tcg-canonical-event-log = [ * TPMS_CEL_EVENT-choice ] TPMS_CEL_EVENT-choice = &( TPMS_CEL_EVENT<CEL, TPMS_EVENT_CELMGT-choice>, TPMS_CEL_EVENT<PCCLIENT_STD, TPMS_EVENT_PCCLIENT_STD>, TPMS_CEL_EVENT<IMA_TEMPLATE, TPMS_EVENT_IMA_TEMPLATE>, TPMS_CEL_EVENT<IMA_TLV, BYTEBUFFER>, TPMS_CEL_EVENT<SYSTEMD, BYTEBUFFER>, * $TPMS_CEL_EVENT-extension, ) TPMS_CEL_EVENT<T,C> = { recnum => uint, pcr-xor-nv-index, digests => TPML_DIGEST_VALUES, content_type => T, ; from TPMI_CEL_CONTENT_TYPE content => C, ; TPMU_EVENTCONTENT group choice } pcr-xor-nv-index //= ( pcr => 0x00000000..0x00FFFFFF ) pcr-xor-nv-index //= ( nv_index => 0x20000000..0x20FFFFFF ) TPML_DIGEST_VALUES = [ + TPMT_HA ] TPMT_HA = { hashAlg => $TPMI_ALG_HASH, ; see TCG Algorithm Registry digest => BYTEBUFFER, } TPMS_EVENT_CELMGT-choice = &( TPMS_EVENT_CELMGT<CEL_VERSION, TPMS_CEL_VERSION>, TPMS_EVENT_CELMGT<CEL_TIMESTAMP, uint .size 8>, TPMS_EVENT_CELMGT<STATE_TRANS, $TPMI_STATE_TRANS>, { celmgt.type => FIRMWARE_END }, * $$TPMS_EVENT_CELMGT-extensions, ) TPMS_EVENT_CELMGT<T,D> = { celmgt.type => T, ; from TPMI_CELMGTTYPE celmgt.data => D, ; from TPMU_CELMGT } TPMS_CEL_VERSION = { major => uint .size 2, minor => uint .size 2, } $TPMI_STATE_TRANS /= Suspend $TPMI_STATE_TRANS /= Hibernate $TPMI_STATE_TRANS /= Kexec TPMS_EVENT_PCCLIENT_STD = { event_type => text / uint .size 4, event_data => BYTEBUFFER, } TPMS_EVENT_IMA_TEMPLATE = { template_name => text, template_data => BYTEBUFFER, } ; JSON/CBOR labels and constants JSON-ONLY<J> = J .feature "json" CBOR-ONLY<C> = C .feature "cbor" JC<J,C> = JSON-ONLY<J> / CBOR-ONLY<C> recnum = JC<"recnum", 0> pcr = JC<"pcr", 1> nv_index = JC<"nv_index", 2> digests = JC<"digests", 3> CEL = JC<"cel", 4> PCCLIENT_STD = JC<"pcclient_std", 5> IMA_TEMPLATE = JC<"ima_template", 7> IMA_TLV = JC<"ima_tlv", 8> SYSTEMD = JC<"systemd", 9> content_type = JC<"content_type", 9> content = JC<"content", 10> hashAlg = JC<"hashAlg", 0> digest = JC<"digest", 1> celmgt.type = JC<"type", 0> celmgt.data = JC<"data", 1> CEL_VERSION = JC<"cel_version", 1> FIRMWARE_END = JC<"firmware_end", 2> CEL_TIMESTAMP = JC<"cel_timestamp", 80> STATE_TRANS = JC<"state_trans", 81> major = JC<"major", 0> minor = JC<"minor", 1> Suspend = JC<"suspend", 0> Hibernate = JC<"hibernate", 1> Kexec = JC<"kexec", 2> event_type = JC<"event_type", 0> event_data = JC<"event_data", 1> template_name = JC<"template_name", 0> template_data = JC<"template_data", 1> BYTEBUFFER = JC<text, bytes> ;; The following rules originate from TCG Algorithm Registry [3] ;; For convenience, the section below is extracted from ;; tcg-algorithm-registry.cddl. This document should be used in ;; conjunction with the full and most current TCG Algorithm Registry ;; and corresponding tcg-algorithm-registry.cddl instead. $TPMI_ALG_HASH /= TPM_ALG_SHA $TPMI_ALG_HASH /= TPM_ALG_SHA1 $TPMI_ALG_HASH /= TPM_ALG_SHA256 $TPMI_ALG_HASH /= TPM_ALG_SHA384 $TPMI_ALG_HASH /= TPM_ALG_SHA512 $TPMI_ALG_HASH /= TPM_ALG_SM3_256 $TPMI_ALG_HASH /= TPM_ALG_SHA3_256 $TPMI_ALG_HASH /= TPM_ALG_SHA3_384 $TPMI_ALG_HASH /= TPM_ALG_SHA3_512 TPM_ALG_SHA = JC<("sha" / 0x0004), 0x0004> TPM_ALG_SHA1 = JC<("sha1" / 0x0004), 0x0004> TPM_ALG_SHA256 = JC<("sha256" / 0x000B), 0x000B> TPM_ALG_SHA384 = JC<("sha384" / 0x000C), 0x000C> TPM_ALG_SHA512 = JC<("sha512" / 0x000D), 0x000D> TPM_ALG_SM3_256 = JC<("sm3_256" / 0x0012), 0x0012> TPM_ALG_SHA3_256 = JC<("sha3_256" / 0x0027), 0x0027> TPM_ALG_SHA3_384 = JC<("sha3_384" / 0x0028), 0x0028> TPM_ALG_SHA3_512 = JC<("sha3_512" / 0x0029), 0x0029>