Lines Matching refs:then
976 If a handle does not have this symbol, then an authorization session is not allowed.
994 throttling by the TPM. If the command code does not have this notation, then a write to NV
1073 If the handle references an NV Index, then the allowed authorizations are determined by the
1093 command or response is TPM_ST_SESSIONS, then a 32-bit value will be present in the
1178 a) If the TPM is in Failure mode, then the commandCode is TPM_CC_GetTestResult or
1188 c) If the TPM has not been initialized (TPM2_Startup()), then the commandCode is TPM_CC_Startup
1226 If the hierarchy for a transient object is disabled, then the transient objects will be flushe d so…
1229 2) If the handle references a persistent object, then
1239 iii) if the TPM implementation moves a persistent object to RAM for command processing then
1255 3) If the handle references an NV Index, then
1285 4) If the handle references a session, then the session context shall be present in TPM memory
1288 TPM_RH_OWNER, or TPM_RH_PLATFORM) then the enable for the hierarchy is SET
1290 6) If the handle references a PCR, then the value is within the range of PCR supported by the TPM
1319 TPM_RS_PW then the TPM shall return TPM_RC_HANDLE.
1397 physical presence, then physical presence is asserted (TPM_RC_PP).
1399 password, then the TPM is not in lockout (TPM_RC_LOCKOUT).
1420 d) If the command requires a handle to have DUP role authorization, then the associated authorizati…
1423 1) If the entity being authorized is an object and its adminWithPolicy attribute is SET, then the
1427 If adminWithPolicy is CLEAR, then any type of authorization session is allowed .
1429 2) If the entity being authorized is an NV Index, then the associated authorization session is a po…
1451 1) If the entity being authorized is an object and its userWithAuth attribute is CLEAR, then the
1470 g) If the authorization is provided by a policy session, then:
1494 3) if policySession→commandCode has been set, then commandCode of the command shall match
1515 5) if policySession→pcrUpdateCounter has been set, then it shall match the value of
1519 7) if the authorization uses an HMAC, then the HMAC is properly constructed using the authValue
1524 For a bound session, if the handle references the object us ed to initiate the session, then the
1531 If the TPM returns an error other than TPM_RC_AUTH_FAIL then the TPM shall not alter any TPM state.
1532 If the TPM return TPM_RC_AUTH_FAIL, then the TPM shall not alter any TPM state other than
1544 allow a command parameter to be encrypted, then the TPM will return TPM_RC_ATTRIBUTES.
1698 authorization attributes. The TPM will then generate a new nonce value for each session and, if
1748 command fails (the responseCode is not TPM_RC_SUCCESS), then the tag parameter in the response
1796 is returned, then the TPM state is not changed and the same command may be
1868 manager needs to find the correct object and load it. It may then adjust the
1899 TPM resource manager needs to find the correct session and load it. It may then
1926 TPM_RC_SESSIONS, then the rest of the response has the format indicated in
2082 receiving TPM2_Startup() or TPM2_FieldUpgradeData(), then the TPM may be able to accept
2325 If the startupType is TPM_SU_STATE and the TPM requires TPM_SU_CLEAR, then the TPM shall return
2334 If startupType is neither TPM_SU_STATE nor TPM_SU_CLEAR, then the unmarshaling code returns
2742 changes TPM state saved by this command, then the effect of this command is nullified. The TPM MAY
2745 next TPM2_Startup(), then the next TPM2_Startup() shall be TPM2_Startup(CLEAR).
3189 If toTest is not an empty list, the TPM shall return TPM_RC_SUCCESS for this command and then return
3194 If toDoList is empty, then no additional tests are required and TPM_RC_TESTING will not be
3199 If none of the algorithms listed in toTest is in the toDoList, then no tests will be performed.
3206 return TPM_RC_SUCCESS for this command and then return TPM_RC_TESTING for all
3355 TPM is in Failure mode, then tag is required to be TPM_ST_NO_SESSIONS or the TPM shall return
3495 session key (sessionKey). The session key is then used to derive values used for authorization and …
3502 If tpmKey Is TPM_RH_NULL, then encryptedSalt is required to be an Empty Buffer.
3517 If both tpmKey and bind are TPM_ALG_NULL, then sessionKey is set to the Empty Buffer. If tpmKey is
3518 not TPM_ALG_NULL, then encryptedSalt is used in the computation of sessionKey. If bind is not
3520 If symmetric specifies a block cipher, then TPM_ALG_CFB is the only allowed value for the mode fiel…
3547 If the TPM implements a “gap” scheme for assigning contextID values, then the TPM shall return
3550 If tpmKey is not TPM_ALG_NULL then encryptedSalt shall be a TPM2B_ENCRYPTED_SECRET of the
3984 // then the mode must be CFB.
