Lines Matching refs:TPM

907 This part 3 of the Trusted Module Library specification contains the definitions of the TPM command…
912 of a TPM. The combination of this part 3 and part 4: Supporting Routines is sufficient to fully des…
913 required behavior of a TPM.
914 The code in parts 3 and 4 is written to define the behavior of a compliant TPM. In some cases (e.g.,
919 specification require that a TPM meet any particular level of conformance.
994 throttling by the TPM. If the command code does not have this notation, then a write to NV
997 failure. A TPM may use the occasion of command execution to update the NV
1005 TPM when the command completes. This may be combined with the {NV} modifier but not with the
1136 normative and different TPM may give different responses when a command has multiple errors.
1144 Before a TPM may begin the actions associated with a command, a set of command format and
1147 a) The TPM shall successfully unmarshal a TPMI_ST_COMMAND_TAG and verify that it is either
1149 b) The TPM shall successfully unmarshal a UINT32 as the commandSize. If the TPM has an interface
1155 A TPM may have direct access to system memory and unmarshal directly from that memory.
1157 c) The TPM shall successfully unmarshal a TPM_CC and verify that the command is implemented
1178 a) If the TPM is in Failure mode, then the commandCode is TPM_CC_GetTestResult or
1183 In Failure mode, the TPM has no cryptographic capability and proc essing of sessions is not
1186 b) The TPM is in Field Upgrade mode (FUM), the commandCode is TPM_CC_FieldUpgradeData
1188 c) If the TPM has not been initialized (TPM2_Startup()), then the commandCode is TPM_CC_Startup
1192 The TPM may enter Failure mode during _TPM_Init processing, before TPM2_Startup(). Since
1193 the platform firmware cannot know that the TPM is in Failure mode without accessing it, and
1196 indicating that the TPM is in Failure mode.
1197 There may be failures where a TPM cannot record that it received TPM2_Startup(). In those
1198 cases, a TPM in failure mode may process TPM2_GetTestResult(), TPM2_GetCapability(), or
1199 the field upgrade commands. As a side effect, that TPM may process TPM2_GetTestResult(),
1205 After successfully unmarshaling and validating the command header, the TPM shall perform the follow…
1207 a) The TPM shall successfully unmarshal the number of handles required by the command and validate
1208 that the value of the handle is consistent with the command syntax. If not, the TPM shall return
1212 The TPM may unmarshal a handle and validate that it references an entity on the TPM before
1218 the TPM may continue to read into the next area and attempt to interpret the data as a handle.
1220 b) For all handles in the handle area of the command, the TPM will validate that the referenced ent…
1221 present in the TPM.
1232 the handle shall reference a persistent object that is currently in TPM non-volatile memory
1239 iii) if the TPM implementation moves a persistent object to RAM for command processing then
1285 4) If the handle references a session, then the session context shall be present in TPM memory
1290 6) If the handle references a PCR, then the value is within the range of PCR supported by the TPM
1302 (TPM2_ContextSave(), TPM2_ContextLoad(), or TPM2_FlushContext()) the TPM will return
1304 b) If the tag is TPM_ST_SESSIONS, the TPM will attempt to unmarshal an authorizationSize and return
1317 c) The TPM will unmarshal the authorization sessions and perform the following validations:
1319 TPM_RS_PW then the TPM shall return TPM_RC_HANDLE.
1320 2) If the session is not loaded, the TPM will return the warning TPM_RC_REFERENCE_S0 + N
1328 indicated in authorizationSize were unmarshaled (that is, authorizationSize is too large), the TPM
1394 TPM
1399 password, then the TPM is not in lockout (TPM_RC_LOCKOUT).
1531 If the TPM returns an error other than TPM_RC_AUTH_FAIL then the TPM shall not alter any TPM state.
1532 If the TPM return TPM_RC_AUTH_FAIL, then the TPM shall not alter any TPM state other than
1538 The TPM may decrease failedTries regardless of any other processing performed by the TPM. That
1539 is, the TPM may exit Lockout mode, regardless of the return code.
1544 allow a command parameter to be encrypted, then the TPM will return TPM_RC_ATTRIBUTES.
1559 Otherwise, the TPM will decrypt the parameter using the values associated with the session before
1579 required that the TPM validate that the parameters meet the requirements of the expected data type …
1618 value that is supported by the TPM
1623 supported by the TPM
1628 supported by the TPM
1633 is supported by the TPM
1643 have a value that is supported by the TPM
1647 a parameter that is a key size has a value that is not supported by the TPM
1652 a value that is supported by the TPM
1661 a value that is supported by the TPM
1670 value that is supported by the TPM
1675 the TPM
1680 not supported by the TPM
1697 will be in the response. If so, the TPM will encrypt the first parameter of the response if indicat…
1698 authorization attributes. The TPM will then generate a new nonce value for each session and, if
1752 command formatted for a TPM 1.2 but the TPM is not capable of executing TPM 1.2 commands. So that
1753 the TPM 1.2 compatible software will have a recognizable response, the TPM sets tag to
1755 This is the same response as the TPM 1.2 fatal error for TPM_BADTAG.
1761 command did not complete and the state of the TPM is unchanged. An exception to this general rule is
1793 This response code may be returned by a TPM that supports command cancel.
1794 When the TPM receives an indication that the current command should be
1795 cancelled, the TPM may complete the command or return this code. If this code
1796 is returned, then the TPM state is not changed and the same command may be
1810 are not allowed at this time because the TPM is in DA lockout mode. The remedy
1815 A TPM may use a common pool of memory for objects, sessions, and other
1816 purposes. When the TPM does not have enough memory available to perform
1818 that the TPM resource manager may flush either sessions or objects in order to
1819 make memory available for the command execution. A TPM may choose to
1825 This response code indicates that the TPM is rate-limiting writes to the NV
1835 until it is. This would occur in a system where the NV memory used by the TPM
1836 is not exclusive to the TPM and is a shared system resource.
1840 This response code indicates that the TPM has exhausted its handle space and
1841 no new objects can be loaded unless the TPM is rebooted. This does not occur in
1844 unique handle each time the object is loaded. A TPM using this implementation
1850 This response code can be returned by any command that causes the TPM to
1853 TPM2_ContextLoad()). However, the TPM implementation is allowed to use
1854 object slots for other reasons. In the reference implementation, the TPM copies a
1856 slots are previously occupied, the TPM may return this value. A TPM is allowed
1858 this response is returned is for the TPM resource manager to flush a transient
1867 value of 0 indicating the 1 handle and 6 representing the 7 . The TPM resource
1875 Usually, this error indicates that the TPM resource manager has a corrupted
1899 TPM resource manager needs to find the correct session and load it. It may then
1901 NOTE Usually, this error indicates that the TPM resource manager has a
1906 the TPM was not able to start the command
1908 This response code indicates that the TPM does not have a handle to assign to a
1911 listed here because the command is not in error and the TPM resource manager
1916 This response code can be returned by any command that causes the TPM to
1919 However, the TPM implementation is allowed to use object slots for other
1920 purposes. The remedy when this response is returned is for the TPM resource
1932 This response code indicates that the TPM is performing tests and cannot
1937 the TPM has suspended operation on the command; forward progress was made
1997 Verification that the handles in the handle area reference entities that are resident on the TPM.
2069 This clause contains the commands used to manage the startup and restart state of a TPM.
2075 _TPM_Init initializes a TPM.
