没有合适的资源?快使用搜索试试~ 我知道了~
首页TPM 1.2 Main Part 3 Commands (v1.2_rev116) - Technical Specification, March 2011
TPM 1.2 Main Part 3 Commands (v1.2_rev116) - Technical Specifica...
需积分: 1 0 下载量 4 浏览量
更新于2024-06-22
收藏 1.88MB PDF 举报
本资源为《TPM Main Part 3 Commands》版本1.2,修订至第116版,发布日期为2011年3月1日。它是由Trusted Computing Group (TCG) 出品的一份技术规范文档,专注于 Trusted Platform Module (TPM) 的核心命令部分。TPM 是一种用于增强计算机平台安全性的硬件模块,它在操作系统和固件之间提供了一层可信的基线,确保系统状态的完整性。 这份文档涵盖了Level 2的TPM命令集,这些命令包括但不限于固件管理、密钥存储、加密、签名、认证以及安全设置等关键操作。它详细描述了如何通过TPM执行安全相关的任务,如对敏感数据进行保护,验证设备身份,以及实现远程管理功能。版本1.2是对早期版本的升级,旨在提高TPM的安全性和互操作性,可能包含对新命令、错误修正和性能优化的说明。 值得注意的是,文档中的版权声明指出,该规范是“按现状”提供的,没有任何形式的保证,包括但不限于商品质量、非侵权性、特定用途适用性或其他由提议、规格或示例产生的任何保证。TCG明确表示对基于此规范的信息使用或实施的任何问题不负责任,也不承担因采购替代品、利润损失、数据丢失或其他间接或附带损失的责任。 阅读这份文档对于开发TPM兼容硬件、软件开发者以及安全专业人员来说至关重要,因为它提供了TPM技术的标准化指导,有助于确保系统的安全性和一致性。在处理TPM命令时,开发者需要遵守文档中的规定和限制,以充分理解并正确利用TPM的功能,以实现高效、安全的计算机平台管理。
资源详情
资源推荐
TPM Main Part 3 Commands TCG © Copyright
Specification Version 1.2
2. Description and TODO
This document is to show the changes necessary to create the 1.2 version of the TCG
specification. Some of the sections are brand new text; some are rewritten sections of the
1.1 version. Upon approval of the 1.2 changes, there will be a merging of the 1.1 and 1.2
versions to create a single 1.2 document.
Level 2 Revision 116 28 February 2011 5
TCG Published
68
69
276
277
278
279
280
70
71
Copyright © TCG TPM Main Part 3 Commands
Specification Version 1.2
3. Admin Startup and State
Start of informative comment:
This section is the commands that start a TPM.
End of informative comment.
3.1 TPM_Init
Start of informative comment:
TPM_Init is a physical method of initializing a TPM. There is no TPM_Init ordinal as this is a
platform message sent on the platform internals to the TPM. On a PC this command arrives
at the TPM via the LPC bus and informs the TPM that the platform is performing a boot
process.
TPM_Init puts the TPM into a state where it waits for the command TPM_Startup (which
specifies the type of initialization that is required.
End of informative comment.
Definition
TPM_Init();
Operation of the TPM. This is not a command that any software can execute. It is inherent
in the design of the TPM and the platform that the TPM resides on.
Parameters
None
Description
1. The TPM_Init signal indicates to the TPM that platform initialization is taking place. The
TPM SHALL set the TPM into a state such that the only legal command to receive after
the TPM_Init is the TPM_Startup command. The TPM_Startup will further indicate to the
TPM how to handle and initialize the TPM resources.
2. The platform design MUST be that the TPM is not the only component undergoing
initialization. If the TPM_Init signal forces the TPM to perform initialization then the
platform MUST ensure that ALL components of the platform receive an initialization
signal. This is to prevent an attacker from causing the TPM to initialize to a state where
various masquerades are allowable. For instance, on a PC causing the TPM to initialize
and expect measurements in PCR0 but the remainder of the platform does not initialize.
3. The design of the TPM MUST be such that the ONLY mechanism that signals TPM_Init
also signals initialization to the other platform components.
