Lines Matching refs:PCR
180 22 Integrity Collection (PCR) ...................................................................…
831 … 6) If the handle references a PCR, then the value is within the range of PCR supported by the TPM
1438 previous state of the TPM except that PCR and the controls associated with the Platform hierarchy
1441 previous state of the TPM including the static Root of Trust for Measurement (S-RTM) PCR and the
1473 the PCR Update Counter shall be clear to zero,
1475 PCR in all banks are reset to their default initial conditions as determined by the relevant
1479 …NOTE 4 PCR may be initialized any time between _TPM_Init and the end of TPM2_Startup(). …
1482 …NOTE 5 See "Initializing PCR" in TPM 2.0 Part 1 for a description of the default initial…
1483 PCR.
1493 PCR in all banks are reset to their default initial conditions.
1494 If an H-CRTM Event Sequence is active, extend the PCR designated by the platform-specific
1500 PCR that are specified in a platform-specific specification to be preserved on TPM Resume are
1501 restored to their saved state and other PCR are set to their initial value as determined by a
1695 118 // Restore/Initialize PCR
1752 PCR that are designated as being preserved by TPM2_Shutdown(TPM_SU_STATE);
1753 the PCR Update Counter;
1817 TPM_RC_TYPE if PCR bank has been re-configured, a CLEAR StateSave() is
1835 19 // If PCR bank has been reconfigured, a CLEAR state save is required
1841 25 // PCR private date state save
1916 … the hash algorithms have been tested, the contents of a PCR may not be used in any command if
1920 PCR values.
2549 fail because the PCR have changed after TPM2_PolicyPCR() was executed. Restarting the session
2551 PCR are valid for the policy, the policy may then succeed.
2768 TPML_PCR_SELECTION creationPCR PCR that will be used in creation data
6640 context for each of the PCR banks implemented on the TPM.
7075 list. If pcrHandle references a PCR and not TPM_RH_NULL, then the returned digest list is processed…
7102 PCR to be extended with the Event data
7119 TPML_DIGEST_VALUES results list of digests computed for the PCR
7139 TPM_RC_LOCALITY PCR extension is not allowed at the current locality
7162 24 // see if a PCR extend is requested in call
7165 27 // see if extend of the PCR is allowed at the locality of the command,
7169 31 // been an orderly shutdown. If so, and the selected PCR is one of the
7170 32 // state saved PCR, then the orderly state has to change. The orderly state
7171 33 // does not change for PCR that are not preserved.
7173 35 // state will have to change if this is a state-saved PCR regardless
7206 63 // Extend PCR
7657 This command is used to quote PCR values.
7661 The TPM will hash the list of PCR selected by PCRselect using the hash algorithm associated with
7663 …igest is computed as the hash of the concatenation of all of the digest values of the selected PCR.
7664 The concatenation of PCR is described in TPM 2.0 Part 1, Selecting Multiple PCR.
7695 TPML_PCR_SELECTION PCRselect PCR set to quote
7764 37 // compute PCR digest. If there is no algorithm, then the PCR cannot
7771 44 // Compute PCR digest
7776 49 // Copy PCR select. "PCRselect" is modified in PCRComputeCurrentDigest
9236 22 Integrity Collection (PCR)
9240 In TPM 1.2, an Event was hashed using SHA-1 and then the 20-octet digest was extended to a PCR
9241 using TPM_Extend(). This specification allows the use of multiple PCR at a given Index, each using a
9243 Event with each being extended to a different PCR, the Event data may be sent to the TPM for hashin…
9244 This ensures that the resulting digests will properly reflect the algorithms chosen for the PCR eve…
9251 Change to a PCR requires authorization. The authorization may be with either an authorization value…
9252 an authorization policy. The platform-specific specifications determine which PCR may be controlled…
9253 policy. All other PCR are controlled by authorization.
