tss

Class Tpm

java.lang.Object

tss.TpmBase

tss.Tpm

All Implemented Interfaces:

Closeable, AutoCloseable

public class Tpm
extends TpmBase

The Tpm class provides Java functions to program a TPM.

TPM-defined functions have names like TPM2_PCR_Read(): the TPM2_ prefix is dropped in the Java definition of these functions: e.g. PCR_Read().

The Tpm and TpmBase classes also provide a few helper-functions: for example, the command _allowErrors() tells Tpm to not throw an exception if the Next TPM command returns an error.

Tpm objects must be "connected" to a physical TPM or simulator using the _setDevice() method. Some devices (like the TPM simulator) need to be configured before they can be used. See the sample code that is part of the tss.Java distribution for more information.

Field Summary

Fields inherited from class tss.TpmBase

_EndorsementHandle, _LockoutHandle, _OwnerHandle, _PlatformHandle

Constructor Summary

Constructors

Constructor and Description
Tpm()

Method Summary

Modifier and Type	Method and Description
AC_GetCapabilityResponse	AC_GetCapability(TPM_HANDLE ac, TPM_AT capability, int count) The purpose of this command is to obtain information about an Attached Component referenced by an AC handle.
TPMS_AC_OUTPUT	AC_Send(TPM_HANDLE sendObject, TPM_HANDLE authHandle, TPM_HANDLE ac, byte[] acDataIn) The purpose of this command is to send (copy) a loaded object from the TPM to an Attached Component.
byte[]	ActivateCredential(TPM_HANDLE activateHandle, TPM_HANDLE keyHandle, TPMS_ID_OBJECT credentialBlob, byte[] secret) This command enables the association of a credential with an object in a way that ensures that the TPM has validated the parameters of the credentialed object.
CertifyResponse	Certify(TPM_HANDLE objectHandle, TPM_HANDLE signHandle, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme) The purpose of this command is to prove that an object with a specific Name is loaded in the TPM.
CertifyCreationResponse	CertifyCreation(TPM_HANDLE signHandle, TPM_HANDLE objectHandle, byte[] qualifyingData, byte[] creationHash, TPMU_SIG_SCHEME inScheme, TPMT_TK_CREATION creationTicket) This command is used to prove the association between an object and its creation data.
void	ChangeEPS(TPM_HANDLE authHandle) This replaces the current endorsement primary seed (EPS) with a value from the RNG and sets the Endorsement hierarchy controls to their default initialization values: ehEnable is SET, endorsementAuth and endorsementPolicy are both set to the Empty Buffer.
void	ChangePPS(TPM_HANDLE authHandle) This replaces the current platform primary seed (PPS) with a value from the RNG and sets platformPolicy to the default initialization value (the Empty Buffer).
void	Clear(TPM_HANDLE authHandle) This command removes all TPM context associated with a specific Owner.
void	ClearControl(TPM_HANDLE auth, byte disable) TPM2_ClearControl() disables and enables the execution of TPM2_Clear().
void	ClockRateAdjust(TPM_HANDLE auth, TPM_CLOCK_ADJUST rateAdjust) This command adjusts the rate of advance of Clock and Time to provide a better approximation to real time.
void	ClockSet(TPM_HANDLE auth, long newTime) This command is used to advance the value of the TPMs Clock.
CommitResponse	Commit(TPM_HANDLE signHandle, TPMS_ECC_POINT P1, byte[] s2, byte[] y2) TPM2_Commit() performs the first part of an ECC anonymous signing operation.
TPM_HANDLE	ContextLoad(TPMS_CONTEXT context) This command is used to reload a context that has been saved by TPM2_ContextSave().
TPMS_CONTEXT	ContextSave(TPM_HANDLE saveHandle) This command saves a session context, object context, or sequence object context outside the TPM.
CreateResponse	Create(TPM_HANDLE parentHandle, TPMS_SENSITIVE_CREATE inSensitive, TPMT_PUBLIC inPublic, byte[] outsideInfo, TPMS_PCR_SELECTION[] creationPCR) This command is used to create an object that can be loaded into a TPM using TPM2_Load().
CreateLoadedResponse	CreateLoaded(TPM_HANDLE parentHandle, TPMS_SENSITIVE_CREATE inSensitive, byte[] inPublic) This command creates an object and loads it in the TPM.
CreatePrimaryResponse	CreatePrimary(TPM_HANDLE primaryHandle, TPMS_SENSITIVE_CREATE inSensitive, TPMT_PUBLIC inPublic, byte[] outsideInfo, TPMS_PCR_SELECTION[] creationPCR) This command is used to create a Primary Object under one of the Primary Seeds or a Temporary Object under TPM_RH_NULL.
void	DictionaryAttackLockReset(TPM_HANDLE lockHandle) This command cancels the effect of a TPM lockout due to a number of successive authorization failures.
void	DictionaryAttackParameters(TPM_HANDLE lockHandle, int newMaxTries, int newRecoveryTime, int lockoutRecovery) This command changes the lockout parameters.
DuplicateResponse	Duplicate(TPM_HANDLE objectHandle, TPM_HANDLE newParentHandle, byte[] encryptionKeyIn, TPMT_SYM_DEF_OBJECT symmetricAlg) This command duplicates a loaded object so that it may be used in a different hierarchy.
EC_EphemeralResponse	EC_Ephemeral(TPM_ECC_CURVE curveID) TPM2_EC_Ephemeral() creates an ephemeral key for use in a two-phase key exchange protocol.
TPMS_ALGORITHM_DETAIL_ECC	ECC_Parameters(TPM_ECC_CURVE curveID) This command returns the parameters of an ECC curve identified by its TCG-assigned curveID.
ECDH_KeyGenResponse	ECDH_KeyGen(TPM_HANDLE keyHandle) This command uses the TPM to generate an ephemeral key pair (de, Qe where Qe [de]G).
TPMS_ECC_POINT	ECDH_ZGen(TPM_HANDLE keyHandle, TPMS_ECC_POINT inPoint) This command uses the TPM to recover the Z value from a public point (QB) and a private key (ds).
EncryptDecryptResponse	EncryptDecrypt(TPM_HANDLE keyHandle, byte decrypt, TPM_ALG_ID mode, byte[] ivIn, byte[] inData) NOTE 1 This command is deprecated, and TPM2_EncryptDecrypt2() is preferred.
EncryptDecrypt2Response	EncryptDecrypt2(TPM_HANDLE keyHandle, byte[] inData, byte decrypt, TPM_ALG_ID mode, byte[] ivIn) This command is identical to TPM2_EncryptDecrypt(), except that the inData parameter is the first parameter.
TPMT_HA[]	EventSequenceComplete(TPM_HANDLE pcrHandle, TPM_HANDLE sequenceHandle, byte[] buffer) This command adds the last part of data, if any, to an Event Sequence and returns the result in a digest list.
void	EvictControl(TPM_HANDLE auth, TPM_HANDLE objectHandle, TPM_HANDLE persistentHandle) This command allows certain Transient Objects to be made persistent or a persistent object to be evicted.
FieldUpgradeDataResponse	FieldUpgradeData(byte[] fuData) This command will take the actual field upgrade image to be installed on the TPM.
void	FieldUpgradeStart(TPM_HANDLE authorization, TPM_HANDLE keyHandle, byte[] fuDigest, TPMU_SIGNATURE manifestSignature) This command uses platformPolicy and a TPM Vendor Authorization Key to authorize a Field Upgrade Manifest.
byte[]	FirmwareRead(int sequenceNumber) This command is used to read a copy of the current firmware installed in the TPM.
void	FlushContext(TPM_HANDLE flushHandle) This command causes all context associated with a loaded object, sequence object, or session to be removed from TPM memory.
GetCapabilityResponse	GetCapability(TPM_CAP capability, int property, int propertyCount) This command returns various information regarding the TPM and its current state.
GetCommandAuditDigestResponse	GetCommandAuditDigest(TPM_HANDLE privacyHandle, TPM_HANDLE signHandle, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme) This command returns the current value of the command audit digest, a digest of the commands being audited, and the audit hash algorithm.
byte[]	GetRandom(int bytesRequested) This command returns the next bytesRequested octets from the random number generator (RNG).
GetSessionAuditDigestResponse	GetSessionAuditDigest(TPM_HANDLE privacyAdminHandle, TPM_HANDLE signHandle, TPM_HANDLE sessionHandle, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme) This command returns a digital signature of the audit session digest.
GetTestResultResponse	GetTestResult() This command returns manufacturer-specific information regarding the results of a self-test and an indication of the test status.
GetTimeResponse	GetTime(TPM_HANDLE privacyAdminHandle, TPM_HANDLE signHandle, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme) This command returns the current values of Time and Clock.
HashResponse	Hash(byte[] data, TPM_ALG_ID hashAlg, TPM_HANDLE hierarchy) This command performs a hash operation on a data buffer and returns the results.
TPM_HANDLE	HashSequenceStart(byte[] auth, TPM_ALG_ID hashAlg) This command starts a hash or an Event Sequence.
void	HierarchyChangeAuth(TPM_HANDLE authHandle, byte[] newAuth) This command allows the authorization secret for a hierarchy or lockout to be changed using the current authorization value as the command authorization.
void	HierarchyControl(TPM_HANDLE authHandle, TPM_HANDLE enable, byte state) This command enables and disables use of a hierarchy and its associated NV storage.
TPM_HANDLE	HMAC_Start(TPM_HANDLE handle, byte[] auth, TPM_ALG_ID hashAlg) This command starts an HMAC sequence.
byte[]	HMAC(TPM_HANDLE handle, byte[] buffer, TPM_ALG_ID hashAlg) This command performs an HMAC on the supplied data using the indicated hash algorithm.
TPM2B_PRIVATE	Import(TPM_HANDLE parentHandle, byte[] encryptionKey, TPMT_PUBLIC objectPublic, TPM2B_PRIVATE duplicate, byte[] inSymSeed, TPMT_SYM_DEF_OBJECT symmetricAlg) This command allows an object to be encrypted using the symmetric encryption values of a Storage Key.
TPM_ALG_ID[]	IncrementalSelfTest(TPM_ALG_ID[] toTest) This command causes the TPM to perform a test of the selected algorithms.
TPM_HANDLE	Load(TPM_HANDLE parentHandle, TPM2B_PRIVATE inPrivate, TPMT_PUBLIC inPublic) This command is used to load objects into the TPM.
TPM_HANDLE	LoadExternal(TPMT_SENSITIVE inPrivate, TPMT_PUBLIC inPublic, TPM_HANDLE hierarchy) This command is used to load an object that is not a Protected Object into the TPM.
TPM_HANDLE	MAC_Start(TPM_HANDLE handle, byte[] auth, TPM_ALG_ID inScheme) This command starts a MAC sequence.
byte[]	MAC(TPM_HANDLE handle, byte[] buffer, TPM_ALG_ID inScheme) This command performs an HMAC or a block cipher MAC on the supplied data using the indicated algorithm.
MakeCredentialResponse	MakeCredential(TPM_HANDLE handle, byte[] credential, byte[] objectName) This command allows the TPM to perform the actions required of a Certificate Authority (CA) in creating a TPM2B_ID_OBJECT containing an activation credential.
NV_CertifyResponse	NV_Certify(TPM_HANDLE signHandle, TPM_HANDLE authHandle, TPM_HANDLE nvIndex, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme, int size, int offset) The purpose of this command is to certify the contents of an NV Index or portion of an NV Index.
void	NV_ChangeAuth(TPM_HANDLE nvIndex, byte[] newAuth) This command allows the authorization secret for an NV Index to be changed.
void	NV_DefineSpace(TPM_HANDLE authHandle, byte[] auth, TPMS_NV_PUBLIC publicInfo) This command defines the attributes of an NV Index and causes the TPM to reserve space to hold the data associated with the NV Index.