Actions
1. The TPM sets TPM_STANY_FLAGS -> postInitialise to TRUE.
6 Level 2 Revision 116 28 February 2011
TCG Published
72
73
74
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
75
76
TPM Main Part 3 Commands TCG © Copyright
Specification Version 1.2
3.2 TPM_Startup
Start of informative comment:
TPM_Startup is always preceded by TPM_Init, which is the physical indication (a system-
wide reset) that TPM initialization is necessary.
There are many events on a platform that can cause a reset and the response to these
events can require different operations to occur on the TPM. The mere reset indication does
not contain sufficient information to inform the TPM as to what type of reset is occurring.
Additional information known by the platform initialization code needs transmitting to the
TPM. The TPM_Startup command provides the mechanism to transmit the information.
The TPM can startup in three different modes:
A “clear” start where all variables go back to their default or non-volatile set state
A “save” start where the TPM recovers appropriate information and restores various values
based on a prior TPM_SaveState. This recovery requires an invocation of TPM_Init to be
successful.
A failing "save" start must shut down the TPM. The CRTM cannot leave the TPM in a state
where an untrusted upper software layer could issue a "clear" and then extend PCR's and
thus mimic the CRTM.
A “deactivated” start where the TPM turns itself off and requires another TPM_Init before
the TPM will execute in a fully operational state.
End of informative comment.
Incoming Parameters and Sizes
PARAM HMAC
Type Name Description
# SZ # SZ
1 2 TPM_TAG tag TPM_TAG_RQU_COMMAND
2 4 UINT32 paramSize Total number of input bytes including paramSize and tag
3 4 1S 4 TPM_COMMAND_CODE ordinal Command ordinal TPM_ORD_Startup
4 2 2S 2 TPM_STARTUP_TYPE startupType Type of startup that is occurring
Outgoing Parameters and Sizes
PARAM HMAC
Type Name Description
# SZ # SZ
1 2 TPM_TAG tag TPM_TAG_RSP_COMMAND
2 4 UINT32 paramSize Total number of output bytes including paramSize and tag
3 4 1S 4 TPM_RESULT returnCode The return code of the operation.
2S 4 TPM_COMMAND_CODE ordinal Command ordinal: TPM_ORD_Startup
Description
TPM_Startup MUST be generated by a trusted entity (the RTM or the TPM, for example).
1. If the TPM is in failure mode
Level 2 Revision 116 28 February 2011 7
TCG Published
77
78
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
79
80
Copyright © TCG TPM Main Part 3 Commands
Specification Version 1.2
a. TPM_STANY_FLAGS -> postInitialize is still set to FALSE
b. The TPM returns TPM_FAILEDSELFTEST
Actions
1. If TPM_STANY_FLAGS -> postInitialise is FALSE,
a. Then the TPM MUST return TPM_INVALID_POSTINIT, and exit this capability
2. If stType = TPM_ST_CLEAR
a. Ensure that sessions associated with resources TPM_RT_CONTEXT, TPM_RT_AUTH,
TPM_RT_DAA_TPM, and TPM_RT_TRANS are invalidated
b. Reset TPM_STCLEAR_DATA -> PCR[] values to each correct default value
i. pcrReset is FALSE, set to 0x00..00
ii. pcrReset is TRUE, set to 0xFF..FF
c. Set the following TPM_STCLEAR_FLAGS to their default state
i. PhysicalPresence
ii. PhysicalPresenceLock
iii. disableForceClear
d. The TPM MAY initialize auditDigest to all zeros
i. If not initialized to all zeros, the TPM SHALL ensure that auditDigest contains
a valid value.
ii. If initialization fails, the TPM SHALL set auditDigest to all zeros and SHALL set
the internal TPM state so that the TPM returns TPM_FAILEDSELFTEST to all
subsequent commands.