2076 …zation actions include testing code required to execute the next expected command. If the TPM is in
2081 If the TPM performs self-tests after receiving _TPM_Init() and the TPM enters Failure mode before
2082 receiving TPM2_Startup() or TPM2_FieldUpgradeData(), then the TPM may be able to accept
2086 physical interface to the TPM. The platform shall send this indication whenever the platform starts…
2093 While this flag is CLEAR, the TPM will only accept the next expected command described above.
2173 TPM2_Startup() is always preceded by _TPM_Init, which is the physical indication that TPM initializ…
2175 TPM2_Startup() commands are not allowed after it has completed successfully. If a TPM requires
2176 TPM2_Startup() and another command is received, or if the TPM receives TPM2_Startup() when it is not
2177 required, the TPM shall return TPM_RC_INITIALIZE.
2180 See 11.2.1 for other command options for a TPM supporting field upgrade mode.
2186 If in Failure mode the TPM shall accept TPM2_GetTestResult() and TPM2_GetCapability() even if
2188 A Shutdown/Startup sequence determines the way in which the TPM will operate in response to
2190 1) TPM Reset – This is a Startup(CLEAR) preceded by either Shutdown(CLEAR) or no
2191 TPM2_Shutdown(). On TPM Reset, all variables go back to their default initialization state.
2194 Only those values that are specified as having a default initialization state are changed by TPM
2199 2) TPM Restart – This is a Startup(CLEAR) preceded by Shutdown(STATE). This preserves much of the
2200 previous state of the TPM except that PCR and the controls associated with the Platform hierarchy
2202 3) TPM Resume – This is a Startup(STATE) preceded by Shutdown(STATE). This preserves the
2203 previous state of the TPM including the static Root of Trust for Measurement (S-RTM) PCR and the
2205 If a TPM receives Startup(STATE) and that was not preceded by Shutdown(STATE), the TPM shall return
2207 If, during TPM Restart or TPM Resume, the TPM fails to restore the state saved at the last
2208 Shutdown(STATE), the TPM shall enter Failure Mode and return TPM_RC_FAILURE.
2216 all transient contexts (objects, sessions, and sequences) shall be flushed from TPM memory;
2227 On TPM Reset
2280 are preserved by TPM Resume will need to be restored during TPM2_Startup().
2287 On TPM Restart
2309 On TPM Resume
2321 PCR that are specified in a platform-specific specification to be preserved on TPM Resume are
2324 Other TPM state may change as required to meet the needs of the implementation.
2325 If the startupType is TPM_SU_STATE and the TPM requires TPM_SU_CLEAR, then the TPM shall return
2329 The TPM will require
2672 // Update TPM internal states if command succeeded.
2696 This command is used to prepare the TPM for a power cycle. The shutdownType parameter indicates
2726 The following items shall not be saved and will not be in TPM memory after the next TPM2_Startup:
2729 TPM-memory-resident session contexts;
2733 TPM-memory-resident transient objects; or
2737 TPM-memory-resident hash contexts created by TPM2_HashSequenceStart().
2740 This command saves TPM state but does not change the state other than the internal indication that …
2741 context has been saved. The TPM shall continue to accept commands. If a subsequent command
2742 changes TPM state saved by this command, then the effect of this command is nullified. The TPM MAY
2980 Compliance to standards for hardware security modules may require that the TPM test its functions
2981 before the results that depend on those functions may be returned. The TPM may perform operations
2982 using testable functions before those functions have been tested as long as the TPM returns no value
2988 that command may result in a value being returned to the TPM user. This means tha t
2993 If a command is received that requires return of a value that depends on untested functions, the TPM
2995 Once the TPM has received TPM2_SelfTest() and before completion of all tests, the TPM is required to
2997 If a self-test fails at any time, the TPM will enter Failure mode. While in Failure mode, the TPM w…
2999 TPM will remain in Failure mode until the next _TPM_Init.
3019 This command causes the TPM to perform a test of its capabilities. If the fullTest is YES, the TPM
3020 all functions. If fullTest = NO, the TPM will only test those functions that have not previously be…
3021 If any tests are required, the TPM shall either
3025 If fullTest is NO, and all functions have been tested, the TPM shall return TPM_RC_SUCCESS.
3028 If the TPM uses option a), the TPM shall return TPM_RC_TESTING for any command that requires use
3033 This command may cause the TPM to continue processing after it has returned the response. So
3035 would allow the TPM to generate an interrupt when the “background” processing is complete. This
3172 This command causes the TPM to perform a test of the selected algorithms.
3175 The toTest list indicates the algorithms that software would like the TPM to test in anticipation of
3184 The TPM will return in toDoList a list of algorithms that are yet to be tested. This list is not th…
3189 If toTest is not an empty list, the TPM shall return TPM_RC_SUCCESS for this command and then return
3201 If all the parameters in this command are valid, the TPM returns TPM_RC_SUCCESS and the toDoList
3351 TPM is in Failure mode because of an invalid startupType in TPM2_Startup(), testResult will be
3353 This command will operate when the TPM is in Failure mode so that software can determine the test
3354 status of the TPM and so that diagnostic information can be obtained for use in failure analysis. I…
3355 TPM is in Failure mode, then tag is required to be TPM_ST_NO_SESSIONS or the TPM shall return
3497 This command allows injection of a secret into the TPM using either asymmetric or symmetric encrypt…
3506 The TPM generates the sessionKey from the recovered secret value.
3524 If the TPM does not have
3547 If the TPM implements a “gap” scheme for assigning contextID values, then the TPM shall return
3551 proper type for tpmKey. The TPM shall return TPM_RC_VALUE if:
3627 Although this command changes the session allocation information in the TPM, it does not invalidate
3628 …uired after this comm and in order to reestablish the orderly state of the TPM. This is because th…
3629 slot in the TPM and sessions in the TPM do not survive any TPM2_Startup(). However, if a created
3632 The TPM shall return TPM_RC_SIZE if nonceCaller is less than 16 octets or is greater than the size …
3718 Shall be a hash algorithm supported by the TPM and
3752 the initial nonce from the TPM, used in the computation
3782 the oldest active context is at the limits of the TPM
3868 // TPM key for decrypt salt
4027 used after the TPM returns TPM_RC_PCR_CHANGED. That response code indicates that a policy will
4182 This command is used to create an object that can be loaded into a TPM using TPM2_Load(). If the
4183 command completes successfully, the TPM will create the new object and return the object’s creation
4194 a symmetric object, an optional initial data value (inSensitive.data). The TPM shall validate the
4198 is indicated as being TPM-generated, the value is filled in by bits from the RNG if the command is
4202 CLEAR if inSensitive.data is not an Empty Buffer or the TPM shall return TPM_RC_ATTRIBUTES.
4203 The TPM will create new data for the sensitive area and compute a TPMT_PUBLIC.unique from the
4206 1) If inSensitive.data is the Empty Buffer, a TPM-generated key value is placed in the new object’s
4209 2) If inSensitive.data is not the Empty Buffer, the TPM will validate that the size of inSensitive.…
4212 3) A TPM-generated obfuscation value is placed in TPMT_SENSITIVE.sensitive.seedValue. The
4224 1) If sensitive.data is not the Empty Buffer, then the TPM shall return TPM_RC_VALUE.
