tpm2: Add definitions for new algorithms and curves

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
tpm2: Sync with new defines on symmetric algorithms' sizes
2025-08-26 13:14:36 +00:00 · 2025-07-31 21:08:37 -04:00 · 2025-07-31 21:08:37 -04:00 · 2025-07-31 21:08:37 -04:00 · 2025-07-31 18:57:14 -04:00 · 2025-07-31 18:57:14 -04:00
350 changed files with 31801 additions and 27450 deletions
--- a/scripts/meld-all
+++ b/scripts/meld-all
@ -0,0 +1,98 @@
 #!/usr/bin/env bash
 SKIP_FILES="(Marshal.c|Marshal_fp.h)"
 NO_MELD_FLAG=$((1<<0))
 main()
 {
 	local opts f fname upstream flags
 	flags=0
 	prgname="$0"
 	if ! opts=$(getopt -l "help,no-meld,diff-only" -n "$prgname" -- "$prgname" "$@"); then
 		echo "Error: Failed to parse options." >&2
 		return 1
 	fi
 	eval set -- "${opts}"
 	while :; do
 		case "$1" in
 			--no-meld|diff-only)
 				flags=$((flags | NO_MELD_FLAG))
 				shift
 				;;
 			--)
 				shift
 				break
 				;;
 			--help)
 				help "$prgname"
 				return 0
 				;;
 			*)
 				echo "Internal error: Unregonized option '$1'" >&2
 				shift
 				return
 				;;
 		esac
 	done
 	if [ ! -r "$1" ]; then
 		echo "Cannot find file '$1' in libtpms repo."
 		exit 1
 	fi
 	if [ ! -d "$1" ]; then
 		echo "'$1' is not a directory."
 		exit 1
 	fi
 	if [ ! -d "${TCG_TPM_HOME}" ]; then
 		echo "TCG_TPM_HOME must point to a directory."
 		exit 1
 	fi
 	for f in $(find "$1" -type f -name '*.[ch]'); do
 		fname=$(basename "$f")
 		if [[ "${fname}" =~ ^${SKIP_FILES}$ ]]; then
 			echo "skipping ${fname}"
 			continue
 		fi
 		upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
 		if [ -n "${upstream}" ]; then
 			# find first empty line presumably after license
 			line=$(grep -m 1 -E "^$" -n "${f}" | cut -d":" -f1)
 			if [ -z "$line" ]; then
 				if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
 					meld "${upstrean}" "${f}"
 				else
 					echo "Something wrong with file $f"
 				fi
 			fi
 			line=$((line+1))
 			if [ $((flags & NO_MELD_FLAG)) -ne 0 ]; then
 				echo "============================================================================"
 				echo "${f}"
 				diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}"
 			fi
 			if ! diff --ignore-trailing-space <(sed -n "${line},\$p" < "${f}") "${upstream}" >/dev/null; then
 				if [ $((flags & NO_MELD_FLAG)) -eq 0 ]; then
 					meld "${upstream}" "$f"
 				fi
 			else
 				echo "${f}: nothing to do"
 			fi
 		else
 			echo "Could not find file ${fname} in TCG TPM repo"
 		fi
 	done
 }
 main "$@"
 exit $?
--- a/scripts/meld-find
+++ b/scripts/meld-find
@ -0,0 +1,23 @@
 #!/usr/bin/env bash
 if [ ! -f "$1" ]; then
 	echo "Cannot find file '$1' in libtpms repo."
 	exit 1
 fi
 if [ -z "${TCG_TPM_HOME}" ]; then
 	echo "TCG_TPM_HOME must be set to the TCG TPM repo checkout."
 	exit 1
 fi
 if [ ! -d "${TCG_TPM_HOME}" ]; then
 	echo "TCG_TPM_HOME must point to a directory."
 	exit 1
 fi
 fname=$(basename "$1")
 upstream=$(find "${TCG_TPM_HOME}" | grep -E "/${fname}\$")
 meld "${upstream}" "$1"
--- a/src/Makefile.am
+++ b/src/Makefile.am
@ -237,9 +237,9 @@ libtpms_tpm2_la_SOURCES = \
 	tpm2/MathOnByteBuffers.c \
 	tpm2/Memory.c \
 	tpm2/NVCommands.c \
-	tpm2/NVDynamic.c \
+	tpm2/NvDynamic.c \
 	tpm2/NVMem.c \
-	tpm2/NVReserved.c \
+	tpm2/NvReserved.c \
 	tpm2/NV_spt.c \
 	tpm2/Object.c \
 	tpm2/ObjectCommands.c \
@ -268,7 +268,7 @@ libtpms_tpm2_la_SOURCES = \
 	tpm2/TestingCommands.c \
 	tpm2/Ticket.c \
 	tpm2/Time.c \
-	tpm2/TpmAsn1.c \
+	tpm2/TpmASN1.c \
 	tpm2/TpmBigNumThunks.c \
 	tpm2/TpmEcc_Signature_ECDAA.c \
 	tpm2/TpmEcc_Signature_ECDSA.c \
@ -365,6 +365,7 @@ noinst_HEADERS += \
 	tpm2/Create_fp.h \
 	tpm2/CreateLoaded_fp.h \
 	tpm2/CreatePrimary_fp.h \
 	tpm2/CryptoInterface.h \
 	tpm2/CryptSelfTest_fp.h \
 	tpm2/DA_fp.h \
 	tpm2/DebugHelpers_fp.h \
@ -426,7 +427,7 @@ noinst_HEADERS += \
 	tpm2/NV_ChangeAuth_fp.h \
 	tpm2/NV_DefineSpace_fp.h \
 	tpm2/NV_DefineSpace2_fp.h \
-	tpm2/NVDynamic_fp.h \
+	tpm2/NvDynamic_fp.h \
 	tpm2/NV_Extend_fp.h \
 	tpm2/NV_GlobalWriteLock_fp.h \
 	tpm2/NV.h \
@ -435,7 +436,7 @@ noinst_HEADERS += \
 	tpm2/NV_ReadLock_fp.h \
 	tpm2/NV_ReadPublic_fp.h \
 	tpm2/NV_ReadPublic2_fp.h \
-	tpm2/NVReserved_fp.h \
+	tpm2/NvReserved_fp.h \
 	tpm2/NV_SetBits_fp.h \
 	tpm2/NV_spt_fp.h \
 	tpm2/NV_UndefineSpace_fp.h \
--- a/src/tpm2/ACT.h
+++ b/src/tpm2/ACT.h
@ -59,11 +59,20 @@
 /*										*/
 /********************************************************************************/
 // 5.24	ACT.h
 #ifndef _ACT_H_
 #define _ACT_H_
 #include "TpmProfile.h"
 #if 0			// libtpms added
 #if ACT_SUPPORT                                                                      \
    != (RH_ACT_0 | RH_ACT_1 | RH_ACT_2 | RH_ACT_3 | RH_ACT_4 | RH_ACT_5 | RH_ACT_6   \
        | RH_ACT_7 | RH_ACT_8 | RH_ACT_9 | RH_ACT_A | RH_ACT_B | RH_ACT_C | RH_ACT_D \
        | RH_ACT_E | RH_ACT_F)
 #  error "If ACT_SUPPORT == NO, no ACTs can be enabled"
 #endif  // (ACT_SUPPORT != ...)