4032 PCR are valid for the policy, the policy may then succeed.
4217 4) The TPMT_PUBLIC.unique.sym.buffer value for the new object is then generated, as shown in
4226 1) If sensitive.data is not the Empty Buffer, then the TPM shall return TPM_RC_VALUE.
4248 the public area of the template, then the TPM shall return TPM_RC_SCHEME.
4250 area of the template, then the TPM shall return TPM_RC_KDF.
4282 5) The TPMT_PUBLIC.unique.sym.buffer value for the new object is then generated, as shown in
4296 If the object being created is a Storage Key and inPublic.objectAttributes.fixedParent is SET, then…
4981 // If the parent is fixedTPM, then the attributes of the object
4984 // check, then the values are valid
5049 // If parent doesn't have fixedTPM SET, then this can't have
5126 resident on a different TPM. If both the public and private parts of the key are loaded, then it is…
5136 If nameAlg is TPM_ALG_NULL, then the Name is the Empty Buffer. When the authorization value for
5152 If nameAlg is not TPM_ALG_NULL, then the same consistency checks between inPublic and inPrivate
5186 If a key is loaded with hierarchy set to TPM_RH_NULL, then TPM2_VerifySignature() will produce a
5717 If both the public and private portions of activateHandle and keyHandle are not loaded, then the TPM
5719 If keyHandle is not a Storage Key, then the TPM shall return TPM_RC_TYPE.
6287 If either restricted, decrypt, or sign is SET in the attributes of itemHandle, then the TPM shall r…
6288 TPM_RC_ATTRIBUTES. If the type of itemHandle is not TPM_ALG_KEYEDHASH, then the TPM shall
6479 …n of the key is a well known value so that the key can be used generally, then changing the author…
6761 If encryptedDuplication is SET in the object being duplicated, then the TPM shall return
6797 If the compared hashes are not the same, then the TPM shall return TPM_RC_POLICY_FAIL.
6806 TPM2_PolicyCpHash() as part of the policy. If neither is present, then the duplication policy may be
6904 symmetricAlg was TPM_ALG_NULL, then this will be
7056 // If the duplicates object has encryptedDuplication SET, then there must be
7196 use of the oldParent is provided, then an HMAC key and a symmetric key are recovered from inSymSeed
7202 If inSymSeed has a zero length, then oldParent is required to be TPM_RH_NULL and no decryption of
7204 If newParent is TPM_RH_NULL, then no encryption is performed on outDuplicate. outSymSeed will have
7633 If encryptedDuplication is SET in the object referenced by parentHandle, then encryptedDuplication …
7670 encryption is performed, then the integrity value shall be present.
7672 If the inner or outer wrapper is present, then a valid integrity value shall be present or the TPM …
7680 the parent has fixedTPM CLEAR, then the binding needs to be checked each time the object is
7685 If the new parent is not fixedTPM, then that object will be loadable on any TPM (including SW
7688 parent is fixedTPM, then the new private blob is integrity protected by the TPM that “owns” the
7765 If symmetricAlg is TPM_ALG_NULL, then this
8172 // If the parent of this object has fixedTPM SET, then fully validate this
8235 (PKCS#1). If the scheme of keyHandle is TPM_ALG_NULL, then the caller may use inScheme to specify
8236 the padding scheme. If scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be
8368 The label parameter is optional. If provided (label.size != 0) then the TPM shall return TPM_RC_VAL…
8671 keyHandle (this is described in PKCS#1v2.1, clause 5.1.2). It will then validate the padding accord…
9595 If this command is supported, then support for TPM_ALG_ECDH is required. Support for
9599 If SM2 is supported and this command is supported, then the implementation is required to support
9628 If the input scheme is TPM_ALG_ECDH, then outZ1 will be Zs and outZ2 will be Ze. For schemes like
9634 If a computation of either Z produces the point at infinity, then the corresponding Z value will be…
9865 // if the scheme of keyA is TPM_ALG_NULL, then use the input scheme; otherwise
10021 block and that block is encrypted. The encrypted block is then input to the encryption of the
10022 next block. The last ciphertext block then is used as an IV for the next buffer.
10072 If the TPM allows this command to be canceled before completion, then the TPM may produce
10123 if YES, then the operation is decryption; if NO, the
10304 // If the mode is null, then we have a problem.
