Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys PolicyPcrSpec

Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys PolicyPcrSpec
Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys PolicyPcrSpec

The Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys PolicyPcrSpec schema contains information that can be used to construct a PCR policy session for unsealing a secret using the POST /vcenter/trusted-infrastructure/hosts/{host}/hardware/tpm/{tpm}/endorsement-keys/{key}?action=unseal operation.

This schema was added in vSphere API 8.0.0.1.

JSON Example
{
    "pcrs": "string",
    "pcr_digest": "string"
}
string As byte As byte
pcrs
Required

The PCRs to which the data is sealed.

The PCR selection is a TPML_PCR_SELECTION structure.

Trusted Platform Module Library Part 2: Structures, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 10.9.7 TPML_PCR_SELECTION

This property was added in vSphere API 8.0.0.1.

string As byte As byte
pcr_digest
Optional

The digest of the PCRs selected in Vcenter TrustedInfrastructure Hosts Hardware Tpm EndorsementKeys PolicyPcrSpec.pcrs.

The digest is a TPM2B_DIGEST structure.

Trusted Platform Module Library Part 2: Structures, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 10.4.2 TPM2B_DIGEST

This property was added in vSphere API 8.0.0.1.

If missing or null, then the PCR digest is calculated by the service based on the current PCR state.