 #endif			// libtpms added
 #if !(defined RH_ACT_0) || (RH_ACT_0 != YES)
 #  undef RH_ACT_0
 #  define RH_ACT_0 NO
@ -176,9 +185,11 @@
 #else
 #  define IF_ACT_F_IMPLEMENTED(op) op(F)
 #endif
 #ifndef TPM_RH_ACT_0
 #  error Need numeric definition for TPM_RH_ACT_0
 #endif
 #ifndef TPM_RH_ACT_1
 #  define TPM_RH_ACT_1 (TPM_RH_ACT_0 + 1)
 #endif
@ -224,6 +235,7 @@
 #ifndef TPM_RH_ACT_F
 #  define TPM_RH_ACT_F (TPM_RH_ACT_0 + 0xF)
 #endif
 #define FOR_EACH_ACT(op)     \
    IF_ACT_0_IMPLEMENTED(op) \
    IF_ACT_1_IMPLEMENTED(op) \
@ -243,15 +255,17 @@
    IF_ACT_F_IMPLEMENTED(op)
 // This is the mask for ACT that are implemented
 //#define ACT_MASK(N)     | (1 << 0x##N)
 //#define ACT_IMPLEMENTED_MASK    (0 FOR_EACH_ACT(ACT_MASK))
 #define CASE_ACT_HANDLE(N) case TPM_RH_ACT_##N:
 #define CASE_ACT_NUMBER(N) case 0x##N:
 typedef struct ACT_STATE
 {
    UINT32       remaining;
    TPM_ALG_ID   hashAlg;
    TPM2B_DIGEST authPolicy;
 } ACT_STATE, *P_ACT_STATE;
 #endif  // _ACT_H_
--- a/src/tpm2/ACT_SetTimeout_fp.h
+++ b/src/tpm2/ACT_SetTimeout_fp.h
@ -59,21 +59,28 @@
 /*										*/
 /********************************************************************************/
 #ifndef ACT_SETTIMEOUT_FP_H
 #define ACT_SETTIMEOUT_FP_H
-typedef struct {
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #if CC_ACT_SetTimeout  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_ACT actHandle;
    UINT32      startTimeout;
 } ACT_SetTimeout_In;
 // Response code modifiers
 #    define RC_ACT_SetTimeout_actHandle    (TPM_RC_H + TPM_RC_1)
-#define RC_ACT_SetTimeout_startTimeout 	(TPM_RC_H + TPM_RC_2)
+#    define RC_ACT_SetTimeout_startTimeout (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ACT_SetTimeout(
+TPM2_ACT_SetTimeout(ACT_SetTimeout_In* in);
 		    ACT_SetTimeout_In      *in             // IN: input parameter list
 		    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACT_SETTIMEOUT_FP_H_
-#endif
+#endif    // CC_ACT_SetTimeout
--- a/src/tpm2/ActivateCredential_fp.h
+++ b/src/tpm2/ActivateCredential_fp.h
@ -59,30 +59,38 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef ACTIVATECREDENTIAL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ACTIVATECREDENTIAL_FP_H
-typedef struct {
+#if CC_ActivateCredential  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT         activateHandle;
    TPMI_DH_OBJECT         keyHandle;
    TPM2B_ID_OBJECT        credentialBlob;
    TPM2B_ENCRYPTED_SECRET secret;
 } ActivateCredential_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_DIGEST certInfo;
 } ActivateCredential_Out;
 // Response code modifiers
 #    define RC_ActivateCredential_activateHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_ActivateCredential_keyHandle      (TPM_RC_H + TPM_RC_2)
 #    define RC_ActivateCredential_credentialBlob (TPM_RC_P + TPM_RC_1)
 #    define RC_ActivateCredential_secret         (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_DIGEST		certInfo;
 } ActivateCredential_Out;
 TPM_RC
-TPM2_ActivateCredential(
+TPM2_ActivateCredential(ActivateCredential_In* in, ActivateCredential_Out* out);
-			ActivateCredential_In   *in,            // IN: input parameter list
+
-			ActivateCredential_Out  *out            // OUT: output parameter list
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ACTIVATECREDENTIAL_FP_H_
-			);
+#endif    // CC_ActivateCredential
 #endif
--- a/src/tpm2/AlgorithmCap.c
+++ b/src/tpm2/AlgorithmCap.c
@ -58,42 +58,51 @@
 /*										*/
 /********************************************************************************/
-/* 9.1 AlgorithmCap.c */
+//** Description
-/* 9.1.1 Description */
+// This file contains the algorithm property definitions for the algorithms and the
-/* This file contains the algorithm property definitions for the algorithms and the code for the
+// code for the TPM2_GetCapability() to return the algorithm properties.
-   TPM2_GetCapability() to return the algorithm properties. */
+
-/* 9.1.2 Includes and Defines */
+//** Includes and Defines
 #include "Tpm.h"
 typedef struct
 {
    TPM_ALG_ID     algID;
    TPMA_ALGORITHM attributes;
 } ALGORITHM;
-static const ALGORITHM    s_algorithms[] =
+
-    {
+static const ALGORITHM s_algorithms[] = {
 // The entries in this table need to be in ascending order but the table doesn't
 // need to be full (gaps are allowed). One day, a tool might exist to fill in the
 // table from the TPM_ALG description
 #if ALG_RSA
    {TPM_ALG_RSA, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
 #endif
-#if ALG_TDES
+
 #if ALG_TDES									// libtpms added begin
 	{TPM_ALG_TDES,          TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
-#endif
+#endif										// libtpms added end
 #if ALG_SHA1
    {TPM_ALG_SHA1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
 #endif
    {TPM_ALG_HMAC, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 1, 0, 0, 0)},
 #if ALG_AES
    {TPM_ALG_AES, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
 #endif
 #if ALG_MGF1
    {TPM_ALG_MGF1, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 1, 0)},
 #endif
    {TPM_ALG_KEYEDHASH, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 1, 0, 1, 1, 0, 0)},
 #if ALG_XOR
    {TPM_ALG_XOR, TPMA_ALGORITHM_INITIALIZER(0, 1, 1, 0, 0, 0, 0, 0, 0)},
 #endif
 #if ALG_SHA256
    {TPM_ALG_SHA256, TPMA_ALGORITHM_INITIALIZER(0, 0, 1, 0, 0, 0, 0, 0, 0)},
 #endif
@ -151,7 +160,9 @@ static const ALGORITHM    s_algorithms[] =
 #if ALG_ECC
    {TPM_ALG_ECC, TPMA_ALGORITHM_INITIALIZER(1, 0, 0, 1, 0, 0, 0, 0, 0)},
 #endif
    {TPM_ALG_SYMCIPHER, TPMA_ALGORITHM_INITIALIZER(0, 0, 0, 1, 0, 0, 0, 0, 0)},
 #if ALG_CAMELLIA
    {TPM_ALG_CAMELLIA, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 0, 0, 0)},
 #endif
@ -174,14 +185,16 @@ static const ALGORITHM    s_algorithms[] =
    {TPM_ALG_ECB, TPMA_ALGORITHM_INITIALIZER(0, 1, 0, 0, 0, 0, 1, 0, 0)},
 #endif
 };
-/* 9.1.3 AlgorithmCapGetImplemented() */
+
-/* This function is used by TPM2_GetCapability() to return a list of the implemented algorithms. */
+//** AlgorithmCapGetImplemented()
-/* Return Values Meaning */
+// This function is used by TPM2_GetCapability() to return a list of the
-/* YES more algorithms to report */
+// implemented algorithms.
-/* NO no more algorithms to report */
+//
 //  Return Type: TPMI_YES_NO
 //  YES        more algorithms to report
 //  NO         no more algorithms to report
 TPMI_YES_NO
-AlgorithmCapGetImplemented(
+AlgorithmCapGetImplemented(TPM_ALG_ID algID,  // IN: the starting algorithm ID
 			   TPM_ALG_ID                   algID,     // IN: the starting algorithm ID
                           UINT32     count,  // IN: count of returned algorithms
                           TPML_ALG_PROPERTY* algList  // OUT: algorithm list
 )
@ -189,13 +202,17 @@ AlgorithmCapGetImplemented(
    TPMI_YES_NO more = NO;
    UINT32      i;
    UINT32      algNum;
    // initialize output algorithm list
    algList->count = 0;
    // The maximum count of algorithms we may return is MAX_CAP_ALGS.
    if(count > MAX_CAP_ALGS)
        count = MAX_CAP_ALGS;
    // Compute how many algorithms are defined in s_algorithms array.
    algNum = sizeof(s_algorithms) / sizeof(s_algorithms[0]);
    // Scan the implemented algorithm list to see if there is a match to 'algID'.
    for(i = 0; i < algNum; i++)
    {
@ -222,6 +239,7 @@ AlgorithmCapGetImplemented(
            break;
        }
    }
    return more;
 }
@ -253,27 +271,25 @@ BOOL AlgorithmCapGetOneImplemented(
            return TRUE;
        }
    }
    return FALSE;
 }
-
+//** AlgorithmGetImplementedVector()
-/* 9.1.4 AlgorithmGetImplementedVector()
+// This function returns the bit vector of the implemented algorithms.
   This function returns the bit vector of the implemented algorithms.
