• Home
  • Raw
  • Download

Lines Matching refs:PCR

370 Integrity Collection (PCR) ........................................................................…
1290 6) If the handle references a PCR, then the value is within the range of PCR supported by the TPM
2200 previous state of the TPM except that PCR and the controls associated with the Platform hierarchy
2203 previous state of the TPM including the static Root of Trust for Measurement (S-RTM) PCR and the
2268 the PCR Update Counter shall be clear to zero,
2276 PCR in all banks are reset to their default initial conditions as determined by the relevant platfo…
2279 PCR may be initialized any time between _TPM_Init and the end of TPM2_Startup(). PCR that
2284 See "Initializing PCR" in Part 1 of this specification for a description of the default initial
2285 conditions for a PCR.
2302 PCR in all banks are reset to their default initial conditions.
2306 If a CRTM Event sequence is active, extend the PCR designated by the platform-specific
2321 PCR that are specified in a platform-specific specification to be preserved on TPM Resume are
2322 restored to their saved state and other PCR are set to their initial value as determined by a platf…
2647 // Restore/Initialize PCR
2711 PCR that are designated as being preserved by TPM2_Shutdown(TPM_SU_STATE);
2715 the PCR Update Counter;
2884 if PCR bank has been re-configured, a CLEAR StateSave() is
2907 // If PCR bank has been reconfigured, a CLEAR state save is required
2911 // PCR private date state save
2987 the hash algorithms have been tested, the contents of a PCR may not be used in any command if
2991 PCR values.
4028 fail because the PCR have changed after TPM2_PolicyPCR() was executed. Restarting the session
4030 PCR are valid for the policy, the policy may then succeed.
4372 PCR that will be used in creation data
11642 a hash context for each of the PCR banks implemented on the TPM.
12435 list. If pcrHandle references a PCR and not TPM_RH_NULL, then the returned digest list is processed…
12479 PCR to be extended with the Event data
12529 list of digests computed for the PCR
12550 PCR extension is not allowed at the current locality
12638 // see if a PCR extend is requested in call
12641 // see if extend of the PCR is allowed at the locality of the command,
12645 // been an orderly shutdown. If so, and the selected PCR is one of the
12646 // state saved PCR, then the orderly state has to change. The orderly state
12647 // does not change for PCR that are not preserved.
12649 // state will have to change if this is a state-saved PCR regardless
12710 // Extend PCR
13502 This command is used to quote PCR values.
13507 The TPM will hash the list of PCR selected by PCRselect using the hash algorithm associated with
13509 …igest is computed as the hash of the concatenation of all of the digest values of the selected PCR.
13510 The concatenation of PCR is described in Part 1, Selecting Multiple PCR.
13572 PCR set to quote
13730 // compute PCR digest. If there is no algorithm, then the PCR cannot
13735 // Compute PCR digest
13739 // Copy PCR select. "PCRselect" is modified in PCRComputeCurrentDigest
16546 Integrity Collection (PCR)
16552 In TPM 1.2, an Event was hashed using SHA-1 and then the 20-octet digest was extended to a PCR
16553 using TPM_Extend(). This specification allows the use of multiple PCR at a given Index, each using a
16555 Event with each being extended to a different PCR, the Event data may be sent to the TPM for hashin…
16556 This ensures that the resulting digests will properly reflect the algorithms chosen for the PCR eve…
16564 Change to a PCR requires authorization. The authorization may be with either an authorization value…
16565 an authorization policy. The platform-specific specifications determine which PCR may be controlled…
16566 policy. All other PCR are controlled by authorization.
16567 If a PCR may be associated with a policy, then the algorithm ID of that policy determines whether t…
16569 the PCR must match the policySession→policyDigest in a policy session. If the algorithm ID is
16571 If a platform-specific specification indicates that PCR are grouped, then all the PCR in the group …
16574 modifies (Extends or resets) a PCR unless the platform-specific specification explicitly excludes t…
16578 If a command causes PCR in multiple banks to change, the PCR Update Counter may be
16581 A platform-specific specification may designate a set of PCR that are under control of the TCB. The…
16582 PCR may not be modified without the proper authorization. Updates of these PCR shall not cause the
16583 PCR Update Counter to increment.
16586 Updates of the TCB PCR will not cause the PCR update counter to increment b ecause these PCR
16607 This command is used to cause an update to the indicated PCR. The digests parameter contains one or
16608 more tagged digest value identified by an algorithm ID. For each digest, the PCR associated with