4239 2) A TPM-generated private key value is created with the size determined by the parameters of
4241 3) If the key is a Storage Key, a TPM-generated TPMT_SENSITIVE.symKey value is created;
4246 the public area of the template, then the TPM shall return TPM_RC_SCHEME.
4248 area of the template, then the TPM shall return TPM_RC_KDF.
4258 the TPM shall return TPM_RC_ATTRIBUTES. This would be a data object with no data.
4259 2) If inSensitive.data is not an Empty Buffer, the TPM will copy the inSensitive.data to
4276 3) If inSensitive.data is an Empty Buffer, a TPM-generated key value that is the size of the digest
4278 4) A TPM-generated obfuscation value that is the size of the digest produced by the nameAlg of
4283 For TPM2_Load(), the TPM will apply normal symmetric protections to the created TPMT_SENSITIVE to
4289 In addition to outPublic and outPrivate, the TPM will build a TPMS_CREATION_DATA structure for the
4296 inPublic.type, inPublic.nameAlg, and inPublic.parameters. If inPublic.type does not match, the TPM
4297 return TPM_RC_TYPE. If inPublic.nameAlg does not match, the TPM shall return TPM_RC_HASH. If
4298 inPublic.parameters does not match, the TPM shall return TPM_RC_ASSYMETRIC. The TPM shall not
4302 If the inPublic.parameters.ecc.symmetric.algorithm does not match the parent, the TPM shall return
4424 the creation data was produced by the TPM
4479 sensitive creation area; may also be returned if the TPM does not
4697 This command is used to load objects into the TPM. This command is used when both a TPM2B_PUBLIC
4720 The command returns a handle for the loaded object and the Name that the TPM computed for
4724 The TPM-computed Name is provided as a convenience to the caller for those cases where the
4733 the public area or the TPM shall return TPM_RC_KEY_SIZE.
4736 object are not properly linked, the TPM shall return TPM_RC_BINDING.
4791 TPM handle of parent key; shall not be a reserved
5102 This command is used to load an object that is not a Protected Object into the TPM. The command all…
5106 Typical use for loading a public area is to allow the TPM to validate an asymmetric signature.
5107 Typical use for loading both a public and sensitive area is to allow the TPM to be used as a crypto
5124 resident on a different TPM. If both the public and private parts of the key are loaded, then it is…
5130 be the same as its Name. The TPM will validate that the authPolicy is either the size of the digest
5142 If the nameAlg is TPM_ALG_NULL, the TPM shall not verify the cryptographic binding between the publ…
5143 and sensitive areas, but the TPM will validate that the size of the key in the sensitive area is co…
5144 with the size indicated in the public area. If it is not, the TPM shall return TPM_RC_KEY_SIZE.
5147 For an ECC object, the TPM will verify that the public key is on the curve of the key before the pu…
5157 The command returns a handle for the loaded object and the Name that the TPM computed for
5161 The TPM-computed Name is provided as a convenience to the caller for those cases where the
5188 next TPM Reset.
5463 // appear to be a key that was created by this TPM.
5517 If objectHandle references a sequence object, the TPM shall return TPM_RC_SEQUENCE.
5558 TPM handle of an object
5713 …s command enables the association of a credential with an object in a way that ensures that the TPM
5715 If both the public and private portions of activateHandle and keyHandle are not loaded, then the TPM
5717 If keyHandle is not a Storage Key, then the TPM shall return TPM_RC_TYPE.
6029 This command allows the TPM to perform the actions required of a Certificate Authority (CA) in crea…
6031 The TPM will produce a TPM_ID_OBJECT according to the methods in “Credential Protection” in Part 1.
6034 This command does not use any TPM secrets nor does it require authorization. It is a convenience
6035 function, using the TPM to perform cryptographic calculations that could be done externally.
6277 A random, TPM-generated, Sealed Data Object may be created by the TPM with TPM2_Create() or
6280 TPM.
6283 If either restricted, decrypt, or sign is SET in the attributes of itemHandle, then the TPM shall r…
6284 TPM_RC_ATTRIBUTES. If the type of itemHandle is not TPM_ALG_KEYEDHASH, then the TPM shall
6457 This command is used to change the authorization secret for a TPM-resident object.
6458 If successful, a new private area for the TPM-resident object associated with objectHandle is retur…
6460 This command does not change the authorization of the TPM-resident object on which it operates.
6461 Therefore, the old authValue (of the TPM-resident object) is used when generating the response HMAC
6469 The TPM-resident object may be persistent and changing the authorization value of the persistent
6471 change the TPM-resident object.
6750 key for the duplicate may be on the same or different TPM or TPM_RH_NULL. Only the public area of
6754 Since the new parent may only be extant on a different TPM, it is likely that the new parent’s
6755 sensitive area could not be loaded in the TPM from which objectHandle is being duplicated.
6757 If encryptedDuplication is SET in the object being duplicated, then the TPM shall return
6761 If fixedParent of objectHandle→attributes is SET, the TPM shall return TPM_RC_ATTRIBUTES. If
6762 objectHandle→nameAlg is TPM_ALG_NULL, the TPM shall return TPM_RC_TYPE.
6793 If the compared hashes are not the same, then the TPM shall return TPM_RC_POLICY_FAIL.
6805 The TPM shall follow the process of encryption defined in the “Duplication” subclause of “Protected
6863 The size for this key is set to zero when the TPM is to
7189 This command allows the TPM to serve in the role as a Duplication Authority. If proper authorizatio…
7556 // enabled in TPM
7622 If fixedTPM or fixedParent is SET in objectPublic, the TPM shall return TPM_RC_ATTRIBUTES.
7625 Recovery of the sensitive data of the object occurs in the TPM in a three-step process in the follo…
7644 TPM
7662 If the inner or outer wrapper is present, then a valid integrity value shall be present or the TPM
7671 loaded, or before the TPM performs an operation for which the binding affects the outcome of the
7675 If the new parent is not fixedTPM, then that object will be loadable on any TPM (including SW
7678 parent is fixedTPM, then the new private blob is integrity protected by the TPM that “owns” the
7684 After integrity checks and decryption, the TPM will create a new symmetrically encrypted private ar…
8216 implemented in the TPM. Many of these commands are only allowed if the asymmetric key is an
8231 Requiring that the decrypt attribute be set allows the TPM to ensure that the scheme selection is
8234 may modify any key in any desired way. So, this constraint only serves to simplify the TPM logic.