 */
 LIB_EXPORT
-void
+void AlgorithmGetImplementedVector(
 AlgorithmGetImplementedVector(
    ALGORITHM_VECTOR* implemented  // OUT: the implemented bits are SET
 )
 {
    int index;
    // Nothing implemented until we say it is
    MemorySet(implemented, 0, sizeof(ALGORITHM_VECTOR));
    // Go through the list of implemented algorithms and SET the corresponding bit in
    // in the implemented vector
-    for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1;
+    for(index = (sizeof(s_algorithms) / sizeof(s_algorithms[0])) - 1; index >= 0;
-	index >= 0; index--) {							// libtpms changed
+        index--) {								// libtpms changed
        if (RuntimeAlgorithmCheckEnabled(&g_RuntimeProfile.RuntimeAlgorithm,	// libtpms added begin
                                         s_algorithms[index].algID))
            SET_BIT(s_algorithms[index].algID, *implemented);
--- a/src/tpm2/AlgorithmCap_fp.h
+++ b/src/tpm2/AlgorithmCap_fp.h
@ -58,15 +58,27 @@
 /*										*/
 /********************************************************************************/
-#ifndef ALGORITHMCAP_FP_H
+/*(Auto-generated)
-#define ALGORITHMCAP_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
 #ifndef _ALGORITHM_CAP_FP_H_
 #define _ALGORITHM_CAP_FP_H_
 //** AlgorithmCapGetImplemented()
 // This function is used by TPM2_GetCapability() to return a list of the
 // implemented algorithms.
 //
 //  Return Type: TPMI_YES_NO
 //  YES        more algorithms to report
 //  NO         no more algorithms to report
 TPMI_YES_NO
-AlgorithmCapGetImplemented(
+AlgorithmCapGetImplemented(TPM_ALG_ID algID,  // IN: the starting algorithm ID
 			   TPM_ALG_ID                   algID,     // IN: the starting algorithm ID
                           UINT32     count,  // IN: count of returned algorithms
                           TPML_ALG_PROPERTY* algList  // OUT: algorithm list
 );
 //** AlgorithmCapGetOneImplemented()
 // This function returns whether a single algorithm was implemented, along
 // with its properties (if implemented).
@ -75,11 +87,11 @@ BOOL AlgorithmCapGetOneImplemented(
    TPMS_ALG_PROPERTY* algProperty  // OUT: algorithm properties
 );
 //** AlgorithmGetImplementedVector()
 // This function returns the bit vector of the implemented algorithms.
 LIB_EXPORT
-void
+void AlgorithmGetImplementedVector(
 AlgorithmGetImplementedVector(
    ALGORITHM_VECTOR* implemented  // OUT: the implemented bits are SET
 );
-
+#endif  // _ALGORITHM_CAP_FP_H_
 #endif
--- a/src/tpm2/AlgorithmTests.c
+++ b/src/tpm2/AlgorithmTests.c
@ -309,7 +309,7 @@ static TPM_RC TestSymmetric(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
    //
    if(!TEST_BIT(alg, *toTest))
        return TPM_RC_SUCCESS;
-    if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES)
+    if(alg == TPM_ALG_AES || alg == TPM_ALG_SM4 || alg == TPM_ALG_CAMELLIA || alg == TPM_ALG_TDES)	// libtpms added TPM_ALG_TDES
    {
        // Will test the algorithm for all modes and key sizes
        CLEAR_BOTH(alg);
@ -872,7 +872,8 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
            case TPM_ALG_AES:
 // libtpms added begin
 #  if SMAC_IMPLEMENTED && ALG_CMAC
-                    if (doTest) {
+                if (doTest)
                {
                    result = TestSMAC(toTest);
                    if (result != TPM_RC_SUCCESS)
                        break;
@ -1000,4 +1001,4 @@ TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest)
    return result;
 }
-#endif  // ENABLE_SELF_TESTS
+#endif  // SELF_TESTS
--- a/src/tpm2/AlgorithmTests_fp.h
+++ b/src/tpm2/AlgorithmTests_fp.h
@ -58,17 +58,38 @@
 /*										*/
 /********************************************************************************/
-#ifndef ALGORITHMTESTS_FP_H
+/*(Auto-generated)
-#define ALGORITHMTESTS_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar  4, 2020  Time: 02:36:44PM
 */
 #ifndef _ALGORITHM_TESTS_FP_H_
 #define _ALGORITHM_TESTS_FP_H_
 #if ENABLE_SELF_TESTS
 //*** TestAlgorithm()
 // Dispatches to the correct test function for the algorithm or gets a list of
 // testable algorithms.
 //
 // If 'toTest' is not NULL, then the test decisions are based on the algorithm
 // selections in 'toTest'. Otherwise, 'g_toTest' is used. When bits are clear in
 // 'g_toTest' they will also be cleared 'toTest'.
 //
 // If there doesn't happen to be a test for the algorithm, its associated bit is
 // quietly cleared.
 //
 // If 'alg' is zero (TPM_ALG_ERROR), then the toTest vector is cleared of any bits
 // for which there is no test (i.e. no tests are actually run but the vector is
 // cleared).
 //
 // Note: 'toTest' will only ever have bits set for implemented algorithms but 'alg'
 // can be anything.
 //  Return Type: TPM_RC
 //      TPM_RC_CANCELED     test was canceled
 LIB_EXPORT
 TPM_RC
-TestAlgorithm(
+TestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
 	      TPM_ALG_ID               alg,
 	      ALGORITHM_VECTOR        *toTest
 	      );
 #endif  // ENABLE_SELF_TESTS
-#endif  // ALGORITHMTESTS_FP_H
+
 #endif  // _ALGORITHM_TESTS_FP_H_
--- a/src/tpm2/Attest_spt.c
+++ b/src/tpm2/Attest_spt.c
@ -59,13 +59,16 @@
 /*										*/
 /********************************************************************************/
 //** Includes
 #include "Tpm.h"
 #include "Attest_spt_fp.h"
-/* 7.2.2 Functions */
+#include "Marshal.h"
-/* 7.2.2.1 FillInAttestInfo() */
+
-/* Fill in common fields of TPMS_ATTEST structure. */
+//** Functions
-void
+
-FillInAttestInfo(
+//***FillInAttestInfo()
 // Fill in common fields of TPMS_ATTEST structure.
 void FillInAttestInfo(
    TPMI_DH_OBJECT   signHandle,  // IN: handle of signing object
    TPMT_SIG_SCHEME* scheme,      // IN/OUT: scheme to be used for signing
    TPM2B_DATA*      data,        // IN: qualifying data
@ -73,8 +76,10 @@ FillInAttestInfo(
 )
 {
    OBJECT* signObject = HandleToObject(signHandle);
    // Magic number
    attest->magic = TPM_GENERATED_VALUE;
    if(signObject == NULL)
    {
        // The name for a null handle is TPM_RH_NULL
@ -96,9 +101,11 @@ FillInAttestInfo(
    }
    // current clock in plain text
    TimeFillInfo(&attest->clockInfo);
    // Firmware version in plain text
    attest->firmwareVersion = ((UINT64)gp.firmwareV1 << (sizeof(UINT32) * 8));
    attest->firmwareVersion += gp.firmwareV2;
    // Check the hierarchy of sign object.  For NULL sign handle, the hierarchy
    // will be TPM_RH_NULL
    if((signObject == NULL)
@ -108,9 +115,15 @@ FillInAttestInfo(
        // For signing key that is not in platform or endorsement hierarchy,
        // obfuscate the reset, restart and firmware version information
        UINT64 obfuscation[2];
-	    CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG, &gp.shProof.b, OBFUSCATE_STRING,
+        CryptKDFa(CONTEXT_INTEGRITY_HASH_ALG,
-		      &attest->qualifiedSigner.b, NULL, 128,
+                  &gp.shProof.b,
-		      (BYTE *)&obfuscation[0], NULL, FALSE);
+                  OBFUSCATE_STRING,
                  &attest->qualifiedSigner.b,
                  NULL,
                  128,
                  (BYTE*)&obfuscation[0],
                  NULL,
                  FALSE);
        // Obfuscate data
        attest->firmwareVersion += obfuscation[0];
        attest->clockInfo.resetCount += (UINT32)(obfuscation[1] >> 32);
@ -127,16 +140,20 @@ FillInAttestInfo(
        data->t.size      = 0;
    }
 }
-/* 7.2.2.2 SignAttestInfo() */
+
-/* Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature is returned. */
+//***SignAttestInfo()
-/* Error Returns Meaning */
+// Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
-/* TPM_RC_ATTRIBUTES signHandle references not a signing key */
+// is returned.
