1 _BEGIN 2 _INPUT_START TPM2_Startup 3 _TYPE TPMI_ST_COMMAND_TAG 4 _NAME tag 5 _COMMENT TPM_ST_NO_SESSIONS 6 _TYPE UINT32 7 _NAME commandSize 8 _TYPE TPM_CC 9 _NAME commandCode 10 _COMMENT TPM_CC_Startup {NV} 11 _TYPE TPM_SU 12 _NAME startupType 13 _COMMENT TPM_SU_CLEAR or TPM_SU_STATE 14 _OUTPUT_START TPM2_Startup 15 _TYPE TPM_ST 16 _NAME tag 17 _COMMENT see clause 8 18 _TYPE UINT32 19 _NAME responseSize 20 _TYPE TPM_RC 21 _NAME responseCode 22 _INPUT_START TPM2_Shutdown 23 _TYPE TPMI_ST_COMMAND_TAG 24 _NAME tag 25 _TYPE UINT32 26 _NAME commandSize 27 _TYPE TPM_CC 28 _NAME commandCode 29 _COMMENT TPM_CC_Shutdown {NV} 30 _TYPE TPM_SU 31 _NAME shutdownType 32 _COMMENT TPM_SU_CLEAR or TPM_SU_STATE 33 _OUTPUT_START TPM2_Shutdown 34 _TYPE TPM_ST 35 _NAME tag 36 _COMMENT see clause 8 37 _TYPE UINT32 38 _NAME responseSize 39 _TYPE TPM_RC 40 _NAME responseCode 41 _INPUT_START TPM2_SelfTest 42 _TYPE TPMI_ST_COMMAND_TAG 43 _NAME tag 44 _TYPE UINT32 45 _NAME commandSize 46 _TYPE TPM_CC 47 _NAME commandCode 48 _COMMENT TPM_CC_SelfTest {NV} 49 _TYPE TPMI_YES_NO 50 _NAME fullTest 51 _COMMENT YES if full test to be performed NO if only test of untested functions required 52 _OUTPUT_START TPM2_SelfTest 53 _TYPE TPM_ST 54 _NAME tag 55 _COMMENT see clause 8 56 _TYPE UINT32 57 _NAME responseSize 58 _TYPE TPM_RC 59 _NAME responseCode 60 _INPUT_START TPM2_IncrementalSelfTest 61 _TYPE TPMI_ST_COMMAND_TAG 62 _NAME tag 63 _TYPE UINT32 64 _NAME commandSize 65 _TYPE TPM_CC 66 _NAME commandCode 67 _COMMENT TPM_CC_IncrementalSelfTest {NV} 68 _TYPE TPML_ALG 69 _NAME toTest 70 _COMMENT list of algorithms that should be tested 71 _OUTPUT_START TPM2_IncrementalSelfTest 72 _TYPE TPM_ST 73 _NAME tag 74 _COMMENT see clause 8 75 _TYPE UINT32 76 _NAME responseSize 77 _TYPE TPM_RC 78 _NAME responseCode 79 _TYPE TPML_ALG 80 _NAME toDoList 81 _COMMENT list of algorithms that need testing 82 _INPUT_START TPM2_GetTestResult 83 _TYPE TPMI_ST_COMMAND_TAG 84 _NAME tag 85 _TYPE UINT32 86 _NAME commandSize 87 _TYPE TPM_CC 88 _NAME commandCode 89 _COMMENT TPM_CC_GetTestResult 90 _OUTPUT_START TPM2_GetTestResult 91 _TYPE TPMI_ST_COMMAND_TAG 92 _NAME tag 93 _COMMENT see clause 8 94 _TYPE UINT32 95 _NAME responseSize 96 _TYPE TPM_RC 97 _NAME responseCode 98 _TYPE TPM2B_MAX_BUFFER 99 _NAME outData 100 _TYPE TPM_RC 101 _NAME testResult 102 _COMMENT test result data contains manufacturer-specific information 103 _INPUT_START TPM2_StartAuthSession 104 _TYPE TPMI_ST_COMMAND_TAG 105 _NAME tag 106 _TYPE UINT32 107 _NAME commandSize 108 _TYPE TPM_CC 109 _NAME commandCode 110 _COMMENT TPM_CC_StartAuthSession 111 _TYPE TPMI_DH_OBJECT+ 112 _NAME tpmKey 113 _COMMENT handle of a loaded decrypt key used to encrypt salt may be TPM_RH_NULL Auth Index: None 114 _TYPE TPMI_DH_ENTITY+ 115 _NAME bind 116 _COMMENT entity providing the authValue may be TPM_RH_NULL Auth Index: None 117 _TYPE TPM2B_NONCE 118 _NAME nonceCaller 119 _COMMENT initial nonceCaller, sets nonce size for the session shall be at least 16 octets 120 _TYPE TPM2B_ENCRYPTED_SECRET 121 _NAME encryptedSalt 122 _COMMENT value encrypted according to the type of tpmKey If tpmKey is TPM_RH_NULL, this shall be the Empty Buffer. 123 _TYPE TPM_SE 124 _NAME sessionType 125 _COMMENT indicates the type of the session; simple HMAC or policy (including a trial policy) 126 _TYPE TPMT_SYM_DEF+ 127 _NAME symmetric 128 _COMMENT the algorithm and key size for parameter encryption may select TPM_ALG_NULL 129 _TYPE TPMI_ALG_HASH 130 _NAME authHash 131 _COMMENT hash algorithm to use for the session Shall be a hash algorithm supported by the TPM and not TPM_ALG_NULL 132 _OUTPUT_START TPM2_StartAuthSession 133 _TYPE TPM_ST 134 _NAME tag 135 _COMMENT see clause 8 136 _TYPE UINT32 137 _NAME responseSize 138 _TYPE TPM_RC 139 _NAME responseCode 140 _TYPE TPMI_SH_AUTH_SESSION 141 _NAME sessionHandle 142 _COMMENT handle for the newly created session 143 _TYPE TPM2B_NONCE 144 _NAME nonceTPM 145 _COMMENT the initial nonce from the TPM, used in the computation of the sessionKey 146 _INPUT_START TPM2_PolicyRestart 147 _TYPE TPMI_ST_COMMAND_TAG 148 _NAME tag 149 _TYPE UINT32 150 _NAME commandSize 151 _TYPE TPM_CC 152 _NAME commandCode 153 _COMMENT TPM_CC_PolicyRestart 154 _TYPE TPMI_SH_POLICY 155 _NAME sessionHandle 156 _COMMENT the handle for the policy session 157 _OUTPUT_START TPM2_PolicyRestart 158 _TYPE TPM_ST 159 _NAME tag 160 _COMMENT see clause 8 161 _TYPE UINT32 162 _NAME responseSize 163 _TYPE TPM_RC 164 _NAME responseCode 165 _INPUT_START TPM2_Create 166 _TYPE TPMI_ST_COMMAND_TAG 167 _NAME tag 168 _TYPE UINT32 169 _NAME commandSize 170 _TYPE TPM_CC 171 _NAME commandCode 172 _COMMENT TPM_CC_Create 173 _TYPE TPMI_DH_OBJECT 174 _NAME parentHandle 175 _COMMENT handle of parent for new object Auth Index: 1 Auth Role: USER 176 _TYPE TPM2B_SENSITIVE_CREATE 177 _NAME inSensitive 178 _COMMENT the sensitive data 179 _TYPE TPM2B_PUBLIC 180 _NAME inPublic 181 _COMMENT the public template 182 _TYPE TPM2B_DATA 183 _NAME outsideInfo 184 _COMMENT data that will be included in the creation data for this object to provide permanent, verifiable linkage between this object and some object owner data 185 _TYPE TPML_PCR_SELECTION 186 _NAME creationPCR 187 _COMMENT PCR that will be used in creation data 188 _OUTPUT_START TPM2_Create 189 _TYPE TPM_ST 190 _NAME tag 191 _COMMENT see clause 8 192 _TYPE UINT32 193 _NAME responseSize 194 _TYPE TPM_RC 195 _NAME responseCode 196 _TYPE TPM2B_PRIVATE 197 _NAME outPrivate 198 _COMMENT the private portion of the object 199 _TYPE TPM2B_PUBLIC 200 _NAME outPublic 201 _COMMENT the public portion of the created object 202 _TYPE TPM2B_CREATION_DATA 203 _NAME creationData 204 _COMMENT contains a TPMS_CREATION_DATA 205 _TYPE TPM2B_DIGEST 206 _NAME creationHash 207 _COMMENT digest of creationData using nameAlg of outPublic 208 _TYPE TPMT_TK_CREATION 209 _NAME creationTicket 210 _COMMENT ticket used by TPM2_CertifyCreation() to validate that the creation data was produced by the TPM 211 _INPUT_START TPM2_Load 212 _TYPE TPMI_ST_COMMAND_TAG 213 _NAME tag 214 _TYPE UINT32 215 _NAME commandSize 216 _TYPE TPM_CC 217 _NAME commandCode 218 _COMMENT TPM_CC_Load 219 _TYPE TPMI_DH_OBJECT 220 _NAME parentHandle 221 _COMMENT TPM handle of parent key; shall not be a reserved handle Auth Index: 1 Auth Role: USER 222 _TYPE TPM2B_PRIVATE 223 _NAME inPrivate 224 _COMMENT the private portion of the object 225 _TYPE TPM2B_PUBLIC 226 _NAME inPublic 227 _COMMENT the public portion of the object 228 _OUTPUT_START TPM2_Load 229 _TYPE TPM_ST 230 _NAME tag 231 _COMMENT see clause 8 232 _TYPE UINT32 233 _NAME responseSize 234 _TYPE TPM_RC 235 _NAME responseCode 236 _TYPE TPM_HANDLE 237 _NAME objectHandle 238 _COMMENT handle for the loaded object 239 _TYPE TPM2B_NAME 240 _NAME name 241 _COMMENT Name of the loaded object 242 _INPUT_START TPM2_LoadExternal 243 _TYPE TPMI_ST_COMMAND_TAG 244 _NAME tag 245 _TYPE UINT32 246 _NAME commandSize 247 _TYPE TPM_CC 248 _NAME commandCode 249 _COMMENT TPM_CC_LoadExternal 250 _TYPE TPM2B_SENSITIVE 251 _NAME inPrivate 252 _COMMENT the sensitive portion of the object (optional) 253 _TYPE TPM2B_PUBLIC+ 254 _NAME inPublic 255 _COMMENT the public portion of the object 256 _TYPE TPMI_RH_HIERARCHY+ 257 _NAME hierarchy 258 _COMMENT hierarchy with which the object area is associated 259 _OUTPUT_START TPM2_LoadExternal 260 _TYPE TPM_ST 261 _NAME tag 262 _COMMENT see clause 8 263 _TYPE UINT32 264 _NAME responseSize 265 _TYPE TPM_RC 266 _NAME responseCode 267 _TYPE TPM_HANDLE 268 _NAME objectHandle 269 _COMMENT handle for the loaded object 270 _TYPE TPM2B_NAME 271 _NAME name 272 _COMMENT name of the loaded object 273 _INPUT_START TPM2_ReadPublic 274 _TYPE TPMI_ST_COMMAND_TAG 275 _NAME tag 276 _TYPE UINT32 277 _NAME commandSize 278 _TYPE TPM_CC 279 _NAME commandCode 280 _COMMENT TPM_CC_ReadPublic 281 _TYPE TPMI_DH_OBJECT 282 _NAME objectHandle 283 _COMMENT TPM handle of an object Auth Index: None 284 _OUTPUT_START TPM2_ReadPublic 285 _TYPE TPM_ST 286 _NAME tag 287 _COMMENT see clause 8 288 _TYPE UINT32 289 _NAME responseSize 290 _TYPE TPM_RC 291 _NAME responseCode 292 _TYPE TPM2B_PUBLIC 293 _NAME outPublic 294 _COMMENT structure containing the public area of an object 295 _TYPE TPM2B_NAME 296 _NAME name 297 _COMMENT name of the object 298 _TYPE TPM2B_NAME 299 _NAME qualifiedName 300 _COMMENT the Qualified Name of the object 301 _INPUT_START TPM2_ActivateCredential 302 _TYPE TPMI_ST_COMMAND_TAG 303 _NAME tag 304 _TYPE UINT32 305 _NAME commandSize 306 _TYPE TPM_CC 307 _NAME commandCode 308 _COMMENT TPM_CC_ActivateCredential 309 _TYPE TPMI_DH_OBJECT 310 _NAME activateHandle 311 _COMMENT handle of the object associated with certificate in credentialBlob Auth Index: 1 Auth Role: ADMIN 312 _TYPE TPMI_DH_OBJECT 313 _NAME keyHandle 314 _COMMENT loaded key used to decrypt the TPMS_SENSITIVE in credentialBlob Auth Index: 2 Auth Role: USER 315 _TYPE TPM2B_ID_OBJECT 316 _NAME credentialBlob 317 _COMMENT the credential 318 _TYPE TPM2B_ENCRYPTED_SECRET 319 _NAME secret 320 _COMMENT keyHandle algorithm-dependent encrypted seed that protects credentialBlob 321 _OUTPUT_START TPM2_ActivateCredential 322 _TYPE TPM_ST 323 _NAME tag 324 _COMMENT see clause 8 325 _TYPE UINT32 326 _NAME responseSize 327 _TYPE TPM_RC 328 _NAME responseCode 329 _TYPE TPM2B_DIGEST 330 _NAME certInfo 331 _COMMENT the decrypted certificate information the data should be no larger than the size of the digest of the nameAlg associated with keyHandle 332 _INPUT_START TPM2_MakeCredential 333 _TYPE TPMI_ST_COMMAND_TAG 334 _NAME tag 335 _TYPE UINT32 336 _NAME commandSize 337 _TYPE TPM_CC 338 _NAME commandCode 339 _COMMENT TPM_CC_MakeCredential 340 _TYPE TPMI_DH_OBJECT 341 _NAME handle 342 _COMMENT loaded public area, used to encrypt the sensitive area containing the credential key Auth Index: None 343 _TYPE TPM2B_DIGEST 344 _NAME credential 345 _COMMENT the credential information 346 _TYPE TPM2B_NAME 347 _NAME objectName 348 _COMMENT Name of the object to which the credential applies 349 _OUTPUT_START TPM2_MakeCredential 350 _TYPE TPM_ST 351 _NAME tag 352 _COMMENT see clause 8 353 _TYPE UINT32 354 _NAME responseSize 355 _TYPE TPM_RC 356 _NAME responseCode 357 _TYPE TPM2B_ID_OBJECT 358 _NAME credentialBlob 359 _TYPE TPM2B_ENCRYPTED_SECRET 360 _NAME secret 361 _COMMENT the credential handle algorithm-dependent data that wraps the key that encrypts credentialBlob 362 _INPUT_START TPM2_Unseal 363 _TYPE TPMI_ST_COMMAND_TAG 364 _NAME Tag 365 _TYPE UINT32 366 _NAME commandSize 367 _TYPE TPM_CC 368 _NAME commandCode 369 _COMMENT TPM_CC_Unseal 370 _TYPE TPMI_DH_OBJECT 371 _NAME itemHandle 372 _COMMENT handle of a loaded data object Auth Index: 1 Auth Role: USER 373 _OUTPUT_START TPM2_Unseal 374 _TYPE TPM_ST 375 _NAME tag 376 _COMMENT see clause 8 377 _TYPE UINT32 378 _NAME responseSize 379 _TYPE TPM_RC 380 _NAME responseCode 381 _TYPE TPM2B_SENSITIVE_DATA 382 _NAME outData 383 _COMMENT unsealed data Size of outData is limited to be no more than 128 octets. 