8240 3) TPM_ALG_NULL – Data is not padded by the TPM and the TPM will treat message as an
8321 manipulate the attributes of the key in any way desired. As a result , the TPM shall not check the
8357 The label parameter is optional. If provided (label.size != 0) then the TPM shall return TPM_RC_VAL…
8358 …octet in label is not zero. If a zero octet occurs before label.buffer[label.size-1], the TPM shall
8363 If the scheme does not use a label, the TPM will still verify that label is properly formatted if l…
8659 The TPM will perform a modular exponentiation of ciphertext using the private exponent associated w…
8669 the decryption process and label is required to be the same in both cases. The TPM shall verify tha…
8672 shall be a NULL-terminated string or the TPM will return TPM_RC_VALUE.
8982 This command uses the TPM to generate an ephemeral key pair (de, Qe where Qe ≔ [de]G). It uses the …
9223 This command uses the TPM to recover the Z value from a public point (QB) and a private key (ds). I…
9572 point of that ephemeral key along with a numeric value that allows the TPM to regenerate the associ…
9575 party B, and the commitCounter returned by TPM2_EC_Ephemeral(). The TPM uses the counter value to
9579 The TPM will compute Z or Zs and Ze according to the selected scheme. If the scheme is not a two-ph…
9580 key exchange scheme or if the scheme is not supported, the TPM will return TPM_RC_SCHEME.
9621 The Z values returned by the TPM are a full point and not ju st an x-coordinate.
9754 This command uses the TPM to recover one or two Z values in a two phase key exchange protocol
9953 implemented in the TPM that operate on blocks of data. These include symmetric encryption and
9955 no persistent state that is retained in the TPM when the command is complete.
9981 The TPM will increment the entire IV provided by the caller. The last encrypted value will be
9984 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10004 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10015 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10017 and key combination. If the size of inData is not correct, the TPM shall return
10026 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10035 and key combination. If the size of inData is not correct, the TPM shall return
10061 If the TPM allows this command to be canceled before completion, then the TPM may produce
10425 If the data buffer to be hashed is larger than will fit into the TPM’s input buffer, then the seque…
10430 If the digest is not safe to sign, then the TPM will return a TPMT_TK_HASHCHECK with the hierarchy …
10659 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
10660 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
10663 hash algorithm for the HMAC and the TPM shall return TPM_RC_VALUE if hashAlg is not
10668 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC. Howe…
10669 hashAlg is TPM_ALG_NULL the TPM will use the default scheme of the key.
10670 If both hashAlg and the key default are TPM_ALG_NULL, the TPM shall return TPM_RC_VALUE.
10958 It is recommended that a TPM implement the RNG in a manner that would allow it to return RNG
10962 If bytesRequested is more than will fit into a TPM2B_DIGEST on the TPM, no error is returned but the
10963 TPM will only return as much data as will fit into a TPM2B_DIGEST buffer for the TPM.
10966 TPM2B_DIGEST is large enough to hold the largest digest that may be produced by the TPM.
10968 data returned by this command is TPM implementation-dependent.
11258 This command starts an HMAC sequence. The TPM will create and initialize an HMAC sequence
11266 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
11267 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
11270 hash algorithm for the HMAC and the TPM shall return TPM_RC_VALUE if hashAlg is not
11272 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC; unle…
11638 neither an implemented algorithm nor TPM_ALG_NULL, then the TPM shall return TPM_RC_HASH.
11639 Depending on hashAlg, the TPM will create and initialize a hash sequence structure or an Event
11642 a hash context for each of the PCR banks implemented on the TPM.
11804 any size up to the limits of the TPM.
11807 In all TPM, a buffer size of 1,024 octets is allowed.
11818 This requirement allows the TPM to validate that the first block is safe to sign without having to
12092 TPM had fewer than sizeof(TPM_GENERATED) octets, then the TPM will operate as if digest is not
12095 If sequenceHandle references an Event sequence, then the TPM shall return TPM_RC_MODE.
12438 If sequenceHandle references a hash or HMAC sequence, the TPM shall return TPM_RC_MODE.
12743 The attestation commands cause the TPM to sign an internally generated data structure. The contents…
12749 inScheme will be used for the signing operation and may not be TPM_ALG_NULL. The TPM shall return
12831 The purpose of this command is to prove that an object with a specific Name is loaded in the TPM. By
12832 certifying that the object is loaded, the TPM warrants that a public area with a given Name is self…
12846 The restriction occurs because the Name is used to identify the object being certified. If the TPM
13151 This command is used to prove the association between an object and its creation data. The TPM will
13152 validate that the ticket was produced by the TPM and that the ticket validates the association betw…
13158 The TPM will create a test ticket using the Name associated with objectHandle and creationHash as:
13164 This ticket is then compared to creation ticket. If the tickets are not the same, the TPM shall ret…
13166 If the ticket is valid, then the TPM will create a TPMS_ATTEST structure and place creationHash of …
13507 The TPM will hash the list of PCR selected by PCRselect using the hash algorithm associated with
13824 If sessionHandle is not an audit session, the TPM shall return TPM_RC_TYPE.
13830 This command requires authorization from the privacy administrator of the TPM (expressed with
14179 The way that the TPM tracks that the digest is clear is vendor -dependent. The reference
14186 This command requires authorization from the privacy administrator of the TPM (expressed with
14616 standard TPM-generated attestation block
14820 The TPM generates keys that have different lifetimes. TPM keys in a hierarchy can be persistent for…
14823 key is created for a single pass key exchange with another TPM. However, there are other cases, such
14825 key is used outside of the TPM before the final command "consumes" the ephemeral key.
14826 For these uses, TPM2_Commit() or TPM2_EC_Ephemeral() may be used to have the TPM create an
14828 the caller provides a reference to the ephemeral key so that the TPM can retrieve or recreate the
14834 The TPM uses that number to either look up or recompute the associated private key. After the key is
14835 used, the TPM records the fact that the key has been used so that it cannot be used again.
14836 As mentioned, the TPM can keep each assigned private ephemeral key in memory until it is used.
14837 However, this could consume a large amount of memory. To limit the memory size, the TPM is allowed …
14843 To further reduce the memory requirements for the ephemeral private keys, the TPM is allowed to use
14845 TPM can use a counter as input to a KDF. Incrementing the counter will cause the TPM to generate a
14851 Since the TPM is allowed to restrict the number of pending ephemeral keys, the array size can be li…
14874 TPM2_Commit() performs the first part of an ECC anonymous signing operation. The TPM will perform
14878 For this command, p1, s2 and y2 are optional parameters. If s2 is an Empty Buffer, then the TPM sha…
14879 return TPM_RC_SIZE if y2 is not an Empty Buffer. If p1, s2, and y2 are all Empty Buffers, the TPM s…
14912 nonce that is set to a random value on each TPM Reset; nonce
14914 by the TPM.
15446 The TPM will use the commit mechanism to assign an ephemeral key r and compute a public point Q ≔
15629 to the TPM.