void	NV_Extend(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, byte[] data) This command extends a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace.
void	NV_GlobalWriteLock(TPM_HANDLE authHandle) The command will SET TPMA_NV_WRITELOCKED for all indexes that have their TPMA_NV_GLOBALLOCK attribute SET.
void	NV_Increment(TPM_HANDLE authHandle, TPM_HANDLE nvIndex) This command is used to increment the value in an NV Index that has the TPM_NT_COUNTER attribute.
byte[]	NV_Read(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, int size, int offset) This command reads a value from an area in NV memory previously defined by TPM2_NV_DefineSpace().
void	NV_ReadLock(TPM_HANDLE authHandle, TPM_HANDLE nvIndex) If TPMA_NV_READ_STCLEAR is SET in an Index, then this command may be used to prevent further reads of the NV Index until the next TPM2_Startup (TPM_SU_CLEAR).
NV_ReadPublicResponse	NV_ReadPublic(TPM_HANDLE nvIndex) This command is used to read the public area and Name of an NV Index.
void	NV_SetBits(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, long bits) This command is used to SET bits in an NV Index that was created as a bit field.
void	NV_UndefineSpace(TPM_HANDLE authHandle, TPM_HANDLE nvIndex) This command removes an Index from the TPM.
void	NV_UndefineSpaceSpecial(TPM_HANDLE nvIndex, TPM_HANDLE platform) This command allows removal of a platform-created NV Index that has TPMA_NV_POLICY_DELETE SET.
void	NV_Write(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, byte[] data, int offset) This command writes a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace().
void	NV_WriteLock(TPM_HANDLE authHandle, TPM_HANDLE nvIndex) If the TPMA_NV_WRITEDEFINE or TPMA_NV_WRITE_STCLEAR attributes of an NV location are SET, then this command may be used to inhibit further writes of the NV Index.
TPM2B_PRIVATE	ObjectChangeAuth(TPM_HANDLE objectHandle, TPM_HANDLE parentHandle, byte[] newAuth) This command is used to change the authorization secret for a TPM-resident object.
PCR_AllocateResponse	PCR_Allocate(TPM_HANDLE authHandle, TPMS_PCR_SELECTION[] pcrAllocation) This command is used to set the desired PCR allocation of PCR and algorithms.
TPMT_HA[]	PCR_Event(TPM_HANDLE pcrHandle, byte[] eventData) This command is used to cause an update to the indicated PCR.
void	PCR_Extend(TPM_HANDLE pcrHandle, TPMT_HA[] digests) This command is used to cause an update to the indicated PCR.
PCR_ReadResponse	PCR_Read(TPMS_PCR_SELECTION[] pcrSelectionIn) This command returns the values of all PCR specified in pcrSelectionIn.
void	PCR_Reset(TPM_HANDLE pcrHandle) If the attribute of a PCR allows the PCR to be reset and proper authorization is provided, then this command may be used to set the PCR in all banks to zero.
void	PCR_SetAuthPolicy(TPM_HANDLE authHandle, byte[] authPolicy, TPM_ALG_ID hashAlg, TPM_HANDLE pcrNum) This command is used to associate a policy with a PCR or group of PCR.
void	PCR_SetAuthValue(TPM_HANDLE pcrHandle, byte[] auth) This command changes the authValue of a PCR or group of PCR.
void	Policy_AC_SendSelect(TPM_HANDLE policySession, byte[] objectName, byte[] authHandleName, byte[] acName, byte includeObject) This command allows qualification of the sending (copying) of an Object to an Attached Component (AC).
void	PolicyAuthorize(TPM_HANDLE policySession, byte[] approvedPolicy, byte[] policyRef, byte[] keySign, TPMT_TK_VERIFIED checkTicket) This command allows policies to change.
void	PolicyAuthorizeNV(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, TPM_HANDLE policySession) This command provides a capability that is the equivalent of a revocable policy.
void	PolicyAuthValue(TPM_HANDLE policySession) This command allows a policy to be bound to the authorization value of the authorized entity.
void	PolicyCommandCode(TPM_HANDLE policySession, TPM_CC code) This command indicates that the authorization will be limited to a specific command code.
void	PolicyCounterTimer(TPM_HANDLE policySession, byte[] operandB, int offset, TPM_EO operation) This command is used to cause conditional gating of a policy based on the contents of the TPMS_TIME_INFO structure.
void	PolicyCpHash(TPM_HANDLE policySession, byte[] cpHashA) This command is used to allow a policy to be bound to a specific command and command parameters.
void	PolicyDuplicationSelect(TPM_HANDLE policySession, byte[] objectName, byte[] newParentName, byte includeObject) This command allows qualification of duplication to allow duplication to a selected new parent.
byte[]	PolicyGetDigest(TPM_HANDLE policySession) This command returns the current policyDigest of the session.
void	PolicyLocality(TPM_HANDLE policySession, TPMA_LOCALITY locality) This command indicates that the authorization will be limited to a specific locality.
void	PolicyNameHash(TPM_HANDLE policySession, byte[] nameHash) This command allows a policy to be bound to a specific set of TPM entities without being bound to the parameters of the command.
void	PolicyNV(TPM_HANDLE authHandle, TPM_HANDLE nvIndex, TPM_HANDLE policySession, byte[] operandB, int offset, TPM_EO operation) This command is used to cause conditional gating of a policy based on the contents of an NV Index.
void	PolicyNvWritten(TPM_HANDLE policySession, byte writtenSet) This command allows a policy to be bound to the TPMA_NV_WRITTEN attributes.
void	PolicyOR(TPM_HANDLE policySession, TPM2B_DIGEST[] pHashList) This command allows options in authorizations without requiring that the TPM evaluate all of the options.
void	PolicyPassword(TPM_HANDLE policySession) This command allows a policy to be bound to the authorization value of the authorized object.
void	PolicyPCR(TPM_HANDLE policySession, byte[] pcrDigest, TPMS_PCR_SELECTION[] pcrs) This command is used to cause conditional gating of a policy based on PCR.
void	PolicyPhysicalPresence(TPM_HANDLE policySession) This command indicates that physical presence will need to be asserted at the time the authorization is performed.
void	PolicyRestart(TPM_HANDLE sessionHandle) This command allows a policy authorization session to be returned to its initial state.
PolicySecretResponse	PolicySecret(TPM_HANDLE authHandle, TPM_HANDLE policySession, byte[] nonceTPM, byte[] cpHashA, byte[] policyRef, int expiration) This command includes a secret-based authorization to a policy.
PolicySignedResponse	PolicySigned(TPM_HANDLE authObject, TPM_HANDLE policySession, byte[] nonceTPM, byte[] cpHashA, byte[] policyRef, int expiration, TPMU_SIGNATURE auth) This command includes a signed authorization in a policy.
void	PolicyTemplate(TPM_HANDLE policySession, byte[] templateHash) This command allows a policy to be bound to a specific creation template.
void	PolicyTicket(TPM_HANDLE policySession, byte[] timeout, byte[] cpHashA, byte[] policyRef, byte[] authName, TPMT_TK_AUTH ticket) This command is similar to TPM2_PolicySigned() except that it takes a ticket instead of a signed authorization.
void	PP_Commands(TPM_HANDLE auth, TPM_CC[] setList, TPM_CC[] clearList) This command is used to determine which commands require assertion of Physical Presence (PP) in addition to platformAuth/platformPolicy.
QuoteResponse	Quote(TPM_HANDLE signHandle, byte[] qualifyingData, TPMU_SIG_SCHEME inScheme, TPMS_PCR_SELECTION[] PCRselect) This command is used to quote PCR values.
TPMS_TIME_INFO	ReadClock() This command reads the current TPMS_TIME_INFO structure that contains the current setting of Time, Clock, resetCount, and restartCount.
ReadPublicResponse	ReadPublic(TPM_HANDLE objectHandle) This command allows access to the public area of a loaded object.
RewrapResponse	Rewrap(TPM_HANDLE oldParent, TPM_HANDLE newParent, TPM2B_PRIVATE inDuplicate, byte[] name, byte[] inSymSeed) This command allows the TPM to serve in the role as a Duplication Authority.
byte[]	RSA_Decrypt(TPM_HANDLE keyHandle, byte[] cipherText, TPMU_ASYM_SCHEME inScheme, byte[] label) This command performs RSA decryption using the indicated padding scheme according to IETF RFC 3447 ((PKCS#1).
byte[]	RSA_Encrypt(TPM_HANDLE keyHandle, byte[] message, TPMU_ASYM_SCHEME inScheme, byte[] label) This command performs RSA encryption using the indicated padding scheme according to IETF RFC 3447.
void	SelfTest(byte fullTest) This command causes the TPM to perform a test of its capabilities.
SequenceCompleteResponse	SequenceComplete(TPM_HANDLE sequenceHandle, byte[] buffer, TPM_HANDLE hierarchy) This command adds the last part of data, if any, to a hash/HMAC sequence and returns the result.
void	SequenceUpdate(TPM_HANDLE sequenceHandle, byte[] buffer) This command is used to add data to a hash or HMAC sequence.
void	SetAlgorithmSet(TPM_HANDLE authHandle, int algorithmSet) This command allows the platform to change the set of algorithms that are used by the TPM.
void	SetCommandCodeAuditStatus(TPM_HANDLE auth, TPM_ALG_ID auditAlg, TPM_CC[] setList, TPM_CC[] clearList) This command may be used by the Privacy Administrator or platform to change the audit status of a command or to set the hash algorithm used for the audit digest, but not both at the same time.
void	SetPrimaryPolicy(TPM_HANDLE authHandle, byte[] authPolicy, TPM_ALG_ID hashAlg) This command allows setting of the authorization policy for the lockout (lockoutPolicy), the platform hierarchy (platformPolicy), the storage hierarchy (ownerPolicy), and the endorsement hierarchy (endorsementPolicy).
void	Shutdown(TPM_SU shutdownType) This command is used to prepare the TPM for a power cycle.
TPMU_SIGNATURE	Sign(TPM_HANDLE keyHandle, byte[] digest, TPMU_SIG_SCHEME inScheme, TPMT_TK_HASHCHECK validation) This command causes the TPM to sign an externally provided hash with the specified symmetric or asymmetric signing key.
StartAuthSessionResponse	StartAuthSession(TPM_HANDLE tpmKey, TPM_HANDLE bind, byte[] nonceCaller, byte[] encryptedSalt, TPM_SE sessionType, TPMT_SYM_DEF symmetric, TPM_ALG_ID authHash) This command is used to start an authorization session using alternative methods of establishing the session key (sessionKey).
void	Startup(TPM_SU startupType) TPM2_Startup() is always preceded by _TPM_Init, which is the physical indication that TPM initialization is necessary because of a system-wide reset.
void	StirRandom(byte[] inData) This command is used to add "additional information" to the RNG state.
void	TestParms(TPMU_PUBLIC_PARMS parameters) This command is used to check to see if specific combinations of algorithm parameters are supported.
byte[]	Unseal(TPM_HANDLE itemHandle) This command returns the data in a loaded Sealed Data Object.
byte[]	Vendor_TCG_Test(byte[] inputData) This is a placeholder to allow testing of the dispatch code.
TPMT_TK_VERIFIED	VerifySignature(TPM_HANDLE keyHandle, byte[] digest, TPMU_SIGNATURE signature) This command uses loaded keys to validate a signature on a message with the message digest passed to the TPM.
ZGen_2PhaseResponse	ZGen_2Phase(TPM_HANDLE keyA, TPMS_ECC_POINT inQsB, TPMS_ECC_POINT inQeB, TPM_ALG_ID inScheme, int counter) This command supports two-phase key exchange protocols.