-/* TPM_RC_SCHEME scheme is not compatible with signHandle type */
+//
-/* TPM_RC_VALUE digest generated for the given scheme is greater than the modulus of signHandle (for
+//  Return Type: TPM_RC
-   an RSA key); invalid commit status or failed to generate r value (for an ECC key) */
+//      TPM_RC_ATTRIBUTES   'signHandle' references not a signing key
 //      TPM_RC_SCHEME       'scheme' is not compatible with 'signHandle' type
 //      TPM_RC_VALUE        digest generated for the given 'scheme' is greater than
 //                          the modulus of 'signHandle' (for an RSA key);
 //                          invalid commit status or failed to generate "r" value
 //                          (for an ECC key)
 TPM_RC
-SignAttestInfo(
+SignAttestInfo(OBJECT*          signKey,         // IN: sign object
 	       OBJECT              *signKey,           // IN: sign object
               TPMT_SIG_SCHEME* scheme,          // IN: sign scheme
               TPMS_ATTEST*     certifyInfo,     // IN: the data to be signed
               TPM2B_DATA*      qualifyingData,  // IN: extra data for the signing
@ -150,9 +167,11 @@ SignAttestInfo(
    HASH_STATE   hashState;
    TPM2B_DIGEST digest;
    TPM_RC       result;
    // Marshal TPMS_ATTEST structure for hash
    buffer         = attest->t.attestationData;
    attest->t.size = TPMS_ATTEST_Marshal(certifyInfo, &buffer, NULL);
    if(signKey == NULL)
    {
        signature->sigAlg = TPM_ALG_NULL;
@ -165,9 +184,11 @@ SignAttestInfo(
        hashAlg = scheme->details.any.hashAlg;
        // need to set the receive buffer to get something put in it
        digest.t.size = sizeof(digest.t.buffer);
-	    digest.t.size = CryptHashBlock(hashAlg, attest->t.size,
+        digest.t.size = CryptHashBlock(hashAlg,
                                       attest->t.size,
                                       attest->t.attestationData,
-					   digest.t.size, digest.t.buffer);
+                                       digest.t.size,
                                       digest.t.buffer);
        // If there is qualifying data, need to rehash the data
        // hash(qualifyingData || hash(attestationData))
        if(qualifyingData->t.size != 0)
@ -180,6 +201,7 @@ SignAttestInfo(
        // Sign the hash. A TPM_RC_VALUE, TPM_RC_SCHEME, or
        // TPM_RC_ATTRIBUTES error may be returned at this point
        result = CryptSign(signKey, scheme, &digest, signature);
        // Since the clock is used in an attestation, the state in NV is no longer
        // "orderly" with respect to the data in RAM if the signature is valid
        if(result == TPM_RC_SUCCESS)
@ -191,19 +213,18 @@ SignAttestInfo(
    }
    return result;
 }
-/* 7.2.2.3 IsSigningObject() */
+
-/* Checks to see if the object is OK for signing. This is here rather than in Object_spt.c because
+//*** IsSigningObject()
-   all the attestation commands use this file but not Object_spt.c. */
+// Checks to see if the object is OK for signing. This is here rather than in
-/* Return Values Meaning */
+// Object_spt.c because all the attestation commands use this file but not
-/* TRUE object may sign */
+// Object_spt.c.
-/* FALSE object may not sign */
+//  Return Type: BOOL
-BOOL
+//      TRUE(1)         object may sign
-IsSigningObject(
+//      FALSE(0)        object may not sign
-		OBJECT          *object         // IN:
+BOOL IsSigningObject(OBJECT* object  // IN:
 )
 {
    return ((object == NULL)
            || ((IS_ATTRIBUTE(object->publicArea.objectAttributes, TPMA_OBJECT, sign)
                 && object->publicArea.type != TPM_ALG_SYMCIPHER)));
 }
--- a/src/tpm2/Attest_spt_fp.h
+++ b/src/tpm2/Attest_spt_fp.h
@ -59,19 +59,36 @@
 /*										*/
 /********************************************************************************/
-#ifndef ATTEST_SPT_FP_H
+/*(Auto-generated)
-#define ATTEST_SPT_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:18PM
 */
-void
+#ifndef _ATTEST_SPT_FP_H_
-FillInAttestInfo(
+#define _ATTEST_SPT_FP_H_
 //***FillInAttestInfo()
 // Fill in common fields of TPMS_ATTEST structure.
 void FillInAttestInfo(
    TPMI_DH_OBJECT   signHandle,  // IN: handle of signing object
    TPMT_SIG_SCHEME* scheme,      // IN/OUT: scheme to be used for signing
    TPM2B_DATA*      data,        // IN: qualifying data
    TPMS_ATTEST*     attest       // OUT: attest structure
 );
 //***SignAttestInfo()
 // Sign a TPMS_ATTEST structure. If signHandle is TPM_RH_NULL, a null signature
 // is returned.
 //
 //  Return Type: TPM_RC
 //      TPM_RC_ATTRIBUTES   'signHandle' references not a signing key
 //      TPM_RC_SCHEME       'scheme' is not compatible with 'signHandle' type
 //      TPM_RC_VALUE        digest generated for the given 'scheme' is greater than
 //                          the modulus of 'signHandle' (for an RSA key);
 //                          invalid commit status or failed to generate "r" value
 //                          (for an ECC key)
 TPM_RC
-SignAttestInfo(
+SignAttestInfo(OBJECT*          signKey,         // IN: sign object
 	       OBJECT              *signKey,           // IN: sign object
               TPMT_SIG_SCHEME* scheme,          // IN: sign scheme
               TPMS_ATTEST*     certifyInfo,     // IN: the data to be signed
               TPM2B_DATA*      qualifyingData,  // IN: extra data for the signing
@ -80,13 +97,15 @@ SignAttestInfo(
                                                 //     signed
               TPMT_SIGNATURE* signature         // OUT: signature
 );
-BOOL
+
-IsSigningObject(
+//*** IsSigningObject()
-		OBJECT          *object         // IN:
+// Checks to see if the object is OK for signing. This is here rather than in
 // Object_spt.c because all the attestation commands use this file but not
 // Object_spt.c.
 //  Return Type: BOOL
 //      TRUE(1)         object may sign
 //      FALSE(0)        object may not sign
 BOOL IsSigningObject(OBJECT* object  // IN:
 );
-
+#endif  // _ATTEST_SPT_FP_H_
 #endif
--- a/src/tpm2/BaseTypes.h
+++ b/src/tpm2/BaseTypes.h
@ -59,18 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* 5.2	BaseTypes.h */
-#ifndef BASETYPES_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define BASETYPES_H
-#include <stdint.h>
+#ifndef _TPM_INCLUDE_PUBLIC_BASETYPES_H_
-
+#define _TPM_INCLUDE_PUBLIC_BASETYPES_H_
 /* NULL definition */
 // NULL definition
 #ifndef NULL
 #  define NULL (0)
-#endif
+#endif  // NULL
 typedef uint8_t  UINT8;
 typedef uint8_t  BYTE;
 typedef int8_t   INT8;
@ -82,4 +81,4 @@ typedef  int32_t            INT32;
 typedef uint64_t UINT64;
 typedef int64_t  INT64;
-#endif
+#endif  // _TPM_INCLUDE_PUBLIC_BASETYPES_H_
--- a/src/tpm2/Bits.c
+++ b/src/tpm2/Bits.c
@ -59,24 +59,28 @@
 /*										*/
 /********************************************************************************/
-/* 9.2 Bits.c */
+//** Introduction
-/* 9.2.1 Introduction */
+// This file contains bit manipulation routines.  They operate on bit arrays.
-/* This file contains bit manipulation routines.  They operate on bit arrays. */
+//
-/* The 0th bit in the array is the right-most bit in the 0th octet in the array. */
+// The 0th bit in the array is the right-most bit in the 0th octet in
-/* NOTE: If pAssert() is defined, the functions will assert if the indicated bit number is outside
+// the array.
-   of the range of bArray. How the assert is handled is implementation dependent. */
+//
-/* 9.2.2 Includes */
+// NOTE: If pAssert() is defined, the functions will assert if the indicated bit
-#include "Tpm.h"
+// number is outside of the range of 'bArray'. How the assert is handled is
-/* 9.2.3 Functions */
+// implementation dependent.
 /* 9.2.3.1 TestBit() */
 /* This function is used to check the setting of a bit in an array of bits. */
 /* Return Values Meaning */
 /* TRUE bit is set */
 /* FALSE bit is not set */
-BOOL
+//** Includes
-TestBit(
+
-	unsigned int     bitNum,        // IN: number of the bit in 'bArray'
+#include "Tpm.h"
 //** Functions
 //*** TestBit()
 // This function is used to check the setting of a bit in an array of bits.
 //  Return Type: BOOL
 //      TRUE(1)         bit is set
 //      FALSE(0)        bit is not set
 BOOL TestBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'
             BYTE*        bArray,       // IN: array containing the bits
             unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 )
@ -85,12 +89,9 @@ TestBit(
    return ((bArray[bitNum >> 3] & (1 << (bitNum & 7))) != 0);
 }
-/* 9.2.3.2 SetBit() */
+//*** SetBit()
-/* This function will set the indicated bit in bArray. */
+// This function will set the indicated bit in 'bArray'.
