Lines Matching refs:TPM

907 This part 3 of the Trusted Module Library specification contains the definitions of the TPM command…
912 of a TPM. The combination of this part 3 and part 4: Supporting Routines is sufficient to fully des…
913 required behavior of a TPM.
914 The code in parts 3 and 4 is written to define the behavior of a compliant TPM. In some cases (e.g.,
919 specification require that a TPM meet any particular level of conformance.
994 throttling by the TPM. If the command code does not have this notation, then a write to NV
997 failure. A TPM may use the occasion of command execution to update the NV
1005 TPM when the command completes. This may be combined with the {NV} modifier but not with the
1136 normative and different TPM may give different responses when a command has multiple errors.
1144 Before a TPM may begin the actions associated with a command, a set of command format and
1147 a) The TPM shall successfully unmarshal a TPMI_ST_COMMAND_TAG and verify that it is either
1149 b) The TPM shall successfully unmarshal a UINT32 as the commandSize. If the TPM has an interface
1155 A TPM may have direct access to system memory and unmarshal directly from that memory.
1157 c) The TPM shall successfully unmarshal a TPM_CC and verify that the command is implemented
1178 a) If the TPM is in Failure mode, then the commandCode is TPM_CC_GetTestResult or
1183 In Failure mode, the TPM has no cryptographic capability and proc essing of sessions is not
1186 b) The TPM is in Field Upgrade mode (FUM), the commandCode is TPM_CC_FieldUpgradeData
1188 c) If the TPM has not been initialized (TPM2_Startup()), then the commandCode is TPM_CC_Startup
1192 The TPM may enter Failure mode during _TPM_Init processing, before TPM2_Startup(). Since
1193 the platform firmware cannot know that the TPM is in Failure mode without accessing it, and
1196 indicating that the TPM is in Failure mode.
1197 There may be failures where a TPM cannot record that it received TPM2_Startup(). In those
1198 cases, a TPM in failure mode may process TPM2_GetTestResult(), TPM2_GetCapability(), or
1199 the field upgrade commands. As a side effect, that TPM may process TPM2_GetTestResult(),
1205 After successfully unmarshaling and validating the command header, the TPM shall perform the follow…
1207 a) The TPM shall successfully unmarshal the number of handles required by the command and validate
1208 that the value of the handle is consistent with the command syntax. If not, the TPM shall return
1212 The TPM may unmarshal a handle and validate that it references an entity on the TPM before
1218 the TPM may continue to read into the next area and attempt to interpret the data as a handle.
1220 b) For all handles in the handle area of the command, the TPM will validate that the referenced ent…
1221 present in the TPM.
1232 the handle shall reference a persistent object that is currently in TPM non-volatile memory
1239 iii) if the TPM implementation moves a persistent object to RAM for command processing then
1285 4) If the handle references a session, then the session context shall be present in TPM memory
1290 6) If the handle references a PCR, then the value is within the range of PCR supported by the TPM
1302 (TPM2_ContextSave(), TPM2_ContextLoad(), or TPM2_FlushContext()) the TPM will return
1304 b) If the tag is TPM_ST_SESSIONS, the TPM will attempt to unmarshal an authorizationSize and return
1317 c) The TPM will unmarshal the authorization sessions and perform the following validations:
1319 TPM_RS_PW then the TPM shall return TPM_RC_HANDLE.
1320 2) If the session is not loaded, the TPM will return the warning TPM_RC_REFERENCE_S0 + N
1328 indicated in authorizationSize were unmarshaled (that is, authorizationSize is too large), the TPM
1394 TPM
1399 password, then the TPM is not in lockout (TPM_RC_LOCKOUT).
1531 If the TPM returns an error other than TPM_RC_AUTH_FAIL then the TPM shall not alter any TPM state.
1532 If the TPM return TPM_RC_AUTH_FAIL, then the TPM shall not alter any TPM state other than
1538 The TPM may decrease failedTries regardless of any other processing performed by the TPM. That
1539 is, the TPM may exit Lockout mode, regardless of the return code.
1544 allow a command parameter to be encrypted, then the TPM will return TPM_RC_ATTRIBUTES.
1559 Otherwise, the TPM will decrypt the parameter using the values associated with the session before
1579 required that the TPM validate that the parameters meet the requirements of the expected data type …
1618 value that is supported by the TPM
1623 supported by the TPM
1628 supported by the TPM
1633 is supported by the TPM
1643 have a value that is supported by the TPM
1647 a parameter that is a key size has a value that is not supported by the TPM
1652 a value that is supported by the TPM
1661 a value that is supported by the TPM
1670 value that is supported by the TPM
1675 the TPM
1680 not supported by the TPM
1697 will be in the response. If so, the TPM will encrypt the first parameter of the response if indicat…
1698 authorization attributes. The TPM will then generate a new nonce value for each session and, if
1752 command formatted for a TPM 1.2 but the TPM is not capable of executing TPM 1.2 commands. So that
1753 the TPM 1.2 compatible software will have a recognizable response, the TPM sets tag to
1755 This is the same response as the TPM 1.2 fatal error for TPM_BADTAG.
1761 command did not complete and the state of the TPM is unchanged. An exception to this general rule is
1793 This response code may be returned by a TPM that supports command cancel.
1794 When the TPM receives an indication that the current command should be
1795 cancelled, the TPM may complete the command or return this code. If this code
1796 is returned, then the TPM state is not changed and the same command may be
1810 are not allowed at this time because the TPM is in DA lockout mode. The remedy
1815 A TPM may use a common pool of memory for objects, sessions, and other
1816 purposes. When the TPM does not have enough memory available to perform
1818 that the TPM resource manager may flush either sessions or objects in order to
1819 make memory available for the command execution. A TPM may choose to
1825 This response code indicates that the TPM is rate-limiting writes to the NV
1835 until it is. This would occur in a system where the NV memory used by the TPM
1836 is not exclusive to the TPM and is a shared system resource.
1840 This response code indicates that the TPM has exhausted its handle space and
1841 no new objects can be loaded unless the TPM is rebooted. This does not occur in
1844 unique handle each time the object is loaded. A TPM using this implementation
1850 This response code can be returned by any command that causes the TPM to
1853 TPM2_ContextLoad()). However, the TPM implementation is allowed to use
1854 object slots for other reasons. In the reference implementation, the TPM copies a
1856 slots are previously occupied, the TPM may return this value. A TPM is allowed
1858 this response is returned is for the TPM resource manager to flush a transient
1867 value of 0 indicating the 1 handle and 6 representing the 7 . The TPM resource
1875 Usually, this error indicates that the TPM resource manager has a corrupted
1899 TPM resource manager needs to find the correct session and load it. It may then
1901 NOTE Usually, this error indicates that the TPM resource manager has a
1906 the TPM was not able to start the command
1908 This response code indicates that the TPM does not have a handle to assign to a
1911 listed here because the command is not in error and the TPM resource manager
1916 This response code can be returned by any command that causes the TPM to
1919 However, the TPM implementation is allowed to use object slots for other
1920 purposes. The remedy when this response is returned is for the TPM resource
1932 This response code indicates that the TPM is performing tests and cannot
1937 the TPM has suspended operation on the command; forward progress was made
1997 Verification that the handles in the handle area reference entities that are resident on the TPM.
2069 This clause contains the commands used to manage the startup and restart state of a TPM.
2075 _TPM_Init initializes a TPM.