15630 If the signature check succeeds, then the TPM will produce a TPMT_TK_VERIFIED. Otherwise, the TPM
15634 A valid ticket may be used in subsequent commands to provide proof to the TPM that the TPM has
15912 This command causes the TPM to sign an externally provided hash with the specified asymmetric signi…
15918 …ndle references a restricted signing key, then validation shall be provided indicating that the TPM
15928 If the scheme of keyHandle is TPM_ALG_NULL, the TPM will sign using inScheme; otherwise, it will si…
15935 If inScheme is not a valid signing scheme for the type of keyHandle (or TPM_ALG_NULL), then the TPM
16001 proof that digest was created by the TPM
16243 If the TPM is in Failure mode, command audit is not functional.
16266 the TPM will check both setList and clearList are empty (zero length). If so, then the algorithm is…
16552 In TPM 1.2, an Event was hashed using SHA-1 and then the 20-octet digest was extended to a PCR
16555 Event with each being extended to a different PCR, the Event data may be sent to the TPM for hashin…
16562 To support recording of an Event that is larger than the TPM input buffer, the caller may use the
16615 For each list entry, the TPM will check to see if pcrNum is implemented for that algorithm. If so, …
16664 If the caller includes digests for algorithms that are not implemented, then the TPM will fail the …
16667 hashAlg will fail and the TPM will return TPM_RC_HASH.
16669 If the TPM unmarshals the hashAlg of a list entry and the unmarshaled value is not a hash algorithm
16670 implemented on the TPM, the TPM shall return TPM_RC_HASH.
16672 processed but no action is taken by the TPM.
16907 A TPM shall support an Event.size of zero through 1,024 inclusive (Event.size is an octet count). An
16917 computed in preparation for extending the data into the PCR. At the option of the TPM, the list may
16921 Assume a TPM that implements a SHA1 bank and a SHA256 bank and that PCR[22] is only
17154 The TPM will process the list of TPMS_PCR_SELECTION in pcrSelectionIn in order. Within each
17155 TPMS_PCR_SELECTION, the TPM will process the bits in the pcrSelect array in ascending PCR order
17157 TPM will add the digest of the PCR to the list of values to be returned in pcrValue.
17158 The TPM will continue processing bits until all have been processed or until pcrValues would be too…
17328 The TPM will evaluate the request and, if sufficient memory is available for the requested allocati…
17329 TPM will store the allocation request for use during the next TPM2_Startup(TPM_SU_CLEAR) operation.
17333 than once, then the last selection in the pcrAllocation list is the one that the TPM will attempt t…
17336 etc. In the response to this command, the TPM returns the maximum number of PCR allowed for any
17339 allow the TPM to return information about the size needed for the requested allocation and the size
17345 Even if this command does not cause the PCR allocation to change, the TPM cannot have its state
17347 command as it is not expected to be used more than once in the lifetime of the TPM (it can be used
17556 allowing a policy. If the TPM implementation does not allow a policy for pcrNum, the TPM shall retu…
17562 Before this command is first executed on a TPM or after TPM2_ChangePPS(), the access control on the
17570 …ize of the data buffer in authPolicy is not the size of a digest produced by hashAlg, the TPM shall
17789 specification as allowing an authorization value. If the TPM implementation does not allow an
17790 authorization for pcrNum, the TPM shall return TPM_RC_VALUE. A platform-specific specification may
17988 If pcrHandle references a PCR that cannot be reset, the TPM shall return TPM_RC_LOCALITY.
18172 This indication from the TPM interface indicates the start of a dynamic Core Root of Trust for
18173 Measurement (D-CRTM) measurement sequence. On receipt of this indication, the TPM will initialize an
18175 If no object memory is available for creation of the sequence context, the TPM will flush the conte…
18181 object context slot is available or to deal with the consequences of having the TPM select an
18320 This indication from the TPM interface indicates arrival of one or more octets of data that are to …
18323 implemented on the TPM.
18407 // data provided. NOTE: the implementation could be done such that the TPM
18435 This indication from the TPM interface indicates the end of the CRTM measurement. This indication is
18436 discarded and no other action performed if the TPM does not contain a CRTM Event sequence context.
18441 If the CRTM Event sequence occurs after TPM2_Startup(), the TPM will set all of the PCR designated …
18443 specific specification, and increment restartCount. The TPM will then Extend the Event Sequence
18479 complete before TPM2_Startup() or the sequence will have no effect on the TPM.
18716 policySession→nonceTPM, then the TPM shall return TPM_RC_VALUE.
18728 expiration, the TPM shall return TPM_RC_EXPIRED. If nonceTPM is the Empty buffer, and expiration
18729 is non-zero, then the TPM shall return TPM_RC_EXPIRED.
18730 c) timeout – This parameter is compared to the current TPM time. If policySession→timeout is in the
18731 past, then the TPM shall return TPM_RC_EXPIRED.
18744 1) the TPM shall return TPM_RC_CPHASH if policySession→cpHash does not have its default
18750 2) the TPM shall return TPM_RC_SIZE
18857 If cpHash is not the Empty String when a policy command attempts to update it, the TPM will return
18863 this value with a larger value (longer into the future), the TPM will discard the update value. Thi…
18879 value and its value is not the same as pcrUpdateCounter, the TPM shall return
18911 the same way. The different commands simply indicate to the TPM the format used for the authValue
18930 and the policy update succeeds, then the TPM will return a ticket that includes a value indicating …
18939 TPM
18975 reference. The timeout parameter is an absolute time, using TPM Clock as the reference.
19011 If policySession is a trial session, the TPM will not check the signature and will update
19014 If policySession is not a trial session, the TPM will validate auth and only perform the update if …
19067 The TPM will perform the parameter checks listed in 25.2.2
19068 If the parameter checks succeed, the TPM will construct a test digest (tHash) over the provided
19070 If tHash does not match the digest of the signed aHash, then the authorization fails and the TPM sh…
19094 The TPM will optionally produce a ticket as described in 25.2.5.
19168 supported on the TPM.
19221 the TPM when the ticket expires
19273 the signing scheme of auth is not supported by the TPM
19580 // TPM-specific.
19627 “If a policy session is used and use of the authValue of authHandle is not required, the TPM will r…
19629 The secret is the authValue of authObject, which may be any TPM entity with a handle and an associa…
19647 The TPM will optionally produce a ticket as described in 25.2.5.
19733 supported on the TPM.
19771 the TPM when the ticket expires; this ticket will use the
19985 // TPM-specific.
20031 If the checks succeed, the TPM uses the timeout, cpHashA, policyRef, and keyName to construct a tic…
20032 to compare with the value in ticket. If these tickets match, then the TPM will create a TPM2B_NAME
20094 The contents are TPM specific. This shall be the value
20123 an authorization ticket returned by the TPM in response
20267 // Restore timeout data. The format of timeout buffer is TPM-specific.
20362 This command allows options in authorizations without requiring that the TPM evaluate all of the op…
20363 If a policy may be satisfied by different sets of conditions, the TPM need only evaluate one set th…
20367 policySession→policyDigest does not match any value in the list, the TPM shall return TPM_RC_VALUE.
