TPM 2.0
=========

AK provision 可通过 signing 或 encrypt。

anonymous signing ecdaa，verifier的RL check开销大。

支持sm2/3/4。


参考资料
-----------

- `Trusted Platform Module Library Specification, Family “2.0” <https://trustedcomputinggroup.org/resource/tpm-library-specification/>`_
- `TPM 2.0 Keys for Device Identity and Attestation <https://trustedcomputinggroup.org/resource/tpm-2-0-keys-for-device-identity-and-attestation/>`_