2076 …zation actions include testing code required to execute the next expected command. If the TPM is in
2081 If the TPM performs self-tests after receiving _TPM_Init() and the TPM enters Failure mode before
2082 receiving TPM2_Startup() or TPM2_FieldUpgradeData(), then the TPM may be able to accept
2086 physical interface to the TPM. The platform shall send this indication whenever the platform starts…
2093 While this flag is CLEAR, the TPM will only accept the next expected command described above.
2173 TPM2_Startup() is always preceded by _TPM_Init, which is the physical indication that TPM initializ…
2175 TPM2_Startup() commands are not allowed after it has completed successfully. If a TPM requires
2176 TPM2_Startup() and another command is received, or if the TPM receives TPM2_Startup() when it is not
2177 required, the TPM shall return TPM_RC_INITIALIZE.
2180 See 11.2.1 for other command options for a TPM supporting field upgrade mode.
2186 If in Failure mode the TPM shall accept TPM2_GetTestResult() and TPM2_GetCapability() even if
2188 A Shutdown/Startup sequence determines the way in which the TPM will operate in response to
2190 1) TPM Reset – This is a Startup(CLEAR) preceded by either Shutdown(CLEAR) or no
2191 TPM2_Shutdown(). On TPM Reset, all variables go back to their default initialization state.
2194 Only those values that are specified as having a default initialization state are changed by TPM
2199 2) TPM Restart – This is a Startup(CLEAR) preceded by Shutdown(STATE). This preserves much of the
2200 previous state of the TPM except that PCR and the controls associated with the Platform hierarchy
2202 3) TPM Resume – This is a Startup(STATE) preceded by Shutdown(STATE). This preserves the
2203 previous state of the TPM including the static Root of Trust for Measurement (S-RTM) PCR and the
2205 If a TPM receives Startup(STATE) and that was not preceded by Shutdown(STATE), the TPM shall return
2207 If, during TPM Restart or TPM Resume, the TPM fails to restore the state saved at the last
2208 Shutdown(STATE), the TPM shall enter Failure Mode and return TPM_RC_FAILURE.
2216 all transient contexts (objects, sessions, and sequences) shall be flushed from TPM memory;
2227 On TPM Reset
2280 are preserved by TPM Resume will need to be restored during TPM2_Startup().
2287 On TPM Restart
2309 On TPM Resume
2321 PCR that are specified in a platform-specific specification to be preserved on TPM Resume are
2324 Other TPM state may change as required to meet the needs of the implementation.
2325 If the startupType is TPM_SU_STATE and the TPM requires TPM_SU_CLEAR, then the TPM shall return
2329 The TPM will require
2672 // Update TPM internal states if command succeeded.
2696 This command is used to prepare the TPM for a power cycle. The shutdownType parameter indicates
2726 The following items shall not be saved and will not be in TPM memory after the next TPM2_Startup:
2729 TPM-memory-resident session contexts;
2733 TPM-memory-resident transient objects; or
2737 TPM-memory-resident hash contexts created by TPM2_HashSequenceStart().
2740 This command saves TPM state but does not change the state other than the internal indication that …
2741 context has been saved. The TPM shall continue to accept commands. If a subsequent command
2742 changes TPM state saved by this command, then the effect of this command is nullified. The TPM MAY
2980 Compliance to standards for hardware security modules may require that the TPM test its functions
2981 before the results that depend on those functions may be returned. The TPM may perform operations
2982 using testable functions before those functions have been tested as long as the TPM returns no value
2988 that command may result in a value being returned to the TPM user. This means tha t
2993 If a command is received that requires return of a value that depends on untested functions, the TPM
2995 Once the TPM has received TPM2_SelfTest() and before completion of all tests, the TPM is required to
2997 If a self-test fails at any time, the TPM will enter Failure mode. While in Failure mode, the TPM w…
2999 TPM will remain in Failure mode until the next _TPM_Init.
3019 This command causes the TPM to perform a test of its capabilities. If the fullTest is YES, the TPM
3020 all functions. If fullTest = NO, the TPM will only test those functions that have not previously be…
3021 If any tests are required, the TPM shall either
3025 If fullTest is NO, and all functions have been tested, the TPM shall return TPM_RC_SUCCESS.
3028 If the TPM uses option a), the TPM shall return TPM_RC_TESTING for any command that requires use
3033 This command may cause the TPM to continue processing after it has returned the response. So
3035 would allow the TPM to generate an interrupt when the “background” processing is complete. This
3172 This command causes the TPM to perform a test of the selected algorithms.
3175 The toTest list indicates the algorithms that software would like the TPM to test in anticipation of
3184 The TPM will return in toDoList a list of algorithms that are yet to be tested. This list is not th…
3189 If toTest is not an empty list, the TPM shall return TPM_RC_SUCCESS for this command and then return
3201 If all the parameters in this command are valid, the TPM returns TPM_RC_SUCCESS and the toDoList
3351 TPM is in Failure mode because of an invalid startupType in TPM2_Startup(), testResult will be
3353 This command will operate when the TPM is in Failure mode so that software can determine the test
3354 status of the TPM and so that diagnostic information can be obtained for use in failure analysis. I…
3355 TPM is in Failure mode, then tag is required to be TPM_ST_NO_SESSIONS or the TPM shall return
3497 This command allows injection of a secret into the TPM using either asymmetric or symmetric encrypt…
3506 The TPM generates the sessionKey from the recovered secret value.
3524 If the TPM does not have
3547 If the TPM implements a “gap” scheme for assigning contextID values, then the TPM shall return
3551 proper type for tpmKey. The TPM shall return TPM_RC_VALUE if:
3627 Although this command changes the session allocation information in the TPM, it does not invalidate
3628 …uired after this comm and in order to reestablish the orderly state of the TPM. This is because th…
3629 slot in the TPM and sessions in the TPM do not survive any TPM2_Startup(). However, if a created
3632 The TPM shall return TPM_RC_SIZE if nonceCaller is less than 16 octets or is greater than the size …
3720 Shall be a hash algorithm supported by the TPM and
3754 the initial nonce from the TPM, used in the computation
3784 the oldest active context is at the limits of the TPM
3870 // TPM key for decrypt salt
4029 used after the TPM returns TPM_RC_PCR_CHANGED. That response code indicates that a policy will
4184 This command is used to create an object that can be loaded into a TPM using TPM2_Load(). If the
4185 command completes successfully, the TPM will create the new object and return the object’s creation
4196 a symmetric object, an optional initial data value (inSensitive.data). The TPM shall validate the
4200 is indicated as being TPM-generated, the value is filled in by bits from the RNG if the command is
4204 CLEAR if inSensitive.data is not an Empty Buffer or the TPM shall return TPM_RC_ATTRIBUTES.
4205 The TPM will create new data for the sensitive area and compute a TPMT_PUBLIC.unique from the
4208 1) If inSensitive.data is the Empty Buffer, a TPM-generated key value is placed in the new object’s
4211 2) If inSensitive.data is not the Empty Buffer, the TPM will validate that the size of inSensitive.…
4214 3) A TPM-generated obfuscation value is placed in TPMT_SENSITIVE.sensitive.seedValue. The
4226 1) If sensitive.data is not the Empty Buffer, then the TPM shall return TPM_RC_VALUE.
