Desktop version

Home arrow Computer Science arrow A Practical Guide to TPM 2.0

Commonly Used Sections of the Specification

Following is a list of some of the most commonly used sections of the specification:

• Command codes are listed in Part 2, in the section “TPM_CC Listing.”

• Error codes are found in multiple places:

• Part 2, “TPM_RC (Response Codes),” lists all the response codes.

• Part 1, “Response Code Details,” shows a flow chart for decoding the error codes. A software decoder application for automating this process is highly advised. After spending months hand-decoding error codes, one of the authors wrote one that he's found extremely useful.

• Parts 3 and 4 describe the error codes returned by TPM commands and the subroutines called by those commands. A key point with respect to error codes is that Part 3 doesn't describe all the error codes that may be output when a TPM command is executed. The command-specific code in Part 3 calls routines in Part 4, and these also output error codes. This has tripped up many an unwary TPM 2.0 developer.

• The “Table Decorations” and “Handle and Parameter Demarcation” sections near the beginning of Part 3 are very helpful for understanding the Part 3 command tables. Don't overlook these sections!

• To understand the data structures in Part 2, the “Notation” section is very helpful. It describes many of the obscure characters and what they mean. Don't overlook these special characters!

• The various types of sessions and authorizations are described in the “Authorizations and Acknowledgements” section in Part 1. These aren't described to this level anywhere else. It is crucial to know where this section is and refer to it often when decoding command and response byte streams.

• The handle types are described in the “TPM Handles” section of Part 1. Of particular interest is the most significant octet, which describes the type of resource being referred to by the handle. The “TPM_HT (Handle Types)” section in Part 2 describes the various types of handles.

• Names of various entities and how they are derived are described in the “Names” section of Part 1. This is crucial in order to understand how session HMACs and policy digests are created.

• To understand policy session operations, the following sections in Part 1 are very helpful:

• “Policy Example.”

• “Trial Policy Modification of Policies.”

• “TPM2_PolicySigned(), TPM2_PolicySecret(), and TPM2_ PolicyTicket().” This section provides details for these rather complicated policy commands.

< Prev   CONTENTS   Next >

Related topics