
	// signature to be tested
	Signature TPMTSignature
}

VerifySignature is the input to TPM2_VerifySignature. See definition in Part 3, Commands, section 20.1

func (VerifySignature) Command 

func (VerifySignature) Command() TPMCC

Command implements the Command interface.

func (VerifySignature) Execute 

func (cmd VerifySignature) Execute(t transport.TPM, s ...Session) (*VerifySignatureResponse, error)

Execute executes the command and returns the response.

type VerifySignatureResponse 

type VerifySignatureResponse struct {
	Validation TPMTTKVerified
}

VerifySignatureResponse is the response from TPM2_VerifySignature.

Source Files

View all Source files

Directories

Path Synopsis
Package transport implements types for physically talking to TPMs.
 Package transport implements types for physically talking to TPMs.
simulator
Package simulator provides access to a local simulator for TPM testing.
 Package simulator provides access to a local simulator for TPM testing.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.