-
+void SetBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'
 void
 SetBit(
       unsigned int     bitNum,        // IN: number of the bit in 'bArray'
            BYTE*        bArray,       // IN: array containing the bits
            unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 )
@ -99,12 +100,9 @@ SetBit(
    bArray[bitNum >> 3] |= (1 << (bitNum & 7));
 }
-/* 9.2.3.3 ClearBit() */
+//*** ClearBit()
-/* This function will clear the indicated bit in bArray. */
+// This function will clear the indicated bit in 'bArray'.
-
+void ClearBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'.
 void
 ClearBit(
 	 unsigned int     bitNum,        // IN: number of the bit in 'bArray'.
              BYTE*        bArray,       // IN: array containing the bits
              unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 )
--- a/src/tpm2/Bits_fp.h
+++ b/src/tpm2/Bits_fp.h
@ -59,40 +59,36 @@
 /*										*/
 /********************************************************************************/
-#ifndef BITS_FP_H
+/*(Auto-generated)
-#define BITS_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
-/* 5.3.1 TestBit() */
+#ifndef _BITS_FP_H_
-/* This function is used to check the setting of a bit in an array of bits. */
+#define _BITS_FP_H_
 /* Return Value Meaning */
 /* TRUE bit is set */
 /* FALSE bit is not set */
-BOOL
+//*** TestBit()
-TestBit(
+// This function is used to check the setting of a bit in an array of bits.
-	unsigned int     bitNum,        // IN: number of the bit in 'bArray'
+//  Return Type: BOOL
 //      TRUE(1)         bit is set
 //      FALSE(0)        bit is not set
 BOOL TestBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'
             BYTE*        bArray,       // IN: array containing the bits
             unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 );
-/* 5.3.2 SetBit() */
+//*** SetBit()
-/* This function will set the indicated bit in bArray. */
+// This function will set the indicated bit in 'bArray'.
-
+void SetBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'
 void
 SetBit(
       unsigned int     bitNum,        // IN: number of the bit in 'bArray'
            BYTE*        bArray,       // IN: array containing the bits
            unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 );
-/* 5.3.3 ClearBit() */
+//*** ClearBit()
-/* This function will clear the indicated bit in bArray. */
+// This function will clear the indicated bit in 'bArray'.
-
+void ClearBit(unsigned int bitNum,       // IN: number of the bit in 'bArray'.
 void
 ClearBit(
 	 unsigned int     bitNum,        // IN: number of the bit in 'bArray'.
              BYTE*        bArray,       // IN: array containing the bits
              unsigned int bytesInArray  // IN: size in bytes of 'bArray'
 );
-#endif
+#endif  // _BITS_FP_H_
--- a/src/tpm2/BnMath.c
+++ b/src/tpm2/BnMath.c
@ -87,7 +87,7 @@
 //** Includes
 #include "Tpm.h"		// libtpms: for CryptRand.h
-#include "TpmMath_Util_fp.h"
+#include "TpmMath_Util_fp.h"	// libtpms: added
 #include "TpmBigNum.h"
 extern BOOL g_inFailureMode;  // can't use global.h because we can't use tpm.h
--- a/src/tpm2/BnMemory.c
+++ b/src/tpm2/BnMemory.c
@ -59,19 +59,20 @@
 /*										*/
 /********************************************************************************/
-/* 10.2.5 BnMemory.c */
+//** Introduction
-/* 10.2.5.1 Introduction */
+// This file contains the memory setup functions used by the bigNum functions
-/* This file contains the memory setup functions used by the bigNum functions in CryptoEngine() */
+// in CryptoEngine
-/* 10.2.5.2 Includes */
+
-#include "Tpm.h"
+//** Includes
-/* 10.2.5.3 Functions */
+#include "TpmBigNum.h"
-/* 10.2.5.3.1 BnSetTop() */
+
-/* This function is used when the size of a bignum_t is changed. It makes sure that the unused words
+//** Functions
-   are set to zero and that any significant words of zeros are eliminated from the used size
+
-   indicator. */
+//*** BnSetTop()
-LIB_EXPORT bigNum
+// This function is used when the size of a bignum_t is changed. It
-BnSetTop(
+// makes sure that the unused words are set to zero and that any significant
-	 bigNum           bn,        // IN/OUT: number to clean
+// words of zeros are eliminated from the used size indicator.
 LIB_EXPORT bigNum BnSetTop(bigNum        bn,  // IN/OUT: number to clean
                           crypt_uword_t top  // IN: the new top
 )
 {
@ -91,12 +92,10 @@ BnSetTop(
    return bn;
 }
 #if 0 /* libtpms added */
-/* 10.2.5.3.2 BnClearTop() */
+
-/* This function will make sure that all unused words are zero. */
+//*** BnClearTop()
-LIB_EXPORT bigNum
+// This function will make sure that all unused words are zero.
-BnClearTop(
+LIB_EXPORT bigNum BnClearTop(bigNum bn)
 	   bigNum          bn
 	   )
 {
    crypt_uword_t i;
    //
@ -110,12 +109,11 @@ BnClearTop(
    return bn;
 }
 #endif /* libtpms added */
-/* 10.2.5.3.3 BnInitializeWord() */
+
-/* This function is used to initialize an allocated bigNum with a word value. The bigNum does not
+//*** BnInitializeWord()
-   have to be allocated with a single word. */
+// This function is used to initialize an allocated bigNum with a word value. The
-LIB_EXPORT bigNum
+// bigNum does not have to be allocated with a single word.
-BnInitializeWord(
+LIB_EXPORT bigNum BnInitializeWord(bigNum        bn,         // IN:
 		 bigNum          bn,         // IN:
                                   crypt_uword_t allocated,  // IN:
                                   crypt_uword_t word        // IN:
 )
@ -127,14 +125,11 @@ BnInitializeWord(
        bn->d[--allocated] = 0;
    return bn;
 }
-/* 10.2.5.3.4 BnInit() */
+
-/* This function initializes a stack allocated bignum_t. It initializes allocated and size and zeros
+//*** BnInit()
-   the words of d. */
+// This function initializes a stack allocated bignum_t. It initializes
-LIB_EXPORT bigNum
+// 'allocated' and 'size' and zeros the words of 'd'.
-BnInit(
+LIB_EXPORT bigNum BnInit(bigNum bn, crypt_uword_t allocated)
       bigNum               bn,
       crypt_uword_t        allocated
       )
 {
    if(bn != NULL)
    {
@ -145,14 +140,12 @@ BnInit(
    }
    return bn;
 }
-/* 10.2.5.3.5 BnCopy() */
+
-/* Function to copy a bignum_t. If the output is NULL, then nothing happens. If the input is NULL,
+//*** BnCopy()
-   the output is set to zero. */
+// Function to copy a bignum_t. If the output is NULL, then
-LIB_EXPORT BOOL
+// nothing happens. If the input is NULL, the output is set
-BnCopy(
+// to zero.
-       bigNum           out,
+LIB_EXPORT BOOL BnCopy(bigNum out, bigConst in)
       bigConst         in
       )
 {
    if(in == out)
        BnSetTop(out, BnGetSize(out));
@ -171,25 +164,23 @@ BnCopy(
    }
    return TRUE;
 }
 #if ALG_ECC
 #if 0 /* libtpms added */
-/* 10.2.5.3.6 BnPointCopy() */
+
-/* Function to copy a bn point. */
+//*** BnPointCopy()
-LIB_EXPORT BOOL
+// Function to copy a bn point.
-BnPointCopy(
+LIB_EXPORT BOOL BnPointCopy(bigPoint pOut, pointConst pIn)
 	    bigPoint                 pOut,
 	    pointConst               pIn
 	    )
 {
-    return BnCopy(pOut->x, pIn->x)
+    return BnCopy(pOut->x, pIn->x) && BnCopy(pOut->y, pIn->y)
 	&& BnCopy(pOut->y, pIn->y)
           && BnCopy(pOut->z, pIn->z);
 }
 #endif /* libtpms added */
-/* 10.2.5.3.7 BnInitializePoint() */
+
-/* This function is used to initialize a point structure with the addresses of the coordinates. */
+//*** BnInitializePoint()
-LIB_EXPORT bn_point_t *
+// This function is used to initialize a point structure with the addresses
-BnInitializePoint(
+// of the coordinates.
