ISO/IEC 11889-4:2015
(Main)Information technology — Trusted Platform Module Library — Part 4: Supporting Routines
Information technology — Trusted Platform Module Library — Part 4: Supporting Routines
ISO/IEC 11889-4:2015 contains C code that describes the algorithms and methods used by the command code in ISO/IEC 11889-3. The code in ISO/IEC 11889-4:2015 augments ISO/IEC 11889-2 and ISO/IEC 11889-3 to provide a complete description of a TPM, including the supporting framework for the code that performs the command actions. Any code in ISO/IEC 11889-4:2015 may be replaced by code that provides similar results when interfacing to the action code in ISO/IEC 11889-3. The behavior of code in this ISO/IEC 11889-4:2015 that is not included in an annex is normative, as observed at the interfaces with ISO/IEC 11889-3 code. Code in an annex is provided for completeness, that is, to allow a full implementation of ISO/IEC 11889 from the provided code. The code in ISO/IEC 11889-3 and this ISO/IEC 11889-4:2015 is written to define the behavior of a compliant TPM. In some cases (e.g., firmware update), it is not possible to provide a compliant implementation. In those cases, any implementation provided by the vendor that meets the general description of the function provided in ISO/IEC 11889-3 would be compliant. The code in ISO/IEC 11889-3 and this ISO/IEC 11889-4:2015 is not written to meet any particular level of conformance nor does ISO/IEC 11889 require that a TPM meet any particular level of conformance.
Technologies de l'information — Bibliothèque de module de plate-forme de confiance — Partie 4: Routines de support
General Information
Relations
Standards Content (Sample)
INTERNATIONAL ISO/IEC
STANDARD 11889-4
Second edition
2015-12-15
Information technology — Trusted
Platform Module Library —
Part 4:
Supporting Routines
Technologies de l’information — Bibliothèque de module
de plate-forme de confiance —
Partie 4: Routines de support
Reference number
ISO/IEC 11889-4:2015(E)
©
ISO/IEC 2015
---------------------- Page: 1 ----------------------
ISO/IEC 11889-4:2015(E)
COPYRIGHT PROTECTED DOCUMENT
© ISO/IEC 2015, Published in Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized otherwise in any form
or by any means, electronic or mechanical, including photocopying, or posting on the internet or an intranet, without prior
written permission. Permission can be requested from either ISO at the address below or ISO’s member body in the country of
the requester.
ISO copyright office
Ch. de Blandonnet 8 • CP 401
CH-1214 Vernier, Geneva, Switzerland
Tel. +41 22 749 01 11
Fax +41 22 749 09 47
copyright@iso.org
www.iso.org
ii © ISO/IEC 2015 – All rights reserved
---------------------- Page: 2 ----------------------
ISO/IEC 11889-4:2015(E)
CONTENTS
Foreword . xvii
Introduction . xviii
1 Scope . 1
2 Normative references . 2
3 Terms and definitions . 2
4 Symbols and abbreviated terms . 2
5 Automation . 2
5.1 Introduction . 2
5.2 Configuration Parser . 2
5.3 Structure Parser . 3
5.3.1 Introduction . 3
5.3.2 Unmarshaling Code Prototype . 3
5.3.3 Marshaling Code Function Prototypes . 5
5.4 Command Parser . 6
5.5 Portability . 6
6 Header Files . 7
6.1 Introduction . 7
6.2 BaseTypes.h . 7
6.3 bits.h . 8
6.4 bool.h . 9