Methods inherited from class tss.TpmBase

_allowErrors, _expectError, _expectMoreResponses, _expectResponses, _getDevice, _GetExpectedResponses, _getLastResponseCode, _lastCommandSucceeded, _setCallback, _setDevice, _withSession, _withSessions, close, DispatchCommand, getLastResponseCode

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Tpm

public Tpm()

Method Detail

Startup

public void Startup(TPM_SU startupType)

TPM2_Startup() is always preceded by _TPM_Init, which is the physical indication that TPM initialization is necessary because of a system-wide reset. TPM2_Startup() is only valid after _TPM_Init. Additional TPM2_Startup() commands are not allowed after it has completed successfully. If a TPM requires TPM2_Startup() and another command is received, or if the TPM receives TPM2_Startup() when it is not required, the TPM shall return TPM_RC_INITIALIZE.

Parameters:

startupType - TPM_SU_CLEAR or TPM_SU_STATE

Shutdown

public void Shutdown(TPM_SU shutdownType)

This command is used to prepare the TPM for a power cycle. The shutdownType parameter indicates how the subsequent TPM2_Startup() will be processed.

Parameters:

shutdownType - TPM_SU_CLEAR or TPM_SU_STATE

SelfTest

public void SelfTest(byte fullTest)

This command causes the TPM to perform a test of its capabilities. If the fullTest is YES, the TPM will test all functions. If fullTest = NO, the TPM will only test those functions that have not previously been tested.

Parameters:

fullTest - YES if full test to be performed NO if only test of untested functions required

IncrementalSelfTest

public TPM_ALG_ID[] IncrementalSelfTest(TPM_ALG_ID[] toTest)

This command causes the TPM to perform a test of the selected algorithms.

Parameters:

toTest - list of algorithms that should be tested

Returns:

list of algorithms that need testing

GetTestResult

public GetTestResultResponse GetTestResult()

This command returns manufacturer-specific information regarding the results of a self-test and an indication of the test status.

Returns:

TPM2_GetTestResult_RESPONSE{(ul)(li)(code)outData(/code) - test result data contains manufacturer-specific information(/li)(li)(code)testResult(/code) - -(/li)(/ul)}

StartAuthSession

public StartAuthSessionResponse StartAuthSession(TPM_HANDLE tpmKey,
                                                 TPM_HANDLE bind,
                                                 byte[] nonceCaller,
                                                 byte[] encryptedSalt,
                                                 TPM_SE sessionType,
                                                 TPMT_SYM_DEF symmetric,
                                                 TPM_ALG_ID authHash)

This command is used to start an authorization session using alternative methods of establishing the session key (sessionKey). The session key is then used to derive values used for authorization and for encrypting parameters.

Parameters:

tpmKey - handle of a loaded decrypt key used to encrypt salt may be TPM_RH_NULL Auth Index: None

bind - entity providing the authValue may be TPM_RH_NULL Auth Index: None

nonceCaller - initial nonceCaller, sets nonceTPM size for the session shall be at least 16 octets

encryptedSalt - value encrypted according to the type of tpmKey If tpmKey is TPM_RH_NULL, this shall be the Empty Buffer.

sessionType - indicates the type of the session; simple HMAC or policy (including a trial policy)

symmetric - the algorithm and key size for parameter encryption may select TPM_ALG_NULL

authHash - hash algorithm to use for the session Shall be a hash algorithm supported by the TPM and not TPM_ALG_NULL

Returns:

TPM2_StartAuthSession_RESPONSE{(ul)(li)(code)handle(/code) - handle for the newly created session(/li)(li)(code)nonceTPM(/code) - the initial nonce from the TPM, used in the computation of the sessionKey(/li)(/ul)}

PolicyRestart

public void PolicyRestart(TPM_HANDLE sessionHandle)

This command allows a policy authorization session to be returned to its initial state. This command is used after the TPM returns TPM_RC_PCR_CHANGED. That response code indicates that a policy will fail because the PCR have changed after TPM2_PolicyPCR() was executed. Restarting the session allows the authorizations to be replayed because the session restarts with the same nonceTPM. If the PCR are valid for the policy, the policy may then succeed.

Parameters:

sessionHandle - the handle for the policy session

Create

public CreateResponse Create(TPM_HANDLE parentHandle,
                             TPMS_SENSITIVE_CREATE inSensitive,
                             TPMT_PUBLIC inPublic,
                             byte[] outsideInfo,
                             TPMS_PCR_SELECTION[] creationPCR)

This command is used to create an object that can be loaded into a TPM using TPM2_Load(). If the command completes successfully, the TPM will create the new object and return the objects creation data (creationData), its public area (outPublic), and its encrypted sensitive area (outPrivate). Preservation of the returned data is the responsibility of the caller. The object will need to be loaded (TPM2_Load()) before it may be used. The only difference between the inPublic TPMT_PUBLIC template and the outPublic TPMT_PUBLIC object is in the unique field.

Parameters:

parentHandle - handle of parent for new object Auth Index: 1 Auth Role: USER

inSensitive - the sensitive data

inPublic - the public template

outsideInfo - data that will be included in the creation data for this object to provide permanent, verifiable linkage between this object and some object owner data

creationPCR - PCR that will be used in creation data

Returns:

TPM2_Create_RESPONSE{(ul)(li)(code)outPrivate(/code) - the private portion of the object(/li)(li)(code)outPublic(/code) - the public portion of the created object(/li)(li)(code)creationData(/code) - contains a TPMS_CREATION_DATA(/li)(li)(code)creationHash(/code) - digest of creationData using nameAlg of outPublic(/li)(li)(code)creationTicket(/code) - ticket used by TPM2_CertifyCreation() to validate that the creation data was produced by the TPM(/li)(/ul)}

Load

public TPM_HANDLE Load(TPM_HANDLE parentHandle,
                       TPM2B_PRIVATE inPrivate,
                       TPMT_PUBLIC inPublic)

This command is used to load objects into the TPM. This command is used when both a TPM2B_PUBLIC and TPM2B_PRIVATE are to be loaded. If only a TPM2B_PUBLIC is to be loaded, the TPM2_LoadExternal command is used.

Parameters:

parentHandle - TPM handle of parent key; shall not be a reserved handle Auth Index: 1 Auth Role: USER

inPrivate - the private portion of the object

inPublic - the public portion of the object

Returns:

handle of type TPM_HT_TRANSIENT for the loaded object

LoadExternal

public TPM_HANDLE LoadExternal(TPMT_SENSITIVE inPrivate,
                               TPMT_PUBLIC inPublic,
                               TPM_HANDLE hierarchy)

This command is used to load an object that is not a Protected Object into the TPM. The command allows loading of a public area or both a public and sensitive area.

Parameters:

inPrivate - the sensitive portion of the object (optional)

inPublic - the public portion of the object

hierarchy - hierarchy with which the object area is associated

Returns:

handle of type TPM_HT_TRANSIENT for the loaded object

ReadPublic

public ReadPublicResponse ReadPublic(TPM_HANDLE objectHandle)

This command allows access to the public area of a loaded object.

Parameters:

objectHandle - TPM handle of an object Auth Index: None

Returns:

TPM2_ReadPublic_RESPONSE{(ul)(li)(code)outPublic(/code) - structure containing the public area of an object(/li)(li)(code)name(/code) - name of the object(/li)(li)(code)qualifiedName(/code) - the Qualified Name of the object(/li)(/ul)}

ActivateCredential

public byte[] ActivateCredential(TPM_HANDLE activateHandle,
                                 TPM_HANDLE keyHandle,
                                 TPMS_ID_OBJECT credentialBlob,
                                 byte[] secret)

This command enables the association of a credential with an object in a way that ensures that the TPM has validated the parameters of the credentialed object.

Parameters:

activateHandle - handle of the object associated with certificate in credentialBlob Auth Index: 1 Auth Role: ADMIN

keyHandle - loaded key used to decrypt the TPMS_SENSITIVE in credentialBlob Auth Index: 2 Auth Role: USER

credentialBlob - the credential

secret - keyHandle algorithm-dependent encrypted seed that protects credentialBlob

Returns:

the decrypted certificate information the data should be no larger than the size of the digest of the nameAlg associated with keyHandle

MakeCredential

public MakeCredentialResponse MakeCredential(TPM_HANDLE handle,
                                             byte[] credential,
                                             byte[] objectName)

This command allows the TPM to perform the actions required of a Certificate Authority (CA) in creating a TPM2B_ID_OBJECT containing an activation credential.

Parameters:

handle - loaded public area, used to encrypt the sensitive area containing the credential key Auth Index: None

credential - the credential information

objectName - Name of the object to which the credential applies

Returns:

TPM2_MakeCredential_RESPONSE{(ul)(li)(code)credentialBlob(/code) - the credential(/li)(li)(code)secret(/code) - handle algorithm-dependent data that wraps the key that encrypts credentialBlob(/li)(/ul)}

Unseal

public byte[] Unseal(TPM_HANDLE itemHandle)

This command returns the data in a loaded Sealed Data Object.

Parameters:

itemHandle - handle of a loaded data object Auth Index: 1 Auth Role: USER

Returns:

unsealed data Size of outData is limited to be no more than 128 octets.

ObjectChangeAuth

public TPM2B_PRIVATE ObjectChangeAuth(TPM_HANDLE objectHandle,
                                      TPM_HANDLE parentHandle,
                                      byte[] newAuth)

This command is used to change the authorization secret for a TPM-resident object.

Parameters:

objectHandle - handle of the object Auth Index: 1 Auth Role: ADMIN

parentHandle - handle of the parent Auth Index: None

newAuth - new authorization value

Returns:

private area containing the new authorization value

CreateLoaded

public CreateLoadedResponse CreateLoaded(TPM_HANDLE parentHandle,
                                         TPMS_SENSITIVE_CREATE inSensitive,
                                         byte[] inPublic)

This command creates an object and loads it in the TPM. This command allows creation of any type of object (Primary, Ordinary, or Derived) depending on the type of parentHandle. If parentHandle references a Primary Seed, then a Primary Object is created; if parentHandle references a Storage Parent, then an Ordinary Object is created; and if parentHandle references a Derivation Parent, then a Derived Object is generated.

Parameters:

parentHandle - Handle of a transient storage key, a persistent storage key, TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL Auth Index: 1 Auth Role: USER

inSensitive - the sensitive data, see TPM 2.0 Part 1 Sensitive Values

inPublic - the public template

Returns:

TPM2_CreateLoaded_RESPONSE{(ul)(li)(code)handle(/code) - handle of type TPM_HT_TRANSIENT for created object(/li)(li)(code)outPrivate(/code) - the sensitive area of the object (optional)(/li)(li)(code)outPublic(/code) - the public portion of the created object(/li)(li)(code)name(/code) - the name of the created object(/li)(/ul)}

Duplicate

public DuplicateResponse Duplicate(TPM_HANDLE objectHandle,
                                   TPM_HANDLE newParentHandle,
                                   byte[] encryptionKeyIn,
                                   TPMT_SYM_DEF_OBJECT symmetricAlg)

This command duplicates a loaded object so that it may be used in a different hierarchy. The new parent key for the duplicate may be on the same or different TPM or TPM_RH_NULL. Only the public area of newParentHandle is required to be loaded.