4241 2) A TPM-generated private key value is created with the size determined by the parameters of
4243 3) If the key is a Storage Key, a TPM-generated TPMT_SENSITIVE.symKey value is created;
4248 the public area of the template, then the TPM shall return TPM_RC_SCHEME.
4250 area of the template, then the TPM shall return TPM_RC_KDF.
4260 the TPM shall return TPM_RC_ATTRIBUTES. This would be a data object with no data.
4261 2) If inSensitive.data is not an Empty Buffer, the TPM will copy the inSensitive.data to
4278 3) If inSensitive.data is an Empty Buffer, a TPM-generated key value that is the size of the digest
4280 4) A TPM-generated obfuscation value that is the size of the digest produced by the nameAlg of
4285 For TPM2_Load(), the TPM will apply normal symmetric protections to the created TPMT_SENSITIVE to
4291 In addition to outPublic and outPrivate, the TPM will build a TPMS_CREATION_DATA structure for the
4298 inPublic.type, inPublic.nameAlg, and inPublic.parameters. If inPublic.type does not match, the TPM
4299 return TPM_RC_TYPE. If inPublic.nameAlg does not match, the TPM shall return TPM_RC_HASH. If
4300 inPublic.parameters does not match, the TPM shall return TPM_RC_ASSYMETRIC. The TPM shall not
4304 If the inPublic.parameters.ecc.symmetric.algorithm does not match the parent, the TPM shall return
4426 the creation data was produced by the TPM
4481 sensitive creation area; may also be returned if the TPM does not
4699 This command is used to load objects into the TPM. This command is used when both a TPM2B_PUBLIC
4722 The command returns a handle for the loaded object and the Name that the TPM computed for
4726 The TPM-computed Name is provided as a convenience to the caller for those cases where the
4735 the public area or the TPM shall return TPM_RC_KEY_SIZE.
4738 object are not properly linked, the TPM shall return TPM_RC_BINDING.
4793 TPM handle of parent key; shall not be a reserved
5104 This command is used to load an object that is not a Protected Object into the TPM. The command all…
5108 Typical use for loading a public area is to allow the TPM to validate an asymmetric signature.
5109 Typical use for loading both a public and sensitive area is to allow the TPM to be used as a crypto
5126 resident on a different TPM. If both the public and private parts of the key are loaded, then it is…
5132 be the same as its Name. The TPM will validate that the authPolicy is either the size of the digest
5144 If the nameAlg is TPM_ALG_NULL, the TPM shall not verify the cryptographic binding between the publ…
5145 and sensitive areas, but the TPM will validate that the size of the key in the sensitive area is co…
5146 with the size indicated in the public area. If it is not, the TPM shall return TPM_RC_KEY_SIZE.
5149 For an ECC object, the TPM will verify that the public key is on the curve of the key before the pu…
5159 The command returns a handle for the loaded object and the Name that the TPM computed for
5163 The TPM-computed Name is provided as a convenience to the caller for those cases where the
5190 next TPM Reset.
5465 // appear to be a key that was created by this TPM.
5519 If objectHandle references a sequence object, the TPM shall return TPM_RC_SEQUENCE.
5560 TPM handle of an object
5715 …s command enables the association of a credential with an object in a way that ensures that the TPM
5717 If both the public and private portions of activateHandle and keyHandle are not loaded, then the TPM
5719 If keyHandle is not a Storage Key, then the TPM shall return TPM_RC_TYPE.
6031 This command allows the TPM to perform the actions required of a Certificate Authority (CA) in crea…
6033 The TPM will produce a TPM_ID_OBJECT according to the methods in “Credential Protection” in Part 1.
6036 This command does not use any TPM secrets nor does it require authorization. It is a convenience
6037 function, using the TPM to perform cryptographic calculations that could be done externally.
6281 A random, TPM-generated, Sealed Data Object may be created by the TPM with TPM2_Create() or
6284 TPM.
6287 If either restricted, decrypt, or sign is SET in the attributes of itemHandle, then the TPM shall r…
6288 TPM_RC_ATTRIBUTES. If the type of itemHandle is not TPM_ALG_KEYEDHASH, then the TPM shall
6461 This command is used to change the authorization secret for a TPM-resident object.
6462 If successful, a new private area for the TPM-resident object associated with objectHandle is retur…
6464 This command does not change the authorization of the TPM-resident object on which it operates.
6465 Therefore, the old authValue (of the TPM-resident object) is used when generating the response HMAC
6473 The TPM-resident object may be persistent and changing the authorization value of the persistent
6475 change the TPM-resident object.
6754 key for the duplicate may be on the same or different TPM or TPM_RH_NULL. Only the public area of
6758 Since the new parent may only be extant on a different TPM, it is likely that the new parent’s
6759 sensitive area could not be loaded in the TPM from which objectHandle is being duplicated.
6761 If encryptedDuplication is SET in the object being duplicated, then the TPM shall return
6765 If fixedParent of objectHandle→attributes is SET, the TPM shall return TPM_RC_ATTRIBUTES. If
6766 objectHandle→nameAlg is TPM_ALG_NULL, the TPM shall return TPM_RC_TYPE.
6797 If the compared hashes are not the same, then the TPM shall return TPM_RC_POLICY_FAIL.
6809 The TPM shall follow the process of encryption defined in the “Duplication” subclause of “Protected
6867 The size for this key is set to zero when the TPM is to
7195 This command allows the TPM to serve in the role as a Duplication Authority. If proper authorizatio…
7566 // enabled in TPM
7632 If fixedTPM or fixedParent is SET in objectPublic, the TPM shall return TPM_RC_ATTRIBUTES.
7635 Recovery of the sensitive data of the object occurs in the TPM in a three-step process in the follo…
7654 TPM
7672 If the inner or outer wrapper is present, then a valid integrity value shall be present or the TPM
7681 loaded, or before the TPM performs an operation for which the binding affects the outcome of the
7685 If the new parent is not fixedTPM, then that object will be loadable on any TPM (including SW
7688 parent is fixedTPM, then the new private blob is integrity protected by the TPM that “owns” the
7694 After integrity checks and decryption, the TPM will create a new symmetrically encrypted private ar…
8227 implemented in the TPM. Many of these commands are only allowed if the asymmetric key is an
8242 Requiring that the decrypt attribute be set allows the TPM to ensure that the scheme selection is
8245 may modify any key in any desired way. So, this constraint only serves to simplify the TPM logic.