9254 If a PCR may be associated with a policy, then the algorithm ID of that policy determines whether t…
9256 the PCR must match the policySession→policyDigest in a policy session. If the algorithm ID is
9258 If a platform-specific specification indicates that PCR are grouped, then all the PCR in the group …
9261 modifies (Extends or resets) a PCR unless the platform-specific specification explicitly excludes t…
9264 NOTE 2 If a command causes PCR in multiple banks to change, the PCR Update Counter may be
9267 A platform-specific specification may designate a set of PCR that are under control of the TCB. The…
9268 PCR may not be modified without the proper authorization. Updates of these PCR shall not cause the
9269 PCR Update Counter to increment.
9271 EXAMPLE Updates of the TCB PCR will not cause the PCR update counter to increment because t…
9286 This command is used to cause an update to the indicated PCR. The digests parameter contains one or
9287 more tagged digest values identified by an algorithm ID. For each digest, the PCR associated with
9295 …PCR.digestnew [pcrNum][alg] ≔ Halg(PCR.digestold [pcrNum][alg] || data[alg].buffer)) …
9297 …Halg() hash function using the hash algorithm associated with the PCR
9299 PCR.digest the digest value in a PCR
9300 pcrNum the PCR numeric selector (pcrHandle)
9301 alg the PCR algorithm selector for the digest
9305 If no digest value is specified for a bank, then the PCR in that bank is not modified.
9309 If a digest is present and the PCR in that bank is not implemented, the digest value is not used.
9322 NOTE 3 This command allows a list of digests so that PCR in all banks may be updated in …
9323 … command. While the semantics of this command allow multiple extends to a single PCR bank, this is
9344 handle of the PCR
9376 TPM_RC_LOCALITY current command locality is not allowed to extend the PCR
9405 30 // If PCR is state saved and we need to update orderlyState, check NV
9440 This command is used to cause an update to the indicated PCR.
9442 indicated PCR has been allocated. After the data is hashed, the digests list is returned. If the pc…
9443 references an implemented PCR and not TPM_ALG_NULL, the digests list is processed as in
9448 EXAMPLE 1 If the command implements PCR[2] in a SHA1 bank and a SHA256 bank, then an extend t…
9450 … eventData will be Extended to PCR[2] in the SHA1 bank and the SHA256 hash of eventData will be
9451 Extended to PCR[2] of the SHA256 bank.
9454 computed in preparation for extending the data into the PCR. At the option of the TPM, the list may
9458 EXAMPLE 2 Assume a TPM that implements a SHA1 bank and a SHA256 bank and that PCR[22] is only
9459 … implemented in the SHA1 bank. If pcrHandle references PCR[22], then digests may contain either a
9479 Handle of the PCR
9513 TPM_RC_LOCALITY current command locality is not allowed to extend the PCR
9529 17 // If a PCR extend is required
9532 20 // If the PCR is not allow to extend, return error
9536 24 // If PCR is state saved and we need to update orderlyState, check NV
9550 38 // Iterate supported PCR bank algorithms to extend
9578 This command returns the values of all PCR specified in pcrSelectionIn.
9580 TPMS_PCR_SELECTION, the TPM will process the bits in the pcrSelect array in ascending PCR order
9581 (see TPM 2.0 Part 2 for definition of the PCR order). If a bit is SET, and the indicated PCR is pre…
9582 then the TPM will add the digest of the PCR to the list of values to be returned in pcrValues.
9587 The current value of the PCR Update Counter is returned in pcrUpdateCounter.
9588 The returned list may be empty if none of the selected PCR are implemented.
9590 NOTE If no PCR are returned from a bank, the selector for the bank will be present in pc…
9592 No authorization is required to read a PCR and any implemented PCR may be read from any locality.
9614 TPML_PCR_SELECTION pcrSelectionIn The selection of PCR to read
9624 UINT32 pcrUpdateCounter the current value of the PCR update counter
9625 TPML_PCR_SELECTION pcrSelectionOut the PCR in the returned list
9626 the contents of the PCR indicated in pcrSelect as
9652 12 // Call PCR read function. input pcrSelectionIn parameter could be changed
9653 13 // to reflect the actual PCR being returned
9674 This command is used to set the desired PCR allocation of PCR and algorithms. This command requires
9678 The PCR allocation in place when this command is executed will be retained until the next
9685 … allocation of a TPM from 24 SHA1 PCR and no SHA256 PCR to 24 SHA256 PCR and no SHA1 PCR, the
9687 bank with 24 PCR.