10436 If the data buffer to be hashed is larger than will fit into the TPM’s input buffer, then the seque…
10439 …esults of the hash will be used in a signing operation that uses a restricted signing key, then the
10441 If the digest is not safe to sign, then the TPM will return a TPMT_TK_HASHCHECK with the hierarchy …
10443 If hierarchy is TPM_RH_NULL, then digest in the ticket will be the Empty Buffer.
10670 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
10671 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
10673 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
10679 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC. Howe…
10889 // if the key is restricted, then need to use the scheme of the key and the
10902 // if the hashAlg is TPM_ALG_NULL, then the input hashAlg is not compatible
11277 If the sign attribute is not SET in the key referenced by handle then the TPM shall return
11278 TPM_RC_ATTRIBUTES. If the key type is not TPM_ALG_KEYEDHASH then the TPM shall return
11280 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
11283 If the key referenced by handle is not restricted, then the TPM will use hashAlg for the HMAC; unle…
11580 // if the key is restricted, then need to use the scheme of the key and the
11593 // if the algorithm selection ended up with TPM_ALG_NULL, then either the
11647 This command starts a hash or an Event sequence. If hashAlg is an implemented hash, then a hash
11648 sequence is started. If hashAlg is TPM_ALG_NULL, then an Event sequence is started. If hashAlg is
11649 neither an implemented algorithm nor TPM_ALG_NULL, then the TPM shall return TPM_RC_HASH.
11824 … sequence is intended to produce a digest that will be signed by a restricted signing key, then the
12097 signing key, then the ticket returned by this command can indicate that the hash is safe to sign.
12098 If the digest is not safe to sign, then validation will be a TPMT_TK_HASHCHECK with the hierarchy s…
12103 TPM had fewer than sizeof(TPM_GENERATED) octets, then the TPM will operate as if digest is not
12106 If sequenceHandle references an Event sequence, then the TPM shall return TPM_RC_MODE.
12323 // If not, then this is the first block so see if it is 'safe'
12446 list. If pcrHandle references a PCR and not TPM_RH_NULL, then the returned digest list is processed…
12655 // if an extend is going to take place, then check to see if there has
12657 // state saved PCR, then the orderly state has to change. The orderly state
12758 scheme for signHandle is not TPM_ALG_NULL, then inScheme.scheme shall be TPM_ALG_NULL or the
12759 same as scheme in the public area of the key. If the scheme for signHandle is TPM_ALG_NULL, then
12764 an ECC key). If the caller sets scheme to TPM_ALG_NULL, then the default scheme of the key is used.
12765 If the handle for the signing key (signHandle) is TPM_RH_NULL, then all of the actions of the comma…
12803 If the signing scheme of signHandle is an anonymous scheme, then the attestation blocks will not co…
12806 most signing schemes, this value will be placed in the TPMS_ATTEST.extraData parameter that is then
12844 same Name as a Name certified with this command, then the values in that public area are correct.
12858 has not validated that the public area is associated with a matched sensitive area, then the public
13175 This ticket is then compared to creation ticket. If the tickets are not the same, the TPM shall ret…
13177 If the ticket is valid, then the TPM will create a TPMS_ATTEST structure and place creationHash of …
13179 included in the attestation data that is then signed using the key associated with signHandle.
13741 // compute PCR digest. If there is no algorithm, then the PCR cannot
13843 If this command is audited, then the audit digest that is signed will not include the digest of thi…
14193 If this command is being audited, then the signed digest produced by the command will not include t…
14889 For this command, p1, s2 and y2 are optional parameters. If s2 is an Empty Buffer, then the TPM sha…
15316 // if no p, then the curve ID is bad
15641 If the signature check succeeds, then the TPM will produce a TPMT_TK_VERIFIED. Otherwise, the TPM
15850 // then it can't be a keyed hash signing key
15929 If keyHandle references a restricted signing key, then validation shall be provided indicating that…
15934 If the hashed data did start with TPM_GENERATED_VALUE, then the validation will be a NULL
15937 If the scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be the same scheme as
15946 If inScheme is not a valid signing scheme for the type of keyHandle (or TPM_ALG_NULL), then the TPM
15948 If the scheme of keyHandle is an anonymous scheme, then inScheme shall have the same scheme
15953 If the validation parameter is not the Empty Buffer, then it will be checked even if the key refere…
16015 If keyHandle is not a restricted signing key, then this
16276 …he auditAlg parameter is a supported hash algorithm and not the same as the current algorithm, then
16277 the TPM will check both setList and clearList are empty (zero length). If so, then the algorithm is…
16278 …the audit digest is cleared. If auditAlg is TPM_ALG_NULL or the same as the current algorithm, then
16297 If a command code is in both setList and clearList, then it will not be audited (that is, setList s…
16349 TPM_ALG_NULL, then the hash is not changed
16563 In TPM 1.2, an Event was hashed using SHA-1 and then the 20-octet digest was extended to a PCR
16578 If a PCR may be associated with a policy, then the algorithm ID of that policy determines whether t…
16579 policy is to be applied. If the algorithm ID is not TPM_ALG_NULL, then the policy digest associated…