Parameters:

objectHandle - loaded object to duplicate Auth Index: 1 Auth Role: DUP

newParentHandle - shall reference the public area of an asymmetric key Auth Index: None

encryptionKeyIn - optional symmetric encryption key The size for this key is set to zero when the TPM is to generate the key. This parameter may be encrypted.

symmetricAlg - definition for the symmetric algorithm to be used for the inner wrapper may be TPM_ALG_NULL if no inner wrapper is applied

Returns:

TPM2_Duplicate_RESPONSE{(ul)(li)(code)encryptionKeyOut(/code) - If the caller provided an encryption key or if symmetricAlg was TPM_ALG_NULL, then this will be the Empty Buffer; otherwise, it shall contain the TPM-generated, symmetric encryption key for the inner wrapper.(/li)(li)(code)duplicate(/code) - private area that may be encrypted by encryptionKeyIn; and may be doubly encrypted(/li)(li)(code)outSymSeed(/code) - seed protected by the asymmetric algorithms of new parent (NP)(/li)(/ul)}

Rewrap

public RewrapResponse Rewrap(TPM_HANDLE oldParent,
                             TPM_HANDLE newParent,
                             TPM2B_PRIVATE inDuplicate,
                             byte[] name,
                             byte[] inSymSeed)

This command allows the TPM to serve in the role as a Duplication Authority. If proper authorization for use of the oldParent is provided, then an HMAC key and a symmetric key are recovered from inSymSeed and used to integrity check and decrypt inDuplicate. A new protection seed value is generated according to the methods appropriate for newParent and the blob is re-encrypted and a new integrity value is computed. The re-encrypted blob is returned in outDuplicate and the symmetric key returned in outSymKey.

Parameters:

oldParent - parent of object Auth Index: 1 Auth Role: User

newParent - new parent of the object Auth Index: None

inDuplicate - an object encrypted using symmetric key derived from inSymSeed

name - the Name of the object being rewrapped

inSymSeed - the seed for the symmetric key and HMAC key needs oldParent private key to recover the seed and generate the symmetric key

Returns:

TPM2_Rewrap_RESPONSE{(ul)(li)(code)outDuplicate(/code) - an object encrypted using symmetric key derived from outSymSeed(/li)(li)(code)outSymSeed(/code) - seed for a symmetric key protected by newParent asymmetric key(/li)(/ul)}

Import

public TPM2B_PRIVATE Import(TPM_HANDLE parentHandle,
                            byte[] encryptionKey,
                            TPMT_PUBLIC objectPublic,
                            TPM2B_PRIVATE duplicate,
                            byte[] inSymSeed,
                            TPMT_SYM_DEF_OBJECT symmetricAlg)

This command allows an object to be encrypted using the symmetric encryption values of a Storage Key. After encryption, the object may be loaded and used in the new hierarchy. The imported object (duplicate) may be singly encrypted, multiply encrypted, or unencrypted.

Parameters:

parentHandle - the handle of the new parent for the object Auth Index: 1 Auth Role: USER

encryptionKey - the optional symmetric encryption key used as the inner wrapper for duplicate If symmetricAlg is TPM_ALG_NULL, then this parameter shall be the Empty Buffer.

objectPublic - the public area of the object to be imported This is provided so that the integrity value for duplicate and the object attributes can be checked. NOTE Even if the integrity value of the object is not checked on input, the object Name is required to create the integrity value for the imported object.

duplicate - the symmetrically encrypted duplicate object that may contain an inner symmetric wrapper

inSymSeed - the seed for the symmetric key and HMAC key inSymSeed is encrypted/encoded using the algorithms of newParent.

symmetricAlg - definition for the symmetric algorithm to use for the inner wrapper If this algorithm is TPM_ALG_NULL, no inner wrapper is present and encryptionKey shall be the Empty Buffer.

Returns:

the sensitive area encrypted with the symmetric key of parentHandle

RSA_Encrypt

public byte[] RSA_Encrypt(TPM_HANDLE keyHandle,
                          byte[] message,
                          TPMU_ASYM_SCHEME inScheme,
                          byte[] label)

This command performs RSA encryption using the indicated padding scheme according to IETF RFC 3447. If the scheme of keyHandle is TPM_ALG_NULL, then the caller may use inScheme to specify the padding scheme. If scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be TPM_ALG_NULL or be the same as scheme (TPM_RC_SCHEME).

Parameters:

keyHandle - reference to public portion of RSA key to use for encryption Auth Index: None

message - message to be encrypted NOTE 1 The data type was chosen because it limits the overall size of the input to no greater than the size of the largest RSA public key. This may be larger than allowed for keyHandle.

inScheme - the padding scheme to use if scheme associated with keyHandle is TPM_ALG_NULL

label - optional label L to be associated with the message Size of the buffer is zero if no label is present NOTE 2 See description of label above.

Returns:

encrypted output

RSA_Decrypt

public byte[] RSA_Decrypt(TPM_HANDLE keyHandle,
                          byte[] cipherText,
                          TPMU_ASYM_SCHEME inScheme,
                          byte[] label)

This command performs RSA decryption using the indicated padding scheme according to IETF RFC 3447 ((PKCS#1).

Parameters:

keyHandle - RSA key to use for decryption Auth Index: 1 Auth Role: USER

cipherText - cipher text to be decrypted NOTE An encrypted RSA data block is the size of the public modulus.

inScheme - the padding scheme to use if scheme associated with keyHandle is TPM_ALG_NULL

label - label whose association with the message is to be verified

Returns:

decrypted output

ECDH_KeyGen

public ECDH_KeyGenResponse ECDH_KeyGen(TPM_HANDLE keyHandle)

This command uses the TPM to generate an ephemeral key pair (de, Qe where Qe [de]G). It uses the private ephemeral key and a loaded public key (QS) to compute the shared secret value (P [hde]QS).

Parameters:

keyHandle - Handle of a loaded ECC key public area. Auth Index: None

Returns:

TPM2_ECDH_KeyGen_RESPONSE{(ul)(li)(code)zPoint(/code) - results of P h[de]Qs(/li)(li)(code)pubPoint(/code) - generated ephemeral public point (Qe)(/li)(/ul)}

ECDH_ZGen

public TPMS_ECC_POINT ECDH_ZGen(TPM_HANDLE keyHandle,
                                TPMS_ECC_POINT inPoint)

This command uses the TPM to recover the Z value from a public point (QB) and a private key (ds). It will perform the multiplication of the provided inPoint (QB) with the private key (ds) and return the coordinates of the resultant point (Z = (xZ , yZ) [hds]QB; where h is the cofactor of the curve).

Parameters:

keyHandle - handle of a loaded ECC key Auth Index: 1 Auth Role: USER

inPoint - a public key

Returns:

X and Y coordinates of the product of the multiplication Z = (xZ , yZ) [hdS]QB

ECC_Parameters

public TPMS_ALGORITHM_DETAIL_ECC ECC_Parameters(TPM_ECC_CURVE curveID)

This command returns the parameters of an ECC curve identified by its TCG-assigned curveID.

Parameters:

curveID - parameter set selector

Returns:

ECC parameters for the selected curve

ZGen_2Phase

public ZGen_2PhaseResponse ZGen_2Phase(TPM_HANDLE keyA,
                                       TPMS_ECC_POINT inQsB,
                                       TPMS_ECC_POINT inQeB,
                                       TPM_ALG_ID inScheme,
                                       int counter)

This command supports two-phase key exchange protocols. The command is used in combination with TPM2_EC_Ephemeral(). TPM2_EC_Ephemeral() generates an ephemeral key and returns the public point of that ephemeral key along with a numeric value that allows the TPM to regenerate the associated private key.

Parameters:

keyA - handle of an unrestricted decryption key ECC The private key referenced by this handle is used as dS,A Auth Index: 1 Auth Role: USER

inQsB - other partys static public key (Qs,B = (Xs,B, Ys,B))

inQeB - other party's ephemeral public key (Qe,B = (Xe,B, Ye,B))

inScheme - the key exchange scheme

counter - value returned by TPM2_EC_Ephemeral()

Returns:

TPM2_ZGen_2Phase_RESPONSE{(ul)(li)(code)outZ1(/code) - X and Y coordinates of the computed value (scheme dependent)(/li)(li)(code)outZ2(/code) - X and Y coordinates of the second computed value (scheme dependent)(/li)(/ul)}

EncryptDecrypt

public EncryptDecryptResponse EncryptDecrypt(TPM_HANDLE keyHandle,
                                             byte decrypt,
                                             TPM_ALG_ID mode,
                                             byte[] ivIn,
                                             byte[] inData)

NOTE 1 This command is deprecated, and TPM2_EncryptDecrypt2() is preferred. This should be reflected in platform-specific specifications.

Parameters:

keyHandle - the symmetric key used for the operation Auth Index: 1 Auth Role: USER

decrypt - if YES, then the operation is decryption; if NO, the operation is encryption

mode - symmetric encryption/decryption mode this field shall match the default mode of the key or be TPM_ALG_NULL.

ivIn - an initial value as required by the algorithm

inData - the data to be encrypted/decrypted

Returns:

TPM2_EncryptDecrypt_RESPONSE{(ul)(li)(code)outData(/code) - encrypted or decrypted output(/li)(li)(code)ivOut(/code) - chaining value to use for IV in next round(/li)(/ul)}

EncryptDecrypt2

public EncryptDecrypt2Response EncryptDecrypt2(TPM_HANDLE keyHandle,
                                               byte[] inData,
                                               byte decrypt,
                                               TPM_ALG_ID mode,
                                               byte[] ivIn)

This command is identical to TPM2_EncryptDecrypt(), except that the inData parameter is the first parameter. This permits inData to be parameter encrypted.

Parameters:

keyHandle - the symmetric key used for the operation Auth Index: 1 Auth Role: USER

inData - the data to be encrypted/decrypted

decrypt - if YES, then the operation is decryption; if NO, the operation is encryption

mode - symmetric mode this field shall match the default mode of the key or be TPM_ALG_NULL.

ivIn - an initial value as required by the algorithm

Returns:

TPM2_EncryptDecrypt2_RESPONSE{(ul)(li)(code)outData(/code) - encrypted or decrypted output(/li)(li)(code)ivOut(/code) - chaining value to use for IV in next round(/li)(/ul)}

Hash

public HashResponse Hash(byte[] data,
                         TPM_ALG_ID hashAlg,
                         TPM_HANDLE hierarchy)

This command performs a hash operation on a data buffer and returns the results.

Parameters:

data - data to be hashed

hashAlg - algorithm for the hash being computed shall not be TPM_ALG_NULL

hierarchy - hierarchy to use for the ticket (TPM_RH_NULL allowed)

Returns:

TPM2_Hash_RESPONSE{(ul)(li)(code)outHash(/code) - results(/li)(li)(code)validation(/code) - ticket indicating that the sequence of octets used to compute outDigest did not start with TPM_GENERATED_VALUE will be a NULL ticket if the digest may not be signed with a restricted key(/li)(/ul)}

HMAC

public byte[] HMAC(TPM_HANDLE handle,
                   byte[] buffer,
                   TPM_ALG_ID hashAlg)

This command performs an HMAC on the supplied data using the indicated hash algorithm.