8251 3) TPM_ALG_NULL – Data is not padded by the TPM and the TPM will treat message as an
8332 manipulate the attributes of the key in any way desired. As a result , the TPM shall not check the
8368 The label parameter is optional. If provided (label.size != 0) then the TPM shall return TPM_RC_VAL…
8369 …octet in label is not zero. If a zero octet occurs before label.buffer[label.size-1], the TPM shall
8374 If the scheme does not use a label, the TPM will still verify that label is properly formatted if l…
8670 The TPM will perform a modular exponentiation of ciphertext using the private exponent associated w…
8680 the decryption process and label is required to be the same in both cases. The TPM shall verify tha…
8683 shall be a NULL-terminated string or the TPM will return TPM_RC_VALUE.
8993 This command uses the TPM to generate an ephemeral key pair (de, Qe where Qe ≔ [de]G). It uses the …
9234 This command uses the TPM to recover the Z value from a public point (QB) and a private key (ds). I…
9583 point of that ephemeral key along with a numeric value that allows the TPM to regenerate the associ…
9586 party B, and the commitCounter returned by TPM2_EC_Ephemeral(). The TPM uses the counter value to
9590 The TPM will compute Z or Zs and Ze according to the selected scheme. If the scheme is not a two-ph…
9591 key exchange scheme or if the scheme is not supported, the TPM will return TPM_RC_SCHEME.
9632 The Z values returned by the TPM are a full point and not ju st an x-coordinate.
9765 This command uses the TPM to recover one or two Z values in a two phase key exchange protocol
9964 implemented in the TPM that operate on blocks of data. These include symmetric encryption and
9966 no persistent state that is retained in the TPM when the command is complete.
9992 The TPM will increment the entire IV provided by the caller. The last encrypted value will be
9995 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10015 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10026 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10028 and key combination. If the size of inData is not correct, the TPM shall return
10037 combination. If the size of ivIn is not correct, the TPM shall return TPM_RC_SIZE.
10046 and key combination. If the size of inData is not correct, the TPM shall return
10072 If the TPM allows this command to be canceled before completion, then the TPM may produce
10436 If the data buffer to be hashed is larger than will fit into the TPM’s input buffer, then the seque…
10441 If the digest is not safe to sign, then the TPM will return a TPMT_TK_HASHCHECK with the hierarchy …
10670 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
10671 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
10674 hash algorithm for the HMAC and the TPM shall return TPM_RC_VALUE if hashAlg is not
10679 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC. Howe…
10680 hashAlg is TPM_ALG_NULL the TPM will use the default scheme of the key.
10681 If both hashAlg and the key default are TPM_ALG_NULL, the TPM shall return TPM_RC_VALUE.
10969 It is recommended that a TPM implement the RNG in a manner that would allow it to return RNG
10973 If bytesRequested is more than will fit into a TPM2B_DIGEST on the TPM, no error is returned but the
10974 TPM will only return as much data as will fit into a TPM2B_DIGEST buffer for the TPM.
10977 TPM2B_DIGEST is large enough to hold the largest digest that may be produced by the TPM.
10979 data returned by this command is TPM implementation-dependent.
11269 This command starts an HMAC sequence. The TPM will create and initialize an HMAC sequence
11277 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
11278 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
11281 hash algorithm for the HMAC and the TPM shall return TPM_RC_VALUE if hashAlg is not
11283 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC; unle…
11649 neither an implemented algorithm nor TPM_ALG_NULL, then the TPM shall return TPM_RC_HASH.
11650 Depending on hashAlg, the TPM will create and initialize a hash sequence structure or an Event
11653 a hash context for each of the PCR banks implemented on the TPM.
11815 any size up to the limits of the TPM.
11818 In all TPM, a buffer size of 1,024 octets is allowed.
11829 This requirement allows the TPM to validate that the first block is safe to sign without having to
12103 TPM had fewer than sizeof(TPM_GENERATED) octets, then the TPM will operate as if digest is not
12106 If sequenceHandle references an Event sequence, then the TPM shall return TPM_RC_MODE.
12449 If sequenceHandle references a hash or HMAC sequence, the TPM shall return TPM_RC_MODE.
12754 The attestation commands cause the TPM to sign an internally generated data structure. The contents…
12760 inScheme will be used for the signing operation and may not be TPM_ALG_NULL. The TPM shall return
12842 The purpose of this command is to prove that an object with a specific Name is loaded in the TPM. By
12843 certifying that the object is loaded, the TPM warrants that a public area with a given Name is self…
12857 The restriction occurs because the Name is used to identify the object being certified. If the TPM
13162 This command is used to prove the association between an object and its creation data. The TPM will
13163 validate that the ticket was produced by the TPM and that the ticket validates the association betw…
13169 The TPM will create a test ticket using the Name associated with objectHandle and creationHash as:
13175 This ticket is then compared to creation ticket. If the tickets are not the same, the TPM shall ret…
13177 If the ticket is valid, then the TPM will create a TPMS_ATTEST structure and place creationHash of …
13518 The TPM will hash the list of PCR selected by PCRselect using the hash algorithm associated with
13835 If sessionHandle is not an audit session, the TPM shall return TPM_RC_TYPE.
13841 This command requires authorization from the privacy administrator of the TPM (expressed with
14190 The way that the TPM tracks that the digest is clear is vendor -dependent. The reference
14197 This command requires authorization from the privacy administrator of the TPM (expressed with
14627 standard TPM-generated attestation block
14831 The TPM generates keys that have different lifetimes. TPM keys in a hierarchy can be persistent for…
14834 key is created for a single pass key exchange with another TPM. However, there are other cases, such
14836 key is used outside of the TPM before the final command "consumes" the ephemeral key.
14837 For these uses, TPM2_Commit() or TPM2_EC_Ephemeral() may be used to have the TPM create an
14839 the caller provides a reference to the ephemeral key so that the TPM can retrieve or recreate the
14845 The TPM uses that number to either look up or recompute the associated private key. After the key is
14846 used, the TPM records the fact that the key has been used so that it cannot be used again.
14847 As mentioned, the TPM can keep each assigned private ephemeral key in memory until it is used.
14848 However, this could consume a large amount of memory. To limit the memory size, the TPM is allowed …
14854 To further reduce the memory requirements for the ephemeral private keys, the TPM is allowed to use
14856 TPM can use a counter as input to a KDF. Incrementing the counter will cause the TPM to generate a
14862 Since the TPM is allowed to restrict the number of pending ephemeral keys, the array size can be li…
14885 TPM2_Commit() performs the first part of an ECC anonymous signing operation. The TPM will perform
14889 For this command, p1, s2 and y2 are optional parameters. If s2 is an Empty Buffer, then the TPM sha…
14890 return TPM_RC_SIZE if y2 is not an Empty Buffer. If p1, s2, and y2 are all Empty Buffers, the TPM s…
14923 nonce that is set to a random value on each TPM Reset; nonce
14925 by the TPM.
15457 The TPM will use the commit mechanism to assign an ephemeral key r and compute a public point Q ≔
15640 to the TPM.