9692 This command shall not allocate more PCR in any bank than there are PCR attribute definitions. The
9693 PCR attribute definitions indicate how a PCR is to be managed – if it is resettable, the locality f…
9694 etc. In the response to this command, the TPM returns the maximum number of PCR allowed for any
9696 When PCR are allocated, if DRTM_PCR is defined, the resulting allocation must have at least one bank
9697 with the D-RTM PCR allocated. If HCRTM_PCR is defined, the resulting allocation must have at least
9706 support arbitrary distribution of PCR among banks.
9710 NOTE 2 Even if this command does not cause the PCR allocation to change, the TPM cannot ha…
9747 UINT32 maxPCR maximum number of PCR that may be in a bank
9771 TPM_RC_PCR the allocation did not have required PCR
9796 25 // Call PCR Allocation function.
9805 34 // if re-configuration succeeds, set the flag to indicate PCR configuration is
9826 This command is used to associate a policy with a PCR or group of PCR. The policy determines the
9827 conditions under which a PCR may be extended or reset.
9828 A policy may only be associated with a PCR that has been defined by a platform-specific specificati…
9831 A platform-specific specification may group PCR so that they share a common policy. In such case, a
9832 pcrNum that selects any of the PCR in the group will change the policy for all PCR in the group.
9836 PCR will be set to the default value defined in the platform-specific specification.
9849 NOTE 3 If the PCR is in multiple policy sets, the policy will be changed in only one set. …
9875 TPMI_DH_PCR pcrNum the PCR for which the policy is to be set
9904 … TPM_RC_VALUE PCR referenced by pcrNum is not a member of a PCR policy group
9927 25 // If PCR does not belong to a policy group, return TPM_RC_VALUE
9933 31 // Set PCR policy
9956 This command changes the authValue of a PCR or group of PCR.
9957 An authValue may only be associated with a PCR that has been defined by a platform-specific
9960 group PCR so that they share a common authorization value. In such case, a pcrNum that selects any …
9961 the PCR in the group will change the authValue value for all PCR in the group.
9983 … handle for a PCR that may have an authorization value
10017 TPM_RC_VALUE PCR referenced by pcrHandle is not a member of a PCR
10030 14 // If PCR does not belong to an auth group, return TPM_RC_VALUE
10047 31 // Set PCR authValue
10066 If the attribute of a PCR allows the PCR to be reset and proper authorization is provided, then this
10067 command may be used to set the PCR to zero. The attributes of the PCR may restrict the locality tha…
10071 range for PCR, then the appropriate return value is TPM_RC_VALUE.
10073 If pcrHandle references a PCR that cannot be reset, the TPM shall return TPM_RC_LOCALITY.
10094 the PCR to reset
10124 …TPM_RC_LOCALITY current command locality is not allowed to reset the PCR referen…
10140 17 // If PCR is state saved and we need to update orderlyState, check NV
10152 29 // Reset selected PCR in all banks to 0
10155 32 // Indicate that the PCR changed so that pcrCounter will be incremented if
10269 The context holds data for each hash algorithm for each PCR bank implemented on the TPM.
10314 28 // make sure that the PCR is implemented for this algorithm
10342 If the H-CRTM Event Sequence occurs after TPM2_Startup(), the TPM will set all of the PCR designated
10345 digest/digests into the designated D-RTM PCR (PCR[17]).
10346 … PCR[17][hashAlg] ≔ HhashAlg (initial_value || HhashAlg (hash_data)) (7)
10348 hashAlg hash algorithm associated with a bank of PCR
10353 a platform-specific specification excludes modifications of PCR[DRTM] from causing an increment.
10355 _TPM_Hash_End will complete the digest, initialize PCR[0] with a digest-size value of 4, and then e…
10356 the H-CRTM Event Sequence data into PCR[0].