Parameters:

handle - handle for the symmetric signing key providing the HMAC key Auth Index: 1 Auth Role: USER

buffer - HMAC data

hashAlg - algorithm to use for HMAC

Returns:

the returned HMAC in a sized buffer

MAC

public byte[] MAC(TPM_HANDLE handle,
                  byte[] buffer,
                  TPM_ALG_ID inScheme)

This command performs an HMAC or a block cipher MAC on the supplied data using the indicated algorithm.

Parameters:

handle - handle for the symmetric signing key providing the MAC key Auth Index: 1 Auth Role: USER

buffer - MAC data

inScheme - algorithm to use for MAC

Returns:

the returned MAC in a sized buffer

GetRandom

public byte[] GetRandom(int bytesRequested)

This command returns the next bytesRequested octets from the random number generator (RNG).

Parameters:

bytesRequested - number of octets to return

Returns:

the random octets

StirRandom

public void StirRandom(byte[] inData)

This command is used to add "additional information" to the RNG state.

Parameters:

inData - additional information

HMAC_Start

public TPM_HANDLE HMAC_Start(TPM_HANDLE handle,
                             byte[] auth,
                             TPM_ALG_ID hashAlg)

This command starts an HMAC sequence. The TPM will create and initialize an HMAC sequence structure, assign a handle to the sequence, and set the authValue of the sequence object to the value in auth.

Parameters:

handle - handle of an HMAC key Auth Index: 1 Auth Role: USER

auth - authorization value for subsequent use of the sequence

hashAlg - the hash algorithm to use for the HMAC

Returns:

a handle to reference the sequence

MAC_Start

public TPM_HANDLE MAC_Start(TPM_HANDLE handle,
                            byte[] auth,
                            TPM_ALG_ID inScheme)

This command starts a MAC sequence. The TPM will create and initialize an MAC sequence structure, assign a handle to the sequence, and set the authValue of the sequence object to the value in auth.

Parameters:

handle - handle of a MAC key Auth Index: 1 Auth Role: USER

auth - authorization value for subsequent use of the sequence

inScheme - the algorithm to use for the MAC

Returns:

a handle to reference the sequence

HashSequenceStart

public TPM_HANDLE HashSequenceStart(byte[] auth,
                                    TPM_ALG_ID hashAlg)

This command starts a hash or an Event Sequence. If hashAlg is an implemented hash, then a hash sequence is started. If hashAlg is TPM_ALG_NULL, then an Event Sequence is started. If hashAlg is neither an implemented algorithm nor TPM_ALG_NULL, then the TPM shall return TPM_RC_HASH.

Parameters:

auth - authorization value for subsequent use of the sequence

hashAlg - the hash algorithm to use for the hash sequence An Event Sequence starts if this is TPM_ALG_NULL.

Returns:

a handle to reference the sequence

SequenceUpdate

public void SequenceUpdate(TPM_HANDLE sequenceHandle,
                           byte[] buffer)

This command is used to add data to a hash or HMAC sequence. The amount of data in buffer may be any size up to the limits of the TPM.

Parameters:

sequenceHandle - handle for the sequence object Auth Index: 1 Auth Role: USER

buffer - data to be added to hash

SequenceComplete

public SequenceCompleteResponse SequenceComplete(TPM_HANDLE sequenceHandle,
                                                 byte[] buffer,
                                                 TPM_HANDLE hierarchy)

This command adds the last part of data, if any, to a hash/HMAC sequence and returns the result.

Parameters:

sequenceHandle - authorization for the sequence Auth Index: 1 Auth Role: USER

buffer - data to be added to the hash/HMAC

hierarchy - hierarchy of the ticket for a hash

Returns:

TPM2_SequenceComplete_RESPONSE{(ul)(li)(code)result(/code) - the returned HMAC or digest in a sized buffer(/li)(li)(code)validation(/code) - ticket indicating that the sequence of octets used to compute outDigest did not start with TPM_GENERATED_VALUE This is a NULL Ticket when the sequence is HMAC.(/li)(/ul)}

EventSequenceComplete

public TPMT_HA[] EventSequenceComplete(TPM_HANDLE pcrHandle,
                                       TPM_HANDLE sequenceHandle,
                                       byte[] buffer)

This command adds the last part of data, if any, to an Event Sequence and returns the result in a digest list. If pcrHandle references a PCR and not TPM_RH_NULL, then the returned digest list is processed in the same manner as the digest list input parameter to TPM2_PCR_Extend() with the pcrHandle in each bank extended with the associated digest value.

Parameters:

pcrHandle - PCR to be extended with the Event data Auth Index: 1 Auth Role: USER

sequenceHandle - authorization for the sequence Auth Index: 2 Auth Role: USER

buffer - data to be added to the Event

Returns:

list of digests computed for the PCR

Certify

public CertifyResponse Certify(TPM_HANDLE objectHandle,
                               TPM_HANDLE signHandle,
                               byte[] qualifyingData,
                               TPMU_SIG_SCHEME inScheme)

The purpose of this command is to prove that an object with a specific Name is loaded in the TPM. By certifying that the object is loaded, the TPM warrants that a public area with a given Name is self-consistent and associated with a valid sensitive area. If a relying party has a public area that has the same Name as a Name certified with this command, then the values in that public area are correct.

Parameters:

objectHandle - handle of the object to be certified Auth Index: 1 Auth Role: ADMIN

signHandle - handle of the key used to sign the attestation structure Auth Index: 2 Auth Role: USER

qualifyingData - user provided qualifying data

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

Returns:

TPM2_Certify_RESPONSE{(ul)(li)(code)certifyInfo(/code) - the structure that was signed(/li)(li)(code)signature(/code) - the asymmetric signature over certifyInfo using the key referenced by signHandle(/li)(/ul)}

CertifyCreation

public CertifyCreationResponse CertifyCreation(TPM_HANDLE signHandle,
                                               TPM_HANDLE objectHandle,
                                               byte[] qualifyingData,
                                               byte[] creationHash,
                                               TPMU_SIG_SCHEME inScheme,
                                               TPMT_TK_CREATION creationTicket)

This command is used to prove the association between an object and its creation data. The TPM will validate that the ticket was produced by the TPM and that the ticket validates the association between a loaded public area and the provided hash of the creation data (creationHash).

Parameters:

signHandle - handle of the key that will sign the attestation block Auth Index: 1 Auth Role: USER

objectHandle - the object associated with the creation data Auth Index: None

qualifyingData - user-provided qualifying data

creationHash - hash of the creation data produced by TPM2_Create() or TPM2_CreatePrimary()

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

creationTicket - ticket produced by TPM2_Create() or TPM2_CreatePrimary()

Returns:

TPM2_CertifyCreation_RESPONSE{(ul)(li)(code)certifyInfo(/code) - the structure that was signed(/li)(li)(code)signature(/code) - the signature over certifyInfo(/li)(/ul)}

Quote

public QuoteResponse Quote(TPM_HANDLE signHandle,
                           byte[] qualifyingData,
                           TPMU_SIG_SCHEME inScheme,
                           TPMS_PCR_SELECTION[] PCRselect)

This command is used to quote PCR values.

Parameters:

signHandle - handle of key that will perform signature Auth Index: 1 Auth Role: USER

qualifyingData - data supplied by the caller

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

PCRselect - PCR set to quote

Returns:

TPM2_Quote_RESPONSE{(ul)(li)(code)quoted(/code) - the quoted information(/li)(li)(code)signature(/code) - the signature over quoted(/li)(/ul)}

GetSessionAuditDigest

public GetSessionAuditDigestResponse GetSessionAuditDigest(TPM_HANDLE privacyAdminHandle,
                                                           TPM_HANDLE signHandle,
                                                           TPM_HANDLE sessionHandle,
                                                           byte[] qualifyingData,
                                                           TPMU_SIG_SCHEME inScheme)

This command returns a digital signature of the audit session digest.

Parameters:

privacyAdminHandle - handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER

signHandle - handle of the signing key Auth Index: 2 Auth Role: USER

sessionHandle - handle of the audit session Auth Index: None

qualifyingData - user-provided qualifying data may be zero-length

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

Returns:

TPM2_GetSessionAuditDigest_RESPONSE{(ul)(li)(code)auditInfo(/code) - the audit information that was signed(/li)(li)(code)signature(/code) - the signature over auditInfo(/li)(/ul)}

GetCommandAuditDigest

public GetCommandAuditDigestResponse GetCommandAuditDigest(TPM_HANDLE privacyHandle,
                                                           TPM_HANDLE signHandle,
                                                           byte[] qualifyingData,
                                                           TPMU_SIG_SCHEME inScheme)

This command returns the current value of the command audit digest, a digest of the commands being audited, and the audit hash algorithm. These values are placed in an attestation structure and signed with the key referenced by signHandle.

Parameters:

privacyHandle - handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER

signHandle - the handle of the signing key Auth Index: 2 Auth Role: USER

qualifyingData - other data to associate with this audit digest

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

Returns:

TPM2_GetCommandAuditDigest_RESPONSE{(ul)(li)(code)auditInfo(/code) - the auditInfo that was signed(/li)(li)(code)signature(/code) - the signature over auditInfo(/li)(/ul)}

GetTime

public GetTimeResponse GetTime(TPM_HANDLE privacyAdminHandle,
                               TPM_HANDLE signHandle,
                               byte[] qualifyingData,
                               TPMU_SIG_SCHEME inScheme)

This command returns the current values of Time and Clock.

Parameters:

privacyAdminHandle - handle of the privacy administrator (TPM_RH_ENDORSEMENT) Auth Index: 1 Auth Role: USER

signHandle - the keyHandle identifier of a loaded key that can perform digital signatures Auth Index: 2 Auth Role: USER

qualifyingData - data to tick stamp

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

Returns:

TPM2_GetTime_RESPONSE{(ul)(li)(code)timeInfo(/code) - standard TPM-generated attestation block(/li)(li)(code)signature(/code) - the signature over timeInfo(/li)(/ul)}

Commit

public CommitResponse Commit(TPM_HANDLE signHandle,
                             TPMS_ECC_POINT P1,
                             byte[] s2,
                             byte[] y2)

TPM2_Commit() performs the first part of an ECC anonymous signing operation. The TPM will perform the point multiplications on the provided points and return intermediate signing values. The signHandle parameter shall refer to an ECC key and the signing scheme must be anonymous (TPM_RC_SCHEME).

Parameters:

signHandle - handle of the key that will be used in the signing operation Auth Index: 1 Auth Role: USER

P1 - a point (M) on the curve used by signHandle

s2 - octet array used to derive x-coordinate of a base point

y2 - y coordinate of the point associated with s2

Returns:

TPM2_Commit_RESPONSE{(ul)(li)(code)K(/code) - ECC point K [ds](x2, y2)(/li)(li)(code)L(/code) - ECC point L [r](x2, y2)(/li)(li)(code)E(/code) - ECC point E [r]P1(/li)(li)(code)counter(/code) - least-significant 16 bits of commitCount(/li)(/ul)}

EC_Ephemeral

public EC_EphemeralResponse EC_Ephemeral(TPM_ECC_CURVE curveID)

TPM2_EC_Ephemeral() creates an ephemeral key for use in a two-phase key exchange protocol.

Parameters:

curveID - The curve for the computed ephemeral point

Returns:

TPM2_EC_Ephemeral_RESPONSE{(ul)(li)(code)Q(/code) - ephemeral public key Q [r]G(/li)(li)(code)counter(/code) - least-significant 16 bits of commitCount(/li)(/ul)}

VerifySignature

public TPMT_TK_VERIFIED VerifySignature(TPM_HANDLE keyHandle,
                                        byte[] digest,
                                        TPMU_SIGNATURE signature)

This command uses loaded keys to validate a signature on a message with the message digest passed to the TPM.