15641 If the signature check succeeds, then the TPM will produce a TPMT_TK_VERIFIED. Otherwise, the TPM
15645 A valid ticket may be used in subsequent commands to provide proof to the TPM that the TPM has
15923 This command causes the TPM to sign an externally provided hash with the specified asymmetric signi…
15929 …ndle references a restricted signing key, then validation shall be provided indicating that the TPM
15939 If the scheme of keyHandle is TPM_ALG_NULL, the TPM will sign using inScheme; otherwise, it will si…
15946 If inScheme is not a valid signing scheme for the type of keyHandle (or TPM_ALG_NULL), then the TPM
16014 proof that digest was created by the TPM
16254 If the TPM is in Failure mode, command audit is not functional.
16277 the TPM will check both setList and clearList are empty (zero length). If so, then the algorithm is…
16563 In TPM 1.2, an Event was hashed using SHA-1 and then the 20-octet digest was extended to a PCR
16566 Event with each being extended to a different PCR, the Event data may be sent to the TPM for hashin…
16573 To support recording of an Event that is larger than the TPM input buffer, the caller may use the
16626 For each list entry, the TPM will check to see if pcrNum is implemented for that algorithm. If so, …
16675 If the caller includes digests for algorithms that are not implemented, then the TPM will fail the …
16678 hashAlg will fail and the TPM will return TPM_RC_HASH.
16680 If the TPM unmarshals the hashAlg of a list entry and the unmarshaled value is not a hash algorithm
16681 implemented on the TPM, the TPM shall return TPM_RC_HASH.
16683 processed but no action is taken by the TPM.
16918 A TPM shall support an Event.size of zero through 1,024 inclusive (Event.size is an octet count). An
16928 computed in preparation for extending the data into the PCR. At the option of the TPM, the list may
16932 Assume a TPM that implements a SHA1 bank and a SHA256 bank and that PCR[22] is only
17165 The TPM will process the list of TPMS_PCR_SELECTION in pcrSelectionIn in order. Within each
17166 TPMS_PCR_SELECTION, the TPM will process the bits in the pcrSelect array in ascending PCR order
17168 TPM will add the digest of the PCR to the list of values to be returned in pcrValue.
17169 The TPM will continue processing bits until all have been processed or until pcrValues would be too…
17339 The TPM will evaluate the request and, if sufficient memory is available for the requested allocati…
17340 TPM will store the allocation request for use during the next TPM2_Startup(TPM_SU_CLEAR) operation.
17344 than once, then the last selection in the pcrAllocation list is the one that the TPM will attempt t…
17347 etc. In the response to this command, the TPM returns the maximum number of PCR allowed for any
17350 allow the TPM to return information about the size needed for the requested allocation and the size
17356 Even if this command does not cause the PCR allocation to change, the TPM cannot have its state
17358 command as it is not expected to be used more than once in the lifetime of the TPM (it can be used
17567 allowing a policy. If the TPM implementation does not allow a policy for pcrNum, the TPM shall retu…
17573 Before this command is first executed on a TPM or after TPM2_ChangePPS(), the access control on the
17581 …ize of the data buffer in authPolicy is not the size of a digest produced by hashAlg, the TPM shall
17800 specification as allowing an authorization value. If the TPM implementation does not allow an
17801 authorization for pcrNum, the TPM shall return TPM_RC_VALUE. A platform-specific specification may
17999 If pcrHandle references a PCR that cannot be reset, the TPM shall return TPM_RC_LOCALITY.
18183 This indication from the TPM interface indicates the start of a dynamic Core Root of Trust for
18184 Measurement (D-CRTM) measurement sequence. On receipt of this indication, the TPM will initialize an
18186 If no object memory is available for creation of the sequence context, the TPM will flush the conte…
18192 object context slot is available or to deal with the consequences of having the TPM select an
18331 This indication from the TPM interface indicates arrival of one or more octets of data that are to …
18334 implemented on the TPM.
18418 // data provided. NOTE: the implementation could be done such that the TPM
18446 This indication from the TPM interface indicates the end of the CRTM measurement. This indication is
18447 discarded and no other action performed if the TPM does not contain a CRTM Event sequence context.
18452 If the CRTM Event sequence occurs after TPM2_Startup(), the TPM will set all of the PCR designated …
18454 specific specification, and increment restartCount. The TPM will then Extend the Event Sequence
18490 complete before TPM2_Startup() or the sequence will have no effect on the TPM.
18727 policySession→nonceTPM, then the TPM shall return TPM_RC_VALUE.
18739 expiration, the TPM shall return TPM_RC_EXPIRED. If nonceTPM is the Empty buffer, and expiration
18740 is non-zero, then the TPM shall return TPM_RC_EXPIRED.
18741 c) timeout – This parameter is compared to the current TPM time. If policySession→timeout is in the
18742 past, then the TPM shall return TPM_RC_EXPIRED.
18755 1) the TPM shall return TPM_RC_CPHASH if policySession→cpHash does not have its default
18761 2) the TPM shall return TPM_RC_SIZE
18868 If cpHash is not the Empty String when a policy command attempts to update it, the TPM will return
18874 this value with a larger value (longer into the future), the TPM will discard the update value. Thi…
18890 value and its value is not the same as pcrUpdateCounter, the TPM shall return
18922 the same way. The different commands simply indicate to the TPM the format used for the authValue
18941 and the policy update succeeds, then the TPM will return a ticket that includes a value indicating …
18950 TPM
18986 reference. The timeout parameter is an absolute time, using TPM Clock as the reference.
19022 If policySession is a trial session, the TPM will not check the signature and will update
19025 If policySession is not a trial session, the TPM will validate auth and only perform the update if …
19078 The TPM will perform the parameter checks listed in 25.2.2
19079 If the parameter checks succeed, the TPM will construct a test digest (tHash) over the provided
19081 If tHash does not match the digest of the signed aHash, then the authorization fails and the TPM sh…
19105 The TPM will optionally produce a ticket as described in 25.2.5.
19181 supported on the TPM.
19232 the TPM when the ticket expires
19284 the signing scheme of auth is not supported by the TPM
19591 // TPM-specific.
19638 “If a policy session is used and use of the authValue of authHandle is not required, the TPM will r…
19640 The secret is the authValue of authObject, which may be any TPM entity with a handle and an associa…
19658 The TPM will optionally produce a ticket as described in 25.2.5.
19746 supported on the TPM.
19782 the TPM when the ticket expires; this ticket will use the
19996 // TPM-specific.
20042 If the checks succeed, the TPM uses the timeout, cpHashA, policyRef, and keyName to construct a tic…
20043 to compare with the value in ticket. If these tickets match, then the TPM will create a TPM2B_NAME
20105 The contents are TPM specific. This shall be the value
20134 an authorization ticket returned by the TPM in response
20278 // Restore timeout data. The format of timeout buffer is TPM-specific.
20373 This command allows options in authorizations without requiring that the TPM evaluate all of the op…
20374 If a policy may be satisfied by different sets of conditions, the TPM need only evaluate one set th…
20378 policySession→policyDigest does not match any value in the list, the TPM shall return TPM_RC_VALUE.