384 _INPUT_START TPM2_ObjectChangeAuth 385 _TYPE TPMI_ST_COMMAND_TAG 386 _NAME tag 387 _TYPE UINT32 388 _NAME commandSize 389 _TYPE TPM_CC 390 _NAME commandCode 391 _COMMENT TPM_CC_ObjectChangeAuth 392 _TYPE TPMI_DH_OBJECT 393 _NAME objectHandle 394 _COMMENT handle of the object Auth Index: 1 Auth Role: ADMIN 395 _TYPE TPMI_DH_OBJECT 396 _NAME parentHandle 397 _COMMENT handle of the parent Auth Index: None 398 _TYPE TPM2B_AUTH 399 _NAME newAuth 400 _COMMENT new authorization value 401 _OUTPUT_START TPM2_ObjectChangeAuth 402 _TYPE TPM_ST 403 _NAME tag 404 _COMMENT see clause 8 405 _TYPE UINT32 406 _NAME responseSize 407 _TYPE TPM_RC 408 _NAME responseCode 409 _TYPE TPM2B_PRIVATE 410 _NAME outPrivate 411 _COMMENT private area containing the new authorization value 412 _INPUT_START TPM2_Duplicate 413 _TYPE TPMI_ST_COMMAND_TAG 414 _NAME tag 415 _TYPE UINT32 416 _NAME commandSize 417 _TYPE TPM_CC 418 _NAME commandCode 419 _COMMENT TPM_CC_Duplicate 420 _TYPE TPMI_DH_OBJECT 421 _NAME objectHandle 422 _COMMENT loaded object to duplicate Auth Index: 1 Auth Role: DUP 423 _TYPE TPMI_DH_OBJECT+ 424 _NAME newParentHandle 425 _COMMENT shall reference the public area of an asymmetric key Auth Index: None 426 _TYPE TPM2B_DATA 427 _NAME encryptionKeyIn 428 _COMMENT optional symmetric encryption key The size for this key is set to zero when the TPM is to generate the key. This parameter may be encrypted. 429 _TYPE TPMT_SYM_DEF_OBJECT+ 430 _NAME symmetricAlg 431 _COMMENT definition for the symmetric algorithm to be used for the inner wrapper may be TPM_ALG_NULL if no inner wrapper is applied 432 _OUTPUT_START TPM2_Duplicate 433 _TYPE TPM_ST 434 _NAME tag 435 _COMMENT see clause 8 436 _TYPE UINT32 437 _NAME responseSize 438 _TYPE TPM_RC 439 _NAME responseCode 440 _TYPE TPM2B_DATA 441 _NAME encryptionKeyOut 442 _COMMENT If the caller provided an encryption key or if symmetricAlg was TPM_ALG_NULL, then this will be the Empty Buffer; otherwise, it shall contain the TPMgenerated, symmetric encryption key for the inner wrapper. 443 _TYPE TPM2B_PRIVATE 444 _NAME duplicate 445 _COMMENT private area that may be encrypted by encryptionKeyIn; and may be doubly encrypted 446 _TYPE TPM2B_ENCRYPTED_SECRET 447 _NAME outSymSeed 448 _COMMENT seed protected by the asymmetric algorithms of new parent (NP) 449 _INPUT_START TPM2_Rewrap 450 _TYPE TPMI_ST_COMMAND_TAG 451 _NAME tag 452 _TYPE UINT32 453 _NAME commandSize 454 _TYPE TPM_CC 455 _NAME commandCode 456 _COMMENT TPM_CC_Rewrap 457 _TYPE TPMI_DH_OBJECT+ 458 _NAME oldParent 459 _COMMENT parent of object Auth Index: 1 Auth Role: User 460 _TYPE TPMI_DH_OBJECT+ 461 _NAME newParent 462 _COMMENT new parent of the object Auth Index: None 463 _TYPE TPM2B_PRIVATE 464 _NAME inDuplicate 465 _COMMENT an object encrypted using symmetric key derived from inSymSeed 466 _TYPE TPM2B_NAME 467 _NAME name 468 _COMMENT the Name of the object being rewrapped 469 _TYPE TPM2B_ENCRYPTED_SECRET 470 _NAME inSymSeed 471 _COMMENT seed for symmetric key needs oldParent private key to recover the seed and generate the symmetric key 472 _OUTPUT_START TPM2_Rewrap 473 _TYPE TPM_ST 474 _NAME tag 475 _COMMENT see clause 8 476 _TYPE UINT32 477 _NAME responseSize 478 _TYPE TPM_RC 479 _NAME responseCode 480 _TYPE TPM2B_PRIVATE 481 _NAME outDuplicate 482 _TYPE TPM2B_ENCRYPTED_SECRET 483 _NAME outSymSeed 484 _COMMENT an object encrypted using symmetric key derived from outSymSeed seed for a symmetric key protected by newParent asymmetric key 485 _INPUT_START TPM2_Import 486 _TYPE TPMI_ST_COMMAND_TAG 487 _NAME tag 488 _TYPE UINT32 489 _NAME commandSize 490 _TYPE TPM_CC 491 _NAME commandCode 492 _COMMENT TPM_CC_Import 493 _TYPE TPMI_DH_OBJECT 494 _NAME parentHandle 495 _COMMENT the handle of the new parent for the object Auth Index: 1 Auth Role: USER 496 _TYPE TPM2B_DATA 497 _NAME encryptionKey 498 _COMMENT the optional symmetric encryption key used as the inner wrapper for duplicate If symmetricAlg is TPM_ALG_NULL, then this parameter shall be the Empty Buffer. 499 _TYPE TPM2B_PUBLIC 500 _NAME objectPublic 501 _COMMENT the public area of the object to be imported This is provided so that the integrity value for duplicate and the object attributes can be checked. NOTE 502 _TYPE TPM2B_PRIVATE 503 _NAME duplicate 504 _COMMENT Even if the integrity value of the object is not checked on input, the object Name is required to create the integrity value for the imported object. the symmetrically encrypted duplicate object that may contain an inner symmetric wrapper 505 _TYPE TPM2B_ENCRYPTED_SECRET 506 _NAME inSymSeed 507 _COMMENT symmetric key used to encrypt duplicate inSymSeed is encrypted/encoded using the algorithms of newParent. 508 _TYPE TPMT_SYM_DEF_OBJECT+ 509 _NAME symmetricAlg 510 _COMMENT definition for the symmetric algorithm to use for the inner wrapper If this algorithm is TPM_ALG_NULL, no inner wrapper is present and encryptionKey shall be the Empty Buffer. 511 _OUTPUT_START TPM2_Import 512 _TYPE TPM_ST 513 _NAME tag 514 _COMMENT see clause 8 515 _TYPE UINT32 516 _NAME responseSize 517 _TYPE TPM_RC 518 _NAME responseCode 519 _TYPE TPM2B_PRIVATE 520 _NAME outPrivate 521 _COMMENT the sensitive area encrypted with the symmetric key of parentHandle 522 _INPUT_START TPM2_RSA_Encrypt 523 _TYPE TPMI_ST_COMMAND_TAG 524 _NAME tag 525 _TYPE UINT32 526 _NAME commandSize 527 _TYPE TPM_CC 528 _NAME commandCode 529 _COMMENT TPM_CC_RSA_Encrypt 530 _TYPE TPMI_DH_OBJECT 531 _NAME keyHandle 532 _COMMENT reference to public portion of RSA key to use for encryption Auth Index: None message to be encrypted 533 _TYPE TPM2B_PUBLIC_KEY_RSA 534 _NAME message 535 _TYPE TPMT_RSA_DECRYPT+ 536 _NAME inScheme 537 _TYPE TPM2B_DATA 538 _NAME label 539 _COMMENT NOTE 1 The data type was chosen because it limits the overall size of the input to no greater than the size of the largest RSA public key. This may be larger than allowed for keyHandle. the padding scheme to use if scheme associated with keyHandle is TPM_ALG_NULL optional label L to be associated with the message Size of the buffer is zero if no label is present NOTE 2 See description of label above. 540 _OUTPUT_START TPM2_RSA_Encrypt 541 _TYPE TPM_ST 542 _NAME tag 543 _COMMENT see clause 8 544 _TYPE UINT32 545 _NAME responseSize 546 _TYPE TPM_RC 547 _NAME responseCode 548 _TYPE TPM2B_PUBLIC_KEY_RSA 549 _NAME outData 550 _COMMENT encrypted output 551 _INPUT_START TPM2_RSA_Decrypt 552 _TYPE TPMI_ST_COMMAND_TAG 553 _NAME tag 554 _TYPE UINT32 555 _NAME commandSize 556 _TYPE TPM_CC 557 _NAME commandCode 558 _COMMENT TPM_CC_RSA_Decrypt 559 _TYPE TPMI_DH_OBJECT 560 _NAME keyHandle 561 _COMMENT RSA key to use for decryption Auth Index: 1 Auth Role: USER 562 _TYPE TPM2B_PUBLIC_KEY_RSA 563 _NAME cipherText 564 _COMMENT NOTE 565 _TYPE TPMT_RSA_DECRYPT+ 566 _NAME inScheme 567 _COMMENT the padding scheme to use if scheme associated with keyHandle is TPM_ALG_NULL 568 _TYPE TPM2B_DATA 569 _NAME label 570 _COMMENT label whose association with the message is to be verified cipher text to be decrypted An encrypted RSA data block is the size of the public modulus. 571 _OUTPUT_START TPM2_RSA_Decrypt 572 _TYPE TPM_ST 573 _NAME tag 574 _COMMENT see clause 8 575 _TYPE UINT32 576 _NAME responseSize 577 _TYPE TPM_RC 578 _NAME responseCode 579 _TYPE TPM2B_PUBLIC_KEY_RSA 580 _NAME message 581 _COMMENT decrypted output 582 _INPUT_START TPM2_ECDH_KeyGen 583 _TYPE TPMI_ST_COMMAND_TAG 584 _NAME tag 585 _TYPE UINT32 586 _NAME commandSize 587 _TYPE TPM_CC 588 _NAME commandCode 589 _COMMENT TPM_CC_ECDH_KeyGen 590 _TYPE TPMI_DH_OBJECT 591 _NAME keyHandle 592 _COMMENT Handle of a loaded ECC key public area. Auth Index: None 593 _OUTPUT_START TPM2_ECDH_KeyGen 594 _TYPE TPM_ST 595 _NAME tag 596 _COMMENT see clause 8 597 _TYPE UINT32 598 _NAME responseSize 599 _TYPE TPM_RC 600 _NAME responseCode 601 _TYPE TPM2B_ECC_POINT 602 _NAME zPoint 603 _COMMENT results of P h[de]Qs 604 _TYPE TPM2B_ECC_POINT 605 _NAME pubPoint 606 _COMMENT generated ephemeral public point (Qe) 607 _INPUT_START TPM2_ECDH_ZGen 608 _TYPE TPMI_ST_COMMAND_TAG 609 _NAME tag 610 _TYPE UINT32 611 _NAME commandSize 612 _TYPE TPM_CC 613 _NAME commandCode 614 _COMMENT TPM_CC_ECDH_ZGen 615 _TYPE TPMI_DH_OBJECT 616 _NAME keyHandle 617 _COMMENT handle of a loaded ECC key Auth Index: 1 Auth Role: USER 618 _TYPE TPM2B_ECC_POINT 619 _NAME inPoint 620 _COMMENT a public key 621 _OUTPUT_START TPM2_ECDH_ZGen 622 _TYPE TPM_ST 623 _NAME tag 624 _COMMENT see clause 8 625 _TYPE UINT32 626 _NAME responseSize 627 _TYPE TPM_RC 628 _NAME responseCode 629 _TYPE TPM2B_ECC_POINT 630 _NAME outPoint 631 _COMMENT X and Y coordinates of the product of the multiplication Z = (xZ , yZ) [hdS]QB 632 _INPUT_START TPM2_ECC_Parameters 633 _TYPE TPMI_ST_COMMAND_TAG 634 _NAME tag 635 _TYPE UINT32 636 _NAME commandSize 637 _TYPE TPM_CC 638 _NAME commandCode 639 _COMMENT TPM_CC_ECC_Parameters 640 _TYPE TPMI_ECC_CURVE 641 _NAME curveID 642 _COMMENT parameter set selector 643 _OUTPUT_START TPM2_ECC_Parameters 644 _TYPE TPM_ST 645 _NAME tag 646 _COMMENT see clause 8 647 _TYPE UINT32 648 _NAME responseSize 649 _TYPE TPM_RC 650 _NAME responseCode 651 _TYPE TPMS_ALGORITHM_DETAIL_ECC 652 _NAME parameters 653 _COMMENT ECC parameters for the selected curve 654 _INPUT_START TPM2_ZGen_2Phase 655 _TYPE TPMI_ST_COMMAND_TAG 656 _NAME tag 657 _TYPE UINT32 658 _NAME commandSize 659 _TYPE TPM_CC 660 _NAME commandCode 661 _COMMENT TPM_CC_ZGen_2Phase handle of an unrestricted decryption key ECC The private key referenced by this handle is used as dS,A 662 _TYPE TPMI_DH_OBJECT 663 _NAME keyA 664 _TYPE TPM2B_ECC_POINT 665 _NAME inQsB 666 _COMMENT other partys static public key (Qs,B = (Xs,B, Ys,B)) 667 _TYPE TPM2B_ECC_POINT 668 _NAME inQeB 669 _COMMENT other party's ephemeral public key (Qe,B = (Xe,B, Ye,B)) 670 _TYPE TPMI_ECC_KEY_EXCHANGE 671 _NAME inScheme 672 _COMMENT the key exchange scheme 673 _TYPE UINT16 674 _NAME counter 675 _COMMENT value returned by TPM2_EC_Ephemeral() Auth Index: 1 Auth Role: USER 676 _OUTPUT_START TPM2_ZGen_2Phase 677 _TYPE TPM_ST 678 _NAME tag 679 _TYPE UINT32 680 _NAME responseSize 681 _TYPE TPM_RC 682 _NAME responseCode 683 _TYPE TPM2B_ECC_POINT 684 _NAME outZ1 685 _COMMENT X and Y coordinates of the computed value (scheme dependent) 686 _TYPE TPM2B_ECC_POINT 687 _NAME outZ2 688 _COMMENT X and Y coordinates of the second computed value (scheme dependent) 16.7.3 1 2 3 689 _INPUT_START TPM2_EncryptDecrypt 690 _TYPE TPMI_ST_COMMAND_TAG 691 _NAME tag 692 _TYPE UINT32 693 _NAME commandSize 694 _TYPE TPM_CC 695 _NAME commandCode 696 _COMMENT TPM_CC_EncryptDecrypt 697 _TYPE TPMI_DH_OBJECT 698 _NAME keyHandle 699 _COMMENT the symmetric key used for the operation Auth Index: 1 Auth Role: USER 700 _TYPE TPMI_YES_NO 701 _NAME decrypt 702 _COMMENT if YES, then the operation is decryption; if NO, the operation is encryption 703 _TYPE TPMI_ALG_SYM_MODE+ 704 _NAME mode 705 _COMMENT symmetric mode For a restricted key, this field shall match the default mode of the key or be TPM_ALG_NULL. 706 _TYPE TPM2B_IV 707 _NAME ivIn 708 _COMMENT an