Parameters:

keyHandle - handle of public key that will be used in the validation Auth Index: None

digest - digest of the signed message

signature - signature to be tested

Returns:

This ticket is produced by TPM2_VerifySignature(). This formulation is used for multiple ticket uses. The ticket provides evidence that the TPM has validated that a digest was signed by a key with the Name of keyName. The ticket is computed by

Sign

public TPMU_SIGNATURE Sign(TPM_HANDLE keyHandle,
                           byte[] digest,
                           TPMU_SIG_SCHEME inScheme,
                           TPMT_TK_HASHCHECK validation)

This command causes the TPM to sign an externally provided hash with the specified symmetric or asymmetric signing key.

Parameters:

keyHandle - Handle of key that will perform signing Auth Index: 1 Auth Role: USER

digest - digest to be signed

inScheme - signing scheme to use if the scheme for keyHandle is TPM_ALG_NULL

validation - proof that digest was created by the TPM If keyHandle is not a restricted signing key, then this may be a NULL Ticket with tag = TPM_ST_CHECKHASH.

Returns:

the signature

SetCommandCodeAuditStatus

public void SetCommandCodeAuditStatus(TPM_HANDLE auth,
                                      TPM_ALG_ID auditAlg,
                                      TPM_CC[] setList,
                                      TPM_CC[] clearList)

This command may be used by the Privacy Administrator or platform to change the audit status of a command or to set the hash algorithm used for the audit digest, but not both at the same time.

Parameters:

auth - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

auditAlg - hash algorithm for the audit digest; if TPM_ALG_NULL, then the hash is not changed

setList - list of commands that will be added to those that will be audited

clearList - list of commands that will no longer be audited

PCR_Extend

public void PCR_Extend(TPM_HANDLE pcrHandle,
                       TPMT_HA[] digests)

This command is used to cause an update to the indicated PCR. The digests parameter contains one or more tagged digest values identified by an algorithm ID. For each digest, the PCR associated with pcrHandle is Extended into the bank identified by the tag (hashAlg).

Parameters:

pcrHandle - handle of the PCR Auth Handle: 1 Auth Role: USER

digests - list of tagged digest values to be extended

PCR_Event

public TPMT_HA[] PCR_Event(TPM_HANDLE pcrHandle,
                           byte[] eventData)

This command is used to cause an update to the indicated PCR.

Parameters:

pcrHandle - Handle of the PCR Auth Handle: 1 Auth Role: USER

eventData - Event data in sized buffer

Returns:

-

PCR_Read

public PCR_ReadResponse PCR_Read(TPMS_PCR_SELECTION[] pcrSelectionIn)

This command returns the values of all PCR specified in pcrSelectionIn.

Parameters:

pcrSelectionIn - The selection of PCR to read

Returns:

TPM2_PCR_Read_RESPONSE{(ul)(li)(code)pcrUpdateCounter(/code) - the current value of the PCR update counter(/li)(li)(code)pcrSelectionOut(/code) - the PCR in the returned list(/li)(li)(code)pcrValues(/code) - the contents of the PCR indicated in pcrSelectOut-) pcrSelection[] as tagged digests(/li)(/ul)}

PCR_Allocate

public PCR_AllocateResponse PCR_Allocate(TPM_HANDLE authHandle,
                                         TPMS_PCR_SELECTION[] pcrAllocation)

This command is used to set the desired PCR allocation of PCR and algorithms. This command requires Platform Authorization.

Parameters:

authHandle - TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

pcrAllocation - the requested allocation

Returns:

TPM2_PCR_Allocate_RESPONSE{(ul)(li)(code)allocationSuccess(/code) - YES if the allocation succeeded(/li)(li)(code)maxPCR(/code) - maximum number of PCR that may be in a bank(/li)(li)(code)sizeNeeded(/code) - number of octets required to satisfy the request(/li)(li)(code)sizeAvailable(/code) - Number of octets available. Computed before the allocation.(/li)(/ul)}

PCR_SetAuthPolicy

public void PCR_SetAuthPolicy(TPM_HANDLE authHandle,
                              byte[] authPolicy,
                              TPM_ALG_ID hashAlg,
                              TPM_HANDLE pcrNum)

This command is used to associate a policy with a PCR or group of PCR. The policy determines the conditions under which a PCR may be extended or reset.

Parameters:

authHandle - TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

authPolicy - the desired authPolicy

hashAlg - the hash algorithm of the policy

pcrNum - the PCR for which the policy is to be set

PCR_SetAuthValue

public void PCR_SetAuthValue(TPM_HANDLE pcrHandle,
                             byte[] auth)

This command changes the authValue of a PCR or group of PCR.

Parameters:

pcrHandle - handle for a PCR that may have an authorization value set Auth Index: 1 Auth Role: USER

auth - the desired authorization value

PCR_Reset

public void PCR_Reset(TPM_HANDLE pcrHandle)

If the attribute of a PCR allows the PCR to be reset and proper authorization is provided, then this command may be used to set the PCR in all banks to zero. The attributes of the PCR may restrict the locality that can perform the reset operation.

Parameters:

pcrHandle - the PCR to reset Auth Index: 1 Auth Role: USER

PolicySigned

public PolicySignedResponse PolicySigned(TPM_HANDLE authObject,
                                         TPM_HANDLE policySession,
                                         byte[] nonceTPM,
                                         byte[] cpHashA,
                                         byte[] policyRef,
                                         int expiration,
                                         TPMU_SIGNATURE auth)

This command includes a signed authorization in a policy. The command ties the policy to a signing key by including the Name of the signing key in the policyDigest

Parameters:

authObject - handle for a key that will validate the signature Auth Index: None

policySession - handle for the policy session being extended Auth Index: None

nonceTPM - the policy nonce for the session This can be the Empty Buffer.

cpHashA - digest of the command parameters to which this authorization is limited This is not the cpHash for this command but the cpHash for the command to which this policy session will be applied. If it is not limited, the parameter will be the Empty Buffer.

policyRef - a reference to a policy relating to the authorization may be the Empty Buffer Size is limited to be no larger than the nonce size supported on the TPM.

expiration - time when authorization will expire, measured in seconds from the time that nonceTPM was generated If expiration is non-negative, a NULL Ticket is returned. See 23.2.5.

auth - signed authorization (not optional)

Returns:

TPM2_PolicySigned_RESPONSE{(ul)(li)(code)timeout(/code) - implementation-specific time value, used to indicate to the TPM when the ticket expires NOTE If policyTicket is a NULL Ticket, then this shall be the Empty Buffer.(/li)(li)(code)policyTicket(/code) - produced if the command succeeds and expiration in the command was non-zero; this ticket will use the TPMT_ST_AUTH_SIGNED structure tag. See 23.2.5(/li)(/ul)}

PolicySecret

public PolicySecretResponse PolicySecret(TPM_HANDLE authHandle,
                                         TPM_HANDLE policySession,
                                         byte[] nonceTPM,
                                         byte[] cpHashA,
                                         byte[] policyRef,
                                         int expiration)

This command includes a secret-based authorization to a policy. The caller proves knowledge of the secret value using an authorization session using the authValue associated with authHandle. A password session, an HMAC session, or a policy session containing TPM2_PolicyAuthValue() or TPM2_PolicyPassword() will satisfy this requirement.

Parameters:

authHandle - handle for an entity providing the authorization Auth Index: 1 Auth Role: USER

policySession - handle for the policy session being extended Auth Index: None

nonceTPM - the policy nonce for the session This can be the Empty Buffer.

cpHashA - digest of the command parameters to which this authorization is limited This not the cpHash for this command but the cpHash for the command to which this policy session will be applied. If it is not limited, the parameter will be the Empty Buffer.

policyRef - a reference to a policy relating to the authorization may be the Empty Buffer Size is limited to be no larger than the nonce size supported on the TPM.

expiration - time when authorization will expire, measured in seconds from the time that nonceTPM was generated If expiration is non-negative, a NULL Ticket is returned. See 23.2.5.

Returns:

TPM2_PolicySecret_RESPONSE{(ul)(li)(code)timeout(/code) - implementation-specific time value used to indicate to the TPM when the ticket expires(/li)(li)(code)policyTicket(/code) - produced if the command succeeds and expiration in the command was non-zero ( See 23.2.5). This ticket will use the TPMT_ST_AUTH_SECRET structure tag(/li)(/ul)}

PolicyTicket

public void PolicyTicket(TPM_HANDLE policySession,
                         byte[] timeout,
                         byte[] cpHashA,
                         byte[] policyRef,
                         byte[] authName,
                         TPMT_TK_AUTH ticket)

This command is similar to TPM2_PolicySigned() except that it takes a ticket instead of a signed authorization. The ticket represents a validated authorization that had an expiration time associated with it.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

timeout - time when authorization will expire The contents are TPM specific. This shall be the value returned when ticket was produced.

cpHashA - digest of the command parameters to which this authorization is limited If it is not limited, the parameter will be the Empty Buffer.

policyRef - reference to a qualifier for the policy may be the Empty Buffer

authName - name of the object that provided the authorization

ticket - an authorization ticket returned by the TPM in response to a TPM2_PolicySigned() or TPM2_PolicySecret()

PolicyOR

public void PolicyOR(TPM_HANDLE policySession,
                     TPM2B_DIGEST[] pHashList)

This command allows options in authorizations without requiring that the TPM evaluate all of the options. If a policy may be satisfied by different sets of conditions, the TPM need only evaluate one set that satisfies the policy. This command will indicate that one of the required sets of conditions has been satisfied.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

pHashList - the list of hashes to check for a match

PolicyPCR

public void PolicyPCR(TPM_HANDLE policySession,
                      byte[] pcrDigest,
                      TPMS_PCR_SELECTION[] pcrs)

This command is used to cause conditional gating of a policy based on PCR. This command together with TPM2_PolicyOR() allows one group of authorizations to occur when PCR are in one state and a different set of authorizations when the PCR are in a different state.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

pcrDigest - expected digest value of the selected PCR using the hash algorithm of the session; may be zero length

pcrs - the PCR to include in the check digest

PolicyLocality

public void PolicyLocality(TPM_HANDLE policySession,
                           TPMA_LOCALITY locality)

This command indicates that the authorization will be limited to a specific locality.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

locality - the allowed localities for the policy

PolicyNV

public void PolicyNV(TPM_HANDLE authHandle,
                     TPM_HANDLE nvIndex,
                     TPM_HANDLE policySession,
                     byte[] operandB,
                     int offset,
                     TPM_EO operation)

This command is used to cause conditional gating of a policy based on the contents of an NV Index. It is an immediate assertion. The NV index is validated during the TPM2_PolicyNV() command, not when the session is used for authorization.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index of the area to read Auth Index: None

policySession - handle for the policy session being extended Auth Index: None

operandB - the second operand

offset - the octet offset in the NV Index for the start of operand A

operation - the comparison to make

PolicyCounterTimer

public void PolicyCounterTimer(TPM_HANDLE policySession,
                               byte[] operandB,
                               int offset,
                               TPM_EO operation)

This command is used to cause conditional gating of a policy based on the contents of the TPMS_TIME_INFO structure.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

operandB - the second operand

offset - the octet offset in the TPMS_TIME_INFO structure for the start of operand A

operation - the comparison to make

PolicyCommandCode

public void PolicyCommandCode(TPM_HANDLE policySession,
                              TPM_CC code)