16618 PCR.digestnew [pcrNum][alg] ≔ Halg(PCR.digestold [pcrNum][alg] || data[alg].buffer))
16626 hash function using the hash algorithm associated with the PCR
16629 PCR.digest
16631 the digest value in a PCR
16635 the PCR numeric
16640 the PCR algorithm selector for the digest
16656 If no digest value is specified for a bank, then the PCR in that bank are not modified.
16661 If a digest is present and the PCR in that bank is not implemented, the digest value is not used.
16675 This command allows a list of digests so that PCR in all banks may be updated in a single
16676 command. While the semantics of this command allow multiple extends to a single PCR bank, this is
16719 handle of the PCR
16823 current command locality is not allowed to extend the PCR
16865 // If PCR is state saved and we need to update orderlyState, check NV
16902 This command is used to cause an update to the indicated PCR.
16904 indicated PCR has been allocated. After the data is hashed, the digests list is returned. If the pc…
16905 references an implemented PCR and not TPM_ALG_NULL, digests list is processed as in
16911 If the command implements PCR[2] in a SHA1 bank and a SHA256 bank, then an extend to PCR[2]
16913 eventData will be Extended to PCR[2] in the SHA1 bank and the SHA256 hash of eventData will be
16914 Extended to PCR[2] of the SHA256 bank.
16917 computed in preparation for extending the data into the PCR. At the option of the TPM, the list may
16921 Assume a TPM that implements a SHA1 bank and a SHA256 bank and that PCR[22] is only
16922 implemented in the SHA1 bank. If pcrHandle references PCR[22], then digests may contain either a
16964 Handle of the PCR
17075 current command locality is not allowed to extend the PCR
17102 // If a PCR extend is required
17105 // If the PCR is not allow to extend, return error
17108 // If PCR is state saved and we need to update orderlyState, check NV
17119 // Iterate supported PCR bank algorithms to extend
17153 This command returns the values of all PCR specified in pcrSelect.
17155 TPMS_PCR_SELECTION, the TPM will process the bits in the pcrSelect array in ascending PCR order
17156 (see Part 2 for definition of the PCR order). If a bit is SET, and the indicated PCR is present, th…
17157 TPM will add the digest of the PCR to the list of values to be returned in pcrValue.
17162 The current value of the PCR Update Counter is returned in pcrUpdateCounter.
17163 The returned list may be empty if none of the selected PCR are implemented.
17166 If no PCR are returned from a bank, the selector for the bank will be present in pcrSelectionOut.
17168 No authorization is required to read a PCR and any implemented PCR may be read from any locality.
17209 The selection of PCR to read
17236 the current value of the PCR update counter
17242 the PCR in the returned list
17248 the contents of the PCR indicated in pcrSelect as
17301 // Call PCR read function. input pcrSelectionIn parameter could be changed
17302 // to reflect the actual PCR being returned
17326 This command is used to set the desired PCR allocation of PCR and algorithms. This command requires
17330 The PCR allocation in place when this command is executed will be retained until the next
17332 If no allocation is specified for a bank, then no PCR will be allocated to that bank. If a bank is …
17334 This command shall not allocate more PCR in any bank than there are PCR attribute definitions. The
17335 PCR attribute definitions indicate how a PCR is to be managed – if it is resettable, the locality f…
17336 etc. In the response to this command, the TPM returns the maximum number of PCR allowed for any
17345 Even if this command does not cause the PCR allocation to change, the TPM cannot have its state
17430 maximum number of PCR that may be in a bank
17525 // Call PCR Allocation function.
17528 // if re-configuration succeeds, set the flag to indicate PCR configuration is
17553 This command is used to associate a policy with a PCR or group of PCR. The policy determines the
17554 conditions under which a PCR may be extended or reset.
17555 A policy may only be associated with a PCR that has been defined by a platform-specific specificati…
17558 A platform-specific specification may group PCR so that they share a common policy. In such case, a
17559 pcrNum that selects any of the PCR in the group will change the policy for all PCR in the group.
17563 PCR will be set to the default value defined in the platform-specific specification.
17579 If the PCR is in multiple policy sets, the policy will be changed in only one set. The set that is
17641 the PCR for which the policy is to be set
17728 PCR referenced by pcrNum is not a member of a PCR policy group
17757 // If PCR does not belong to a policy group, return TPM_RC_VALUE
17761 // Set PCR policy
17787 This command changes the authValue of a PCR or group of PCR.
17788 An authValue may only be associated with a PCR that has been defined by a platform-specific
17791 group PCR so that they share a common authorization value. In such case, a pcrNum that selects any …
17792 the PCR in the group will change the authValue value for all PCR in the group.
17835 handle for a PCR that may have an authorization value
17923 PCR referenced by pcrHandle is not a member of a PCR
17943 // If PCR does not belong to an auth group, return TPM_RC_VALUE
17957 // Set PCR authValue
17980 If the attribute of a PCR allows the PCR to be reset and proper authorization is provided, then this
17981 command may be used to set the PCR to zero. The attributes of the PCR may restrict the locality tha…
17986 PCR, then the appropriate return value is TPM_RC_VALUE.
17988 If pcrHandle references a PCR that cannot be reset, the TPM shall return TPM_RC_LOCALITY.
18032 the PCR to reset
18115 current command locality is not allowed to reset the PCR referenced
18136 // If PCR is state saved and we need to update orderlyState, check NV
18146 // Reset seleccted PCR in all banks to 0
18148 // Indicate that the PCR changed so that pcrCounter will be incremented if
18322 _TPM_Hash_Start indication. The context holds data for each hash algorithm for each PCR bank
18408 // only computes the hash for the banks that contain the DRTM PCR.