20381 If policySession is a trial session, the TPM will assume that policySession→policyDigest matches on…
20391 The TPM makes no check to see if the size of an entry matches the size of the digest of the
20406 A TPM shall support a list with at least eight tagged digest values.
20650 updated using the values from the command rather than the values from digest of the TPM PCR.
20651 The TPM will modify the pcrs parameter so that bits that correspond to unimplemented PCR are CLEAR.
20652 If policySession is not a trial policy session, the TPM will use the modified value of pcrs to sele…
20655 then it is compared to digestTPM; and if the values do not match, the TPM shall return TPM_RC_VALUE
20684 After this command completes successfully, the TPM shall return TPM_RC_PCR_CHANGED if the policy
20686 The TPM uses a “generation” number (pcrUpdateCounter) that is incremented each time PCR are
20695 have occurred. If the values are different, the TPM shall return TPM_RC_PCR_CHANGED. If
20698 If policySession is a trial policy session, the TPM will not check any PCR and will compute:
20707 The pcrs parameter is expected to match the configuration of the TPM for which the policy is being
20708 computed which may not be the same as the TPM on which the trial policy is being computed.
21005 TPM will validate that policySession→commandLocality is has not previously been set or that the cur…
21007 When locality is not an extended locality, the TPM will validate that the policySession→commandLoca…
21008 is not set or is not set to an extended locality value (TPM_RC_RANGE). If not the TPM will disable …
21010 enabled, the TPM will return TPM_RC_RANGE.
21337 If policySession is a trial policy session, the TPM will update policySession→policyDigest as shown…
21346 If TPMA_NV_WRITTEN is not SET in the NV Index, the TPM shall return TPM_RC_NV_UNINITIALIZED.
21347 The TPM will validate that the size of operandB plus offset is not greater than the size of the NV …
21348 it is, the TPM shall return TPM_RC_SIZE.
21349 The TPM will perform the indicated arithmetic check on the indicated portion of the selected NV Ind…
21350 the check fails, the TPM shall return TPM_RC_POLICY and not change policySession→policyDigest. If
21351 the check succeeds, the TPM will hash the arguments:
21954 If policySession is a trial policy session, the TPM will update policySession→policyDigest as shown…
21957 The TPM will perform the indicated arithmetic check on the indicated portion of the TPMS_TIME_INFO
21958 structure. If the check fails, the TPM shall return TPM_RC_POLICY and not change
21959 policySession→policyDigest. If the check succeeds, the TPM will hash the arguments:
22507 policySession→commandCode does not have its default value, then the TPM will return
22509 If code is not implemented, the TPM will return TPM_RC_POLICY_CC.
22510 If the TPM does not return an error, it will update policySession→policyDigest by
22519 expression is improperly formed but the TPM does not return an error.
22525 When the policy session is used to authorize a command, the TPM will fail the command if the
22939 If policySession→cpHash is already set and not the same as cpHashA, then the TPM shall return
22940 TPM_RC_VALUE. If cpHashA does not have the size of the policySession→policyDigest, the TPM shall
23196 This command allows a policy to be bound to a specific set of TPM entities without being bound to t…
23209 If policySession→cpHash is already set, the TPM shall return TPM_RC_VALUE. If the size of nameHash
23210 is not the size of policySession→policyDigest, the TPM shall return TPM_RC_SIZE. Otherwise,
23491 If either policySession→cpHash or policySession→nameHash has been previously set, the TPM shall
23818 signed (symmetric or asymmetric) by keySign. That signature is then checked by the TPM in
23831 If the first two octets of keySign are not a valid hash algorithm, the TPM shall return TPM_RC_HASH…
23832 the remainder of the Name is not the size of the indicated digest, the TPM shall return TPM_RC_SIZE.
23833 The TPM validates that the approvedPolicy matches the current value of policySession→policyDigest a…
23835 The TPM then validates that the parameters to TPM2_PolicyAuthorize() match the values used to
23836 generate the ticket. If so, the TPM will reset policySession→policyDigest to a Zero Digest. Then it…
23844 If the ticket is not valid, the TPM shall return TPM_RC_POLICY.
24380 reason that two commands are present is to indicate to the TPM if the hmac field in the authorizati…
24565 This command returns the current policyDigest of the session. This command allows the TPM to be used
24726 If policySession→checkNVWritten is SET, the TPM will return TPM_RC_VALUE if
24728 If the TPM does not return and error, it will update policySession→policyDigest by
24734 When the policy session is used to authorize a command, the TPM will fail the command if
24998 The TPM will derive the object from the Primary Seed indicated in primaryHandle using an approved
25003 Seed, the TPM shall produce the same Primary Object.
25135 the creation data was produced by the TPM
25390 When this command is used to CLEAR phEnable, shEnable, or ehEnable, the TPM will disable use of
25393 When this command is used to CLEAR shEnable, the TPM will disable access to any NV index that has
25395 long as shEnable is CLEAR, the TPM will return an error in response to any command that attempts to
25397 When this command is used to CLEAR phEnableNV, the TPM will disable access to any NV index that
25399 As long as phEnableNV is CLEAR, the TPM will return an error in response to any command that
26445 This command removes all TPM context associated with a specific Owner.
26457 change the SPS to a new value from the TPM’s random number generator (RNG),
26499 the TPM shall return TPM_RC_DISABLED.
26789 The TPM will SET the TPM’s TPMA_PERMANENT.disableClear attribute if disable is YES and will
27161 // on the TPM.
27213 A TPM is required to have support for logic that will help prevent a dictionary attack on an author…
27215 HMAC authorization fails. When the counter reaches a predefined value, the TPM will not accept, for
27216 some time interval, further requests that require authorization and the TPM is in Lockout mode. Whi…
27217 TPM is in Lockout mode, the TPM will return TPM_RC_LOCKED if the command requires use of an
27222 However, a command that requires multiple authorizations will not be accepted when the TPM is in
27226 If the TPM is continuously powered for the duration of newRecoveryTime and no authorization failures
27239 This command cancels the effect of a TPM lockout due to a number of successive authorization failur…
27407 Use of Time means that the TPM shall be continuously powered for the duration of a timeout.
27410 failures will not cause the TPM to enter lockout.
27411 If newMaxTries is zero, the TPM will be in lockout and use of DA protected entities will be disable…
27836 This command allows the platform to change the set of algorithms that are used by the TPM. The
27838 …changing of the algorithm set results in a change of the algorithms of PCR banks, then the TPM will
27841 TPM_SU_CLEAR, the TPM shall return TPM_RC_VALUE and enter Failure mode.
27897 a TPM vendor-dependent value indicating the
28008 This clause contains the commands for managing field upgrade of the firmware in the TPM. The field
28009 upgrade scheme may be used for replacement or augmentation of the firmware installed in the TPM.
28019 parameters to the TPM data set.
28031 is from the TPM manufacturer and that proper authorization is provided using platformPolicy.