initial value as required by the algorithm 709 _TYPE TPM2B_MAX_BUFFER 710 _NAME inData 711 _COMMENT the data to be encrypted/decrypted 712 _OUTPUT_START TPM2_EncryptDecrypt 713 _TYPE TPM_ST 714 _NAME tag 715 _COMMENT see clause 8 716 _TYPE UINT32 717 _NAME responseSize 718 _TYPE TPM_RC 719 _NAME responseCode 720 _TYPE TPM2B_MAX_BUFFER 721 _NAME outData 722 _COMMENT encrypted output 723 _TYPE TPM2B_IV 724 _NAME ivOut 725 _COMMENT chaining value to use for IV in next round 726 _INPUT_START TPM2_Hash 727 _TYPE TPMI_ST_COMMAND_TAG 728 _NAME tag 729 _COMMENT Shall have at least one session 730 _TYPE UINT32 731 _NAME commandSize 732 _TYPE TPM_CC 733 _NAME commandCode 734 _COMMENT TPM_CC_Hash 735 _TYPE TPM2B_MAX_BUFFER 736 _NAME data 737 _COMMENT data to be hashed 738 _TYPE TPMI_ALG_HASH 739 _NAME hashAlg 740 _COMMENT algorithm for the hash being computed shall not be TPM_ALG_NULL 741 _TYPE TPMI_RH_HIERARCHY+ 742 _NAME hierarchy 743 _COMMENT hierarchy to use for the ticket (TPM_RH_NULL allowed) 744 _OUTPUT_START TPM2_Hash 745 _TYPE TPM_ST 746 _NAME tag 747 _COMMENT see clause 8 748 _TYPE UINT32 749 _NAME responseSize 750 _TYPE TPM_RC 751 _NAME responseCode 752 _TYPE TPM2B_DIGEST 753 _NAME outHash 754 _COMMENT results 755 _TYPE TPMT_TK_HASHCHECK 756 _NAME validation 757 _COMMENT ticket indicating that the sequence of octets used to compute outDigest did not start with TPM_GENERATED_VALUE will be a NULL ticket if the digest may not be signed with a restricted key 758 _INPUT_START TPM2_HMAC 759 _TYPE TPMI_ST_COMMAND_TAG 760 _NAME tag 761 _TYPE UINT32 762 _NAME commandSize 763 _TYPE TPM_CC 764 _NAME commandCode 765 _COMMENT TPM_CC_HMAC 766 _TYPE TPMI_DH_OBJECT 767 _NAME handle 768 _COMMENT handle for the symmetric signing key providing the HMAC key Auth Index: 1 Auth Role: USER 769 _TYPE TPM2B_MAX_BUFFER 770 _NAME buffer 771 _COMMENT HMAC data 772 _TYPE TPMI_ALG_HASH+ 773 _NAME hashAlg 774 _COMMENT algorithm to use for HMAC 775 _OUTPUT_START TPM2_HMAC 776 _TYPE TPM_ST 777 _NAME tag 778 _COMMENT see clause 8 779 _TYPE UINT32 780 _NAME responseSize 781 _TYPE TPM_RC 782 _NAME responseCode 783 _TYPE TPM2B_DIGEST 784 _NAME outHMAC 785 _COMMENT the returned HMAC in a sized buffer 786 _INPUT_START TPM2_GetRandom 787 _TYPE TPMI_ST_COMMAND_TAG 788 _NAME tag 789 _TYPE UINT32 790 _NAME commandSize 791 _TYPE TPM_CC 792 _NAME commandCode 793 _COMMENT TPM_CC_GetRandom 794 _TYPE UINT16 795 _NAME bytesRequested 796 _COMMENT number of octets to return 797 _OUTPUT_START TPM2_GetRandom 798 _TYPE TPM_ST 799 _NAME tag 800 _COMMENT see clause 8 801 _TYPE UINT32 802 _NAME responseSize 803 _TYPE TPM_RC 804 _NAME responseCode 805 _TYPE TPM2B_DIGEST 806 _NAME randomBytes 807 _COMMENT the random octets 808 _INPUT_START TPM2_StirRandom 809 _TYPE TPMI_ST_COMMAND_TAG 810 _NAME tag 811 _TYPE UINT32 812 _NAME commandSize 813 _TYPE TPM_CC 814 _NAME commandCode 815 _COMMENT TPM_CC_StirRandom {NV} 816 _TYPE TPM2B_SENSITIVE_DATA 817 _NAME inData 818 _COMMENT additional information 819 _OUTPUT_START TPM2_StirRandom 820 _TYPE TPM_ST 821 _NAME tag 822 _COMMENT see clause 8 823 _TYPE UINT32 824 _NAME responseSize 825 _TYPE TPM_RC 826 _NAME responseCode 827 _INPUT_START TPM2_HMAC_Start 828 _TYPE TPMI_ST_COMMAND_TAG 829 _NAME tag 830 _TYPE UINT32 831 _NAME commandSize 832 _TYPE TPM_CC 833 _NAME commandCode 834 _COMMENT TPM_CC_HMAC_Start 835 _TYPE TPMI_DH_OBJECT 836 _NAME handle 837 _COMMENT handle of an HMAC key Auth Index: 1 Auth Role: USER 838 _TYPE TPM2B_AUTH 839 _NAME auth 840 _COMMENT authorization value for subsequent use of the sequence 841 _TYPE TPMI_ALG_HASH+ 842 _NAME hashAlg 843 _COMMENT the hash algorithm to use for the HMAC 844 _OUTPUT_START TPM2_HMAC_Start 845 _TYPE TPM_ST 846 _NAME tag 847 _COMMENT see clause 8 848 _TYPE UINT32 849 _NAME responseSize 850 _TYPE TPM_RC 851 _NAME responseCode 852 _TYPE TPMI_DH_OBJECT 853 _NAME sequenceHandle 854 _COMMENT a handle to reference the sequence 855 _INPUT_START TPM2_HashSequenceStart 856 _TYPE TPMI_ST_COMMAND_TAG 857 _NAME tag 858 _TYPE UINT32 859 _NAME commandSize 860 _TYPE TPM_CC 861 _NAME commandCode 862 _COMMENT TPM_CC_HashSequenceStart 863 _TYPE TPM2B_AUTH 864 _NAME auth 865 _COMMENT authorization value for subsequent use of the sequence 866 _TYPE TPMI_ALG_HASH+ 867 _NAME hashAlg 868 _COMMENT the hash algorithm to use for the hash sequence An Event sequence starts if this is TPM_ALG_NULL. 869 _OUTPUT_START TPM2_HashSequenceStart 870 _TYPE TPM_ST 871 _NAME tag 872 _COMMENT see clause 8 873 _TYPE UINT32 874 _NAME responseSize 875 _TYPE TPM_RC 876 _NAME responseCode 877 _TYPE TPMI_DH_OBJECT 878 _NAME sequenceHandle 879 _COMMENT a handle to reference the sequence 880 _INPUT_START TPM2_SequenceUpdate 881 _TYPE TPMI_ST_COMMAND_TAG 882 _NAME tag 883 _TYPE UINT32 884 _NAME commandSize 885 _TYPE TPM_CC 886 _NAME commandCode 887 _COMMENT TPM_CC_SequenceUpdate 888 _TYPE TPMI_DH_OBJECT 889 _NAME sequenceHandle 890 _COMMENT handle for the sequence object Auth Index: 1 Auth Role: USER 891 _TYPE TPM2B_MAX_BUFFER 892 _NAME buffer 893 _COMMENT data to be added to hash 894 _OUTPUT_START TPM2_SequenceUpdate 895 _TYPE TPM_ST 896 _NAME tag 897 _COMMENT see clause 8 898 _TYPE UINT32 899 _NAME responseSize 900 _TYPE TPM_RC 901 _NAME responseCode 902 _INPUT_START TPM2_SequenceComplete 903 _TYPE TPMI_ST_COMMAND_TAG 904 _NAME tag 905 _TYPE UINT32 906 _NAME commandSize 907 _TYPE TPM_CC 908 _NAME commandCode 909 _COMMENT TPM_CC_SequenceComplete {F} 910 _TYPE TPMI_DH_OBJECT 911 _NAME sequenceHandle 912 _COMMENT authorization for the sequence Auth Index: 1 Auth Role: USER 913 _TYPE TPM2B_MAX_BUFFER 914 _NAME buffer 915 _COMMENT data to be added to the hash/HMAC 916 _TYPE TPMI_RH_HIERARCHY+ 917 _NAME hierarchy 918 _COMMENT hierarchy of the ticket for a hash 919 _OUTPUT_START TPM2_SequenceComplete 920 _TYPE TPM_ST 921 _NAME tag 922 _COMMENT see clause 8 923 _TYPE UINT32 924 _NAME responseSize 925 _TYPE TPM_RC 926 _NAME responseCode 927 _TYPE TPM2B_DIGEST 928 _NAME result 929 _COMMENT the returned HMAC or digest in a sized buffer 930 _TYPE TPMT_TK_HASHCHECK 931 _NAME validation 932 _COMMENT ticket indicating that the sequence of octets used to compute outDigest did not start with TPM_GENERATED_VALUE This is a NULL Ticket when the session is HMAC. 933 _INPUT_START TPM2_EventSequenceComplete 934 _TYPE TPMI_ST_COMMAND_TAG 935 _NAME tag 936 _TYPE UINT32 937 _NAME commandSize 938 _TYPE TPM_CC 939 _NAME commandCode 940 _COMMENT TPM_CC_EventSequenceComplete {NV F} 941 _TYPE TPMI_DH_PCR+ 942 _NAME pcrHandle 943 _COMMENT PCR to be extended with the Event data Auth Index: 1 Auth Role: USER 944 _TYPE TPMI_DH_OBJECT 945 _NAME sequenceHandle 946 _COMMENT authorization for the sequence Auth Index: 2 Auth Role: USER 947 _TYPE TPM2B_MAX_BUFFER 948 _NAME buffer 949 _COMMENT data to be added to the Event 950 _OUTPUT_START TPM2_EventSequenceComplete 951 _TYPE TPM_ST 952 _NAME tag 953 _COMMENT see clause 8 954 _TYPE UINT32 955 _NAME responseSize 956 _TYPE TPM_RC 957 _NAME responseCode 958 _TYPE TPML_DIGEST_VALUES 959 _NAME results 960 _COMMENT list of digests computed for the PCR 961 _INPUT_START TPM2_Certify 962 _TYPE TPMI_ST_COMMAND_TAG 963 _NAME tag 964 _TYPE UINT32 965 _NAME commandSize 966 _TYPE TPM_CC 967 _NAME commandCode 968 _COMMENT TPM_CC_Certify 969 _TYPE TPMI_DH_OBJECT 970 _NAME objectHandle 971 _COMMENT handle of the object to be certified Auth Index: 1 Auth Role: ADMIN 972 _TYPE TPMI_DH_OBJECT+ 973 _NAME signHandle 974 _COMMENT handle of the key used to sign the attestation structure Auth Index: 2 Auth Role: USER 975 _TYPE TPM2B_DATA 976 _NAME qualifyingData 977 _COMMENT user provided qualifying data 978 _TYPE TPMT_SIG_SCHEME+ 979 _NAME inScheme 980 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 981 _OUTPUT_START TPM2_Certify 982 _TYPE TPM_ST 983 _NAME tag 984 _COMMENT see clause 8 985 _TYPE UINT32 986 _NAME responseSize 987 _TYPE TPM_RC 988 _NAME responseCode 989 _COMMENT . 990 _TYPE TPM2B_ATTEST 991 _NAME certifyInfo 992 _COMMENT the structure that was signed 993 _TYPE TPMT_SIGNATURE 994 _NAME signature 995 _COMMENT the asymmetric signature over certifyInfo using the key referenced by signHandle 996 _INPUT_START TPM2_CertifyCreation 997 _TYPE TPMI_ST_COMMAND_TAG 998 _NAME tag 999 _TYPE UINT32 1000 _NAME commandSize 1001 _TYPE TPM_CC 1002 _NAME commandCode 1003 _COMMENT TPM_CC_CertifyCreation 1004 _TYPE TPMI_DH_OBJECT+ 1005 _NAME signHandle 1006 _COMMENT handle of the key that will sign the attestation block Auth Index: 1 Auth Role: USER 1007 _TYPE TPMI_DH_OBJECT 1008 _NAME objectHandle 1009 _COMMENT the object associated with the creation data Auth Index: None 1010 _TYPE TPM2B_DATA 1011 _NAME qualifyingData 1012 _COMMENT user-provided qualifying data 1013 _TYPE TPM2B_DIGEST 1014 _NAME creationHash 1015 _COMMENT hash of the creation data produced by TPM2_Create() or TPM2_CreatePrimary() 1016 _TYPE TPMT_SIG_SCHEME+ 1017 _NAME inScheme 1018 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 1019 _TYPE TPMT_TK_CREATION 1020 _NAME creationTicket 1021 _COMMENT ticket produced by TPM2_Create() or TPM2_CreatePrimary() 1022 _OUTPUT_START TPM2_CertifyCreation 1023 _TYPE TPM_ST 1024 _NAME tag 1025 _COMMENT see clause 8 1026 _TYPE UINT32 1027 _NAME responseSize 1028 _TYPE TPM_RC 1029 _NAME responseCode 1030 _TYPE TPM2B_ATTEST 1031 _NAME certifyInfo 1032 _COMMENT the structure that was signed 1033 _TYPE TPMT_SIGNATURE 1034 _NAME signature 1035 _COMMENT the signature over certifyInfo 1036 _INPUT_START TPM2_Quote 1037 _TYPE TPMI_ST_COMMAND_TAG 1038 _NAME tag 1039 _TYPE UINT32 1040 _NAME commandSize 1041 _TYPE TPM_CC 1042 _NAME commandCode 1043 _COMMENT TPM_CC_Quote 1044 _TYPE TPMI_DH_OBJECT 1045 _NAME signHandle 1046 _COMMENT handle of key that will perform signature Auth Index: 1 Auth Role: USER 1047 _TYPE TPM2B_DATA 1048 _NAME qualifyingData 1049 _COMMENT data supplied by the caller 1050 _TYPE TPMT_SIG_SCHEME+ 1051 _NAME inScheme 1052 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 1053 _TYPE TPML_PCR_SELECTION 1054 _NAME PCRselect 1055 _COMMENT PCR set to quote 1056 _OUTPUT_START TPM2_Quote 1057 _TYPE TPM_ST 1058 _NAME tag 1059 _COMMENT see clause 8 1060 _TYPE UINT32 1061 _NAME responseSize 1062 _TYPE TPM_RC 1063 _NAME responseCode 1064 _TYPE TPM2B_ATTEST 1065 _NAME quoted 1066 _COMMENT the quoted information 1067 _TYPE TPMT_SIGNATURE 1068 _NAME signature 1069 _COMMENT the signature over quoted 1070 _INPUT_START TPM2_GetSessionAuditDigest 1071 _TYPE TPMI_ST_COMMAND_TAG 1072 _NAME tag 1073 _TYPE UINT32 1074 _NAME commandSize 1075 _TYPE TPM_CC 1076 _NAME commandCode 1077 _COMMENT TPM_CC_GetSessionAuditDigest 1078 _TYPE TPMI_RH_ENDORSEMENT 1079 _NAME privacyAdminHandle 1080 _COMMENT handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER 1081 _TYPE TPMI_DH_OBJECT+ 1082 _NAME signHandle 1083 _COMMENT handle of the signing key Auth Index: 2 Auth Role: USER 1084 _TYPE TPMI_SH_HMAC 1085 _NAME sessionHandle 1086 _COMMENT handle of the audit session Auth Index: None 1087 _TYPE TPM2B_DATA 1088 _NAME qualifyingData 1089 _COMMENT