Hi Tadeusz,

 

Maybe before calling TSS2_Sys_AC_SEND(), we should call Tss2_Sys_PolicyCommandCode() to set policySession->commandCode to TPM2_CC_AC_Send according to the spec.

 

But I still don’t know how to program it, could you provide any sample for Tss2_Sys_PolicyCommandCode() and Tss2_Sys_AC_SEND()?

 

Thanks

Songwu

 

From: Shen, Songwu
Sent: Friday, March 29, 2019 10:24 AM
To: Struk, Tadeusz <tadeusz.struk@intel.com>; tpm2@lists.01.org; Tricca, Philip B <philip.b.tricca@intel.com>
Subject: RE: Get error 0x99D in function Tss2_Sys_AC_Send() when sending data from TPM to AC

 

Hi Tadeusz,

 

Thank you for correction:)

I look into the spec and I’m sending TPM2_AC_SEND command,

it mentioned that policySession->commandCode of policy session context is required to be TPM_CC_AC_SEND, otherwise it will report TPM_RC_POLICY_FAIL.

But I can’t find the definition of policySession in TPM spec part2, and commandCode:

 

cid:image001.png@01D4E619.3AC002A0

Could you help?

 

Thanks

Songwu

 

-----Original Message-----
From: Struk, Tadeusz
Sent: Friday, March 29, 2019 6:37 AM
To: Shen, Songwu <songwu.shen@intel.com>; tpm2@lists.01.org; Tricca, Philip B <philip.b.tricca@intel.com>
Subject: Re: Get error 0x99D in function Tss2_Sys_AC_Send() when sending data from TPM to AC

 

Hello,

On 3/28/19 1:06 AM, Shen, Songwu wrote:

> Under Windows, I encounter an error 0x99D response from the TPM when calling function Tss2_Sys_AC_Send() to send data from TPM to Attached Component.

>

> And searching in the TPM spec, looks like this is the error:

 

As far as I can see the 0x99D is a policy check failed.

The spec says that for TPM2_AC_Send the authorization for sendObject is required to be a policy session.

Make sure that you setup your authorization correctly.

 

Thanks,

--

Tadeusz