28035 upgrade be signed by the PM or the TPM owner and include any other constraints that are desired
28038 If the proper authorization is given, the TPM will retain the signed digest and enter the Field Upg…
28039 mode (FUM). While in FUM, the TPM will accept TPM2_FieldUpgradeData() commands. It may accept
28044 TPM manufacturer. That signature and first block digest are the parameters for
28045 TPM2_FieldUpgradeStart(). The digest is saved in the TPM as the required digest for the next field
28047 For each field upgrade data block that is sent to the TPM by TPM2_FieldUpgradeData(), the TPM shall
28048 validate that the digest matches the required digest and if not, shall return TPM_RC_VALUE. The TPM
28052 TPM2_FieldUpdateData(). If the TPM is able to resume operation using the firmware present when the
28053 upgrade started, then the TPM will indicate that it has abandon the update by setting the digest of…
28054 next block to the Empty Buffer. If the TPM cannot abandon the update, it will return the expected n…
28056 The system may also attempt to abandon the update because of a power interruption. If the TPM is ab…
28057 to resume normal operations, then it will respond normally to TPM2_Startup(). If the TPM is not abl…
28061 when the power interruption occurred. In such case, the TPM firmware may be reset to one of two oth…
28069 the firmware that was in the TPM when the field upgrade process started (“previous firmware”).
28071 The TPM retains the digest of the first block for these firmware images and checks to see if the fi…
28088 The TPM is required to accept the previous firmware as either a vendor -provided update or as
28089 recovered from the TPM using TPM2_FirmwareRead().
28091 When the last block of the firmware upgrade is loaded into the TPM (indicated to the TPM by data in…
28092 data block in a TPM vendor-specific manner), the TPM will complete the upgrade process. If the TPM
28094 TPM_ALG_NULL and return TPM_RC_SUCCESS. If a reboot is required, the TPM shall return
28095 TPM_RC_REBOOT in response to the last TPM2_FieldUpgradeData() and all subsequent TPM
28099 Because no additional data is allowed when the res ponse code is not TPM_RC_SUCCESS, the TPM
28101 manner, the TPM is able to indicate the digest of the next block. If a _TPM_Init occurs while the
28102 TPM is in FUM, the next block may be the digest for the first block of the original firmware. If it…
28103 not, then the TPM will not accept the original firmware until the next _TPM_Init when the TPM is in
28106 During the field upgrade process, the TPM shall preserve:
28153 This command uses platformPolicy and a TPM Vendor Authorization Key to authorize a Field Upgrade
28172 TPM
28179 that is the same as a value that is part of the TPM firmware data. If the signature is not valid, t…
28233 handle of a public area that contains the TPM Vendor
28338 This command will take the actual field upgrade image to be installed on the TPM. The exact format …
28343 TPM
28350 TPM2_FieldUpgradeStart(), then the TPM shall return TPM_RC_FIELDUPGRADE.
28351 The TPM will validate that the digest of fuData matches an expected value. If so, the TPM may buffe…
28352 immediately apply the update. If the digest of fuData does not match an expected value, the TPM sha…
28502 This command is used to read a copy of the current firmware installed in the TPM.
28504 would be the first block given to the TPM in case of a failure recovery. If the TPM2_FirmwareRead
28505 …nce completes successfully, then the data provided from the TPM will be sufficient to allow the TPM
28507 To start the sequence of retrieving the data, the caller sets sequenceNumber to zero. When the TPM
28508 returned all the firmware data, the TPM will return the Empty Buffer as fuData.
28512 The caller should retain the ordering of the update blocks so that the blocks sent to the TPM have
28517 Support for this command is optional even if the TPM implements TPM2_FieldUpgradeStart() and
28665 objects in TPM memory. Background for this command may be found in the "Owner and Platform Evict
28672 This command saves a session context, object context, or sequence object context outside the TPM.
28679 TPM and, because this capability would provide no application benefit, use of authorization ses sio…
28682 The TPM shall encrypt and integrity protect the context as described in the "Context Protection" cl…
28998 // If object context ID overflows, TPM should be put in failure mode
29180 The TPM will return TPM_RC_HIERARCHY if the context is associated with a hierarchy that is disabled.
29187 If the integrity HMAC of the saved context is not valid, the TPM shall return TPM_RC_INTEGRITY.
29188 The TPM shall perform a check on the decrypted context as described in the "Context Confidentiality
29501 // Check fingerprint. If the check fails, TPM should be put to failure mode
29643 This command causes all context associated with a loaded object or session to be removed from TPM
29645 This command may not be used to remove a persistent object from the TPM.
29646 A session does not have to be loaded in TPM memory to have its context flushed. The saved session
29667 …andle is for a transient object and the handle is not associated with a loaded object, then the TPM
29670 then the TPM shall return TPM_RC_HANDLE.
29673 flushHandle is a parameter and not a handle. If it were in the handle area, the TPM would validate
29674 that the context for the referenced entity is in the TPM. When a TPM2_FlushContext references a
29675 saved session context, it is not necessary for the context to be in the TPM .
29876 A transient object is one that may be removed from TPM memory using either TPM2_FlushContext
29877 or TPM2_Startup(). A persistent object is not removed from TPM memory by TPM2_FlushContext()
29883 Before execution of TPM2_EvictControl code below, the TPM verifies that objectHandle references an
29884 object that is resident on the TPM and that persistentHandle is a valid handle for a persistent obj…
29891 a) The TPM shall return TPM_RC_ATTRIBUTES if
29895 b) The TPM shall return TPM_RC_HIERARCHY if the object is not in the proper hierarchy as
29900 c) The TPM shall return TPM_RC_RANGE if persistentHandle is not in the proper range as determined
29906 d) The TPM shall return TPM_RC_NV_DEFINED if a persistent object exists with the same handle as
29908 e) The TPM shall return TPM_RC_NV_SPACE if insufficient space is available to make the object
29912 The TPM shall return TPM_RC_NV_SPACE if execution of this command will prevent the TPM from
29916 This requirement anticipates that a TPM may be implemented such that all TPM memory is non volatile…
29917 between memory of different types and it is necessary that the TPM ensure that it is always
29918 possible for the management software to move objects to/from TPM memory in order to ensure
29934 g) If the TPM returns TPM_RC_SUCCESS, the object referenced by objectHandle will not be flushed
29937 h) The TPM shall return TPM_RC_RANGE if objectHandle is not in the proper range as determined by
29943 If the TPM returns TPM_RC_SUCCESS, objectHandle will be removed from persistent memory and
30434 This command is used to advance the value of the TPM’s Clock. The command will fail if newTime is l…
30436 these checks succeed, Clock is set to newTime. If either of these checks fails, the TPM shall return
30441 the Clock update rate was set so that TPM time was passing 33 percent faster than real time. This
30443 over in the lifetime of the TPM, there is no need for external software to deal with the possibilit…
30447 TPMS_CLOCK_INFO.clock differ by more than the reported update interval, then the TPM shall update
30645 the input frequency, the TPM shall return TPM_RC_VALUE.