user-provided qualifying data may be zero-length 1090 _TYPE TPMT_SIG_SCHEME+ 1091 _NAME inScheme 1092 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 1093 _OUTPUT_START TPM2_GetSessionAuditDigest 1094 _TYPE TPM_ST 1095 _NAME tag 1096 _COMMENT see clause 8 1097 _TYPE UINT32 1098 _NAME responseSize 1099 _TYPE TPM_RC 1100 _NAME responseCode 1101 _TYPE TPM2B_ATTEST 1102 _NAME auditInfo 1103 _COMMENT the audit information that was signed 1104 _TYPE TPMT_SIGNATURE 1105 _NAME signature 1106 _COMMENT the signature over auditInfo 1107 _INPUT_START TPM2_GetCommandAuditDigest 1108 _TYPE TPMI_ST_COMMAND_TAG 1109 _NAME tag 1110 _TYPE UINT32 1111 _NAME commandSize 1112 _TYPE TPM_CC 1113 _NAME commandCode 1114 _COMMENT TPM_CC_GetCommandAuditDigest {NV} 1115 _TYPE TPMI_RH_ENDORSEMENT 1116 _NAME privacyHandle 1117 _COMMENT handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER 1118 _TYPE TPMI_DH_OBJECT+ 1119 _NAME signHandle 1120 _COMMENT the handle of the signing key Auth Index: 2 Auth Role: USER 1121 _TYPE TPM2B_DATA 1122 _NAME qualifyingData 1123 _COMMENT other data to associate with this audit digest 1124 _TYPE TPMT_SIG_SCHEME+ 1125 _NAME inScheme 1126 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 1127 _OUTPUT_START TPM2_GetCommandAuditDigest 1128 _TYPE TPM_ST 1129 _NAME tag 1130 _COMMENT see clause 8 1131 _TYPE UINT32 1132 _NAME responseSize 1133 _TYPE TPM_RC 1134 _NAME responseCode 1135 _TYPE TPM2B_ATTEST 1136 _NAME auditInfo 1137 _COMMENT the auditInfo that was signed 1138 _TYPE TPMT_SIGNATURE 1139 _NAME signature 1140 _COMMENT the signature over auditInfo 1141 _INPUT_START TPM2_GetTime 1142 _TYPE TPMI_ST_COMMAND_TAG 1143 _NAME tag 1144 _TYPE UINT32 1145 _NAME commandSize 1146 _TYPE TPM_CC 1147 _NAME commandCode 1148 _COMMENT TPM_CC_GetTime 1149 _TYPE TPMI_RH_ENDORSEMENT 1150 _NAME privacyAdminHandle 1151 _COMMENT handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER 1152 _TYPE TPMI_DH_OBJECT+ 1153 _NAME signHandle 1154 _COMMENT the keyHandle identifier of a loaded key that can perform digital signatures Auth Index: 2 Auth Role: USER 1155 _TYPE TPM2B_DATA 1156 _NAME qualifyingData 1157 _COMMENT data to tick stamp 1158 _TYPE TPMT_SIG_SCHEME+ 1159 _NAME inScheme 1160 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 1161 _OUTPUT_START TPM2_GetTime 1162 _TYPE TPM_ST 1163 _NAME tag 1164 _COMMENT see clause 8 1165 _TYPE UINT32 1166 _NAME responseSize 1167 _TYPE TPM_RC 1168 _NAME responseCode 1169 _COMMENT . 1170 _TYPE TPM2B_ATTEST 1171 _NAME timeInfo 1172 _COMMENT standard TPM-generated attestation block 1173 _TYPE TPMT_SIGNATURE 1174 _NAME signature 1175 _COMMENT the signature over timeInfo 1176 _INPUT_START TPM2_Commit 1177 _TYPE TPMI_ST_COMMAND_TAG 1178 _NAME tag 1179 _TYPE UINT32 1180 _NAME paramSize 1181 _TYPE TPM_CC 1182 _NAME commandCode 1183 _COMMENT TPM_CC_Commit handle of the key that will be used in the signing operation 1184 _TYPE TPMI_DH_OBJECT 1185 _NAME signHandle 1186 _COMMENT Auth Index: 1 Auth Role: USER 1187 _TYPE TPM2B_ECC_POINT 1188 _NAME P1 1189 _COMMENT a point (M) on the curve used by signHandle 1190 _TYPE TPM2B_SENSITIVE_DATA 1191 _NAME s2 1192 _COMMENT octet array used to derive x-coordinate of a base point 1193 _TYPE TPM2B_ECC_PARAMETER 1194 _NAME y2 1195 _COMMENT y coordinate of the point associated with s2 1196 _OUTPUT_START TPM2_Commit 1197 _TYPE TPM_ST 1198 _NAME tag 1199 _COMMENT see 8 1200 _TYPE UINT32 1201 _NAME paramSize 1202 _TYPE TPM_RC 1203 _NAME responseCode 1204 _TYPE TPM2B_ECC_POINT 1205 _NAME K 1206 _COMMENT ECC point K [ds](x2, y2) 1207 _TYPE TPM2B_ECC_POINT 1208 _NAME L 1209 _COMMENT ECC point L [r](x2, y2) 1210 _TYPE TPM2B_ECC_POINT 1211 _NAME E 1212 _COMMENT ECC point E [r]P1 1213 _TYPE UINT16 1214 _NAME counter 1215 _COMMENT least-significant 16 bits of commitCount 1216 _INPUT_START TPM2_EC_Ephemeral 1217 _TYPE TPMI_ST_COMMAND_TAG 1218 _NAME tag 1219 _TYPE UINT32 1220 _NAME paramSize 1221 _TYPE TPM_CC 1222 _NAME commandCode 1223 _COMMENT TPM_CC_EC_Ephemeral 1224 _TYPE TPMI_ECC_CURVE 1225 _NAME curveID 1226 _COMMENT The curve for the computed ephemeral point 1227 _OUTPUT_START TPM2_EC_Ephemeral 1228 _TYPE TPM_ST 1229 _NAME tag 1230 _COMMENT see 8 1231 _TYPE UINT32 1232 _NAME paramSize 1233 _TYPE TPM_RC 1234 _NAME responseCode 1235 _TYPE TPM2B_ECC_POINT 1236 _NAME Q 1237 _COMMENT ephemeral public key Q [r]G 1238 _TYPE UINT16 1239 _NAME counter 1240 _COMMENT least-significant 16 bits of commitCount 1241 _INPUT_START TPM2_VerifySignature 1242 _TYPE TPMI_ST_COMMAND_TAG 1243 _NAME tag 1244 _TYPE UINT32 1245 _NAME commandSize 1246 _TYPE TPM_CC 1247 _NAME commandCode 1248 _COMMENT TPM_CC_VerifySignature 1249 _TYPE TPMI_DH_OBJECT 1250 _NAME keyHandle 1251 _COMMENT handle of public key that will be used in the validation Auth Index: None 1252 _TYPE TPM2B_DIGEST 1253 _NAME digest 1254 _COMMENT digest of the signed message 1255 _TYPE TPMT_SIGNATURE 1256 _NAME signature 1257 _COMMENT signature to be tested 1258 _OUTPUT_START TPM2_VerifySignature 1259 _TYPE TPM_ST 1260 _NAME tag 1261 _COMMENT see clause 8 1262 _TYPE UINT32 1263 _NAME responseSize 1264 _TYPE TPM_RC 1265 _NAME responseCode 1266 _TYPE TPMT_TK_VERIFIED 1267 _NAME validation 1268 _INPUT_START TPM2_Sign 1269 _TYPE TPMI_ST_COMMAND_TAG 1270 _NAME tag 1271 _TYPE UINT32 1272 _NAME commandSize 1273 _TYPE TPM_CC 1274 _NAME commandCode 1275 _COMMENT TPM_CC_Sign 1276 _TYPE TPMI_DH_OBJECT 1277 _NAME keyHandle 1278 _COMMENT Handle of key that will perform signing Auth Index: 1 Auth Role: USER 1279 _TYPE TPM2B_DIGEST 1280 _NAME digest 1281 _COMMENT digest to be signed 1282 _TYPE TPMT_SIG_SCHEME+ 1283 _NAME inScheme 1284 _COMMENT signing scheme to use if the scheme for keyHandle is TPM_ALG_NULL 1285 _TYPE TPMT_TK_HASHCHECK 1286 _NAME validation 1287 _COMMENT proof that digest was created by the TPM If keyHandle is not a restricted signing key, then this may be a NULL Ticket with tag = TPM_ST_CHECKHASH. 1288 _OUTPUT_START TPM2_Sign 1289 _TYPE TPM_ST 1290 _NAME tag 1291 _COMMENT see clause 8 1292 _TYPE UINT32 1293 _NAME responseSize 1294 _TYPE TPM_RC 1295 _NAME responseCode 1296 _TYPE TPMT_SIGNATURE 1297 _NAME signature 1298 _COMMENT the signature 1299 _INPUT_START TPM2_SetCommandCodeAuditStatus 1300 _TYPE TPMI_ST_COMMAND_TAG 1301 _NAME tag 1302 _TYPE UINT32 1303 _NAME commandSize 1304 _TYPE TPM_CC 1305 _NAME commandCode 1306 _COMMENT TPM_CC_SetCommandCodeAuditStatus {NV} 1307 _TYPE TPMI_RH_PROVISION 1308 _NAME auth 1309 _COMMENT TPM_RH_ENDORSEMENT or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 1310 _TYPE TPMI_ALG_HASH+ 1311 _NAME auditAlg 1312 _COMMENT hash algorithm for the audit digest; if TPM_ALG_NULL, then the hash is not changed 1313 _TYPE TPML_CC 1314 _NAME setList 1315 _COMMENT list of commands that will be added to those that will be audited 1316 _TYPE TPML_CC 1317 _NAME clearList 1318 _COMMENT list of commands that will no longer be audited 1319 _OUTPUT_START TPM2_SetCommandCodeAuditStatus 1320 _TYPE TPM_ST 1321 _NAME tag 1322 _COMMENT see clause 8 1323 _TYPE UINT32 1324 _NAME responseSize 1325 _TYPE TPM_RC 1326 _NAME responseCode 1327 _INPUT_START TPM2_PCR_Extend 1328 _TYPE TPMI_ST_COMMAND_TAG 1329 _NAME tag 1330 _TYPE UINT32 1331 _NAME commandSize 1332 _TYPE TPM_CC 1333 _NAME commandCode 1334 _COMMENT TPM_CC_PCR_Extend {NV} 1335 _TYPE TPMI_DH_PCR+ 1336 _NAME pcrHandle 1337 _COMMENT handle of the PCR Auth Handle: 1 Auth Role: USER 1338 _TYPE TPML_DIGEST_VALUES 1339 _NAME digests 1340 _COMMENT list of tagged digest values to be extended 1341 _OUTPUT_START TPM2_PCR_Extend 1342 _TYPE TPM_ST 1343 _NAME tag 1344 _COMMENT see clause 8 1345 _TYPE UINT32 1346 _NAME responseSize 1347 _TYPE TPM_RC 1348 _NAME responseCode 1349 _COMMENT . 1350 _INPUT_START TPM2_PCR_Event 1351 _TYPE TPMI_ST_COMMAND_TAG 1352 _NAME tag 1353 _TYPE UINT32 1354 _NAME commandSize 1355 _TYPE TPM_CC 1356 _NAME commandCode 1357 _COMMENT TPM_CC_PCR_Event {NV} 1358 _TYPE TPMI_DH_PCR+ 1359 _NAME pcrHandle 1360 _COMMENT Handle of the PCR Auth Handle: 1 Auth Role: USER 1361 _TYPE TPM2B_EVENT 1362 _NAME eventData 1363 _COMMENT Event data in sized buffer 1364 _OUTPUT_START TPM2_PCR_Event 1365 _TYPE TPM_ST 1366 _NAME tag 1367 _COMMENT see clause 8 1368 _TYPE UINT32 1369 _NAME responseSize 1370 _TYPE TPM_RC 1371 _NAME responseCode 1372 _TYPE TPML_DIGEST_VALUES 1373 _NAME digests 1374 _COMMENT . 1375 _INPUT_START TPM2_PCR_Read 1376 _TYPE TPMI_ST_COMMAND_TAG 1377 _NAME tag 1378 _TYPE UINT32 1379 _NAME commandSize 1380 _TYPE TPM_CC 1381 _NAME commandCode 1382 _COMMENT TPM_CC_PCR_Read 1383 _TYPE TPML_PCR_SELECTION 1384 _NAME pcrSelectionIn 1385 _COMMENT The selection of PCR to read 1386 _OUTPUT_START TPM2_PCR_Read 1387 _TYPE TPM_ST 1388 _NAME tag 1389 _COMMENT see clause 8 1390 _TYPE UINT32 1391 _NAME responseSize 1392 _TYPE TPM_RC 1393 _NAME responseCode 1394 _TYPE UINT32 1395 _NAME pcrUpdateCounter 1396 _COMMENT the current value of the PCR update counter 1397 _TYPE TPML_PCR_SELECTION 1398 _NAME pcrSelectionOut 1399 _COMMENT the PCR in the returned list 1400 _TYPE TPML_DIGEST 1401 _NAME pcrValues 1402 _COMMENT the contents of the PCR indicated in pcrSelect as tagged digests 1403 _INPUT_START TPM2_PCR_Allocate 1404 _TYPE TPMI_ST_COMMAND_TAG 1405 _NAME tag 1406 _TYPE UINT32 1407 _NAME commandSize 1408 _TYPE TPM_CC 1409 _NAME commandCode 1410 _COMMENT TPM_CC_PCR_Allocate {NV} 1411 _TYPE TPMI_RH_PLATFORM 1412 _NAME authHandle 1413 _COMMENT TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 1414 _TYPE TPML_PCR_SELECTION 1415 _NAME pcrAllocation 1416 _COMMENT the requested allocation 1417 _OUTPUT_START TPM2_PCR_Allocate 1418 _TYPE TPM_ST 1419 _NAME tag 1420 _COMMENT see clause 8 1421 _TYPE UINT32 1422 _NAME responseSize 1423 _TYPE TPM_RC 1424 _NAME responseCode 1425 _TYPE TPMI_YES_NO 1426 _NAME allocationSuccess 1427 _COMMENT YES if the allocation succeeded 1428 _TYPE UINT32 1429 _NAME maxPCR 1430 _COMMENT maximum number of PCR that may be in a bank 1431 _TYPE UINT32 1432 _NAME sizeNeeded 1433 _COMMENT number of octets required to satisfy the request 1434 _TYPE UINT32 1435 _NAME sizeAvailable 1436 _COMMENT Number of octets available. Computed before the allocation. 