16581 TPM_ALG_NULL, then no policy is present and the authorization requires an EmptyAuth.
16582 If a platform-specific specification indicates that PCR are grouped, then all the PCR in the group …
16667 If no digest value is specified for a bank, then the PCR in that bank are not modified.
16675 If the caller includes digests for algorithms that are not implemented, then the TPM will fail the …
16922 If the command implements PCR[2] in a SHA1 bank and a SHA256 bank, then an extend to PCR[2]
16933 implemented in the SHA1 bank. If pcrHandle references PCR[22], then digests may contain either a
17167 …art 2 for definition of the PCR order). If a bit is SET, and the indicated PCR is present, then the
17343 If no allocation is specified for a bank, then no PCR will be allocated to that bank. If a bank is …
17344 than once, then the last selection in the pcrAllocation list is the one that the TPM will attempt t…
17352 then the allocationSuccess parameter will be YES.
17585 If hashAlg is TPM_ALG_NULL, then the size is required to be zero.
17991 If the attribute of a PCR allows the PCR to be reset and proper authorization is provided, then this
17997 PCR, then the appropriate return value is TPM_RC_VALUE.
18193 arbitrary object to be flushed. If this indication occurs before TPM2_Startup() then all context sl…
18283 // If a free slot was not available, then free up a slot.
18291 // failed indicating that all slots are occupied, then the first handle we
18301 // then there's a big problem
18410 // If there is no DRTM sequence object, then _TPM_Hash_Start
18454 specific specification, and increment restartCount. The TPM will then Extend the Event Sequence
18482 _TPM_Hash_End will complete the digest, initialize PCR[0] with a digest-size value of 4, and then e…
18583 // If the DRTM handle is not being used, then either _TPM_Hash_Start has not
18687 If the policySession parameter indicates a trial policy session, then the policySession→policyDiges…
18727 policySession→nonceTPM, then the TPM shall return TPM_RC_VALUE.
18737 b) expiration – If this parameter is not zero, then its absolute value is compared to the time in s…
18740 is non-zero, then the TPM shall return TPM_RC_EXPIRED.
18742 past, then the TPM shall return TPM_RC_EXPIRED.
18836 If arg3 is a TPM2B_NAME, then arg3.buffer will actually be an arg3.name.
18888 TPM2_PolicyPCR(). If it has its default value, then policySession→pcrUpdateCounter is set to the
18941 and the policy update succeeds, then the TPM will return a ticket that includes a value indicating …
18971 then
18974 TPM_ST_AUTH_SECRET and if produced by TPM2_PolicySigned() then ticketType is
19081 If tHash does not match the digest of the signed aHash, then the authorization fails and the TPM sh…
19235 If policyTicket is a NULL Ticket, then this shall be
19647 If the authorization check fails, then the normal dictionary attack logic is invoked.
20043 to compare with the value in ticket. If these tickets match, then the TPM will create a TPM2B_NAME
