Restrict signatures
Signatures made by the TPM over TPM internal data, mainly for attestation. This proves that the data was generated by the TPM.
These signatures can also be made over externally provided data.
Hashed by the TPM.
Internal hashing produces a ticket that unlocks a restricted signature.
However, the external data cannot reproduce internal values.
4-byte magic value (
TPM_GENERATED
)Used when hashing internal data structures
Cannot be at the beginning of the hashed external data
Last updated