6.5 Capabilities.h . 9
6.6 TPMB.h . 9
6.7 TpmError.h . 10
6.8 Global.h . 10
6.8.1 Description . 10
6.8.2 Includes. 11
6.8.3 Defines and Types . 11
6.8.4 Loaded Object Structures . 12
6.8.5 AUTH_DUP Types . 14
6.8.6 Active Session Context . 14
6.8.7 PCR . 16
6.8.8 Startup . 17
6.8.9 NV . 18
6.8.10 COMMIT_INDEX_MASK . 19
6.8.11 RAM Global Values . 19
6.8.12 Persistent Global Values . 21
6.8.13 Global Macro Definitions . 26
6.9 Private data . 26
6.10 Tpm.h . 31
6.11 swap.h . 31
6.12 InternalRoutines.h . 32
6.13 TpmBuildSwitches.h . 33
6.14 VendorString.h . 34
7 Main . 36
7.1 CommandDispatcher() . 36
7.2 ExecCommand.c . 36
7.2.1 Introduction . 36
7.2.2 Includes. 36
7.2.3 ExecuteCommand() . 36
© ISO/IEC 2015 – All rights reserved iii
---------------------- Page: 3 ----------------------
ISO/IEC 11889-4:2015(E)
7.3 ParseHandleBuffer() . 42
7.4 SessionProcess.c . 43
7.4.1 Introduction . 43
7.4.2 Includes and Data Definitions . 43
7.4.3 Authorization Support Functions . 43
7.4.4 Session Parsing Functions . 50
7.4.5 Response Session Processing . 68
8 Command Support Functions . 78
8.1 Introduction . 78
8.2 Attestation Command Support (Attest_spt.c) . 78
8.2.1 Includes. 78
8.2.2 Functions . 78
8.3 Context Management Command Support (Context_spt.c) . 81
8.3.1 Includes. 81
8.3.2 Functions . 81
8.4 Policy Command Support (Policy_spt.c) . 83
8.4.1 Includes. 83
8.4.2 Functions . 83
8.5 NV Command Support (NV_spt.c) . 85
8.5.1 Includes. 85
8.5.2 Functions . 86
8.6 Object Command Support (Object_spt.c) . 88
8.6.1 Includes. 88
8.6.2 Local Functions . 88
8.6.3 Public Functions . 93
9 Subsystem . 113
9.1 CommandAudit.c . 113
9.1.1 Introduction . 113
9.1.2 Includes. 113
9.1.3 Functions . 113
9.2 DA.c . 11 7
9.2.1 Introduction . 117
9.2.2 Includes and Data Definitions . 117
9.2.3 Functions . 117
9.3 Hierarchy.c . 120
9.3.1 Introduction . 120
9.3.2 Includes. 120
9.3.3 Functions . 120
9.4 NV.c . 12 4
9.4.1 Introduction . 124
9.4.2 Includes, Defines and Data Definitions . 124
9.4.3 NV Utility Functions . 124
9.4.4 NV Index and Persistent Object Access Functions . 126
9.4.5 RAM-based NV Index Data Access Functions . 130
9.4.6 Utility Functions . 132
9.4.7 NV Access Functions . 140
9.5 Object.c . 158
iv © ISO/IEC 2015 – All rights reserved
---------------------- Page: 4 ----------------------
ISO/IEC 11889-4:2015(E)
9.5.1 Introduction . 158
9.5.2 Includes and Data Definitions . 158
9.5.3 Functions . 158
9.6 PCR.c . 174
9.6.1 Introduction . 174
9.6.2 Includes, Defines, and Data Definitions . 174
9.6.3 Functions . 174
9.7 PP.c . 19 6
9.7.1 Introduction . 196
9.7.2 Includes. 196
9.7.3 Functions . 196
9.8 Session.c . 199
9.8.1 Introduction . 199
9.8.2 Includes, Defines, and Local Variables . 200
9.8.3 File Scope Function -- ContextIdSetOldest() . 200
9.8.4 Startup Function -- SessionStartup() . 201
9.8.5 Access Functions . 202
9.8.6 Utility Functions . 204
9.9 Time.c . 216
9.9.1 Introduction . 216
9.9.2 Includes. 216
9.9.3 Functions . 216
10 Support . 221
10.1 AlgorithmCap.c . 221
10.1.1 Description . 221
10.1.2 Includes and Defines . 221
10.1.3 AlgorithmCapGetImplemented() . 222
10.2 Bits.c . 224
10.2.1 Introduction . 224
10.2.2 Includes. 224
10.2.3 Functions . 224
10.3 CommandAttributeData.c . 225
10.4 CommandCodeAttributes.c . 231