This command indicates that the authorization will be limited to a specific command code.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

code - the allowed commandCode

PolicyPhysicalPresence

public void PolicyPhysicalPresence(TPM_HANDLE policySession)

This command indicates that physical presence will need to be asserted at the time the authorization is performed.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

PolicyCpHash

public void PolicyCpHash(TPM_HANDLE policySession,
                         byte[] cpHashA)

This command is used to allow a policy to be bound to a specific command and command parameters.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

cpHashA - the cpHash added to the policy

PolicyNameHash

public void PolicyNameHash(TPM_HANDLE policySession,
                           byte[] nameHash)

This command allows a policy to be bound to a specific set of TPM entities without being bound to the parameters of the command. This is most useful for commands such as TPM2_Duplicate() and for TPM2_PCR_Event() when the referenced PCR requires a policy.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

nameHash - the digest to be added to the policy

PolicyDuplicationSelect

public void PolicyDuplicationSelect(TPM_HANDLE policySession,
                                    byte[] objectName,
                                    byte[] newParentName,
                                    byte includeObject)

This command allows qualification of duplication to allow duplication to a selected new parent.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

objectName - the Name of the object to be duplicated

newParentName - the Name of the new parent

includeObject - if YES, the objectName will be included in the value in policySessionpolicyDigest

PolicyAuthorize

public void PolicyAuthorize(TPM_HANDLE policySession,
                            byte[] approvedPolicy,
                            byte[] policyRef,
                            byte[] keySign,
                            TPMT_TK_VERIFIED checkTicket)

This command allows policies to change. If a policy were static, then it would be difficult to add users to a policy. This command lets a policy authority sign a new policy so that it may be used in an existing policy.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

approvedPolicy - digest of the policy being approved

policyRef - a policy qualifier

keySign - Name of a key that can sign a policy addition

checkTicket - ticket validating that approvedPolicy and policyRef were signed by keySign

PolicyAuthValue

public void PolicyAuthValue(TPM_HANDLE policySession)

This command allows a policy to be bound to the authorization value of the authorized entity.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

PolicyPassword

public void PolicyPassword(TPM_HANDLE policySession)

This command allows a policy to be bound to the authorization value of the authorized object.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

PolicyGetDigest

public byte[] PolicyGetDigest(TPM_HANDLE policySession)

This command returns the current policyDigest of the session. This command allows the TPM to be used to perform the actions required to pre-compute the authPolicy for an object.

Parameters:

policySession - handle for the policy session Auth Index: None

Returns:

the current value of the policySessionpolicyDigest

PolicyNvWritten

public void PolicyNvWritten(TPM_HANDLE policySession,
                            byte writtenSet)

This command allows a policy to be bound to the TPMA_NV_WRITTEN attributes. This is a deferred assertion. Values are stored in the policy session context and checked when the policy is used for authorization.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

writtenSet - YES if NV Index is required to have been written NO if NV Index is required not to have been written

PolicyTemplate

public void PolicyTemplate(TPM_HANDLE policySession,
                           byte[] templateHash)

This command allows a policy to be bound to a specific creation template. This is most useful for an object creation command such as TPM2_Create(), TPM2_CreatePrimary(), or TPM2_CreateLoaded().

Parameters:

policySession - handle for the policy session being extended Auth Index: None

templateHash - the digest to be added to the policy

PolicyAuthorizeNV

public void PolicyAuthorizeNV(TPM_HANDLE authHandle,
                              TPM_HANDLE nvIndex,
                              TPM_HANDLE policySession)

This command provides a capability that is the equivalent of a revocable policy. With TPM2_PolicyAuthorize(), the authorization ticket never expires, so the authorization may not be withdrawn. With this command, the approved policy is kept in an NV Index location so that the policy may be changed as needed to render the old policy unusable.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index of the area to read Auth Index: None

policySession - handle for the policy session being extended Auth Index: None

CreatePrimary

public CreatePrimaryResponse CreatePrimary(TPM_HANDLE primaryHandle,
                                           TPMS_SENSITIVE_CREATE inSensitive,
                                           TPMT_PUBLIC inPublic,
                                           byte[] outsideInfo,
                                           TPMS_PCR_SELECTION[] creationPCR)

This command is used to create a Primary Object under one of the Primary Seeds or a Temporary Object under TPM_RH_NULL. The command uses a TPM2B_PUBLIC as a template for the object to be created. The size of the unique field shall not be checked for consistency with the other object parameters. The command will create and load a Primary Object. The sensitive area is not returned.

Parameters:

primaryHandle - TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL Auth Index: 1 Auth Role: USER

inSensitive - the sensitive data, see TPM 2.0 Part 1 Sensitive Values

inPublic - the public template

outsideInfo - data that will be included in the creation data for this object to provide permanent, verifiable linkage between this object and some object owner data

creationPCR - PCR that will be used in creation data

Returns:

TPM2_CreatePrimary_RESPONSE{(ul)(li)(code)handle(/code) - handle of type TPM_HT_TRANSIENT for created Primary Object(/li)(li)(code)outPublic(/code) - the public portion of the created object(/li)(li)(code)creationData(/code) - contains a TPMT_CREATION_DATA(/li)(li)(code)creationHash(/code) - digest of creationData using nameAlg of outPublic(/li)(li)(code)creationTicket(/code) - ticket used by TPM2_CertifyCreation() to validate that the creation data was produced by the TPM(/li)(li)(code)name(/code) - the name of the created object(/li)(/ul)}

HierarchyControl

public void HierarchyControl(TPM_HANDLE authHandle,
                             TPM_HANDLE enable,
                             byte state)

This command enables and disables use of a hierarchy and its associated NV storage. The command allows phEnable, phEnableNV, shEnable, and ehEnable to be changed when the proper authorization is provided.

Parameters:

authHandle - TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

enable - the enable being modified TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM, or TPM_RH_PLATFORM_NV

state - YES if the enable should be SET, NO if the enable should be CLEAR

SetPrimaryPolicy

public void SetPrimaryPolicy(TPM_HANDLE authHandle,
                             byte[] authPolicy,
                             TPM_ALG_ID hashAlg)

This command allows setting of the authorization policy for the lockout (lockoutPolicy), the platform hierarchy (platformPolicy), the storage hierarchy (ownerPolicy), and the endorsement hierarchy (endorsementPolicy).

Parameters:

authHandle - TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

authPolicy - an authorization policy digest; may be the Empty Buffer If hashAlg is TPM_ALG_NULL, then this shall be an Empty Buffer.

hashAlg - the hash algorithm to use for the policy If the authPolicy is an Empty Buffer, then this field shall be TPM_ALG_NULL.

ChangePPS

public void ChangePPS(TPM_HANDLE authHandle)

This replaces the current platform primary seed (PPS) with a value from the RNG and sets platformPolicy to the default initialization value (the Empty Buffer).

Parameters:

authHandle - TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

ChangeEPS

public void ChangeEPS(TPM_HANDLE authHandle)

This replaces the current endorsement primary seed (EPS) with a value from the RNG and sets the Endorsement hierarchy controls to their default initialization values: ehEnable is SET, endorsementAuth and endorsementPolicy are both set to the Empty Buffer. It will flush any resident objects (transient or persistent) in the Endorsement hierarchy and not allow objects in the hierarchy associated with the previous EPS to be loaded.

Parameters:

authHandle - TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

Clear

public void Clear(TPM_HANDLE authHandle)

This command removes all TPM context associated with a specific Owner.

Parameters:

authHandle - TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

ClearControl

public void ClearControl(TPM_HANDLE auth,
                         byte disable)

TPM2_ClearControl() disables and enables the execution of TPM2_Clear().

Parameters:

auth - TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

disable - YES if the disableOwnerClear flag is to be SET, NO if the flag is to be CLEAR.

HierarchyChangeAuth

public void HierarchyChangeAuth(TPM_HANDLE authHandle,
                                byte[] newAuth)

This command allows the authorization secret for a hierarchy or lockout to be changed using the current authorization value as the command authorization.

Parameters:

authHandle - TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

newAuth - new authorization value

DictionaryAttackLockReset

public void DictionaryAttackLockReset(TPM_HANDLE lockHandle)

This command cancels the effect of a TPM lockout due to a number of successive authorization failures. If this command is properly authorized, the lockout counter is set to zero.

Parameters:

lockHandle - TPM_RH_LOCKOUT Auth Index: 1 Auth Role: USER

DictionaryAttackParameters

public void DictionaryAttackParameters(TPM_HANDLE lockHandle,
                                       int newMaxTries,
                                       int newRecoveryTime,
                                       int lockoutRecovery)

This command changes the lockout parameters.

Parameters:

lockHandle - TPM_RH_LOCKOUT Auth Index: 1 Auth Role: USER

newMaxTries - count of authorization failures before the lockout is imposed

newRecoveryTime - time in seconds before the authorization failure count is automatically decremented A value of zero indicates that DA protection is disabled.

lockoutRecovery - time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed A value of zero indicates that a reboot is required.

PP_Commands

public void PP_Commands(TPM_HANDLE auth,
                        TPM_CC[] setList,
                        TPM_CC[] clearList)

This command is used to determine which commands require assertion of Physical Presence (PP) in addition to platformAuth/platformPolicy.

Parameters:

auth - TPM_RH_PLATFORM+PP Auth Index: 1 Auth Role: USER + Physical Presence

setList - list of commands to be added to those that will require that Physical Presence be asserted

clearList - list of commands that will no longer require that Physical Presence be asserted

SetAlgorithmSet

public void SetAlgorithmSet(TPM_HANDLE authHandle,
                            int algorithmSet)

This command allows the platform to change the set of algorithms that are used by the TPM. The algorithmSet setting is a vendor-dependent value.

Parameters:

authHandle - TPM_RH_PLATFORM Auth Index: 1 Auth Role: USER

algorithmSet - a TPM vendor-dependent value indicating the algorithm set selection

FieldUpgradeStart

public void FieldUpgradeStart(TPM_HANDLE authorization,
                              TPM_HANDLE keyHandle,
                              byte[] fuDigest,
                              TPMU_SIGNATURE manifestSignature)

This command uses platformPolicy and a TPM Vendor Authorization Key to authorize a Field Upgrade Manifest.

Parameters:

authorization - TPM_RH_PLATFORM+{PP} Auth Index:1 Auth Role: ADMIN

keyHandle - handle of a public area that contains the TPM Vendor Authorization Key that will be used to validate manifestSignature Auth Index: None

fuDigest - digest of the first block in the field upgrade sequence

manifestSignature - signature over fuDigest using the key associated with keyHandle (not optional)

FieldUpgradeData

public FieldUpgradeDataResponse FieldUpgradeData(byte[] fuData)

This command will take the actual field upgrade image to be installed on the TPM. The exact format of fuData is vendor-specific. This command is only possible following a successful TPM2_FieldUpgradeStart(). If the TPM has not received a properly authorized TPM2_FieldUpgradeStart(), then the TPM shall return TPM_RC_FIELDUPGRADE.

Parameters:

fuData - field upgrade image data

Returns:

TPM2_FieldUpgradeData_RESPONSE{(ul)(li)(code)nextDigest(/code) - tagged digest of the next block TPM_ALG_NULL if field update is complete(/li)(li)(code)firstDigest(/code) - tagged digest of the first block of the sequence(/li)(/ul)}

FirmwareRead

public byte[] FirmwareRead(int sequenceNumber)

This command is used to read a copy of the current firmware installed in the TPM.