20370 If policySession is a trial session, the TPM will assume that policySession→policyDigest matches on…
20380 The TPM makes no check to see if the size of an entry matches the size of the digest of the
20395 A TPM shall support a list with at least eight tagged digest values.
20639 updated using the values from the command rather than the values from digest of the TPM PCR.
20640 The TPM will modify the pcrs parameter so that bits that correspond to unimplemented PCR are CLEAR.
20641 If policySession is not a trial policy session, the TPM will use the modified value of pcrs to sele…
20644 then it is compared to digestTPM; and if the values do not match, the TPM shall return TPM_RC_VALUE
20673 After this command completes successfully, the TPM shall return TPM_RC_PCR_CHANGED if the policy
20675 The TPM uses a “generation” number (pcrUpdateCounter) that is incremented each time PCR are
20684 have occurred. If the values are different, the TPM shall return TPM_RC_PCR_CHANGED. If
20687 If policySession is a trial policy session, the TPM will not check any PCR and will compute:
20696 The pcrs parameter is expected to match the configuration of the TPM for which the policy is being
20697 computed which may not be the same as the TPM on which the trial policy is being computed.
20994 TPM will validate that policySession→commandLocality is has not previously been set or that the cur…
20996 When locality is not an extended locality, the TPM will validate that the policySession→commandLoca…
20997 is not set or is not set to an extended locality value (TPM_RC_RANGE). If not the TPM will disable …
20999 enabled, the TPM will return TPM_RC_RANGE.
21326 If policySession is a trial policy session, the TPM will update policySession→policyDigest as shown…
21335 If TPMA_NV_WRITTEN is not SET in the NV Index, the TPM shall return TPM_RC_NV_UNINITIALIZED.
21336 The TPM will validate that the size of operandB plus offset is not greater than the size of the NV …
21337 it is, the TPM shall return TPM_RC_SIZE.
21338 The TPM will perform the indicated arithmetic check on the indicated portion of the selected NV Ind…
21339 the check fails, the TPM shall return TPM_RC_POLICY and not change policySession→policyDigest. If
21340 the check succeeds, the TPM will hash the arguments:
21943 If policySession is a trial policy session, the TPM will update policySession→policyDigest as shown…
21946 The TPM will perform the indicated arithmetic check on the indicated portion of the TPMS_TIME_INFO
21947 structure. If the check fails, the TPM shall return TPM_RC_POLICY and not change
21948 policySession→policyDigest. If the check succeeds, the TPM will hash the arguments:
22496 policySession→commandCode does not have its default value, then the TPM will return
22498 If code is not implemented, the TPM will return TPM_RC_POLICY_CC.
22499 If the TPM does not return an error, it will update policySession→policyDigest by
22508 expression is improperly formed but the TPM does not return an error.
22514 When the policy session is used to authorize a command, the TPM will fail the command if the
22928 If policySession→cpHash is already set and not the same as cpHashA, then the TPM shall return
22929 TPM_RC_VALUE. If cpHashA does not have the size of the policySession→policyDigest, the TPM shall
23185 This command allows a policy to be bound to a specific set of TPM entities without being bound to t…
23198 If policySession→cpHash is already set, the TPM shall return TPM_RC_VALUE. If the size of nameHash
23199 is not the size of policySession→policyDigest, the TPM shall return TPM_RC_SIZE. Otherwise,
23480 If either policySession→cpHash or policySession→nameHash has been previously set, the TPM shall
23807 signed (symmetric or asymmetric) by keySign. That signature is then checked by the TPM in
23820 If the first two octets of keySign are not a valid hash algorithm, the TPM shall return TPM_RC_HASH…
23821 the remainder of the Name is not the size of the indicated digest, the TPM shall return TPM_RC_SIZE.
23822 The TPM validates that the approvedPolicy matches the current value of policySession→policyDigest a…
23824 The TPM then validates that the parameters to TPM2_PolicyAuthorize() match the values used to
23825 generate the ticket. If so, the TPM will reset policySession→policyDigest to a Zero Digest. Then it…
23833 If the ticket is not valid, the TPM shall return TPM_RC_POLICY.
24369 reason that two commands are present is to indicate to the TPM if the hmac field in the authorizati…
24554 This command returns the current policyDigest of the session. This command allows the TPM to be used
24715 If policySession→checkNVWritten is SET, the TPM will return TPM_RC_VALUE if
24717 If the TPM does not return and error, it will update policySession→policyDigest by
24723 When the policy session is used to authorize a command, the TPM will fail the command if
24987 The TPM will derive the object from the Primary Seed indicated in primaryHandle using an approved
24992 Seed, the TPM shall produce the same Primary Object.
25124 the creation data was produced by the TPM
25379 When this command is used to CLEAR phEnable, shEnable, or ehEnable, the TPM will disable use of
25382 When this command is used to CLEAR shEnable, the TPM will disable access to any NV index that has
25384 long as shEnable is CLEAR, the TPM will return an error in response to any command that attempts to
25386 When this command is used to CLEAR phEnableNV, the TPM will disable access to any NV index that
25388 As long as phEnableNV is CLEAR, the TPM will return an error in response to any command that
26434 This command removes all TPM context associated with a specific Owner.
26446 change the SPS to a new value from the TPM’s random number generator (RNG),
26488 the TPM shall return TPM_RC_DISABLED.
26778 The TPM will SET the TPM’s TPMA_PERMANENT.disableClear attribute if disable is YES and will
27150 // on the TPM.
27202 A TPM is required to have support for logic that will help prevent a dictionary attack on an author…
27204 HMAC authorization fails. When the counter reaches a predefined value, the TPM will not accept, for
27205 some time interval, further requests that require authorization and the TPM is in Lockout mode. Whi…
27206 TPM is in Lockout mode, the TPM will return TPM_RC_LOCKED if the command requires use of an
27211 However, a command that requires multiple authorizations will not be accepted when the TPM is in
27215 If the TPM is continuously powered for the duration of newRecoveryTime and no authorization failures
27228 This command cancels the effect of a TPM lockout due to a number of successive authorization failur…
27396 Use of Time means that the TPM shall be continuously powered for the duration of a timeout.
27399 failures will not cause the TPM to enter lockout.
27400 If newMaxTries is zero, the TPM will be in lockout and use of DA protected entities will be disable…
27825 This command allows the platform to change the set of algorithms that are used by the TPM. The
27827 …changing of the algorithm set results in a change of the algorithms of PCR banks, then the TPM will
27830 TPM_SU_CLEAR, the TPM shall return TPM_RC_VALUE and enter Failure mode.
27886 a TPM vendor-dependent value indicating the
27997 This clause contains the commands for managing field upgrade of the firmware in the TPM. The field
27998 upgrade scheme may be used for replacement or augmentation of the firmware installed in the TPM.
28008 parameters to the TPM data set.
28020 is from the TPM manufacturer and that proper authorization is provided using platformPolicy.