 LIB_EXPORT bn_point_t* BnInitializePoint(
    bigPoint p,  // OUT: structure to receive pointers
    bigNum   x,  // IN: x coordinate
    bigNum   y,  // IN: y coordinate
@ -202,4 +193,5 @@ BnInitializePoint(
    BnSetWord(z, 1);
    return p;
 }
-#endif // TPM_ALG_ECC
+
 #endif  // ALG_ECC
--- a/src/tpm2/BnSupport_Interface.h
+++ b/src/tpm2/BnSupport_Interface.h
@ -79,6 +79,7 @@
 #define BN_SUPPORT_INTERFACE_H
 // TODO_RENAME_INC_FOLDER:private refers to the TPM_CoreLib private headers
 #include "GpMacros.h"
 #include "CryptoInterface.h"
 #include "BnValues.h"
 //** BnSupportLibInit()
@ -167,6 +168,14 @@ LIB_EXPORT BOOL BnEccAdd(
 #endif  // ALG_ECC
 #if CRYPTO_LIB_REPORTING
 //** BnGetImplementation()
 // This function reports the underlying library being used for bignum operations.
 void BnGetImplementation(_CRYPTO_IMPL_DESCRIPTION* result);
 #endif  // CRYPTO_LIB_REPORTING
 //			libtpms: added begin
 bigCurveData*
 BnCurveInitialize(
--- a/src/tpm2/Cancel.c
+++ b/src/tpm2/Cancel.c
@ -59,41 +59,38 @@
 /*										*/
 /********************************************************************************/
-/* C.2 Cancel.c */
+//** Description
-/* C.2.1. Description */
+//
-/* This module simulates the cancel pins on the TPM. */
+//  This module simulates the cancel pins on the TPM.
-/* C.2.2. Includes, Typedefs, Structures, and Defines */
+//
 //** Includes, Typedefs, Structures, and Defines
 #include "Platform.h"
-/* C.2.3. Functions */
+
-/* C.2.3.1. _plat__IsCanceled() */
+//** Functions
-/* Check if the cancel flag is set */
+
-/* Return Values Meaning */
+//***_plat__IsCanceled()
-/* TRUE(1) if cancel flag is set */
+// Check if the cancel flag is set
-/* FALSE(0) if cancel flag is not set */
+//  Return Type: int
-LIB_EXPORT int
+//      TRUE(1)         if cancel flag is set
-_plat__IsCanceled(
+//      FALSE(0)        if cancel flag is not set
-		  void
+LIB_EXPORT int _plat__IsCanceled(void)
 		  )
 {
    // return cancel flag
    return s_isCanceled;
 }
-/* C.2.3.2. _plat__SetCancel() */
+
-/* Set cancel flag. */
+//***_plat__SetCancel()
-LIB_EXPORT void
+
-_plat__SetCancel(
+// Set cancel flag.
-		 void
+LIB_EXPORT void _plat__SetCancel(void)
 		 )
 {
    s_isCanceled = TRUE;
    return;
 }
-/* C.2.3.3. _plat__ClearCancel() */
+
-/* Clear cancel flag */
+//***_plat__ClearCancel()
-LIB_EXPORT void
+// Clear cancel flag
-_plat__ClearCancel(
+LIB_EXPORT void _plat__ClearCancel(void)
 		   void
 		   )
 {
    s_isCanceled = FALSE;
    return;
--- a/src/tpm2/CertifyCreation_fp.h
+++ b/src/tpm2/CertifyCreation_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CERTIFYCREATION_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CERTIFYCREATION_FP_H
-typedef struct {
+#if CC_CertifyCreation  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT   signHandle;
    TPMI_DH_OBJECT   objectHandle;
    TPM2B_DATA       qualifyingData;
@ -73,6 +78,14 @@ typedef struct {
    TPMT_TK_CREATION creationTicket;
 } CertifyCreation_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_ATTEST   certifyInfo;
    TPMT_SIGNATURE signature;
 } CertifyCreation_Out;
 // Response code modifiers
 #    define RC_CertifyCreation_signHandle     (TPM_RC_H + TPM_RC_1)
 #    define RC_CertifyCreation_objectHandle   (TPM_RC_H + TPM_RC_2)
 #    define RC_CertifyCreation_qualifyingData (TPM_RC_P + TPM_RC_1)
@ -80,16 +93,9 @@ typedef struct {
 #    define RC_CertifyCreation_inScheme       (TPM_RC_P + TPM_RC_3)
 #    define RC_CertifyCreation_creationTicket (TPM_RC_P + TPM_RC_4)
-typedef struct {
+// Function prototype
    TPM2B_ATTEST	certifyInfo;
    TPMT_SIGNATURE	signature;
 } CertifyCreation_Out;
 TPM_RC
-TPM2_CertifyCreation(
+TPM2_CertifyCreation(CertifyCreation_In* in, CertifyCreation_Out* out);
 		     CertifyCreation_In      *in,            // IN: input parameter list
 		     CertifyCreation_Out     *out            // OUT: output parameter list
 		     );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYCREATION_FP_H_
-#endif
+#endif    // CC_CertifyCreation
--- a/src/tpm2/CertifyX509_fp.h
+++ b/src/tpm2/CertifyX509_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 155 */
-#ifndef CERTIFYX509_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CERTIFYX509_FP_H
-typedef struct {
+#if CC_CertifyX509  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT   objectHandle;
    TPMI_DH_OBJECT   signHandle;
    TPM2B_DATA       reserved;
@ -72,22 +77,24 @@ typedef struct {
    TPM2B_MAX_BUFFER partialCertificate;
 } CertifyX509_In;
-#define RC_CertifyX509_signHandle		(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_CertifyX509_objectHandle 		(TPM_RC_H + TPM_RC_2)
+typedef struct
-#define RC_CertifyX509_reserved			(TPM_RC_P + TPM_RC_1)
+{
 #define RC_CertifyX509_inScheme			(TPM_RC_P + TPM_RC_2)
 #define RC_CertifyX509_partialCertificate	(TPM_RC_P + TPM_RC_3)
 typedef struct {
    TPM2B_MAX_BUFFER addedToCertificate;
    TPM2B_DIGEST     tbsDigest;
    TPMT_SIGNATURE   signature;
 } CertifyX509_Out;
-TPM_RC
+// Response code modifiers
-TPM2_CertifyX509(
+#    define RC_CertifyX509_objectHandle       (TPM_RC_H + TPM_RC_1)
-	     CertifyX509_In      *in,            // IN: input parameter list
+#    define RC_CertifyX509_signHandle         (TPM_RC_H + TPM_RC_2)
-	     CertifyX509_Out     *out            // OUT: output parameter list
+#    define RC_CertifyX509_reserved           (TPM_RC_P + TPM_RC_1)
-	     );
+#    define RC_CertifyX509_inScheme           (TPM_RC_P + TPM_RC_2)
 #    define RC_CertifyX509_partialCertificate (TPM_RC_P + TPM_RC_3)
-#endif
+// Function prototype
 TPM_RC
 TPM2_CertifyX509(CertifyX509_In* in, CertifyX509_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFYX509_FP_H_
 #endif    // CC_CertifyX509
--- a/src/tpm2/Certify_fp.h
+++ b/src/tpm2/Certify_fp.h
@ -59,35 +59,39 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CERTIFY_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CERTIFY_FP_H
-typedef struct {
+#if CC_Certify  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT  objectHandle;
    TPMI_DH_OBJECT  signHandle;
    TPM2B_DATA      qualifyingData;
    TPMT_SIG_SCHEME inScheme;
 } Certify_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_ATTEST   certifyInfo;
    TPMT_SIGNATURE signature;
 } Certify_Out;
 // Response code modifiers
 #    define RC_Certify_objectHandle   (TPM_RC_H + TPM_RC_1)
 #    define RC_Certify_signHandle     (TPM_RC_H + TPM_RC_2)
 #    define RC_Certify_qualifyingData (TPM_RC_P + TPM_RC_1)
 #    define RC_Certify_inScheme       (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_ATTEST	certifyInfo;
    TPMT_SIGNATURE	signature;
 } Certify_Out;
 TPM_RC
-TPM2_Certify(
+TPM2_Certify(Certify_In* in, Certify_Out* out);
 	     Certify_In      *in,            // IN: input parameter list
