When I first did TPM 1.2, I stored different
parts of the TPM NV data (permanent data, owner evict keys, defined space)
in different files. It got ugly and I eventually changed to one big
blob, This was far more portable, worked better for real flash memory,
etc. It also handles integrity and/or encryption with less overhead.
As for encoding, I didn't bother with
DER, XML, etc, as the TPM was big enough without importing complex parsers.
The TPM already requires marshalling and unmarshalling code in its
native binary format for command and response handling, so I just reused
that code. I added version numbers and count values to handle changes
to the format, and a hash to detect corruption.
--
Ken Goldman address@hidden
914-945-2415 (862-2415)