30648 If the frequency tolerance of the TPM's input clock is +/-10 percent, then the TPM will return
30662 Changes to the current Clock update rate adjustment need not be persisted across TPM power cycles.
30799 The TPM has numerous values that indicate the state, capabilities, and properties of the TPM. These
30800 values are needed for proper management of the TPM. The TPM2_GetCapability() command is used to
30808 TPM2_TestParms()is used to determine if a TPM supports a particular combination of algorithm
30814 This command returns various information regarding the TPM and its current state.
30820 The list of handles of transient objects currently loaded in the TPM may be read one at a time. On
30827 requested. The TPM will return the number of requested values (propertyCount) or until the last pro…
30840 The TPM is not required to return more than one value at a time. It is not required to provide the …
30844 A TPM may return 4 properties in response to a TPM2_GetCapability(capability =
30846 latter request with the same parameters, the TPM may return as few as one and as many as 8
30849 When the TPM is in Failure mode, a TPM is required to allow use of this command for access of the
30907 A vendor may optionally allow the TPM to return other values.
30908 If in Failure mode and a capability is requested that is not available in Failure mode, the TPM sha…
30912 Assume the TPM is in Failure mode and the TPM only supports reporting of the minimum required
30915 TPM_PT_FIRMWARE_VERSION_2, the TPM will return a zero length list with the moreData
30916 parameter set to NO. If the property type is less than TPM_PT_M ANUFACTURER, the TPM will
30919 In Failure mode, tag is required to be TPM_ST_NO_SESSIONS or the TPM shall return
31021 If the MSO of property is TPM_HT_NV_INDEX, then the TPM will return a list of NV Index
31023 If the MSO of property is TPM_HT_PCR, then the TPM will return a list of PCR.
31029 returned values will have the TPM_HT_HMAC_SESSION handle type because the TPM does not
31037 the TPM return a list of loaded HMAC sessions without including the policy sessions.
31040 implemented in the TPM, starting with the TPM_CC indicated by the property parameter. If vendor
31062 property parameter shall be zero. The TPM will always respond to this command with the full PCR
31068 …56value boundary (that is, the boundary occurs when the TPM_PT is evenly divisible by 256). The TPM
31105 in the TPM.
31109 If no next capability exists, the TPM will return a zero-length list and moreData will have a value…
31517 The TPM will unmarshal the provided TPMT_PUBLIC_PARMS. If the parameters unmarshal correctly,
31518 then the TPM will return TPM_RC_SUCCESS, indicating that the parameters are valid for the TPM. The
31519 TPM will return the appropriate unmarshaling error if a parameter is not valid.
31669 NV Index, then the nvIndex parameter must have the same value or the TPM will return
31726 When an NV counter is created, the TPM shall initialize the 8-octet counter value with a number tha…
31727 greater than any count value for any NV counter on the TPM since the time of TPM manufacture.
31729 …ected to be modified at a high frequency and that the data is only required to persist when the TPM
31730 goes through an orderly shutdown process. The TPM may update the counter value in RAM and
31734 Before an NV counter can be used, the TPM shall validate that the count is not less than a previous…
31735 reported value. If the TPMA_NV_ORDERLY attribute is not SET, or if the TPM experienced an orderly
31737 TPM shutdown was not orderly, then the TPM shall OR MAX_ORDERLY_COUNT to the contents of the
31741 Because the TPM would have updated the NV Index if the difference between the count values was
31747 The TPM may implement the RAM portion of the counter such that the effective value of the NV
31748 counter is the sum of both the volatile and non-volatile parts. If so, then the TPM may initialize …
31753 When a new NV counter is created, the TPM may search all the counters to determine which has the
31754 highest value. In this search, the TPM would use the sum of the non -volatile and RAM portions of
31756 (orderly or not) of the TPM.
31776 This command defines the attributes of an NV Index and causes the TPM to reserve space to hold the
31777 data associated with the NV Index. If a definition already exists at the NV Index, the TPM will ret…
31779 The TPM will return TPM_RC_ATTRIBUTES if more
31793 The TPM shall return TPM_RC_ATTRIBUTES if TPMA_NV_WRITTEN, TPM_NV_READLOCKED, or
31796 the TPM shall return TPM_RC_SIZE.
31798 publicInfo.nameAlg or the TPM shall return TPM_RC_SIZE.
31799 If the NV Index is an ordinary Index and publicInfo→dataSize is larger than supported by the TPM
31800 implementation then the TPM shall return TPM_RC_SIZE.
31808 TPMA_NV_POLICYREAD shall be SET or the TPM shall return TPM_RC_ATTRIBUTES.
31813 TPMA_NV_POLICYWRITE shall be SET or the TPM shall return TPM_RC_ATTRIBUTES.
31814 If TPMA_NV_CLEAR_STCLEAR is SET, then TPMA_NV_COUNTER shall be CLEAR or the TPM shall
31819 the TPM shall return TPM_RC_ATTRIBUTES.
31820 If TPMA_NV_POLICY_DELETE is SET, then the authorization shall be with platformAuth or the TPM
31827 TPM
31838 TPM
31849 TPM
31855 If the implementation does not support TPM2_NV_UndefineSpaceSpecial(), the TPM shall return
31873 In some implementations, an NV Index with the TPMA_NV_COUNTER attribute may require special TPM
31875 fails because of lack of resources, the TPM will return TPM_RC_NV_SPACE.
32337 This command removes an Index from the TPM.
32338 If nvIndex is not defined, the TPM shall return TPM_RC_HANDLE.
32339 If nvIndex references an Index that has its TPMA_NV_PLATFORMCREATE attribute SET, the TPM shall
32548 If nvIndex is not defined, the TPM shall return TPM_RC_HANDLE.
32558 TPMA_NV_POLICY_DELETE attribute CLEAR, the TPM shall return TPM_RC_NV_ATTRIBUTES.
32924 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
32932 TPM shall return TPM_RC_NV_ATTRIBUTE.
32934 the NV Index data, the TPM shall return TPM_RC_NV_RANGE and not write any data to the NV Index.
32935 If the TPMA_NV_WRITEALL attribute of the NV Index is SET, then the TPM shall return
32938 If all checks succeed, the TPM will merge the data.size octets of data.buffer value into the nvInde…
32940 limitations, the TPM shall check that the merged data is different from the current contents of the…
33228 TPM
33234 If TPMA_NV_WRITELOCKED is SET, the TPM shall return TPM_RC_NV_LOCKED.
33240 If a TPM implements TPMA_NV_ORDERLY and an Index is defined with TPMA_NV_ORDERLY and
33440 // Read NV data in native format for TPM CPU.
33506 If TPMA_NV_EXTEND is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
33515 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
33841 If TPMA_NV_BITS is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
34117 TPM shall return TPM_RC_ATTRIBUTES.
34119 is SET, then the TPM shall SET TPMA_NV_WRITELOCKED for the NV Index.
34570 If TPMA_NV_READLOCKED of the NV Index is SET, then the TPM shall return TPM_RC_NV_LOCKED.
34577 Index data area, the TPM shall return TPM_RC_NV_RANGE and not read any data from the NV Index.
34821 TPM shall SET TPMA_NV_READLOCKED for the NV Index. If TPMA_NV_READ_STCLEAR of the NV
34822 Index is CLEAR, then the TPM shall return TPM_RC_NV_ATTRIBUTE. TPMA_NV_READLOCKED will