On Tue, 2016-11-22 at 07:44 -0800, James Bottomley wrote: > > > I'm just having a look at the spec (page 151 in > > http://www.trustedcomputinggroup.org/wp-content/uploads/TSS_1_2_Errat > > a_A-final.pdf), and am a bit confused by the TssBlobType type. Which > > is it in practice, an ENUMERATED or an INTEGER? > > It's actually here: > > http://trustedcomputinggroup.org/wp-content/uploads/TPM-Main-Part-2-TPM-Structures_v1.2_rev116_01032011.pdf > > It's around page 101, section 10.3 the TPM_KEY12 structure. That tells > you what to encrypt and how to construct the encrypted part of the > blob. It refers to other structures, so you end up doing a bit of a > pointer chase through the document.
The TPM_KEY12 structure is what's in the OCTET STRING (that I just
showed). But I believe we're looking at the ASN.1 on page 151 (§3.23
"Portable Data") of the TSS spec:
TssBlobType ::= ENUMERATED
{
Key-Blob (1), -- TCPA_KEY as returned from TPM
PubKey-Blob (2), -- TCPA_PUBKEY as returned from TPM
MigKey-Blob (3), -- TCPA_KEY as return from the TSP
Tspi_Key_CreateMigrationBlob
In dedicated mode (see the command for details)
SealedData-Blob (4), -- TCPA_STORED_DATA as returned from TPM
...
}
TssBlobType ::= INTEGER
TssBlob ::= SEQUENCE
{
StructVersion INTEGER, -- Version of this structure; at the moment 1
BlobType TssBlobType, -- Type of Blob; see enum
BlobLength INTEGER, -- Length of Blob
Blob OCTET STRING -- Blob as returned from TPM (no ASN1 encoding)
}
To my knowledge nothing actually *implements* this TssBlob. Those PEM
files (like the one I just showed) only contain the OCTET STRING.
--
dwmw2
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
