Ask questionsHow to identify which TPM 2.0 PCR Bank is being used

On, there is no documented way to identify which PCR Bank is being used. For example, if you have a TPM 2.0 machine with SHA-1 and SHA-256 PCR Banks, it would be good to document how you can identify which one is being used.

Example text:

How can I identify which PCR bank is being used?

You can identify which PCR bank is currently used by Windows by looking at the registry.

Registry information

Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\IntegrityServices


Defines which PCR banks are currently active

Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\IntegrityServices


Algorithm ID of the PCR bank that Windows is currently using. (For the full list of supported algorithms, see the TCG Algorithm Registry.)


Answer questions alrosado

The issue I have is I am being asked how to identify if TPM 2.0 is using SHA 256 and nowhere in the documentation does it specify how to query that.


Related questions

tdlrecover.exe - Windows 10.0.18362.XXX - TileDataLayer is deprecated hot 1
DisableEnterpriseAuthProxy=0 and Windows Defender ATP hot 1
CloudAssignedOobeConfig has a 1024 bitmap to skip keyboard layout hot 1
Documentation is wrong and does not work get this error hot 1
0x801c03f3 not listed hot 1
Give an example how to utilize RestrictedGroups feature hot 1
0x801c0451 not listed hot 1
InstallWindowsDefenderApplicationGuard hot 1
0x801c044f not listed... hot 1
Windows Hello certificates requires enabling a permitted strong authentication provider hot 1
Unknown OS architecture when runnig on non-english OS hot 1
FileExplorerNamespaceRestrictions hot 1
0x801c0451 not listed hot 1
whats the difference between "ProvisionedHomePages" and "ConfigureHomeButtonURL" hot 1
This policy must be wrapped in an Atomic command. hot 1
Github User Rank List