1437 _INPUT_START TPM2_PCR_SetAuthPolicy 1438 _TYPE TPMI_ST_COMMAND_TAG 1439 _NAME tag 1440 _TYPE UINT32 1441 _NAME commandSize 1442 _TYPE TPM_CC 1443 _NAME commandCode 1444 _COMMENT TPM_CC_PCR_SetAuthPolicy {NV} 1445 _TYPE TPMI_RH_PLATFORM 1446 _NAME authHandle 1447 _COMMENT TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 1448 _TYPE TPM2B_DIGEST 1449 _NAME authPolicy 1450 _COMMENT the desired authPolicy 1451 _TYPE TPMI_ALG_HASH+ 1452 _NAME hashAlg 1453 _COMMENT the hash algorithm of the policy 1454 _TYPE TPMI_DH_PCR 1455 _NAME pcrNum 1456 _COMMENT the PCR for which the policy is to be set 1457 _OUTPUT_START TPM2_PCR_SetAuthPolicy 1458 _TYPE TPM_ST 1459 _NAME tag 1460 _COMMENT see clause 8 1461 _TYPE UINT32 1462 _NAME responseSize 1463 _TYPE TPM_RC 1464 _NAME responseCode 1465 _INPUT_START TPM2_PCR_SetAuthValue 1466 _TYPE TPMI_ST_COMMAND_TAG 1467 _NAME tag 1468 _TYPE UINT32 1469 _NAME commandSize 1470 _TYPE TPM_CC 1471 _NAME commandCode 1472 _COMMENT TPM_CC_PCR_SetAuthValue 1473 _TYPE TPMI_DH_PCR 1474 _NAME pcrHandle 1475 _COMMENT handle for a PCR that may have an authorization value set Auth Index: 1 Auth Role: USER 1476 _TYPE TPM2B_DIGEST 1477 _NAME auth 1478 _COMMENT the desired authorization value 1479 _OUTPUT_START TPM2_PCR_SetAuthValue 1480 _TYPE TPM_ST 1481 _NAME tag 1482 _COMMENT see clause 8 1483 _TYPE UINT32 1484 _NAME responseSize 1485 _TYPE TPM_RC 1486 _NAME responseCode 1487 _INPUT_START TPM2_PCR_Reset 1488 _TYPE TPMI_ST_COMMAND_TAG 1489 _NAME tag 1490 _TYPE UINT32 1491 _NAME commandSize 1492 _TYPE TPM_CC 1493 _NAME commandCode 1494 _COMMENT TPM_CC_PCR_Reset {NV} 1495 _TYPE TPMI_DH_PCR 1496 _NAME pcrHandle 1497 _COMMENT the PCR to reset Auth Index: 1 Auth Role: USER 1498 _OUTPUT_START TPM2_PCR_Reset 1499 _TYPE TPM_ST 1500 _NAME tag 1501 _COMMENT see clause 8 1502 _TYPE UINT32 1503 _NAME responseSize 1504 _TYPE TPM_RC 1505 _NAME responseCode 1506 _INPUT_START TPM2_PolicySigned 1507 _TYPE TPMI_ST_COMMAND_TAG 1508 _NAME tag 1509 _TYPE UINT32 1510 _NAME commandSize 1511 _TYPE TPM_CC 1512 _NAME commandCode 1513 _COMMENT TPM_CC_PolicySigned 1514 _TYPE TPMI_DH_OBJECT 1515 _NAME authObject 1516 _COMMENT handle for a public key that will validate the signature Auth Index: None 1517 _TYPE TPMI_SH_POLICY 1518 _NAME policySession 1519 _COMMENT handle for the policy session being extended Auth Index: None 1520 _TYPE TPM2B_NONCE 1521 _NAME nonceTPM 1522 _COMMENT the policy nonce for the session If the nonce is not included in the authorization qualification, this field is the Empty Buffer. 1523 _TYPE TPM2B_DIGEST 1524 _NAME cpHashA 1525 _COMMENT digest of the command parameters to which this authorization is limited This is not the cpHash for this command but the cpHash for the command to which this policy session will be applied. If it is not limited, the parameter will be the Empty Buffer. 1526 _TYPE TPM2B_NONCE 1527 _NAME policyRef 1528 _COMMENT a reference to a policy relating to the authorization may be the Empty Buffer Size is limited to be no larger than the nonce size supported on the TPM. 1529 _TYPE INT32 1530 _NAME expiration 1531 _COMMENT time when authorization will expire, measured in seconds from the time that nonceTPM was generated If expiration is zero, a NULL Ticket is returned. 1532 _TYPE TPMT_SIGNATURE 1533 _NAME auth 1534 _COMMENT signed authorization (not optional) 1535 _OUTPUT_START TPM2_PolicySigned 1536 _TYPE TPM_ST 1537 _NAME tag 1538 _COMMENT see clause 8 1539 _TYPE UINT32 1540 _NAME responseSize 1541 _TYPE TPM_RC 1542 _NAME responseCode 1543 _TYPE TPM2B_TIMEOUT 1544 _NAME timeout 1545 _TYPE TPMT_TK_AUTH 1546 _NAME policyTicket 1547 _COMMENT implementation-specific time value, used to indicate to the TPM when the ticket expires NOTE If policyTicket is a NULL Ticket, then this shall be the Empty Buffer. produced if the command succeeds and expiration in the command was non-zero; this ticket will use the TPMT_ST_AUTH_SIGNED structure tag 1548 _INPUT_START TPM2_PolicySecret 1549 _TYPE TPMI_ST_COMMAND_TAG 1550 _NAME tag 1551 _COMMENT see clause 8 1552 _TYPE UINT32 1553 _NAME commandSize 1554 _TYPE TPM_CC 1555 _NAME commandCode 1556 _COMMENT TPM_CC_PolicySecret 1557 _TYPE TPMI_DH_ENTITY 1558 _NAME authHandle 1559 _COMMENT handle for an entity providing the authorization Auth Index: 1 Auth Role: USER 1560 _TYPE TPMI_SH_POLICY 1561 _NAME policySession 1562 _COMMENT handle for the policy session being extended Auth Index: None 1563 _TYPE TPM2B_NONCE 1564 _NAME nonceTPM 1565 _COMMENT the policy nonce for the session If the nonce is not included in the authorization qualification, this field is the Empty Buffer. 1566 _TYPE TPM2B_DIGEST 1567 _NAME cpHashA 1568 _COMMENT digest of the command parameters to which this authorization is limited This not the cpHash for this command but the cpHash for the command to which this policy session will be applied. If it is not limited, the parameter will be the Empty Buffer. 1569 _TYPE TPM2B_NONCE 1570 _NAME policyRef 1571 _COMMENT a reference to a policy relating to the authorization may be the Empty Buffer Size is limited to be no larger than the nonce size supported on the TPM. 1572 _TYPE INT32 1573 _NAME expiration 1574 _COMMENT time when authorization will expire, measured in seconds from the time that nonceTPM was generated If expiration is zero, a NULL Ticket is returned. 1575 _OUTPUT_START TPM2_PolicySecret 1576 _TYPE TPM_ST 1577 _NAME tag 1578 _COMMENT see clause 8 1579 _TYPE UINT32 1580 _NAME responseSize 1581 _TYPE TPM_RC 1582 _NAME responseCode 1583 _TYPE TPM2B_TIMEOUT 1584 _NAME timeout 1585 _COMMENT implementation-specific time value used to indicate to the TPM when the ticket expires; this ticket will use the TPMT_ST_AUTH_SECRET structure tag 1586 _TYPE TPMT_TK_AUTH 1587 _NAME policyTicket 1588 _COMMENT produced if the command succeeds and expiration in the command was non-zero 1589 _INPUT_START TPM2_PolicyTicket 1590 _TYPE TPMI_ST_COMMAND_TAG 1591 _NAME tag 1592 _COMMENT see clause 8 1593 _TYPE UINT32 1594 _NAME commandSize 1595 _TYPE TPM_CC 1596 _NAME commandCode 1597 _COMMENT TPM_CC_PolicyTicket 1598 _TYPE TPMI_SH_POLICY 1599 _NAME policySession 1600 _COMMENT handle for the policy session being extended Auth Index: None 1601 _TYPE TPM2B_TIMEOUT 1602 _NAME timeout 1603 _COMMENT time when authorization will expire The contents are TPM specific. This shall be the value returned when ticket was produced. 1604 _TYPE TPM2B_DIGEST 1605 _NAME cpHashA 1606 _COMMENT digest of the command parameters to which this authorization is limited If it is not limited, the parameter will be the Empty Buffer. 1607 _TYPE TPM2B_NONCE 1608 _NAME policyRef 1609 _COMMENT reference to a qualifier for the policy may be the Empty Buffer 1610 _TYPE TPM2B_NAME 1611 _NAME authName 1612 _COMMENT name of the object that provided the authorization 1613 _TYPE TPMT_TK_AUTH 1614 _NAME ticket 1615 _COMMENT an authorization ticket returned by the TPM in response to a TPM2_PolicySigned() or TPM2_PolicySecret() 1616 _OUTPUT_START TPM2_PolicyTicket 1617 _TYPE TPM_ST 1618 _NAME tag 1619 _COMMENT see clause 8 1620 _TYPE UINT32 1621 _NAME responseSize 1622 _TYPE TPM_RC 1623 _NAME responseCode 1624 _INPUT_START TPM2_PolicyOR 1625 _TYPE TPMI_ST_COMMAND_TAG 1626 _NAME tag 1627 _TYPE UINT32 1628 _NAME commandSize 1629 _TYPE TPM_CC 1630 _NAME commandCode 1631 _COMMENT TPM_CC_PolicyOR. 1632 _TYPE TPMI_SH_POLICY 1633 _NAME policySession 1634 _COMMENT handle for the policy session being extended Auth Index: None 1635 _TYPE TPML_DIGEST 1636 _NAME pHashList 1637 _COMMENT the list of hashes to check for a match 1638 _OUTPUT_START TPM2_PolicyOR 1639 _TYPE TPM_ST 1640 _NAME tag 1641 _COMMENT see clause 8 1642 _TYPE UINT32 1643 _NAME responseSize 1644 _TYPE TPM_RC 1645 _NAME responseCode 1646 _INPUT_START TPM2_PolicyPCR 1647 _TYPE TPMI_ST_COMMAND_TAG 1648 _NAME tag 1649 _TYPE UINT32 1650 _NAME commandSize 1651 _TYPE TPM_CC 1652 _NAME commandCode 1653 _COMMENT TPM_CC_PolicyPCR 1654 _TYPE TPMI_SH_POLICY 1655 _NAME policySession 1656 _COMMENT handle for the policy session being extended Auth Index: None 1657 _TYPE TPM2B_DIGEST 1658 _NAME pcrDigest 1659 _COMMENT expected digest value of the selected PCR using the hash algorithm of the session; may be zero length 1660 _TYPE TPML_PCR_SELECTION 1661 _NAME pcrs 1662 _COMMENT the PCR to include in the check digest 1663 _OUTPUT_START TPM2_PolicyPCR 1664 _TYPE TPM_ST 1665 _NAME tag 1666 _COMMENT see clause 8 1667 _TYPE UINT32 1668 _NAME responseSize 1669 _TYPE TPM_RC 1670 _NAME responseCode 1671 _INPUT_START TPM2_PolicyLocality 1672 _TYPE TPMI_ST_COMMAND_TAG 1673 _NAME tag 1674 _TYPE UINT32 1675 _NAME commandSize 1676 _TYPE TPM_CC 1677 _NAME commandCode 1678 _COMMENT TPM_CC_PolicyLocality 1679 _TYPE TPMI_SH_POLICY 1680 _NAME policySession 1681 _COMMENT handle for the policy session being extended Auth Index: None 1682 _TYPE TPMA_LOCALITY 1683 _NAME locality 1684 _COMMENT the allowed localities for the policy 1685 _OUTPUT_START TPM2_PolicyLocality 1686 _TYPE TPM_ST 1687 _NAME tag 1688 _COMMENT see clause 8 1689 _TYPE UINT32 1690 _NAME responseSize 1691 _TYPE TPM_RC 1692 _NAME responseCode 1693 _INPUT_START TPM2_PolicyNV 1694 _TYPE TPMI_ST_COMMAND_TAG 1695 _NAME tag 1696 _TYPE UINT32 1697 _NAME commandSize 1698 _TYPE TPM_CC 1699 _NAME commandCode 1700 _COMMENT TPM_CC_PolicyNV 1701 _TYPE TPMI_RH_NV_AUTH 1702 _NAME authHandle 1703 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 1704 _TYPE TPMI_RH_NV_INDEX 1705 _NAME nvIndex 1706 _COMMENT the NV Index of the area to read Auth Index: None 1707 _TYPE TPMI_SH_POLICY 1708 _NAME policySession 1709 _COMMENT handle for the policy session being extended Auth Index: None 1710 _TYPE TPM2B_OPERAND 1711 _NAME operandB 1712 _COMMENT the second operand 1713 _TYPE UINT16 1714 _NAME offset 1715 _COMMENT the offset in the NV Index for the start of operand A 1716 _TYPE TPM_EO 1717 _NAME operation 1718 _COMMENT the comparison to make 1719 _OUTPUT_START TPM2_PolicyNV 1720 _TYPE TPM_ST 1721 _NAME tag 1722 _COMMENT see clause 8 1723 _TYPE UINT32 1724 _NAME responseSize 1725 _TYPE TPM_RC 1726 _NAME responseCode 1727 _INPUT_START TPM2_PolicyCounterTimer 1728 _TYPE TPMI_ST_COMMAND_TAG 1729 _NAME tag 1730 _TYPE UINT32 1731 _NAME commandSize 1732 _TYPE TPM_CC 1733 _NAME commandCode 1734 _COMMENT TPM_CC_PolicyCounterTimer 1735 _TYPE TPMI_SH_POLICY 1736 _NAME policySession 1737 _COMMENT handle for the policy session being extended Auth Index: None 1738 _TYPE TPM2B_OPERAND 1739 _NAME operandB 1740 _COMMENT the second operand 1741 _TYPE UINT16 1742 _NAME offset 1743 _COMMENT the offset in TPMS_TIME_INFO structure for the start of operand A 1744 _TYPE TPM_EO 1745 _NAME operation 1746 _COMMENT the comparison to make 1747 _OUTPUT_START TPM2_PolicyCounterTimer 1748 _TYPE TPM_ST 1749 _NAME tag 1750 _COMMENT see clause 8 1751 _TYPE UINT32 1752 _NAME responseSize 1753 _TYPE TPM_RC 1754 _NAME responseCode 1755 _COMMENT 25.10.3 1 2 3 1756 _INPUT_START TPM2_PolicyCommandCode 1757 _TYPE TPMI_ST_COMMAND_TAG 1758 _NAME tag 1759 _TYPE UINT32 1760 _NAME commandSize 1761 _TYPE TPM_CC 1762 _NAME commandCode 1763 _COMMENT TPM_CC_PolicyCommandCode 1764 _TYPE TPMI_SH_POLICY 1765 _NAME policySession 1766 _COMMENT handle for the policy session being extended Auth Index: None 1767 _TYPE TPM_CC 1768 _NAME code 1769 _COMMENT the allowed commandCode 1770 _OUTPUT_START TPM2_PolicyCommandCode 1771 _TYPE TPM_ST 1772 _NAME tag 1773 _COMMENT see clause 8 1774 _TYPE UINT32 1775 _NAME responseSize 1776 _TYPE TPM_RC 1777 _NAME responseCode 1778 _COMMENT 25.11.3 1 2 1779 _INPUT_START TPM2_PolicyPhysicalPresence 1780 _TYPE TPMI_ST_COMMAND_TAG 1781 _NAME tag 1782 _TYPE UINT32 1783 _NAME commandSize 1784 _TYPE TPM_CC 1785 _NAME commandCode 1786 _COMMENT TPM_CC_PolicyPhysicalPresence 1787 _TYPE TPMI_SH_POLICY 1788 _NAME policySession 1789 _COMMENT handle for the policy session being extended Auth Index: None 1790 _OUTPUT_START TPM2_PolicyPhysicalPresence 1791 _TYPE TPM_ST 1792 _NAME tag 1793 _COMMENT see clause 8 1794 _TYPE UINT32 1795 _NAME responseSize 1796 _TYPE TPM_RC 1797 _NAME responseCode 1798 _COMMENT 25.12.