 	     Certify_Out     *out            // OUT: output parameter list
 	     );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CERTIFY_FP_H_
-#endif
+#endif    // CC_Certify
--- a/src/tpm2/ChangeEPS_fp.h
+++ b/src/tpm2/ChangeEPS_fp.h
@ -59,21 +59,26 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CHANGEEPS_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CHANGEEPS_FP_H
-typedef struct {
+#if CC_ChangeEPS  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_PLATFORM authHandle;
 } ChangeEPS_In;
 // Response code modifiers
 #    define RC_ChangeEPS_authHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ChangeEPS(
+TPM2_ChangeEPS(ChangeEPS_In* in);
 	       ChangeEPS_In    *in             // IN: input parameter list
 	       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEEPS_FP_H_
-#endif
+#endif    // CC_ChangeEPS
--- a/src/tpm2/ChangePPS_fp.h
+++ b/src/tpm2/ChangePPS_fp.h
@ -59,21 +59,26 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CHANGEPPS_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CHANGEPPS_FP_H
-typedef struct {
+#if CC_ChangePPS  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_PLATFORM authHandle;
 } ChangePPS_In;
-#define RC_ChangePPS_authHandle	(TPM_RC_P + TPM_RC_1)
+// Response code modifiers
 #    define RC_ChangePPS_authHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ChangePPS(
+TPM2_ChangePPS(ChangePPS_In* in);
 	       ChangePPS_In    *in             // IN: input parameter list
 	       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CHANGEPPS_FP_H_
-#endif
+#endif    // CC_ChangePPS
--- a/src/tpm2/ClearControl_fp.h
+++ b/src/tpm2/ClearControl_fp.h
@ -59,21 +59,28 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CLEARCONTROL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CLEARCONTROL_FP_H
-typedef struct {
+#if CC_ClearControl  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_CLEAR auth;
    TPMI_YES_NO   disable;
 } ClearControl_In;
 // Response code modifiers
 #    define RC_ClearControl_auth    (TPM_RC_H + TPM_RC_1)
 #    define RC_ClearControl_disable (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ClearControl(
+TPM2_ClearControl(ClearControl_In* in);
-		  ClearControl_In     *in             // IN: input parameter list
+
-		  );
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEARCONTROL_FP_H_
-#endif
+#endif    // CC_ClearControl
--- a/src/tpm2/Clear_fp.h
+++ b/src/tpm2/Clear_fp.h
@ -59,20 +59,26 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CLEAR_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CLEAR_FP_H
-typedef struct {
+#if CC_Clear  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_CLEAR authHandle;
 } Clear_In;
 // Response code modifiers
 #    define RC_Clear_authHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_Clear(
+TPM2_Clear(Clear_In* in);
 	   Clear_In        *in             // IN: input parameter list
 	   );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLEAR_FP_H_
 #endif    // CC_Clear
--- a/src/tpm2/Clock.c
+++ b/src/tpm2/Clock.c
@ -175,9 +175,9 @@ clock_t debugTime;
 LIB_EXPORT uint64_t _plat__RealTime(void)
 {
    clock64_t time;
-    //#ifdef _MSC_VER	kgold
+    //#ifdef _MSC_VER	kgold		// libtpms changed begin
 #ifdef TPM_WINDOWS
-    #include <sys/timeb.h>
+    #include <sys/timeb.h>		// libtpms changed end
    struct _timeb sysTime;
    //
    _ftime(&sysTime);	/* kgold, mingw doesn't have _ftime_s */
@ -354,41 +354,3 @@ LIB_EXPORT void _plat__ClockRateAdjust(_plat__ClockAdjustStep adjust)
    return;
 }
 #if 0
 /* added for portability because Linux clock is 32 bits */
 #include <stdint.h>
 #include <stdio.h>
 #include <time.h>
 #include "TpmFail_fp.h"
 LIB_EXPORT uint64_t
 _plat__RealTime(
 		void
 		)
 {
    clock64_t           time;
    //#ifdef _MSC_VER	kgold
 #ifdef TPM_WINDOWS
    #include <sys/timeb.h>
    struct _timeb       sysTime;
    //
    _ftime(&sysTime);	/* kgold, mingw doesn't have _ftime_s */
    time = (clock64_t)(sysTime.time) * 1000 + sysTime.millitm;
    // set the time back by one hour if daylight savings
    if(sysTime.dstflag)
 	time -= 1000 * 60 * 60;  // mSec/sec * sec/min * min/hour = ms/hour
 #else
    // hopefully, this will work with most UNIX systems
    struct timespec     systime;
    //
    clock_gettime(CLOCK_MONOTONIC, &systime);
    time = (clock64_t)systime.tv_sec * 1000 + (systime.tv_nsec / 1000000);
 #endif
    return time;
 }
 #endif
--- a/src/tpm2/ClockRateAdjust_fp.h
+++ b/src/tpm2/ClockRateAdjust_fp.h
@ -59,23 +59,28 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CLOCKRATEADJUST_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CLOCKRATEADJUST_FP_H
-typedef struct {
+#if CC_ClockRateAdjust  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_PROVISION auth;
    TPM_CLOCK_ADJUST  rateAdjust;
 } ClockRateAdjust_In;
 // Response code modifiers
 #    define RC_ClockRateAdjust_auth       (TPM_RC_H + TPM_RC_1)
 #    define RC_ClockRateAdjust_rateAdjust (TPM_RC_P + TPM_RC_1)
-
+// Function prototype
 TPM_RC
-TPM2_ClockRateAdjust(
+TPM2_ClockRateAdjust(ClockRateAdjust_In* in);
 		     ClockRateAdjust_In  *in             // IN: input parameter list
 		     );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKRATEADJUST_FP_H_
 #endif    // CC_ClockRateAdjust
--- a/src/tpm2/ClockSet_fp.h
+++ b/src/tpm2/ClockSet_fp.h
@ -59,23 +59,28 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CLOCKSET_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CLOCKSET_FP_H
-typedef struct {
+#if CC_ClockSet  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_PROVISION auth;
    UINT64            newTime;
 } ClockSet_In;
 // Response code modifiers
 #    define RC_ClockSet_auth    (TPM_RC_H + TPM_RC_1)
 #    define RC_ClockSet_newTime (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ClockSet(
+TPM2_ClockSet(ClockSet_In* in);
 	      ClockSet_In     *in             // IN: input parameter list
 	      );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CLOCKSET_FP_H_
-#endif
+#endif    // CC_ClockSet
--- a/src/tpm2/CommandAttributeData.h
+++ b/src/tpm2/CommandAttributeData.h
@ -58,23 +58,27 @@
 /*										*/
 /********************************************************************************/
 /* 5.6	CommandAttributeData.h */
 /* This file should only be included by CommandCodeAttibutes.c */
 // FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 // clang-format off
 // This file should only be included by CommandCodeAttibutes.c
 #ifdef _COMMAND_CODE_ATTRIBUTES_
 #include "CommandAttributes.h"
 #if COMPRESSED_LISTS
 #   define      PAD_LIST    0
 #else
 #   define      PAD_LIST    1
 #endif
-/* This is the command code attribute array for GetCapability(). Both this array and
+// This is the command code attribute array for GetCapability.