Parameters:

sequenceNumber - the number of previous calls to this command in this sequence set to 0 on the first call

Returns:

field upgrade image data

ContextSave

public TPMS_CONTEXT ContextSave(TPM_HANDLE saveHandle)

This command saves a session context, object context, or sequence object context outside the TPM.

Parameters:

saveHandle - handle of the resource to save Auth Index: None

Returns:

This structure is used in TPM2_ContextLoad() and TPM2_ContextSave(). If the values of the TPMS_CONTEXT structure in TPM2_ContextLoad() are not the same as the values when the context was saved (TPM2_ContextSave()), then the TPM shall not load the context.

ContextLoad

public TPM_HANDLE ContextLoad(TPMS_CONTEXT context)

This command is used to reload a context that has been saved by TPM2_ContextSave().

Parameters:

context - the context blob

Returns:

the handle assigned to the resource after it has been successfully loaded

FlushContext

public void FlushContext(TPM_HANDLE flushHandle)

This command causes all context associated with a loaded object, sequence object, or session to be removed from TPM memory.

Parameters:

flushHandle - the handle of the item to flush NOTE This is a use of a handle as a parameter.

EvictControl

public void EvictControl(TPM_HANDLE auth,
                         TPM_HANDLE objectHandle,
                         TPM_HANDLE persistentHandle)

This command allows certain Transient Objects to be made persistent or a persistent object to be evicted.

Parameters:

auth - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

objectHandle - the handle of a loaded object Auth Index: None

persistentHandle - if objectHandle is a transient object handle, then this is the persistent handle for the object if objectHandle is a persistent object handle, then it shall be the same value as persistentHandle

ReadClock

public TPMS_TIME_INFO ReadClock()

This command reads the current TPMS_TIME_INFO structure that contains the current setting of Time, Clock, resetCount, and restartCount.

Returns:

This structure is used in the TPM2_GetTime() attestation.

ClockSet

public void ClockSet(TPM_HANDLE auth,
                     long newTime)

This command is used to advance the value of the TPMs Clock. The command will fail if newTime is less than the current value of Clock or if the new time is greater than FFFF00000000000016. If both of these checks succeed, Clock is set to newTime. If either of these checks fails, the TPM shall return TPM_RC_VALUE and make no change to Clock.

Parameters:

auth - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

newTime - new Clock setting in milliseconds

ClockRateAdjust

public void ClockRateAdjust(TPM_HANDLE auth,
                            TPM_CLOCK_ADJUST rateAdjust)

This command adjusts the rate of advance of Clock and Time to provide a better approximation to real time.

Parameters:

auth - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Handle: 1 Auth Role: USER

rateAdjust - Adjustment to current Clock update rate

GetCapability

public GetCapabilityResponse GetCapability(TPM_CAP capability,
                                           int property,
                                           int propertyCount)

This command returns various information regarding the TPM and its current state.

Parameters:

capability - group selection; determines the format of the response

property - further definition of information

propertyCount - number of properties of the indicated type to return

Returns:

TPM2_GetCapability_RESPONSE{(ul)(li)(code)moreData(/code) - flag to indicate if there are more values of this type(/li)(li)(code)capabilityData(/code) - the capability data(/li)(/ul)}

TestParms

public void TestParms(TPMU_PUBLIC_PARMS parameters)

This command is used to check to see if specific combinations of algorithm parameters are supported.

Parameters:

parameters - algorithm parameters to be validated

NV_DefineSpace

public void NV_DefineSpace(TPM_HANDLE authHandle,
                           byte[] auth,
                           TPMS_NV_PUBLIC publicInfo)

This command defines the attributes of an NV Index and causes the TPM to reserve space to hold the data associated with the NV Index. If a definition already exists at the NV Index, the TPM will return TPM_RC_NV_DEFINED.

Parameters:

authHandle - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

auth - the authorization value

publicInfo - the public parameters of the NV area

NV_UndefineSpace

public void NV_UndefineSpace(TPM_HANDLE authHandle,
                             TPM_HANDLE nvIndex)

This command removes an Index from the TPM.

Parameters:

authHandle - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

nvIndex - the NV Index to remove from NV space Auth Index: None

NV_UndefineSpaceSpecial

public void NV_UndefineSpaceSpecial(TPM_HANDLE nvIndex,
                                    TPM_HANDLE platform)

This command allows removal of a platform-created NV Index that has TPMA_NV_POLICY_DELETE SET.

Parameters:

nvIndex - Index to be deleted Auth Index: 1 Auth Role: ADMIN

platform - TPM_RH_PLATFORM + {PP} Auth Index: 2 Auth Role: USER

NV_ReadPublic

public NV_ReadPublicResponse NV_ReadPublic(TPM_HANDLE nvIndex)

This command is used to read the public area and Name of an NV Index. The public area of an Index is not privacy-sensitive and no authorization is required to read this data.

Parameters:

nvIndex - the NV Index Auth Index: None

Returns:

TPM2_NV_ReadPublic_RESPONSE{(ul)(li)(code)nvPublic(/code) - the public area of the NV Index(/li)(li)(code)nvName(/code) - the Name of the nvIndex(/li)(/ul)}

NV_Write

public void NV_Write(TPM_HANDLE authHandle,
                     TPM_HANDLE nvIndex,
                     byte[] data,
                     int offset)

This command writes a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace().

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index of the area to write Auth Index: None

data - the data to write

offset - the octet offset into the NV Area

NV_Increment

public void NV_Increment(TPM_HANDLE authHandle,
                         TPM_HANDLE nvIndex)

This command is used to increment the value in an NV Index that has the TPM_NT_COUNTER attribute. The data value of the NV Index is incremented by one.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index to increment Auth Index: None

NV_Extend

public void NV_Extend(TPM_HANDLE authHandle,
                      TPM_HANDLE nvIndex,
                      byte[] data)

This command extends a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index to extend Auth Index: None

data - the data to extend

NV_SetBits

public void NV_SetBits(TPM_HANDLE authHandle,
                       TPM_HANDLE nvIndex,
                       long bits)

This command is used to SET bits in an NV Index that was created as a bit field. Any number of bits from 0 to 64 may be SET. The contents of bits are ORed with the current contents of the NV Index.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - NV Index of the area in which the bit is to be set Auth Index: None

bits - the data to OR with the current contents

NV_WriteLock

public void NV_WriteLock(TPM_HANDLE authHandle,
                         TPM_HANDLE nvIndex)

If the TPMA_NV_WRITEDEFINE or TPMA_NV_WRITE_STCLEAR attributes of an NV location are SET, then this command may be used to inhibit further writes of the NV Index.

Parameters:

authHandle - handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index of the area to lock Auth Index: None

NV_GlobalWriteLock

public void NV_GlobalWriteLock(TPM_HANDLE authHandle)

The command will SET TPMA_NV_WRITELOCKED for all indexes that have their TPMA_NV_GLOBALLOCK attribute SET.

Parameters:

authHandle - TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} Auth Index: 1 Auth Role: USER

NV_Read

public byte[] NV_Read(TPM_HANDLE authHandle,
                      TPM_HANDLE nvIndex,
                      int size,
                      int offset)

This command reads a value from an area in NV memory previously defined by TPM2_NV_DefineSpace().

Parameters:

authHandle - the handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index to be read Auth Index: None

size - number of octets to read

offset - octet offset into the NV area This value shall be less than or equal to the size of the nvIndex data.

Returns:

the data read

NV_ReadLock

public void NV_ReadLock(TPM_HANDLE authHandle,
                        TPM_HANDLE nvIndex)

If TPMA_NV_READ_STCLEAR is SET in an Index, then this command may be used to prevent further reads of the NV Index until the next TPM2_Startup (TPM_SU_CLEAR).

Parameters:

authHandle - the handle indicating the source of the authorization value Auth Index: 1 Auth Role: USER

nvIndex - the NV Index to be locked Auth Index: None

NV_ChangeAuth

public void NV_ChangeAuth(TPM_HANDLE nvIndex,
                          byte[] newAuth)

This command allows the authorization secret for an NV Index to be changed.

Parameters:

nvIndex - handle of the entity Auth Index: 1 Auth Role: ADMIN

newAuth - new authorization value

NV_Certify

public NV_CertifyResponse NV_Certify(TPM_HANDLE signHandle,
                                     TPM_HANDLE authHandle,
                                     TPM_HANDLE nvIndex,
                                     byte[] qualifyingData,
                                     TPMU_SIG_SCHEME inScheme,
                                     int size,
                                     int offset)

The purpose of this command is to certify the contents of an NV Index or portion of an NV Index.

Parameters:

signHandle - handle of the key used to sign the attestation structure Auth Index: 1 Auth Role: USER

authHandle - handle indicating the source of the authorization value for the NV Index Auth Index: 2 Auth Role: USER

nvIndex - Index for the area to be certified Auth Index: None

qualifyingData - user-provided qualifying data

inScheme - signing scheme to use if the scheme for signHandle is TPM_ALG_NULL

size - number of octets to certify

offset - octet offset into the NV area This value shall be less than or equal to the size of the nvIndex data.

Returns:

TPM2_NV_Certify_RESPONSE{(ul)(li)(code)certifyInfo(/code) - the structure that was signed(/li)(li)(code)signature(/code) - the asymmetric signature over certifyInfo using the key referenced by signHandle(/li)(/ul)}

AC_GetCapability

public AC_GetCapabilityResponse AC_GetCapability(TPM_HANDLE ac,
                                                 TPM_AT capability,
                                                 int count)

The purpose of this command is to obtain information about an Attached Component referenced by an AC handle.

Parameters:

ac - handle indicating the Attached Component Auth Index: None

capability - starting info type

count - maximum number of values to return

Returns:

TPM2_AC_GetCapability_RESPONSE{(ul)(li)(code)moreData(/code) - flag to indicate whether there are more values(/li)(li)(code)capabilitiesData(/code) - list of capabilities(/li)(/ul)}

AC_Send

public TPMS_AC_OUTPUT AC_Send(TPM_HANDLE sendObject,
                              TPM_HANDLE authHandle,
                              TPM_HANDLE ac,
                              byte[] acDataIn)

The purpose of this command is to send (copy) a loaded object from the TPM to an Attached Component.

Parameters:

sendObject - handle of the object being sent to ac Auth Index: 1 Auth Role: DUP

authHandle - the handle indicating the source of the authorization value Auth Index: 2 Auth Role: USER

ac - handle indicating the Attached Component to which the object will be sent Auth Index: None

acDataIn - Optional non sensitive information related to the object

Returns:

May include AC specific data or information about an error.

Policy_AC_SendSelect

public void Policy_AC_SendSelect(TPM_HANDLE policySession,
                                 byte[] objectName,
                                 byte[] authHandleName,
                                 byte[] acName,
                                 byte includeObject)

This command allows qualification of the sending (copying) of an Object to an Attached Component (AC). Qualification includes selection of the receiving AC and the method of authentication for the AC, and, in certain circumstances, the Object to be sent may be specified.

Parameters:

policySession - handle for the policy session being extended Auth Index: None

objectName - the Name of the Object to be sent

authHandleName - the Name associated with authHandle used in the TPM2_AC_Send() command

acName - the Name of the Attached Component to which the Object will be sent

includeObject - if SET, objectName will be included in the value in policySessionpolicyDigest

Vendor_TCG_Test

public byte[] Vendor_TCG_Test(byte[] inputData)

This is a placeholder to allow testing of the dispatch code.

Parameters:

inputData - dummy data

Returns:

dummy data