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 1799 _INPUT_START TPM2_PolicyCpHash 1800 _TYPE TPMI_ST_COMMAND_TAG 1801 _NAME tag 1802 _TYPE UINT32 1803 _NAME commandSize 1804 _TYPE TPM_CC 1805 _NAME commandCode 1806 _COMMENT TPM_CC_PolicyCpHash 1807 _TYPE TPMI_SH_POLICY 1808 _NAME policySession 1809 _COMMENT handle for the policy session being extended Auth Index: None 1810 _TYPE TPM2B_DIGEST 1811 _NAME cpHashA 1812 _COMMENT the cpHash added to the policy 1813 _OUTPUT_START TPM2_PolicyCpHash 1814 _TYPE TPM_ST 1815 _NAME tag 1816 _COMMENT see clause 8 1817 _TYPE UINT32 1818 _NAME responseSize 1819 _TYPE TPM_RC 1820 _NAME responseCode 1821 _COMMENT 25.13.3 1 2 1822 _INPUT_START TPM2_PolicyNameHash 1823 _TYPE TPMI_ST_COMMAND_TAG 1824 _NAME tag 1825 _TYPE UINT32 1826 _NAME commandSize 1827 _TYPE TPM_CC 1828 _NAME commandCode 1829 _COMMENT TPM_CC_PolicyNameHash 1830 _TYPE TPMI_SH_POLICY 1831 _NAME policySession 1832 _COMMENT handle for the policy session being extended Auth Index: None 1833 _TYPE TPM2B_DIGEST 1834 _NAME nameHash 1835 _COMMENT the digest to be added to the policy 1836 _OUTPUT_START TPM2_PolicyNameHash 1837 _TYPE TPM_ST 1838 _NAME tag 1839 _COMMENT see clause 8 1840 _TYPE UINT32 1841 _NAME responseSize 1842 _TYPE TPM_RC 1843 _NAME responseCode 1844 _COMMENT 25.14.3 1 2 1845 _INPUT_START TPM2_PolicyDuplicationSelect 1846 _TYPE TPMI_ST_COMMAND_TAG 1847 _NAME tag 1848 _TYPE UINT32 1849 _NAME commandSize 1850 _TYPE TPM_CC 1851 _NAME commandCode 1852 _COMMENT TPM_CC_PolicyDuplicationSelect 1853 _TYPE TPMI_SH_POLICY 1854 _NAME policySession 1855 _COMMENT handle for the policy session being extended Auth Index: None 1856 _TYPE TPM2B_NAME 1857 _NAME objectName 1858 _COMMENT the Name of the object to be duplicated 1859 _TYPE TPM2B_NAME 1860 _NAME newParentName 1861 _COMMENT the Name of the new parent 1862 _TYPE TPMI_YES_NO 1863 _NAME includeObject 1864 _COMMENT if YES, the objectName will be included in the value in policySessionpolicyDigest 1865 _OUTPUT_START TPM2_PolicyDuplicationSelect 1866 _TYPE TPM_ST 1867 _NAME tag 1868 _COMMENT see clause 8 1869 _TYPE UINT32 1870 _NAME responseSize 1871 _TYPE TPM_RC 1872 _NAME responseCode 1873 _COMMENT 25.15.3 1 2 1874 _INPUT_START TPM2_PolicyAuthorize 1875 _TYPE TPMI_ST_COMMAND_TAG 1876 _NAME tag 1877 _TYPE UINT32 1878 _NAME commandSize 1879 _TYPE TPM_CC 1880 _NAME commandCode 1881 _COMMENT TPM_CC_PolicyAuthorize 1882 _TYPE TPMI_SH_POLICY 1883 _NAME policySession 1884 _COMMENT handle for the policy session being extended Auth Index: None 1885 _TYPE TPM2B_DIGEST 1886 _NAME approvedPolicy 1887 _COMMENT digest of the policy being approved 1888 _TYPE TPM2B_NONCE 1889 _NAME policyRef 1890 _COMMENT a policy qualifier 1891 _TYPE TPM2B_NAME 1892 _NAME keySign 1893 _COMMENT Name of a key that can sign a policy addition 1894 _TYPE TPMT_TK_VERIFIED 1895 _NAME checkTicket 1896 _COMMENT ticket validating that approvedPolicy and policyRef were signed by keySign 1897 _OUTPUT_START TPM2_PolicyAuthorize 1898 _TYPE TPM_ST 1899 _NAME tag 1900 _COMMENT see clause 8 1901 _TYPE UINT32 1902 _NAME responseSize 1903 _TYPE TPM_RC 1904 _NAME responseCode 1905 _COMMENT 25.16.3 1 2 3 1906 _INPUT_START TPM2_PolicyAuthValue 1907 _TYPE TPMI_ST_COMMAND_TAG 1908 _NAME tag 1909 _TYPE UINT32 1910 _NAME commandSize 1911 _TYPE TPM_CC 1912 _NAME commandCode 1913 _COMMENT TPM_CC_PolicyAuthValue 1914 _TYPE TPMI_SH_POLICY 1915 _NAME policySession 1916 _COMMENT handle for the policy session being extended Auth Index: None 1917 _OUTPUT_START TPM2_PolicyAuthValue 1918 _TYPE TPM_ST 1919 _NAME tag 1920 _COMMENT see clause 8 1921 _TYPE UINT32 1922 _NAME responseSize 1923 _TYPE TPM_RC 1924 _NAME responseCode 1925 _COMMENT 25.17.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 1926 _INPUT_START TPM2_PolicyPassword 1927 _TYPE TPMI_ST_COMMAND_TAG 1928 _NAME tag 1929 _TYPE UINT32 1930 _NAME commandSize 1931 _TYPE TPM_CC 1932 _NAME commandCode 1933 _COMMENT TPM_CC_PolicyPassword 1934 _TYPE TPMI_SH_POLICY 1935 _NAME policySession 1936 _COMMENT handle for the policy session being extended Auth Index: None 1937 _OUTPUT_START TPM2_PolicyPassword 1938 _TYPE TPM_ST 1939 _NAME tag 1940 _COMMENT see clause 8 1941 _TYPE UINT32 1942 _NAME responseSize 1943 _TYPE TPM_RC 1944 _NAME responseCode 1945 _COMMENT 25.18.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 1946 _INPUT_START TPM2_PolicyGetDigest 1947 _TYPE TPMI_ST_COMMAND_TAG 1948 _NAME tag 1949 _TYPE UINT32 1950 _NAME commandSize 1951 _TYPE TPM_CC 1952 _NAME commandCode 1953 _COMMENT TPM_CC_PolicyGetDigest 1954 _TYPE TPMI_SH_POLICY 1955 _NAME policySession 1956 _COMMENT handle for the policy session Auth Index: None 1957 _OUTPUT_START TPM2_PolicyGetDigest 1958 _TYPE TPM_ST 1959 _NAME tag 1960 _COMMENT see clause 8 1961 _TYPE UINT32 1962 _NAME responseSize 1963 _TYPE TPM_RC 1964 _NAME responseCode 1965 _TYPE TPM2B_DIGEST 1966 _NAME policyDigest 1967 _COMMENT the current value of the policySessionpolicyDigest 25.19.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 1968 _INPUT_START TPM2_PolicyNvWritten 1969 _TYPE TPMI_ST_COMMAND_TAG 1970 _NAME Tag 1971 _TYPE UINT32 1972 _NAME commandSize 1973 _TYPE TPM_CC 1974 _NAME commandCode 1975 _COMMENT TPM_CC_PolicyNvWritten 1976 _TYPE TPMI_SH_POLICY 1977 _NAME policySession 1978 _COMMENT handle for the policy session being extended Auth Index: None 1979 _TYPE TPMI_YES_NO 1980 _NAME writtenSet 1981 _COMMENT YES if NV Index is required to have been written NO if NV Index is required not to have been written 1982 _OUTPUT_START TPM2_PolicyNvWritten 1983 _TYPE TPM_ST 1984 _NAME Tag 1985 _COMMENT see clause 8 1986 _TYPE UINT32 1987 _NAME responseSize 1988 _TYPE TPM_RC 1989 _NAME responseCode 1990 _COMMENT 25.20.3 1 2 1991 _INPUT_START TPM2_CreatePrimary 1992 _TYPE TPMI_ST_COMMAND_TAG 1993 _NAME tag 1994 _TYPE UINT32 1995 _NAME commandSize 1996 _TYPE TPM_CC 1997 _NAME commandCode 1998 _COMMENT TPM_CC_CreatePrimary 1999 _TYPE TPMI_RH_HIERARCHY+ 2000 _NAME primaryHandle 2001 _COMMENT TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL Auth Index: 1 Auth Role: USER 2002 _TYPE TPM2B_SENSITIVE_CREATE 2003 _NAME inSensitive 2004 _COMMENT the sensitive data, see Part 1 Sensitive Values 2005 _TYPE TPM2B_PUBLIC 2006 _NAME inPublic 2007 _COMMENT the public template 2008 _TYPE TPM2B_DATA 2009 _NAME outsideInfo 2010 _COMMENT data that will be included in the creation data for this object to provide permanent, verifiable linkage between this object and some object owner data 2011 _TYPE TPML_PCR_SELECTION 2012 _NAME creationPCR 2013 _COMMENT PCR that will be used in creation data 2014 _OUTPUT_START TPM2_CreatePrimary 2015 _TYPE TPM_ST 2016 _NAME tag 2017 _COMMENT see clause 8 2018 _TYPE UINT32 2019 _NAME responseSize 2020 _TYPE TPM_RC 2021 _NAME responseCode 2022 _TYPE TPM_HANDLE 2023 _NAME objectHandle 2024 _COMMENT Handle for created Primary Object 2025 _TYPE TPM2B_PUBLIC 2026 _NAME outPublic 2027 _COMMENT the public portion of the created object 2028 _TYPE TPM2B_CREATION_DATA 2029 _NAME creationData 2030 _COMMENT contains a TPMT_CREATION_DATA 2031 _TYPE TPM2B_DIGEST 2032 _NAME creationHash 2033 _COMMENT digest of creationData using nameAlg of outPublic 2034 _TYPE TPMT_TK_CREATION 2035 _NAME creationTicket 2036 _COMMENT ticket used by TPM2_CertifyCreation() to validate that the creation data was produced by the TPM 2037 _TYPE TPM2B_NAME 2038 _NAME name 2039 _COMMENT the name of the created object 2040 _INPUT_START TPM2_HierarchyControl 2041 _TYPE TPMI_ST_COMMAND_TAG 2042 _NAME tag 2043 _TYPE UINT32 2044 _NAME commandSize 2045 _TYPE TPM_CC 2046 _NAME commandCode 2047 _COMMENT TPM_CC_HierarchyControl {NV E} 2048 _TYPE TPMI_RH_HIERARCHY 2049 _NAME authHandle 2050 _COMMENT TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2051 _TYPE TPMI_RH_ENABLES 2052 _NAME enable 2053 _COMMENT the enable being modified TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM, or TPM_RH_PLATFORM_NV 2054 _TYPE TPMI_YES_NO 2055 _NAME state 2056 _COMMENT YES if the enable should be SET, NO if the enable should be CLEAR 2057 _OUTPUT_START TPM2_HierarchyControl 2058 _TYPE TPM_ST 2059 _NAME tag 2060 _COMMENT see clause 8 2061 _TYPE UINT32 2062 _NAME responseSize 2063 _TYPE TPM_RC 2064 _NAME responseCode 2065 _INPUT_START TPM2_SetPrimaryPolicy 2066 _TYPE TPMI_ST_COMMAND_TAG 2067 _NAME tag 2068 _TYPE UINT32 2069 _NAME commandSize 2070 _TYPE TPM_CC 2071 _NAME commandCode 2072 _COMMENT TPM_CC_SetPrimaryPolicy {NV} 2073 _TYPE TPMI_RH_HIERARCHY 2074 _NAME authHandle 2075 _COMMENT TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2076 _TYPE TPM2B_DIGEST 2077 _NAME authPolicy 2078 _COMMENT an authorization policy digest; may be the Empty Buffer If hashAlg is TPM_ALG_NULL, then this shall be an Empty Buffer. 2079 _TYPE TPMI_ALG_HASH+ 2080 _NAME hashAlg 2081 _COMMENT the hash algorithm to use for the policy If the authPolicy is an Empty Buffer, then this field shall be TPM_ALG_NULL. 2082 _OUTPUT_START TPM2_SetPrimaryPolicy 2083 _TYPE TPM_ST 2084 _NAME tag 2085 _COMMENT see clause 8 2086 _TYPE UINT32 2087 _NAME responseSize 2088 _TYPE TPM_RC 2089 _NAME responseCode 2090 _INPUT_START TPM2_ChangePPS 2091 _TYPE TPMI_ST_COMMAND_TAG 2092 _NAME tag 2093 _TYPE UINT32 2094 _NAME commandSize 2095 _TYPE TPM_CC 2096 _NAME commandCode 2097 _COMMENT TPM_CC_ChangePPS {NV E} 2098 _TYPE TPMI_RH_PLATFORM 2099 _NAME authHandle 2100 _COMMENT TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2101 _OUTPUT_START TPM2_ChangePPS 2102 _TYPE TPM_ST 2103 _NAME tag 2104 _COMMENT see clause 8 2105 _TYPE UINT32 2106 _NAME responseSize 2107 _TYPE TPM_RC 2108 _NAME responseCode 2109 _INPUT_START TPM2_ChangeEPS 2110 _TYPE TPMI_ST_COMMAND_TAG 2111 _NAME tag 2112 _TYPE UINT32 2113 _NAME commandSize 2114 _TYPE TPM_CC 2115 _NAME commandCode 2116 _COMMENT TPM_CC_ChangeEPS {NV E} 2117 _TYPE TPMI_RH_PLATFORM 2118 _NAME authHandle 2119 _COMMENT TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2120 _OUTPUT_START TPM2_ChangeEPS 2121 _TYPE TPM_ST 2122 _NAME tag 2123 _COMMENT see clause 8 2124 _TYPE UINT32 2125 _NAME responseSize 2126 _TYPE TPM_RC 2127 _NAME responseCode 2128 _INPUT_START TPM2_Clear 2129 _TYPE TPMI_ST_COMMAND_TAG 2130 _NAME tag 2131 _TYPE UINT32 2132 _NAME commandSize 2133 _TYPE TPM_CC 2134 _NAME commandCode 2135 _COMMENT TPM_CC_Clear {NV E} 2136 _TYPE TPMI_RH_CLEAR 2137 _NAME authHandle 2138 _COMMENT TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2139 _OUTPUT_START TPM2_Clear 2140 _TYPE TPM_ST 2141 _NAME tag 2142 _COMMENT see clause 8 2143 _TYPE UINT32 2144 _NAME responseSize 2145 _TYPE TPM_RC 2146 _NAME responseCode 2147 _INPUT_START TPM2_ClearControl 2148 _TYPE TPMI_ST_COMMAND_TAG 2149 _NAME tag 2150 _TYPE UINT32 2151 _NAME commandSize 2152 _TYPE TPM_CC 2153 _NAME commandCode 2154 _COMMENT TPM_CC_ClearControl {NV} 2155 _TYPE TPMI_RH_CLEAR 2156 _NAME auth 2157 _COMMENT TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2158 _TYPE TPMI_YES_NO 2159 _NAME disable 2160 _COMMENT YES if the disableOwnerClear flag is to be SET, NO if the flag is to be CLEAR. 