-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Tpm attestation fields clarification #791
Conversation
This fixes #372 |
…hard to understand the field names without...
Should we add a note that the value of extraData (i.e. the attToBeSigned) is set by the caller of the TPM and it is NOT verified by the TPM itself? |
index.bs
Outdated
@@ -3203,6 +3203,8 @@ engine. | |||
- Verify that `attested` contains a `TPMS_CERTIFY_INFO` structure, whose `name` field contains a valid Name for |pubArea|, | |||
as computed using the algorithm in the `nameAlg` field of |pubArea| using the procedure specified in [[TPMv2-Part1]] | |||
section 16. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
TPMS_CERTIFY_INFO is defined in TPMVv2-Part2, section 10.12.3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added.
@rlin1 I don't know whether it is necessary or provide any value to the RP. |
@selfissued Please review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a good improvement.
If you want, add the missing comma that is syntactically required after "i.e." before merging, but if you don't want to take the time, this can be fixed in the overall review pass.
@akshayku please merge |
Preview | Diff