28024 upgrade be signed by the PM or the TPM owner and include any other constraints that are desired
28027 If the proper authorization is given, the TPM will retain the signed digest and enter the Field Upg…
28028 mode (FUM). While in FUM, the TPM will accept TPM2_FieldUpgradeData() commands. It may accept
28033 TPM manufacturer. That signature and first block digest are the parameters for
28034 TPM2_FieldUpgradeStart(). The digest is saved in the TPM as the required digest for the next field
28036 For each field upgrade data block that is sent to the TPM by TPM2_FieldUpgradeData(), the TPM shall
28037 validate that the digest matches the required digest and if not, shall return TPM_RC_VALUE. The TPM
28041 TPM2_FieldUpdateData(). If the TPM is able to resume operation using the firmware present when the
28042 upgrade started, then the TPM will indicate that it has abandon the update by setting the digest of…
28043 next block to the Empty Buffer. If the TPM cannot abandon the update, it will return the expected n…
28045 The system may also attempt to abandon the update because of a power interruption. If the TPM is ab…
28046 to resume normal operations, then it will respond normally to TPM2_Startup(). If the TPM is not abl…
28050 when the power interruption occurred. In such case, the TPM firmware may be reset to one of two oth…
28058 the firmware that was in the TPM when the field upgrade process started (“previous firmware”).
28060 The TPM retains the digest of the first block for these firmware images and checks to see if the fi…
28077 The TPM is required to accept the previous firmware as either a vendor -provided update or as
28078 recovered from the TPM using TPM2_FirmwareRead().
28080 When the last block of the firmware upgrade is loaded into the TPM (indicated to the TPM by data in…
28081 data block in a TPM vendor-specific manner), the TPM will complete the upgrade process. If the TPM
28083 TPM_ALG_NULL and return TPM_RC_SUCCESS. If a reboot is required, the TPM shall return
28084 TPM_RC_REBOOT in response to the last TPM2_FieldUpgradeData() and all subsequent TPM
28088 Because no additional data is allowed when the res ponse code is not TPM_RC_SUCCESS, the TPM
28090 manner, the TPM is able to indicate the digest of the next block. If a _TPM_Init occurs while the
28091 TPM is in FUM, the next block may be the digest for the first block of the original firmware. If it…
28092 not, then the TPM will not accept the original firmware until the next _TPM_Init when the TPM is in
28095 During the field upgrade process, the TPM shall preserve:
28142 This command uses platformPolicy and a TPM Vendor Authorization Key to authorize a Field Upgrade
28161 TPM
28168 that is the same as a value that is part of the TPM firmware data. If the signature is not valid, t…
28222 handle of a public area that contains the TPM Vendor
28327 This command will take the actual field upgrade image to be installed on the TPM. The exact format …
28332 TPM
28339 TPM2_FieldUpgradeStart(), then the TPM shall return TPM_RC_FIELDUPGRADE.
28340 The TPM will validate that the digest of fuData matches an expected value. If so, the TPM may buffe…
28341 immediately apply the update. If the digest of fuData does not match an expected value, the TPM sha…
28491 This command is used to read a copy of the current firmware installed in the TPM.
28493 would be the first block given to the TPM in case of a failure recovery. If the TPM2_FirmwareRead
28494 …nce completes successfully, then the data provided from the TPM will be sufficient to allow the TPM
28496 To start the sequence of retrieving the data, the caller sets sequenceNumber to zero. When the TPM
28497 returned all the firmware data, the TPM will return the Empty Buffer as fuData.
28501 The caller should retain the ordering of the update blocks so that the blocks sent to the TPM have
28506 Support for this command is optional even if the TPM implements TPM2_FieldUpgradeStart() and
28654 objects in TPM memory. Background for this command may be found in the "Owner and Platform Evict
28661 This command saves a session context, object context, or sequence object context outside the TPM.
28668 TPM and, because this capability would provide no application benefit, use of authorization ses sio…
28671 The TPM shall encrypt and integrity protect the context as described in the "Context Protection" cl…
28987 // If object context ID overflows, TPM should be put in failure mode
29169 The TPM will return TPM_RC_HIERARCHY if the context is associated with a hierarchy that is disabled.
29176 If the integrity HMAC of the saved context is not valid, the TPM shall return TPM_RC_INTEGRITY.
29177 The TPM shall perform a check on the decrypted context as described in the "Context Confidentiality
29490 // Check fingerprint. If the check fails, TPM should be put to failure mode
29632 This command causes all context associated with a loaded object or session to be removed from TPM
29634 This command may not be used to remove a persistent object from the TPM.
29635 A session does not have to be loaded in TPM memory to have its context flushed. The saved session
29656 …andle is for a transient object and the handle is not associated with a loaded object, then the TPM
29659 then the TPM shall return TPM_RC_HANDLE.
29662 flushHandle is a parameter and not a handle. If it were in the handle area, the TPM would validate
29663 that the context for the referenced entity is in the TPM. When a TPM2_FlushContext references a
29664 saved session context, it is not necessary for the context to be in the TPM .
29865 A transient object is one that may be removed from TPM memory using either TPM2_FlushContext
29866 or TPM2_Startup(). A persistent object is not removed from TPM memory by TPM2_FlushContext()
29872 Before execution of TPM2_EvictControl code below, the TPM verifies that objectHandle references an
29873 object that is resident on the TPM and that persistentHandle is a valid handle for a persistent obj…
29880 a) The TPM shall return TPM_RC_ATTRIBUTES if
29884 b) The TPM shall return TPM_RC_HIERARCHY if the object is not in the proper hierarchy as
29889 c) The TPM shall return TPM_RC_RANGE if persistentHandle is not in the proper range as determined
29895 d) The TPM shall return TPM_RC_NV_DEFINED if a persistent object exists with the same handle as
29897 e) The TPM shall return TPM_RC_NV_SPACE if insufficient space is available to make the object
29901 The TPM shall return TPM_RC_NV_SPACE if execution of this command will prevent the TPM from
29905 This requirement anticipates that a TPM may be implemented such that all TPM memory is non volatile…
29906 between memory of different types and it is necessary that the TPM ensure that it is always
29907 possible for the management software to move objects to/from TPM memory in order to ensure
29923 g) If the TPM returns TPM_RC_SUCCESS, the object referenced by objectHandle will not be flushed
29926 h) The TPM shall return TPM_RC_RANGE if objectHandle is not in the proper range as determined by
29932 If the TPM returns TPM_RC_SUCCESS, objectHandle will be removed from persistent memory and
30423 This command is used to advance the value of the TPM’s Clock. The command will fail if newTime is l…
30425 these checks succeed, Clock is set to newTime. If either of these checks fails, the TPM shall return
30430 the Clock update rate was set so that TPM time was passing 33 percent faster than real time. This
30432 over in the lifetime of the TPM, there is no need for external software to deal with the possibilit…
30436 TPMS_CLOCK_INFO.clock differ by more than the reported update interval, then the TPM shall update
30634 the input frequency, the TPM shall return TPM_RC_VALUE.
