TPM Capabilities

TPM capabilities related to platform identification include endorsement key and TPM identity-generation capabilities.

The formal definition of these capabilities can be found in the latest TCPA specification. The capability names used in this section are exactly those used in the TCPA specification.

Endorsement Key Capabilities

The following are the TCPA protected capabilities related to the TPM endorsement key pair.

  • TPM_CreateEndorsementKeyPair (naturally enough) creates the endorsement key inside the TPM and is used instead of injecting the endorsement key into a TPM. Typically, this is used when a customer creates the endorsement key.

  • TPM_ReadPubek can be used by anyone to read the public endorsement key unless TPM_DisablePubekRead ...

Get Trusted Computing Platforms: TCPA Technology in Context now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.