20050 If the structure tag of ticket is TPM_ST_AUTH_SECRET, then commandCode will be
20051 TPM_CC_PolicySecret. If the structure tag of ticket is TPM_ST_AUTH_SIGNED, then commandCode will
20409 If policies are to be portable between TPMs, then they should not use more than eight values.
20655 then it is compared to digestTPM; and if the values do not match, the TPM shall return TPM_RC_VALUE
20657 zero, then policySession→policyDigest is extended by:
20678 point if the PCR do not match. If the caller does not provide the expected PCR value, then the
20696 policySession→pcrUpdateCounter has not been set, then it is set to the current value of
21004 If locality has a value greater than 31, then an extended locality is indicated. For an extended lo…
21208 // If the locality has been previously set, then it needs to be the same
21291 // if the locality has already been set, then it must match the
22506 If policySession→commandCode has its default value, then it will be set to code. If
22507 policySession→commandCode does not have its default value, then the TPM will return
22518 If a previous TPM2_PolicyCommandCode() had been executed, then it is probable that the policy
22939 If policySession→cpHash is already set and not the same as cpHashA, then the TPM shall return
23469 If this command not used in conjunction with TPM2_PolicyAuthorize(), then only the new parent is
23482 If used in conjunction with TPM2_PolicyAuthorize(), then the authorizer of the new policy has the o…
23486 If the authorizing entity for an TPM2_PolicyAuthorize() only specifies the new parent, then that
23488 entity specifies both a new parent and the duplicated Object, then the authorization only applies to
23809 This command allows policies to change. If a policy were static, then it would be difficult to add …
23817 …e aHashAlg is required to be the nameAlg of the key used to sign the aHash. The aHash value is then
23818 signed (symmetric or asymmetric) by keySign. That signature is then checked by the TPM in
23829 The ticket is then used in TPM2_PolicyAuthorize() to validate the parameters.
23835 The TPM then validates that the parameters to TPM2_PolicyAuthorize() match the values used to
24169 If a policy does not use this command, then the hmacKey for the authorized command would only
24170 use sessionKey. If sessionKey is not present, then the hmacKey is an Empty Buffer and no HMAC
24368 TPM2_PolicyPassword() is part of the sequence, then the field will contain a password and not an
25590 // OwnerAuth/OwnerPolicy is provided. If ShEnable is disabled, then it
25604 // then it may only be enabled if PlatformAuth/PlatformPolicy is
25691 // CLEAR, then platformAuth cannot be used for authorization. This
25695 // is CLEAR, then this code could SET phEnable when proper platform
25764 If the enable associated with authHandle is not SET, then the associated authorization values (auth…
25816 If hashAlg is TPM_ALG_NULL, then this shall be an
25824 If the authPolicy is an Empty Buffer, then this field shall
26466 computation shall use the SPS as an HMAC key and the derived value may then be a parameter
26794 to CLEAR the disableClear attribute and then execute TPM2_Clear().
26980 If authHandle is TPM_RH_PLATFORM, then platformAuth is changed. If authHandle is
26981 TPM_RH_OWNER, then ownerAuth is changed. If authHandle is TPM_RH_ENDORSEMENT, then
26982 endorsementAuth is changed. If authHandle is TPM_RH_LOCKOUT, then lockoutAuth is changed.
26983 If authHandle is TPM_RH_PLATFORM, then Physical Presence may need to be asserted for this
26989 If SHA384 is used in the computation of the integrity values for saved contexts, then the largest
27409 If newRecoveryTime is zero, then DA protection is disabled. Authorizations are checked but authoriz…
27412 If lockoutRecovery is zero, then the recovery interval is a boot cycle (_TPM_Init followed by
27624 If a command is not in either list, its state is not changed. If a command is in both lists, then i…
27631 When a command requires that Physical Presence be provided, then Physical Presence shall be
27838 If the changing of the algorithm set results in a change of the algorithms of PCR banks, then the T…
28053 upgrade started, then the TPM will indicate that it has abandon the update by setting the digest of…
28057 to resume normal operations, then it will respond normally to TPM2_Startup(). If the TPM is not abl…
28058 resume normal operations, then it will respond to any command but TPM2_FieldUpgradeData() with
28103 not, then the TPM will not accept the original firmware until the next _TPM_Init when the TPM is in
28350 TPM2_FieldUpgradeStart(), then the TPM shall return TPM_RC_FIELDUPGRADE.
28505 sequence completes successfully, then the data provided from the TPM will be sufficient to allow th…
29667 If the handle is for a transient object and the handle is not associated with a loaded object, then…
29670 then the TPM shall return TPM_RC_HANDLE.
29836 // If the session to be flushed is the exclusive audit session, then
29880 If objectHandle is a transient object, then the call is to make the object persistent and assign
29881 …ndle to the persistent version of the object. If objectHandle is a persistent object, then the call
29902 1) If auth is TPM_RH_OWNER, then persistentHandle shall be in the inclusive range of
29904 2) If auth is TPM_RH_PLATFORM, then persistentHandle shall be in the inclusive range of
30003 if objectHandle is a transient object handle, then this is
30005 if objectHandle is a persistent object handle, then this
30447 TPMS_CLOCK_INFO.clock differ by more than the reported update interval, then the TPM shall update
30648 If the frequency tolerance of the TPM's input clock is +/-10 percent, then the TPM will return
30650 nominal. That is, if the input oscillator were nominally 100 megahertz (MHz), then 1 millisecond (m…