10357 … PCR[0][hashAlg] ≔ HhashAlg (0…04 || HhashAlg (hash_data)) (8)
10362 NOTE 3 PCR[0] does not need to be updated according to (8) until the end of TPM2_Start…
10403 27 // Reset the DRTM PCR
10417 41 // Complete hash and extend PCR, or if this is an HCRTM, complete
10418 42 // the hash, reset the H-CRTM register (PCR[0]) to 0...04, and then
10423 47 // make sure that the PCR is implemented for this algorithm
10602 …NOTE 1 If this parameter and pcrUpdateCounter are not the same, it indicates that PCR h…
10603 … since checked by the previous TPM2_PolicyPCR(). Since they have changed, the previous PCR
11527 This command is used to cause conditional gating of a policy based on PCR. This command together
11528 with TPM2_PolicyOR() allows one group of authorizations to occur when PCR are in one state and a
11529 different set of authorizations when the PCR are in a different state. If this command is used for …
11531 than the values from digest of the TPM PCR.
11532 The TPM will modify the pcrs parameter so that bits that correspond to unimplemented PCR are CLEAR.
11533 …icySession is not a trial policy session, the TPM will use the modified value of pcrs to select PCR
11534 values to hash according to TPM 2.0 Part 1, Selecting Multiple PCR. The hash algorithm of the policy
11535 session is used to compute a digest (digestTPM) of the selected PCR. If pcrDigest does not have a l…
11542 PCR set to 0
11543 … digestTPM the digest of the selected PCR using the hash algorithm of the
11546 NOTE 1 If the caller provides the expected PCR value, the intention is that the policy e…
11547 … point if the PCR do not match. If the caller does not provide the expected PCR value, then the
11549 …authorization. If the policy is constructed such that the PCR check comes before user authorization
11551 satisfy a policy that would fail later due to incorrect PCR values.
11554 session is used for authorization and the PCR are not known to be correct.
11555 The TPM uses a “generation” number (pcrUpdateCounter) that is incremented each time PCR are
11556 updated (unless the PCR being changed is specified not to cause a change to this counter). The valu…
11563 set, it will be compared with the current value of pcrUpdateCounter to determine if any PCR changes
11566 NOTE 2 Since the pcrUpdateCounter is updated if any PCR is extended (except those specifi…
11567 …so), this means that the command will fail even if a PCR not specified in the policy is updated. T…
11582 If policySession is a trial policy session, the TPM will not check any PCR and will compute:
11589 NOTE 4 Although no PCR are checked in a trial policy session, pcrDigest is expected to cor…
11590 … useful PCR values. It is legal, but pointless, to have the TP M aid in calculating a policyDigest
11591 corresponding to PCR values that are not useful in practice.
11616 expected digest value of the selected PCR using the
11619 TPML_PCR_SELECTION pcrs the PCR to include in the check digest
11647 … TPM_RC_VALUE if provided, pcrDigest does not match the current PCR settings
11671 25 // Make sure that this is not going to invalidate a previous PCR check
11675 29 // Compute current PCR digest
11678 32 // If the caller specified the PCR digest and it does not
11679 33 // match the current PCR settings, return an error..
11688 42 // For trial session, just use the input PCR digest
11715 64 // add PCR digest
12867 TPM2_PCR_Event() when the referenced PCR requires a policy.
13900 TPML_PCR_SELECTION creationPCR PCR that will be used in creation data
14415 The policy hash algorithm for PCR is reset to TPM_ALG_NULL.
14506 43 // Re-initialize PCR policies
15436 If the changing of the algorithm set results in a change of the algorithms of PCR banks, then the T…
15437 need to be reset (_TPM_Init and TPM2_Startup(TPM_SU_CLEAR)) before the new PCR settings take
15605 PCR authValue and authPolicy values;
17173 EXAMPLE 5 If the MSO of property is TPM_HT_PCR, then the TPM will return a list of PCR.
17199 TPM_CAP_PCRS – Returns the current allocation of PCR in a TPML_PCR_SELECTION. The
17201 PCR allocation and moreData will be NO.
17206 TPM_CAP_PCR_PROPERTIES – Returns a list of tagged PCR properties. The tag is a
17208 The input command property is a TPM_PT_PCR (see TPM 2.0 Part 2 for PCR properties to be
17211 Each item in the list is a TPMS_PCR_SELECT structure that contains a bitmap of all PCR.
17213 …NOTE 7 A PCR index in all banks (all hash algorithms) has the same properties, so the ha…
17344 55 // Get list of handles of PCR
17846 123 // If the NV index is used as a PCR, the data size must match the digest