10.4.1 Introduction . 231
10.4.2 Includes and Defines . 231
10.4.3 Command Attribute Functions . 231
10.5 DRTM.c . 236
10.5.1 Description . 236
10.5.2 Includes. 236
10.5.3 Functions . 236
10.6 Entity.c . 237
10.6.1 Description . 237
10.6.2 Includes. 237
10.6.3 Functions . 237
10.7 Global.c . 243
10.7.1 Description . 243
10.7.2 Includes and Defines . 244
10.7.3 Global Data Values . 244
© ISO/IEC 2015 – All rights reserved v
---------------------- Page: 5 ----------------------
ISO/IEC 11889-4:2015(E)
10.7.4 Private Values . 244
10.8 Handle.c . 246
10.8.1 Description . 246
10.8.2 Includes. 246
10.8.3 Functions . 246
10.9 Locality.c . 24 8
10.9.1 Includes. 248
10.9.2 LocalityGetAttributes() . 248
10.10 Manufacture.c . 248
10.10.1 Description . 248
10.10.2 Includes and Data Definitions . 248
10.10.3 Functions . 249
10.11 Marshal.c . 251
10.11.1 Introduction . 251
10.11.2 Unmarshal and Marshal a Value . 251
10.11.3 Unmarshal and Marshal a Union . 252
10.11.4 Unmarshal and Marshal a Structure . 254
10.11.5 Unmarshal and Marshal an Array . 256
10. 11.6 TPM2B Handling . 258
10.12 MemoryLib.c . 259
10.12.1 Description . 259
10.12.2 Includes and Data Definitions . 259
10.12.3 Functions on BYTE Arrays . 259
10.13 Power.c . 26 4
10.13.1 Description . 264
10.13.2 Includes and Data Definitions . 264
10.13.3 Functions . 264
10.14 PropertyCap.c . 265
10.14.1 Description . 265
10.14.2 Includes. 265
10.14.3 Functions . 265
10.15 TpmFail.c . 273
10.15.1 Includes, Defines, and Types . 273
10.15.2 Typedefs . 273
10.15.3 Local Functions . 274
10.15.4 Public Functions . 275
10.15.5 TpmFailu reMode . 275
11 Cryptographic Functions . 279
11.1 Introduction . 279
11.2 CryptUtil.c . 279
11.2.1 Introduction . 279
11.2.2 Includes. 279
11.2.3 TranslateCryptErrors() . 279
11.2.4 Random Number Generation Functions . 280
11.2.5 Hash/HMAC Functions . 281
11.2.6 RSA Functions . 294
11.2.7 ECC Functions . 302
11.2.8 Symmetric Functions . 312
11.2.9 Initialization and shut down . 316
vi © ISO/IEC 2015 – All rights reserved
---------------------- Page: 6 ----------------------
ISO/IEC 11889-4:2015(E)
11.2.10 Algorithm-Independent Functions . 317
11.2.11 Math functions . 339
11.2.12 Capability Support . 341
11.3 Ticket.c . 34 3
11.3.1 Introduction . 343
11.3.2 Includes. 343
11.3.3 Functions . 343
11.4 CryptSelfTest.c . 346
11.4.1 Introduction . 346
11.4.2 Functions . 347
Annex A (informative) Implementation Dependent . 351
A.1 Introduction . 351
A.2 Implementation.h . 351
Annex B (informative) Cryptographic Library Interface . 365
B.1 Introduction . 365
B.2 Integer Format . 365
B.3 CryptoEngine.h . 365
B.3.1. Introduction . 365
B.3.2. General Purpose Macros. 366
B.3.3. Self-test . 366
B.3.4. Hash-related Structures . 366
B.3.5. Asymmetric Structures and Values . 368
B.3.6. ECC-related Structures . 368
B.3.7. RSA-related Structures . 368
B.4 OsslCryptoEngine.h . 370
B.4.1. Introduction . 370
B.4.2. Defines . 370
B.5 MathFunctions.c . 371
B.5.1. Introduction . 371
B.5.2. Externally Accessible Functions . 371
B.6 CpriCryptP ri.c . 381
B.6.1. Introduction . 381
B.6.2. Includes and Locals . 381
B.6.3. Functions . 381
B.7 CpriRNG.c .
...
Questions, Comments and Discussion
Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.