30637 If the frequency tolerance of the TPM's input clock is +/-10 percent, then the TPM will return
30651 Changes to the current Clock update rate adjustment need not be persisted across TPM power cycles.
30788 The TPM has numerous values that indicate the state, capabilities, and properties of the TPM. These
30789 values are needed for proper management of the TPM. The TPM2_GetCapability() command is used to
30797 TPM2_TestParms()is used to determine if a TPM supports a particular combination of algorithm
30803 This command returns various information regarding the TPM and its current state.
30809 The list of handles of transient objects currently loaded in the TPM may be read one at a time. On
30816 requested. The TPM will return the number of requested values (propertyCount) or until the last pro…
30829 The TPM is not required to return more than one value at a time. It is not required to provide the …
30833 A TPM may return 4 properties in response to a TPM2_GetCapability(capability =
30835 latter request with the same parameters, the TPM may return as few as one and as many as 8
30838 When the TPM is in Failure mode, a TPM is required to allow use of this command for access of the
30896 A vendor may optionally allow the TPM to return other values.
30897 If in Failure mode and a capability is requested that is not available in Failure mode, the TPM sha…
30901 Assume the TPM is in Failure mode and the TPM only supports reporting of the minimum required
30904 TPM_PT_FIRMWARE_VERSION_2, the TPM will return a zero length list with the moreData
30905 parameter set to NO. If the property type is less than TPM_PT_M ANUFACTURER, the TPM will
30908 In Failure mode, tag is required to be TPM_ST_NO_SESSIONS or the TPM shall return
31010 If the MSO of property is TPM_HT_NV_INDEX, then the TPM will return a list of NV Index
31012 If the MSO of property is TPM_HT_PCR, then the TPM will return a list of PCR.
31018 returned values will have the TPM_HT_HMAC_SESSION handle type because the TPM does not
31026 the TPM return a list of loaded HMAC sessions without including the policy sessions.
31029 implemented in the TPM, starting with the TPM_CC indicated by the property parameter. If vendor
31051 property parameter shall be zero. The TPM will always respond to this command with the full PCR
31057 …56value boundary (that is, the boundary occurs when the TPM_PT is evenly divisible by 256). The TPM
31094 in the TPM.
31098 If no next capability exists, the TPM will return a zero-length list and moreData will have a value…
31506 The TPM will unmarshal the provided TPMT_PUBLIC_PARMS. If the parameters unmarshal correctly,
31507 then the TPM will return TPM_RC_SUCCESS, indicating that the parameters are valid for the TPM. The
31508 TPM will return the appropriate unmarshaling error if a parameter is not valid.
31660 NV Index, then the nvIndex parameter must have the same value or the TPM will return
31717 When an NV counter is created, the TPM shall initialize the 8-octet counter value with a number tha…
31718 greater than any count value for any NV counter on the TPM since the time of TPM manufacture.
31720 …ected to be modified at a high frequency and that the data is only required to persist when the TPM
31721 goes through an orderly shutdown process. The TPM may update the counter value in RAM and
31725 Before an NV counter can be used, the TPM shall validate that the count is not less than a previous…
31726 reported value. If the TPMA_NV_ORDERLY attribute is not SET, or if the TPM experienced an orderly
31728 TPM shutdown was not orderly, then the TPM shall OR MAX_ORDERLY_COUNT to the contents of the
31732 Because the TPM would have updated the NV Index if the difference between the count values was
31738 The TPM may implement the RAM portion of the counter such that the effective value of the NV
31739 counter is the sum of both the volatile and non-volatile parts. If so, then the TPM may initialize …
31744 When a new NV counter is created, the TPM may search all the counters to determine which has the
31745 highest value. In this search, the TPM would use the sum of the non -volatile and RAM portions of
31747 (orderly or not) of the TPM.
31767 This command defines the attributes of an NV Index and causes the TPM to reserve space to hold the
31768 data associated with the NV Index. If a definition already exists at the NV Index, the TPM will ret…
31770 The TPM will return TPM_RC_ATTRIBUTES if more
31784 The TPM shall return TPM_RC_ATTRIBUTES if TPMA_NV_WRITTEN, TPM_NV_READLOCKED, or
31787 the TPM shall return TPM_RC_SIZE.
31789 publicInfo.nameAlg or the TPM shall return TPM_RC_SIZE.
31790 If the NV Index is an ordinary Index and publicInfo→dataSize is larger than supported by the TPM
31791 implementation then the TPM shall return TPM_RC_SIZE.
31799 TPMA_NV_POLICYREAD shall be SET or the TPM shall return TPM_RC_ATTRIBUTES.
31804 TPMA_NV_POLICYWRITE shall be SET or the TPM shall return TPM_RC_ATTRIBUTES.
31805 If TPMA_NV_CLEAR_STCLEAR is SET, then TPMA_NV_COUNTER shall be CLEAR or the TPM shall
31810 the TPM shall return TPM_RC_ATTRIBUTES.
31811 If TPMA_NV_POLICY_DELETE is SET, then the authorization shall be with platformAuth or the TPM
31818 TPM
31829 TPM
31840 TPM
31846 If the implementation does not support TPM2_NV_UndefineSpaceSpecial(), the TPM shall return
31864 In some implementations, an NV Index with the TPMA_NV_COUNTER attribute may require special TPM
31866 fails because of lack of resources, the TPM will return TPM_RC_NV_SPACE.
32328 This command removes an Index from the TPM.
32329 If nvIndex is not defined, the TPM shall return TPM_RC_HANDLE.
32330 If nvIndex references an Index that has its TPMA_NV_PLATFORMCREATE attribute SET, the TPM shall
32539 If nvIndex is not defined, the TPM shall return TPM_RC_HANDLE.
32549 TPMA_NV_POLICY_DELETE attribute CLEAR, the TPM shall return TPM_RC_NV_ATTRIBUTES.
32915 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
32923 TPM shall return TPM_RC_NV_ATTRIBUTE.
32925 the NV Index data, the TPM shall return TPM_RC_NV_RANGE and not write any data to the NV Index.
32926 If the TPMA_NV_WRITEALL attribute of the NV Index is SET, then the TPM shall return
32929 If all checks succeed, the TPM will merge the data.size octets of data.buffer value into the nvInde…
32931 limitations, the TPM shall check that the merged data is different from the current contents of the…
33219 TPM
33225 If TPMA_NV_WRITELOCKED is SET, the TPM shall return TPM_RC_NV_LOCKED.
33231 If a TPM implements TPMA_NV_ORDERLY and an Index is defined with TPMA_NV_ORDERLY and
33431 // Read NV data in native format for TPM CPU.
33497 If TPMA_NV_EXTEND is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
33506 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
33832 If TPMA_NV_BITS is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
34108 TPM shall return TPM_RC_ATTRIBUTES.
34110 is SET, then the TPM shall SET TPMA_NV_WRITELOCKED for the NV Index.
34561 If TPMA_NV_READLOCKED of the NV Index is SET, then the TPM shall return TPM_RC_NV_LOCKED.
34568 Index data area, the TPM shall return TPM_RC_NV_RANGE and not read any data from the NV Index.
34812 TPM shall SET TPMA_NV_READLOCKED for the NV Index. If TPMA_NV_READ_STCLEAR of the NV
34813 Index is CLEAR, then the TPM shall return TPM_RC_NV_ATTRIBUTE. TPMA_NV_READLOCKED will