1oid_section = tcg_oids
2
3[ tcg_oids ]
4tcg-sv-tpm20            = 2.23.133.1.2
5tcg-at-tpmManufacturer  = 2.23.133.2.1
6tcg-at-tpmModel         = 2.23.133.2.2
7tcg-at-tpmVersion       = 2.23.133.2.3
8tcg-at-tpmSpecification = 2.23.133.2.16
9tcg-at-tpmSecurityAssertions = 2.23.133.2.18
10tcg-kp-EKCertificate    = 2.23.133.8.1
11
12[ req ]
13prompt                  = no
14distinguished_name      = distinguished_name
15subjectAltName          = subject_alt_name
16
17[ distinguished_name ]
18commonName              = this-tpm-sim
19organizationName        = tpm2-tss-testsuit
20
21[ req_ext ]
22subjectKeyIdentifier    = hash
23
24[ ek_ext ]
25certificatePolicies     = @polsect
26subjectAltName          = dirName:subAltName
27basicConstraints        = critical, CA:FALSE
28subjectDirectoryAttributes = ASN1:SEQUENCE:subDirAttr
29authorityKeyIdentifier  = keyid:always
30authorityInfoAccess     = caIssuers;URI.0:INTERMEDCRT
31crlDistributionPoints   = URI.0:INTERMEDCRL
32keyUsage                = critical, keyEncipherment
33#extendedKeyUsage        = tcg-kp-EKCertificate
34extendedKeyUsage        = 2.23.133.8.1
35
36[ polsect ]
37policyIdentifier = anyPolicy
38CPS.1="http://my.host.name/"
39
40[ subAltName ]
41#TPMManufacturer = 'TSS2'
42.2.23.133.2.1 = id:54535332
43.2.23.133.2.2 = tpmsimulator
44.2.23.133.2.3 = id:00020008
45
46#TODO: Remove
47[ subAltName1 ]
48C=DE
49O=Testing
50OU=whatever
51commonName=abc
52
53[ subDirAttr ]
54tcg-at-tpmSpecification = SEQUENCE:tpmspec
55#tcg-at-tpmSecurityAssertions = SEQUENCE:secassert
56
57[ tpmspec ]
58family = UTF8:2.0
59level = INT:0
60revision = INT:138
61
62#[ secassert ]
63#version = INT:0
64#fieldUpgradable = BOOL:false
65#...
66