18441 If the CRTM Event sequence occurs after TPM2_Startup(), the TPM will set all of the PCR designated …
18444 digest/digests into the designated, DRTM PCR.
18445 PCR[DRTM][hashAlg] ≔ HhashAlg (initial_value || HhashAlg (hash_data))
18452 index for CRTM PCR designated by a platform-specific
18457 hash algorithm associated with a bank of PCR
18469 a platform-specific specification excludes modifications of PCR[DRTM] from causing an increment.
18471 _TPM_Hash_End will complete the digest, initialize PCR[0] with a digest-size value of 4, and then e…
18472 the H-CRTM Event Sequence data into PCR[0].
18473 PCR[0][hashAlg] ≔ HhashAlg (0…04 || HhashAlg (hash_data))
18583 // Reset the DRTM PCR
18594 // Complete hash and extend PCR, or if this is an HCRTM, complete
18595 // the hash and write the PCR
18603 // If this is DRTM, extend to zeroed PCR
18604 // If this is H-DRTM, copy to HCRM PCR
18606 // Extend PCR
18883 If this parameter and pcrUpdateCounter are not the same, it indicates that PCR have changed
18884 since checked by the previous TPM2_PolicyPCR(). Since they have changed, the previous PCR
20636 This command is used to cause conditional gating of a policy based on PCR. This allows one group of
20637 authorizations to occur when PCR are in one state and a different set of authorizations when the PC…
20639 updated using the values from the command rather than the values from digest of the TPM PCR.
20640 The TPM will modify the pcrs parameter so that bits that correspond to unimplemented PCR are CLEAR.
20641 …icySession is not a trial policy session, the TPM will use the modified value of pcrs to select PCR
20642 values to hash according to Part 1, Selecting Multiple PCR. The hash algorithm of the policy sessio…
20643 used to compute a digest (digestTPM) of the selected PCR. If pcrDigest does not have a length of ze…
20657 PCR set to 0
20661 the digest of the selected PCR using the hash algorithm of the
20666 If the caller provides the expected PCR value, the intention is that the policy evaluation stop at …
20667 point if the PCR do not match. If the caller does not provide the expected PCR value, then the
20669 authorization. If the policy is constructed such that the PCR check comes before user authorization
20671 satisfy a policy that would fail later due to incorr ect PCR values.
20674 session is used for authorization and the PCR are not known to be correct.
20675 The TPM uses a “generation” number (pcrUpdateCounter) that is incremented each time PCR are
20676 updated (unless the PCR being changed is specified not to cause a change to this counter). The valu…
20683 set, it will be compared with the current value of pcrUpdateCounter to determine if any PCR changes
20687 If policySession is a trial policy session, the TPM will not check any PCR and will compute:
20745 expected digest value of the selected PCR using the
20752 the PCR to include in the check digest
20797 if provided, pcrDigest does not match the current PCR settings
20889 // Make sure that this is not going to invalidate a previous PCR check
20892 // Compute current PCR digest
20894 // If the caller specified the PCR digest and it does not
20895 // match the current PCR settings, return an error..
20904 // For trial session, just use the input PCR digest
20960 // add PCR digest
23187 TPM2_PCR_Event() when the referenced PCR requires a policy.
25072 PCR that will be used in creation data
26002 The policy hash algorithm for PCR is reset to TPM_ALG_NULL.
26186 // Re-initialize PCR policies
27827 If the changing of the algorithm set results in a change of the algorithms of PCR banks, then the T…
27828 need to be reset (_TPM_Init and TPM2_Startup(TPM_SU_CLEAR)) before the new PCR settings take
28110 PCR authValue and authPolicy values;
31012 If the MSO of property is TPM_HT_PCR, then the TPM will return a list of PCR.
31050 TPM_CAP_PCRS – Returns the current allocation of PCR in a TPML_PCR_SELECTION. The
31051 property parameter shall be zero. The TPM will always respond to this command with the full PCR
31062 TPM_CAP_PCR_PROPERTIES – Returns a list of tagged PCR properties. The tag is a
31065 The input command property is a TPM_PT_PCR (see Part 2 for PCR properties to be requested) that
31073 Each item in the list is a TPMS_PCR_SELECT structure that contains a bitmap of all PCR.
31076 A PCR index in all banks (all hash algorithms) has the same properties, so the hash algorithm is
31402 // Get list of handles of PCR
32292 // If the NV index is used as a PCR, the data size must match the digest