e. The TPM SHALL set TPM_STCLEAR_FLAGS -> deactivated to the same state as
TPM_PERMANENT_FLAGS -> deactivated
f. The TPM MUST set the TPM_STANY_DATA fields to:
i. TPM_STANY_DATA->contextNonceSession is set to all zeros
ii. TPM_STANY_DATA->contextCount is set to 0
iii. TPM_STANY_DATA->contextList is set to 0
g. The TPM MUST set TPM_STCLEAR_DATA fields to:
i. Invalidate contextNonceKey
ii. countID to zero
iii. ownerReference to TPM_KH_OWNER
h. The TPM MUST set the following TPM_STCLEAR_FLAGS to
i. bGlobalLock to FALSE
i. Determine which keys should remain in the TPM
i. For each key that has a valid preserved value in the TPM
8 Level 2 Revision 116 28 February 2011
TCG Published
81
82
83
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
84
85
TPM Main Part 3 Commands TCG © Copyright
Specification Version 1.2
(1) if parentPCRStatus is TRUE then call TPM_FlushSpecific(keyHandle)
(2) if isVolatile is TRUE then call TPM_FlushSpecific(keyHandle)
ii. Keys under control of the OwnerEvict flag MUST stay resident in the TPM
3. If stType = TPM_ST_STATE
a. If the TPM has no state to restore, the TPM MUST set the internal state such that it
returns TPM_FAILEDSELFTEST to all subsequent commands.
b. The TPM MAY determine for each session type (authorization, transport, DAA, …) to
release or maintain the session information. The TPM reports how it manages sessions
in the TPM_GetCapability command.
c. The TPM SHALL take all necessary actions to ensure that all PCRs contain valid
preserved values. If the TPM is unable to successfully complete these actions, it SHALL
enter the TPM failure mode.
i. For resettable PCR the TPM MUST set the value of TPM_STCLEAR_DATA ->
PCR[]to the resettable PCR default value. The TPM MUST NOT restore a resettable
PCR to a preserved value
d. The TPM MAY initialize auditDigest to all zeros.
i. Otherwise, the TPM SHALL take all actions necessary to ensure that
auditDigest contains a valid value. If the TPM is unable to successfully complete
these actions, the TPM SHALL initialize auditDigest to all zeros and SHALL set the
internal state such that the TPM returns TPM_FAILEDSELFTEST to all
subsequent commands.
e. The TPM MUST restore the following flags to their preserved states:
i. All values in TPM_STCLEAR_FLAGS
ii. All values in TPM_STCLEAR_DATA
f. The TPM MUST restore all keys that have a valid preserved value.
g. The TPM resumes normal operation. If the TPM is unable to resume normal
operation, it SHALL enter the TPM failure mode.
4. If stType = TPM_ST_DEACTIVATED
a. Invalidate sessions
i. Ensure that all resources associated with saved and active sessions are
invalidated
b. Set the TPM_STCLEAR_FLAGS to their default state.
c. Set TPM_STCLEAR_FLAGS -> deactivated to TRUE
5. The TPM MUST ensure that state associated with TPM_SaveState is invalidated
6. The TPM MUST set TPM_STANY_FLAGS -> postInitialise to FALSE
Level 2 Revision 116 28 February 2011 9
TCG Published
86
87
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
88
89
剩余338页未读,继续阅读
书香度年华
- 粉丝: 1w+
- 资源: 383
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- C++标准程序库:权威指南
- Java解惑:奇数判断误区与改进方法
- C++编程必读:20种设计模式详解与实战
- LM3S8962微控制器数据手册
- 51单片机C语言实战教程:从入门到精通
- Spring3.0权威指南:JavaEE6实战
- Win32多线程程序设计详解
- Lucene2.9.1开发全攻略:从环境配置到索引创建
- 内存虚拟硬盘技术:提升电脑速度的秘密武器
- Java操作数据库:保存与显示图片到数据库及页面
- ISO14001:2004环境管理体系要求详解
- ShopExV4.8二次开发详解
- 企业形象与产品推广一站式网站建设技术方案揭秘
- Shopex二次开发:触发器与控制器重定向技术详解
- FPGA开发实战指南:创新设计与进阶技巧
- ShopExV4.8二次开发入门:解决升级问题与功能扩展
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功