On Wed, Jun 17, 2020 at 05:25:40PM -0700, James Bottomley wrote: > On Wed, 2020-06-17 at 14:42 -0700, Jerry Snitselaar wrote: > > On Tue Jun 16 20, James Bottomley wrote: > > > The TCG has defined an OID prefix "2.23.133.10.1" for the various > > > TPM > > > key uses. We've defined three of the available numbers: > > > > > > 2.23.133.10.1.3 TPM Loadable key. This is an asymmetric key > > > (Usually > > > RSA2048 or Elliptic Curve) which can be imported by a > > > TPM2_Load() operation. > > > > > > 2.23.133.10.1.4 TPM Importable Key. This is an asymmetric key > > > (Usually > > > RSA2048 or Elliptic Curve) which can be imported by a > > > TPM2_Import() operation. > > > > > > Both loadable and importable keys are specific to a given TPM, the > > > difference is that a loadable key is wrapped with the symmetric > > > secret, so must have been created by the TPM itself. An importable > > > key is wrapped with a DH shared secret, and may be created without > > > access to the TPM provided you know the public part of the parent > > > key. > > > > > > 2.23.133.10.1.5 TPM Sealed Data. This is a set of data (up to 128 > > > bytes) which is sealed by the TPM. It usually > > > represents a symmetric key and must be unsealed before > > > use. > > > > > > > James, which document are these defined in? I was searching last > > night, and couldn't find it. > > It isn't. It's defined in a TCG spreadsheet that Monty Wiseman keeps, > but that seems to be as "official" as it gets with the TCG OID > registry. > > James "The TCG has defined an OID prefix "2.23.133.10.1" for the various TPM key uses." Should this sentence start just as "TCG ...", not sure if "the" is required? /Jarkko