31021 If the MSO of property is TPM_HT_NV_INDEX, then the TPM will return a list of NV Index
31023 If the MSO of property is TPM_HT_PCR, then the TPM will return a list of PCR.
31518 then the TPM will return TPM_RC_SUCCESS, indicating that the parameters are valid for the TPM. The
31669 NV Index, then the nvIndex parameter must have the same value or the TPM will return
31678 If an Index was defined using platformAuth, then that Index is not accessible when phEnableNV is
31679 CLEAR. If an Index was defined using ownerAuth, then that Index is not accessible when shEnable is
31685 If an Index has been defined and not written, then any operation on the NV Index that requires read
31689 If TPMA_NV_CLEAR_STCLEAR is SET, then the TPMA_NV_WRITTEN will be CLEAR on each
31703 This means that, if authHandle references an NV Index, then nvIndex will have the same value.
31736 shutdown, then the count is assumed to be correct. If the TPMA_NV_ORDERLY attribute is SET, and the
31737 TPM shutdown was not orderly, then the TPM shall OR MAX_ORDERLY_COUNT to the contents of the
31748 counter is the sum of both the volatile and non-volatile parts. If so, then the TPM may initialize …
31795 If TPMA_NV_COUNTER or TPMA_NV_BITS is SET, then publicInfo→dataSize shall be set to eight (8) or
31797 If TPMA_NV_EXTEND is SET, then publicInfo→dataSize shall match the digest size of the
31800 implementation then the TPM shall return TPM_RC_SIZE.
31804 has TPMA_NV_ORDERLY SET, then the maximum size of an ordin ary NV Index may be less than
31814 If TPMA_NV_CLEAR_STCLEAR is SET, then TPMA_NV_COUNTER shall be CLEAR or the TPM shall
31816 If platformAuth/platformPolicy is used for authorization, then TPMA_NV_PLATFORMCREATE shall be
31820 If TPMA_NV_POLICY_DELETE is SET, then the authorization shall be with platformAuth or the TPM
32069 // clear, then we would not reach this point because ownerAuth
32294 // If TPMA_NV_POLICY_DELETE is SET, then the index must be defined by
32924 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
32931 If TPMA_NV_COUNTER, TPMA_NV_BITS or TPMA_NV_EXTEND of the NV Index is SET, then the
32935 If the TPMA_NV_WRITEALL attribute of the NV Index is SET, then the TPM shall return
33114 if TPMA_NV_WRITEALL is SET then the write is not the size of the
33237 field is greater than MAX_ORDERLY_COUNT, then the non-volatile version of the counter is updated.
33241 TPM_NV_COUNTER both SET, then in the Event of a non-orderly shutdown, the non-volatile value
33506 If TPMA_NV_EXTEND is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
33515 If the TPMA_NV_WRITELOCKED attribute of the NV Index is SET, then the TPM shall return
33545 If TPMA_NV_WRITTEN is CLEAR, then nvIndex→data is a Zero Digest.
33839 If TPMA_NV_WRITTEN is not SET, then, for the purposes of this command, the NV Index is considered
33841 If TPMA_NV_BITS is not SET, then the TPM shall return TPM_RC_ATTRIBUTES.
34112 then this command may be used to inhibit further writes of the NV Index.
34116 If neither TPMA_NV_WRITEDEFINE nor TPMA_NV_WRITE_STCLEAR of the NV Index is SET, then the
34119 is SET, then the TPM shall SET TPMA_NV_WRITELOCKED for the NV Index.
34310 // If write access failed because the index is already locked, then it is
34379 If an Index has both TPMA_NV_WRITELOCKED and TPMA_NV_WRITEDEFINE SET, then this
34383 If an Index is defined with TPMA_NV_GLOBALLOCK SET, then the global lock does not apply until
34570 If TPMA_NV_READLOCKED of the NV Index is SET, then the TPM shall return TPM_RC_NV_LOCKED.
34578 If the NV Index has been defined but the TPMA_NV_WRITTEN attribute is CLEAR, then this command
34812 If TPMA_NV_READ_STCLEAR is SET in an Index, then this command may be used to prevent further
34820 If the command is properly authorized and TPMA_NV_READ_STCLEAR of the NV Index is SET, then the
34822 Index is CLEAR, then the TPM shall return TPM_RC_NV_ATTRIBUTE. TPMA_NV_READLOCKED will
35018 // If NvReadAccessChecks return TPM_RC_NV_UNINITALIZED, then continue.