2161 _OUTPUT_START TPM2_ClearControl 2162 _TYPE TPM_ST 2163 _NAME tag 2164 _COMMENT see clause 8 2165 _TYPE UINT32 2166 _NAME responseSize 2167 _TYPE TPM_RC 2168 _NAME responseCode 2169 _INPUT_START TPM2_HierarchyChangeAuth 2170 _TYPE TPMI_ST_COMMAND_TAG 2171 _NAME tag 2172 _TYPE UINT32 2173 _NAME commandSize 2174 _TYPE TPM_CC 2175 _NAME commandCode 2176 _COMMENT TPM_CC_HierarchyChangeAuth {NV} 2177 _TYPE TPMI_RH_HIERARCHY_AUTH 2178 _NAME authHandle 2179 _COMMENT TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2180 _TYPE TPM2B_AUTH 2181 _NAME newAuth 2182 _COMMENT new authorization value 2183 _OUTPUT_START TPM2_HierarchyChangeAuth 2184 _TYPE TPM_ST 2185 _NAME tag 2186 _COMMENT see clause 8 2187 _TYPE UINT32 2188 _NAME responseSize 2189 _TYPE TPM_RC 2190 _NAME responseCode 2191 _INPUT_START TPM2_DictionaryAttackLockReset 2192 _TYPE TPMI_ST_COMMAND_TAG 2193 _NAME tag 2194 _TYPE UINT32 2195 _NAME commandSize 2196 _TYPE TPM_CC 2197 _NAME commandCode 2198 _COMMENT TPM_CC_DictionaryAttackLockReset {NV} 2199 _TYPE TPMI_RH_LOCKOUT 2200 _NAME lockHandle 2201 _COMMENT TPM_RH_LOCKOUT Auth Index: 1 Auth Role: USER 2202 _OUTPUT_START TPM2_DictionaryAttackLockReset 2203 _TYPE TPM_ST 2204 _NAME tag 2205 _COMMENT see clause 8 2206 _TYPE UINT32 2207 _NAME responseSize 2208 _TYPE TPM_RC 2209 _NAME responseCode 2210 _INPUT_START TPM2_DictionaryAttackParameters 2211 _TYPE TPMI_ST_COMMAND_TAG 2212 _NAME tag 2213 _TYPE UINT32 2214 _NAME commandSize 2215 _TYPE TPM_CC 2216 _NAME commandCode 2217 _COMMENT TPM_CC_DictionaryAttackParameters {NV} 2218 _TYPE TPMI_RH_LOCKOUT 2219 _NAME lockHandle 2220 _COMMENT TPM_RH_LOCKOUT Auth Index: 1 Auth Role: USER 2221 _TYPE UINT32 2222 _NAME newMaxTries 2223 _COMMENT count of authorization failures before the lockout is imposed 2224 _TYPE UINT32 2225 _NAME newRecoveryTime 2226 _COMMENT time in seconds before the authorization failure count is automatically decremented A value of zero indicates that DA protection is disabled. 2227 _TYPE UINT32 2228 _NAME lockoutRecovery 2229 _COMMENT time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed A value of zero indicates that a reboot is required. 2230 _OUTPUT_START TPM2_DictionaryAttackParameters 2231 _TYPE TPM_ST 2232 _NAME tag 2233 _COMMENT see clause 8 2234 _TYPE UINT32 2235 _NAME responseSize 2236 _TYPE TPM_RC 2237 _NAME responseCode 2238 _INPUT_START TPM2_PP_Commands 2239 _TYPE TPMI_ST_COMMAND_TAG 2240 _NAME tag 2241 _TYPE UINT32 2242 _NAME commandSize 2243 _TYPE TPM_CC 2244 _NAME commandCode 2245 _COMMENT TPM_CC_PP_Commands {NV} 2246 _TYPE TPMI_RH_PLATFORM 2247 _NAME auth 2248 _COMMENT TPM_RH_PLATFORM+PP Auth Index: 1 Auth Role: USER + Physical Presence 2249 _TYPE TPML_CC 2250 _NAME setList 2251 _COMMENT list of commands to be added to those that will require that Physical Presence be asserted 2252 _TYPE TPML_CC 2253 _NAME clearList 2254 _COMMENT list of commands that will no longer require that Physical Presence be asserted 2255 _OUTPUT_START TPM2_PP_Commands 2256 _TYPE TPM_ST 2257 _NAME tag 2258 _COMMENT see clause 8 2259 _TYPE UINT32 2260 _NAME responseSize 2261 _TYPE TPM_RC 2262 _NAME responseCode 2263 _INPUT_START TPM2_SetAlgorithmSet 2264 _TYPE TPMI_ST_COMMAND_TAG 2265 _NAME tag 2266 _TYPE UINT32 2267 _NAME commandSize 2268 _TYPE TPM_CC 2269 _NAME commandCode 2270 _COMMENT TPM_CC_SetAlgorithmSet {NV} 2271 _TYPE TPMI_RH_PLATFORM 2272 _NAME authHandle 2273 _COMMENT TPM_RH_PLATFORM Auth Index: 1 Auth Role: USER 2274 _TYPE UINT32 2275 _NAME algorithmSet 2276 _COMMENT a TPM vendor-dependent value indicating the algorithm set selection 2277 _OUTPUT_START TPM2_SetAlgorithmSet 2278 _TYPE TPM_ST 2279 _NAME tag 2280 _COMMENT see clause 8 2281 _TYPE UINT32 2282 _NAME responseSize 2283 _TYPE TPM_RC 2284 _NAME responseCode 2285 _INPUT_START TPM2_FieldUpgradeStart 2286 _TYPE TPMI_ST_COMMAND_TAG 2287 _NAME tag 2288 _TYPE UINT32 2289 _NAME commandSize 2290 _TYPE TPM_CC 2291 _NAME commandCode 2292 _COMMENT TPM_CC_FieldUpgradeStart 2293 _TYPE TPMI_RH_PLATFORM 2294 _NAME authorization 2295 _COMMENT TPM_RH_PLATFORM+{PP} Auth Index:1 Auth Role: ADMIN 2296 _TYPE TPMI_DH_OBJECT 2297 _NAME keyHandle 2298 _COMMENT handle of a public area that contains the TPM Vendor Authorization Key that will be used to validate manifestSignature Auth Index: None 2299 _TYPE TPM2B_DIGEST 2300 _NAME fuDigest 2301 _COMMENT digest of the first block in the field upgrade sequence 2302 _TYPE TPMT_SIGNATURE 2303 _NAME manifestSignature 2304 _COMMENT signature over fuDigest using the key associated with keyHandle (not optional) 2305 _OUTPUT_START TPM2_FieldUpgradeStart 2306 _TYPE TPM_ST 2307 _NAME tag 2308 _COMMENT see clause 8 2309 _TYPE UINT32 2310 _NAME responseSize 2311 _TYPE TPM_RC 2312 _NAME responseCode 2313 _INPUT_START TPM2_FieldUpgradeData 2314 _TYPE TPMI_ST_COMMAND_TAG 2315 _NAME tag 2316 _TYPE UINT32 2317 _NAME commandSize 2318 _TYPE TPM_CC 2319 _NAME commandCode 2320 _COMMENT TPM_CC_FieldUpgradeData {NV} 2321 _TYPE TPM2B_MAX_BUFFER 2322 _NAME fuData 2323 _COMMENT field upgrade image data 2324 _OUTPUT_START TPM2_FieldUpgradeData 2325 _TYPE TPM_ST 2326 _NAME tag 2327 _COMMENT see clause 8 2328 _TYPE UINT32 2329 _NAME responseSize 2330 _TYPE TPM_RC 2331 _NAME responseCode 2332 _TYPE TPMT_HA+ 2333 _NAME nextDigest 2334 _COMMENT tagged digest of the next block TPM_ALG_NULL if field update is complete 2335 _TYPE TPMT_HA 2336 _NAME firstDigest 2337 _COMMENT tagged digest of the first block of the sequence 2338 _INPUT_START TPM2_FirmwareRead 2339 _TYPE TPMI_ST_COMMAND_TAG 2340 _NAME tag 2341 _TYPE UINT32 2342 _NAME commandSize 2343 _TYPE TPM_CC 2344 _NAME commandCode 2345 _COMMENT TPM_CC_FirmwareRead 2346 _TYPE UINT32 2347 _NAME sequenceNumber 2348 _COMMENT the number of previous calls to this command in this sequence set to 0 on the first call 2349 _OUTPUT_START TPM2_FirmwareRead 2350 _TYPE TPM_ST 2351 _NAME tag 2352 _COMMENT see clause 8 2353 _TYPE UINT32 2354 _NAME responseSize 2355 _TYPE TPM_RC 2356 _NAME responseCode 2357 _TYPE TPM2B_MAX_BUFFER 2358 _NAME fuData 2359 _COMMENT field upgrade image data 2360 _INPUT_START TPM2_ContextSave 2361 _TYPE TPMI_ST_COMMAND_TAG 2362 _NAME tag 2363 _COMMENT TPM_ST_NO_SESSIONS 2364 _TYPE UINT32 2365 _NAME commandSize 2366 _TYPE TPM_CC 2367 _NAME commandCode 2368 _COMMENT TPM_CC_ContextSave 2369 _TYPE TPMI_DH_CONTEXT 2370 _NAME saveHandle 2371 _COMMENT handle of the resource to save Auth Index: None 2372 _OUTPUT_START TPM2_ContextSave 2373 _TYPE TPM_ST 2374 _NAME tag 2375 _COMMENT see clause 8 2376 _TYPE UINT32 2377 _NAME responseSize 2378 _TYPE TPM_RC 2379 _NAME responseCode 2380 _TYPE TPMS_CONTEXT 2381 _NAME context 2382 _INPUT_START TPM2_ContextLoad 2383 _TYPE TPMI_ST_COMMAND_TAG 2384 _NAME tag 2385 _COMMENT TPM_ST_NO_SESSIONS 2386 _TYPE UINT32 2387 _NAME commandSize 2388 _TYPE TPM_CC 2389 _NAME commandCode 2390 _COMMENT TPM_CC_ContextLoad 2391 _TYPE TPMS_CONTEXT 2392 _NAME context 2393 _COMMENT the context blob 2394 _OUTPUT_START TPM2_ContextLoad 2395 _TYPE TPM_ST 2396 _NAME tag 2397 _COMMENT see clause 8 2398 _TYPE UINT32 2399 _NAME responseSize 2400 _TYPE TPM_RC 2401 _NAME responseCode 2402 _TYPE TPMI_DH_CONTEXT 2403 _NAME loadedHandle 2404 _COMMENT the handle assigned to the resource after it has been successfully loaded 2405 _INPUT_START TPM2_FlushContext 2406 _TYPE TPMI_ST_COMMAND_TAG 2407 _NAME tag 2408 _COMMENT TPM_ST_NO_SESSIONS 2409 _TYPE UINT32 2410 _NAME commandSize 2411 _TYPE TPM_CC 2412 _NAME commandCode 2413 _TYPE TPMI_DH_CONTEXT 2414 _NAME flushHandle 2415 _COMMENT TPM_CC_FlushContext the handle of the item to flush NOTE This is a use of a handle as a parameter. 2416 _OUTPUT_START TPM2_FlushContext 2417 _TYPE TPM_ST 2418 _NAME tag 2419 _COMMENT see clause 8 2420 _TYPE UINT32 2421 _NAME responseSize 2422 _TYPE TPM_RC 2423 _NAME responseCode 2424 _INPUT_START TPM2_EvictControl 2425 _TYPE TPMI_ST_COMMAND_TAG 2426 _NAME tag 2427 _TYPE UINT32 2428 _NAME commandSize 2429 _TYPE TPM_CC 2430 _NAME commandCode 2431 _COMMENT TPM_CC_EvictControl {NV} 2432 _TYPE TPMI_RH_PROVISION 2433 _NAME auth 2434 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2435 _TYPE TPMI_DH_OBJECT 2436 _NAME objectHandle 2437 _COMMENT the handle of a loaded object Auth Index: None 2438 _TYPE TPMI_DH_PERSISTENT 2439 _NAME persistentHandle 2440 _COMMENT if objectHandle is a transient object handle, then this is the persistent handle for the object if objectHandle is a persistent object handle, then this shall be the same value as persistentHandle 2441 _OUTPUT_START TPM2_EvictControl 2442 _TYPE TPM_ST 2443 _NAME tag 2444 _COMMENT see clause 8 2445 _TYPE UINT32 2446 _NAME responseSize 2447 _TYPE TPM_RC 2448 _NAME responseCode 2449 _INPUT_START TPM2_ReadClock 2450 _TYPE TPMI_ST_COMMAND_TAG 2451 _NAME tag 2452 _COMMENT TPM_ST_NO_SESSIONS 2453 _TYPE UINT32 2454 _NAME commandSize 2455 _TYPE TPM_CC 2456 _NAME commandCode 2457 _COMMENT TPM_CC_ReadClock 2458 _OUTPUT_START TPM2_ReadClock 2459 _TYPE TPM_ST 2460 _NAME tag 2461 _COMMENT see clause 8 2462 _TYPE UINT32 2463 _NAME responseSize 2464 _TYPE TPM_RC 2465 _NAME responseCode 2466 _TYPE TPMS_TIME_INFO 2467 _NAME currentTime 2468 _INPUT_START TPM2_ClockSet 2469 _TYPE TPMI_ST_COMMAND_TAG 2470 _NAME tag 2471 _TYPE UINT32 2472 _NAME commandSize 2473 _TYPE TPM_CC 2474 _NAME commandCode 2475 _COMMENT TPM_CC_ClockSet {NV} 2476 _TYPE TPMI_RH_PROVISION 2477 _NAME auth 2478 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2479 _TYPE UINT64 2480 _NAME newTime 2481 _COMMENT new Clock setting in milliseconds 2482 _OUTPUT_START TPM2_ClockSet 2483 _TYPE TPM_ST 2484 _NAME tag 2485 _COMMENT see clause 8 2486 _TYPE UINT32 2487 _NAME responseSize 2488 _TYPE TPM_RC 2489 _NAME responseCode 2490 _INPUT_START TPM2_ClockRateAdjust 2491 _TYPE TPMI_ST_COMMAND_TAG 2492 _NAME tag 2493 _TYPE UINT32 2494 _NAME commandSize 2495 _TYPE TPM_CC 2496 _NAME commandCode 2497 _COMMENT TPM_CC_ClockRateAdjust 2498 _TYPE TPMI_RH_PROVISION 2499 _NAME auth 2500 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER 2501 _TYPE TPM_CLOCK_ADJUST 2502 _NAME rateAdjust 2503 _COMMENT Adjustment to current Clock update rate 2504 _OUTPUT_START TPM2_ClockRateAdjust 2505 _TYPE TPM_ST 2506 _NAME tag 2507 _COMMENT see clause 8 2508 _TYPE UINT32 2509 _NAME responseSize 2510 _TYPE TPM_RC 2511 _NAME responseCode 2512 _INPUT_START TPM2_GetCapability 2513 _TYPE TPMI_ST_COMMAND_TAG 2514 _NAME tag 2515 _TYPE UINT32 2516 _NAME commandSize 2517 _TYPE TPM_CC 2518 _NAME commandCode 2519 _COMMENT TPM_CC_GetCapability 2520 _TYPE TPM_CAP 2521 _NAME capability 2522 _COMMENT group selection; determines the format of the response 2523 _TYPE UINT32 2524 _NAME property 2525 _COMMENT further definition of information 2526 _TYPE UINT32 2527 _NAME propertyCount 2528 _COMMENT number of properties of the indicated type to return 2529 _OUTPUT_START TPM2_GetCapability 2530 _TYPE TPM_ST 2531 _NAME tag 2532 _COMMENT see clause 8 2533 _TYPE UINT32 2534 _NAME responseSize 2535 _TYPE TPM_RC 2536 _NAME responseCode 2537 _TYPE TPMI_YES_NO 2538 _NAME moreData 2539 _COMMENT flag to indicate if there are more values of this type 2540 _TYPE TPMS_CAPABILITY_DATA 2541 _NAME capabilityData 2542 _COMMENT the capability data 2543 _INPUT_START TPM2_TestParms 2544 _TYPE TPMI_ST_COMMAND_TAG 2545 _NAME tag 2546 _TYPE UINT32 2547 _NAME commandSize 2548 _TYPE TPM_CC 2549 _NAME commandCode 2550 _COMMENT TPM_CC_TestParms 2551 _TYPE TPMT_PUBLIC_PARMS 2552 _NAME parameters 2553 _COMMENT algorithm parameters to be validated 2554 _OUTPUT_START TPM2_TestParms 2555 _TYPE TPM_ST 2556 _NAME tag 2557 _COMMENT see clause 8 2558 _TYPE UINT32 2559 _NAME responseSize 2560 _TYPE TPM_RC 2561 _NAME responseCode 2562 _INPUT_START TPM2_NV_DefineSpace 2563 _TYPE TPMI_ST_COMMAND_TAG 2564 _NAME tag 2565 _TYPE UINT32 2566 _NAME commandSize 2567 _TYPE TPM_CC 2568 _NAME commandCode 2569 _COMMENT TPM_CC_NV_DefineSpace {NV} 2570 _TYPE TPMI_RH_PROVISION 2571 _NAME authHandle 2572 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2573 _TYPE TPM2B_AUTH 2574 _NAME auth 2575 _COMMENT the authorization value 2576 _TYPE TPM2B_NV_PUBLIC 2577 _NAME publicInfo 2578 _COMMENT the public parameters of the NV area 2579 _OUTPUT_START TPM2_NV_DefineSpace 2580 _TYPE TPM_ST 2581 _NAME tag 2582 _COMMENT see clause 8 2583 _TYPE UINT32 2584 _NAME responseSize 2585 _TYPE TPM_RC 2586 _NAME responseCode 2587 _INPUT_START TPM2_NV_UndefineSpace 2588 _TYPE TPMI_ST_COMMAND_TAG 2589 _NAME tag 2590 _TYPE UINT32 2591 _NAME commandSize 2592 _TYPE TPM_CC 2593 _NAME commandCode 2594 _COMMENT TPM_CC_NV_UndefineSpace {NV} 2595 _TYPE TPMI_RH_PROVISION 2596 _NAME authHandle 2597 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2598 _TYPE TPMI_RH_NV_INDEX 2599 _NAME nvIndex 2600 _COMMENT the NV Index to remove from NV space Auth Index: None 2601 _OUTPUT_START TPM2_NV_UndefineSpace 2602 _TYPE TPM_ST 2603 _NAME tag 2604 _COMMENT see clause 8 2605 _TYPE UINT32 2606 _NAME responseSize 2607 _TYPE TPM_RC 2608 _NAME responseCode 2609 _INPUT_START TPM2_NV_UndefineSpaceSpecial 2610 _TYPE TPMI_ST_COMMAND_TAG 2611 _NAME tag 2612 _TYPE UINT32 2613 _NAME commandSize 2614 _TYPE TPM_CC 2615 _NAME commandCode 2616 _COMMENT TPM_CC_NV_UndefineSpaceSpecial {NV} 2617 _TYPE TPMI_RH_NV_INDEX 2618 _NAME nvIndex 2619 _COMMENT Index to be deleted Auth Index: 1 Auth Role: ADMIN 2620 _TYPE TPMI_RH_PLATFORM 2621 _NAME platform 2622 _COMMENT TPM_RH_PLATFORM + {PP} Auth Index: 2 Auth Role: USER 2623 _OUTPUT_START TPM2_NV_UndefineSpaceSpecial 2624 _TYPE TPM_ST 2625 _NAME tag 2626 _COMMENT see clause 8 2627 _TYPE UINT32 2628 _NAME responseSize 2629 _TYPE TPM_RC 2630 _NAME responseCode 2631 _INPUT_START TPM2_NV_ReadPublic 2632 _TYPE TPMI_ST_COMMAND_TAG 2633 _NAME tag 2634 _TYPE UINT32 2635 _NAME commandSize 2636 _TYPE TPM_CC 2637 _NAME commandCode 2638 _COMMENT TPM_CC_NV_ReadPublic 2639 _TYPE TPMI_RH_NV_INDEX 2640 _NAME nvIndex 2641 _COMMENT the NV Index Auth Index: None 2642 _OUTPUT_START TPM2_NV_ReadPublic 2643 _TYPE TPM_ST 2644 _NAME tag 2645 _COMMENT see clause 8 2646 _TYPE UINT32 2647 _NAME responseSize 2648 _TYPE TPM_RC 2649 _NAME responseCode 2650 _TYPE TPM2B_NV_PUBLIC 2651 _NAME nvPublic 2652 _COMMENT the public area of the NV Index 2653 _TYPE TPM2B_NAME 2654 _NAME nvName 2655 _COMMENT the Name of the nvIndex 2656 _INPUT_START TPM2_NV_Write 2657 _TYPE TPMI_ST_COMMAND_TAG 2658 _NAME tag 2659 _TYPE UINT32 2660 _NAME commandSize 2661 _TYPE TPM_CC 2662 _NAME commandCode 2663 _COMMENT TPM_CC_NV_Write {NV} 2664 _TYPE TPMI_RH_NV_AUTH 2665 _NAME authHandle 2666 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2667 _TYPE TPMI_RH_NV_INDEX 2668 _NAME nvIndex 2669 _COMMENT the NV Index of the area to write Auth Index: None 2670 _TYPE TPM2B_MAX_NV_BUFFER 2671 _NAME data 2672 _COMMENT the data to write 2673 _TYPE UINT16 2674 _NAME offset 2675 _COMMENT the offset into the NV Area 2676 _OUTPUT_START TPM2_NV_Write 2677 _TYPE TPM_ST 2678 _NAME tag 2679 _COMMENT see clause 8 2680 _TYPE UINT32 2681 _NAME responseSize 2682 _TYPE TPM_RC 2683 _NAME responseCode 2684 _INPUT_START TPM2_NV_Increment 2685 _TYPE TPMI_ST_COMMAND_TAG 2686 _NAME tag 2687 _TYPE UINT32 2688 _NAME commandSize 2689 _TYPE TPM_CC 2690 _NAME commandCode 2691 _COMMENT TPM_CC_NV_Increment {NV} 2692 _TYPE TPMI_RH_NV_AUTH 2693 _NAME authHandle 2694 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2695 _TYPE TPMI_RH_NV_INDEX 2696 _NAME nvIndex 2697 _COMMENT the NV Index to increment Auth Index: None 2698 _OUTPUT_START TPM2_NV_Increment 2699 _TYPE TPM_ST 2700 _NAME tag 2701 _COMMENT see clause 8 2702 _TYPE UINT32 2703 _NAME responseSize 2704 _TYPE TPM_RC 2705 _NAME responseCode 2706 _INPUT_START TPM2_NV_Extend 2707 _TYPE TPMI_ST_COMMAND_TAG 2708 _NAME tag 2709 _TYPE UINT32 2710 _NAME commandSize 2711 _TYPE TPM_CC 2712 _NAME commandCode 2713 _COMMENT TPM_CC_NV_Extend {NV} 2714 _TYPE TPMI_RH_NV_AUTH 2715 _NAME authHandle 2716 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2717 _TYPE TPMI_RH_NV_INDEX 2718 _NAME nvIndex 2719 _COMMENT the NV Index to extend Auth Index: None 2720 _TYPE TPM2B_MAX_NV_BUFFER 2721 _NAME data 2722 _COMMENT the data to extend 2723 _OUTPUT_START TPM2_NV_Extend 2724 _TYPE TPM_ST 2725 _NAME tag 2726 _COMMENT see clause 8 2727 _TYPE UINT32 2728 _NAME responseSize 2729 _TYPE TPM_RC 2730 _NAME responseCode 2731 _INPUT_START TPM2_NV_SetBits 2732 _TYPE TPMI_ST_COMMAND_TAG 2733 _NAME tag 2734 _TYPE UINT32 2735 _NAME commandSize 2736 _TYPE TPM_CC 2737 _NAME commandCode 2738 _COMMENT TPM_CC_NV_SetBits {NV} 2739 _TYPE TPMI_RH_NV_AUTH 2740 _NAME authHandle 2741 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2742 _TYPE TPMI_RH_NV_INDEX 2743 _NAME nvIndex 2744 _COMMENT NV Index of the area in which the bit is to be set Auth Index: None 2745 _TYPE UINT64 2746 _NAME bits 2747 _COMMENT the data to OR with the current contents 2748 _OUTPUT_START TPM2_NV_SetBits 2749 _TYPE TPM_ST 2750 _NAME tag 2751 _COMMENT see clause 8 2752 _TYPE UINT32 2753 _NAME responseSize 2754 _TYPE TPM_RC 2755 _NAME responseCode 2756 _COMMENT 33.10.3 1 2 3 2757 _INPUT_START TPM2_NV_WriteLock 2758 _TYPE TPMI_ST_COMMAND_TAG 2759 _NAME tag 2760 _TYPE UINT32 2761 _NAME commandSize 2762 _TYPE TPM_CC 2763 _NAME commandCode 2764 _COMMENT TPM_CC_NV_WriteLock {NV} 2765 _TYPE TPMI_RH_NV_AUTH 2766 _NAME authHandle 2767 _COMMENT handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2768 _TYPE TPMI_RH_NV_INDEX 2769 _NAME nvIndex 2770 _COMMENT the NV Index of the area to lock Auth Index: None 2771 _OUTPUT_START TPM2_NV_WriteLock 2772 _TYPE TPM_ST 2773 _NAME tag 2774 _COMMENT see clause 8 2775 _TYPE UINT32 2776 _NAME responseSize 2777 _TYPE TPM_RC 2778 _NAME responseCode 2779 _COMMENT 33.11.3 1 2 3 2780 _INPUT_START TPM2_NV_GlobalWriteLock 2781 _TYPE TPMI_ST_COMMAND_TAG 2782 _NAME tag 2783 _TYPE UINT32 2784 _NAME commandSize 2785 _TYPE TPM_CC 2786 _NAME commandCode 2787 _COMMENT TPM_CC_NV_GlobalWriteLock 2788 _TYPE TPMI_RH_PROVISION 2789 _NAME authHandle 2790 _COMMENT TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER 2791 _OUTPUT_START TPM2_NV_GlobalWriteLock 2792 _TYPE TPM_ST 2793 _NAME tag 2794 _COMMENT see clause 8 2795 _TYPE UINT32 2796 _NAME responseSize 2797 _TYPE TPM_RC 2798 _NAME responseCode 2799 _COMMENT 33.12.3 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 2800 _INPUT_START TPM2_NV_Read 2801 _TYPE TPMI_ST_COMMAND_TAG 2802 _NAME tag 2803 _TYPE UINT32 2804 _NAME commandSize 2805 _TYPE TPM_CC 2806 _NAME commandCode 2807 _COMMENT TPM_CC_NV_Read 2808 _TYPE TPMI_RH_NV_AUTH 2809 _NAME authHandle 2810 _COMMENT the handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2811 _TYPE TPMI_RH_NV_INDEX 2812 _NAME nvIndex 2813 _COMMENT the NV Index to be read Auth Index: None 2814 _TYPE UINT16 2815 _NAME size 2816 _COMMENT number of octets to read 2817 _TYPE UINT16 2818 _NAME offset 2819 _COMMENT octet offset into the area This value shall be less than or equal to the size of the nvIndex data. 2820 _OUTPUT_START TPM2_NV_Read 2821 _TYPE TPM_ST 2822 _NAME tag 2823 _COMMENT see clause 8 2824 _TYPE UINT32 2825 _NAME responseSize 2826 _TYPE TPM_RC 2827 _NAME responseCode 2828 _TYPE TPM2B_MAX_NV_BUFFER 2829 _NAME data 2830 _COMMENT the data read 33.13.3 1 2 3 2831 _INPUT_START TPM2_NV_ReadLock 2832 _TYPE TPMI_ST_COMMAND_TAG 2833 _NAME tag 2834 _TYPE UINT32 2835 _NAME commandSize 2836 _TYPE TPM_CC 2837 _NAME commandCode 2838 _COMMENT TPM_CC_NV_ReadLock 2839 _TYPE TPMI_RH_NV_AUTH 2840 _NAME authHandle 2841 _COMMENT the handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER 2842 _TYPE TPMI_RH_NV_INDEX 2843 _NAME nvIndex 2844 _COMMENT the NV Index to be locked Auth Index: None 2845 _OUTPUT_START TPM2_NV_ReadLock 2846 _TYPE TPM_ST 2847 _NAME tag 2848 _COMMENT see clause 8 2849 _TYPE UINT32 2850 _NAME responseSize 2851 _TYPE TPM_RC 2852 _NAME responseCode 2853 _COMMENT 33.14.3 1 2 3 2854 _INPUT_START TPM2_NV_ChangeAuth 2855 _TYPE TPMI_ST_COMMAND_TAG 2856 _NAME tag 2857 _TYPE UINT32 2858 _NAME commandSize 2859 _TYPE TPM_CC 2860 _NAME commandCode 2861 _COMMENT TPM_CC_NV_ChangeAuth {NV} 2862 _TYPE TPMI_RH_NV_INDEX 2863 _NAME nvIndex 2864 _COMMENT handle of the object Auth Index: 1 Auth Role: ADMIN 2865 _TYPE TPM2B_AUTH 2866 _NAME newAuth 2867 _COMMENT new authorization value 2868 _OUTPUT_START TPM2_NV_ChangeAuth 2869 _TYPE TPM_ST 2870 _NAME tag 2871 _COMMENT see clause 8 2872 _TYPE UINT32 2873 _NAME responseSize 2874 _TYPE TPM_RC 2875 _NAME responseCode 2876 _COMMENT 33.15.3 1 2 2877 _INPUT_START TPM2_NV_Certify 2878 _TYPE TPMI_ST_COMMAND_TAG 2879 _NAME tag 2880 _TYPE UINT32 2881 _NAME commandSize 2882 _TYPE TPM_CC 2883 _NAME commandCode 2884 _COMMENT TPM_CC_NV_Certify 2885 _TYPE TPMI_DH_OBJECT+ 2886 _NAME signHandle 2887 _COMMENT handle of the key used to sign the attestation structure Auth Index: 1 Auth Role: USER 2888 _TYPE TPMI_RH_NV_AUTH 2889 _NAME authHandle 2890 _COMMENT handle indicating the source of the authorization value for the NV Index Auth Index: 2 Auth Role: USER 2891 _TYPE TPMI_RH_NV_INDEX 2892 _NAME nvIndex 2893 _COMMENT Index for the area to be certified Auth Index: None 2894 _TYPE TPM2B_DATA 2895 _NAME qualifyingData 2896 _COMMENT user-provided qualifying data 2897 _TYPE TPMT_SIG_SCHEME+ 2898 _NAME inScheme 2899 _COMMENT signing scheme to use if the scheme for signHandle is TPM_ALG_NULL 2900 _TYPE UINT16 2901 _NAME size 2902 _COMMENT number of octets to certify 2903 _TYPE UINT16 2904 _NAME offset 2905 _COMMENT octet offset into the area This value shall be less than or equal to the size of the nvIndex data. 2906 _OUTPUT_START TPM2_NV_Certify 2907 _TYPE TPM_ST 2908 _NAME tag 2909 _COMMENT see clause 8 2910 _TYPE UINT32 2911 _NAME responseSize 2912 _TYPE TPM_RC 2913 _NAME responseCode 2914 _COMMENT . 2915 _TYPE TPM2B_ATTEST 2916 _NAME certifyInfo 2917 _COMMENT the structure that was signed 2918 _TYPE TPMT_SIGNATURE 2919 _NAME signature 2920 _COMMENT the asymmetric signature over certifyInfo using the key referenced by signHandle 33.16.3 1 2 3 4 2921 _END 2922