-   s_commandAttributes provides command code attributes, but tuned for different purpose */
+// Both this array and s_commandAttributes provides command code attributes,
-
+// but tuned for different purpose
 const TPMA_CC    s_ccAttr [] = {
 #if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
-    TPMA_CC_INITIALIZER(0x011f, 0, 1, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x011F, 0, 1, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_EvictControl)
        TPMA_CC_INITIALIZER(0x0120, 0, 1, 0, 0, 2, 0, 0, 0),
@ -107,22 +111,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0129, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_NV_DefineSpace)
-    TPMA_CC_INITIALIZER(0x012a, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012A, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PCR_Allocate)
-    TPMA_CC_INITIALIZER(0x012b, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012B, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PCR_SetAuthPolicy)
-    TPMA_CC_INITIALIZER(0x012c, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012C, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PP_Commands)
-    TPMA_CC_INITIALIZER(0x012d, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012D, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_SetPrimaryPolicy)
-    TPMA_CC_INITIALIZER(0x012e, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012E, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_FieldUpgradeStart)
-    TPMA_CC_INITIALIZER(0x012f, 0, 0, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x012F, 0, 0, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_ClockRateAdjust)
        TPMA_CC_INITIALIZER(0x0130, 0, 0, 0, 0, 1, 0, 0, 0),
@ -155,22 +159,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0139, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_DictionaryAttackParameters)
-    TPMA_CC_INITIALIZER(0x013a, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013A, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_NV_ChangeAuth)
-    TPMA_CC_INITIALIZER(0x013b, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013B, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PCR_Event)
-    TPMA_CC_INITIALIZER(0x013c, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013C, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PCR_Reset)
-    TPMA_CC_INITIALIZER(0x013d, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013D, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_SequenceComplete)
-    TPMA_CC_INITIALIZER(0x013e, 0, 0, 0, 1, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013E, 0, 0, 0, 1, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_SetAlgorithmSet)
-    TPMA_CC_INITIALIZER(0x013f, 0, 1, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x013F, 0, 1, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_SetCommandCodeAuditStatus)
        TPMA_CC_INITIALIZER(0x0140, 0, 1, 0, 0, 1, 0, 0, 0),
@ -203,22 +207,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0149, 0, 0, 0, 0, 3, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_CertifyCreation)
-    TPMA_CC_INITIALIZER(0x014a, 0, 0, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014A, 0, 0, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_Duplicate)
-    TPMA_CC_INITIALIZER(0x014b, 0, 0, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014B, 0, 0, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_GetTime)
-    TPMA_CC_INITIALIZER(0x014c, 0, 0, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014C, 0, 0, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_GetSessionAuditDigest)
-    TPMA_CC_INITIALIZER(0x014d, 0, 0, 0, 0, 3, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014D, 0, 0, 0, 0, 3, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_NV_Read)
-    TPMA_CC_INITIALIZER(0x014e, 0, 0, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014E, 0, 0, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_NV_ReadLock)
-    TPMA_CC_INITIALIZER(0x014f, 0, 1, 0, 0, 2, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x014F, 0, 1, 0, 0, 2, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_ObjectChangeAuth)
        TPMA_CC_INITIALIZER(0x0150, 0, 0, 0, 0, 2, 0, 0, 0),
@ -251,22 +255,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0159, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST)
-    TPMA_CC_INITIALIZER(0x015a, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x015A, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
-    TPMA_CC_INITIALIZER(0x015b, 0, 0, 0, 0, 1, 1, 0, 0),
+        TPMA_CC_INITIALIZER(0x015B, 0, 0, 0, 0, 1, 1, 0, 0),
 #endif
 #if (PAD_LIST || CC_SequenceUpdate)
-    TPMA_CC_INITIALIZER(0x015c, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x015C, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_Sign)
-    TPMA_CC_INITIALIZER(0x015d, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x015D, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_Unseal)
-    TPMA_CC_INITIALIZER(0x015e, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x015E, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST)
-    TPMA_CC_INITIALIZER(0x015f, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x015F, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicySigned)
        TPMA_CC_INITIALIZER(0x0160, 0, 0, 0, 0, 2, 0, 0, 0),
@ -299,22 +303,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0169, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyAuthorize)
-    TPMA_CC_INITIALIZER(0x016a, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016A, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyAuthValue)
-    TPMA_CC_INITIALIZER(0x016b, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016B, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyCommandCode)
-    TPMA_CC_INITIALIZER(0x016c, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016C, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyCounterTimer)
-    TPMA_CC_INITIALIZER(0x016d, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016D, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyCpHash)
-    TPMA_CC_INITIALIZER(0x016e, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016E, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyLocality)
-    TPMA_CC_INITIALIZER(0x016f, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x016F, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyNameHash)
        TPMA_CC_INITIALIZER(0x0170, 0, 0, 0, 0, 1, 0, 0, 0),
@ -347,22 +351,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0179, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_GetCapability)
-    TPMA_CC_INITIALIZER(0x017a, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017A, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_GetRandom)
-    TPMA_CC_INITIALIZER(0x017b, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017B, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_GetTestResult)
-    TPMA_CC_INITIALIZER(0x017c, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017C, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_Hash)
-    TPMA_CC_INITIALIZER(0x017d, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017D, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PCR_Read)
-    TPMA_CC_INITIALIZER(0x017e, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017E, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyPCR)
-    TPMA_CC_INITIALIZER(0x017f, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x017F, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyRestart)
        TPMA_CC_INITIALIZER(0x0180, 0, 0, 0, 0, 1, 0, 0, 0),
@ -395,22 +399,22 @@ const TPMA_CC    s_ccAttr [] = {
        TPMA_CC_INITIALIZER(0x0189, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_TestParms)
-    TPMA_CC_INITIALIZER(0x018a, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018A, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_Commit)
-    TPMA_CC_INITIALIZER(0x018b, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018B, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyPassword)
-    TPMA_CC_INITIALIZER(0x018c, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018C, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_ZGen_2Phase)
-    TPMA_CC_INITIALIZER(0x018d, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018D, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_EC_Ephemeral)
-    TPMA_CC_INITIALIZER(0x018e, 0, 0, 0, 0, 0, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018E, 0, 0, 0, 0, 0, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyNvWritten)
-    TPMA_CC_INITIALIZER(0x018f, 0, 0, 0, 0, 1, 0, 0, 0),
+        TPMA_CC_INITIALIZER(0x018F, 0, 0, 0, 0, 1, 0, 0, 0),
 #endif
 #if (PAD_LIST || CC_PolicyTemplate)
        TPMA_CC_INITIALIZER(0x0190, 0, 0, 0, 0, 1, 0, 0, 0),
@ -463,15 +467,14 @@ const TPMA_CC    s_ccAttr [] = {
 #if (PAD_LIST || CC_Vendor_TCG_Test)
        TPMA_CC_INITIALIZER(0x0000, 0, 0, 0, 0, 0, 0, 1, 0),
 #endif
        TPMA_ZERO_INITIALIZER()
 };
 /* This is the command code attribute structure. */
 // This is the command code attribute structure.
 const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
 #if (PAD_LIST || CC_NV_UndefineSpaceSpecial)
-    (COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial     *  // 0x011f
+        (COMMAND_ATTRIBUTES)(CC_NV_UndefineSpaceSpecial * // 0x011F
            (IS_IMPLEMENTED+HANDLE_1_ADMIN+HANDLE_2_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_EvictControl)
@ -514,27 +517,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_NV_DefineSpace)
-    (COMMAND_ATTRIBUTES)(CC_NV_DefineSpace              *  // 0x012a
+        (COMMAND_ATTRIBUTES)(CC_NV_DefineSpace * // 0x012A
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_PCR_Allocate)
-    (COMMAND_ATTRIBUTES)(CC_PCR_Allocate                *  // 0x012b
+        (COMMAND_ATTRIBUTES)(CC_PCR_Allocate * // 0x012B
            (IS_IMPLEMENTED+HANDLE_1_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_PCR_SetAuthPolicy)
-    (COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy           *  // 0x012c
+        (COMMAND_ATTRIBUTES)(CC_PCR_SetAuthPolicy * // 0x012C
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_PP_Commands)
-    (COMMAND_ATTRIBUTES)(CC_PP_Commands                 *  // 0x012d
+        (COMMAND_ATTRIBUTES)(CC_PP_Commands * // 0x012D
            (IS_IMPLEMENTED+HANDLE_1_USER+PP_REQUIRED)),
 #endif
 #if (PAD_LIST || CC_SetPrimaryPolicy)
-    (COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy            *  // 0x012e
+        (COMMAND_ATTRIBUTES)(CC_SetPrimaryPolicy * // 0x012E
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_FieldUpgradeStart)
-    (COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart           *  // 0x012f
+        (COMMAND_ATTRIBUTES)(CC_FieldUpgradeStart * // 0x012F
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN+PP_COMMAND)),
 #endif
 #if (PAD_LIST || CC_ClockRateAdjust)
@ -578,27 +581,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_DictionaryAttackParameters)
-    (COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters  *  // 0x013a
+        (COMMAND_ATTRIBUTES)(CC_DictionaryAttackParameters * // 0x013A
            (IS_IMPLEMENTED+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_NV_ChangeAuth)
-    (COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth               *  // 0x013b
+        (COMMAND_ATTRIBUTES)(CC_NV_ChangeAuth * // 0x013B
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_ADMIN)),
 #endif
 #if (PAD_LIST || CC_PCR_Event)
-    (COMMAND_ATTRIBUTES)(CC_PCR_Event                   *  // 0x013c
+        (COMMAND_ATTRIBUTES)(CC_PCR_Event * // 0x013C
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_PCR_Reset)
-    (COMMAND_ATTRIBUTES)(CC_PCR_Reset                   *  // 0x013d
+        (COMMAND_ATTRIBUTES)(CC_PCR_Reset * // 0x013D
            (IS_IMPLEMENTED+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_SequenceComplete)
-    (COMMAND_ATTRIBUTES)(CC_SequenceComplete            *  // 0x013e
+        (COMMAND_ATTRIBUTES)(CC_SequenceComplete * // 0x013E
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_SetAlgorithmSet)
-    (COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet             *  // 0x013f
+        (COMMAND_ATTRIBUTES)(CC_SetAlgorithmSet * // 0x013F
            (IS_IMPLEMENTED+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_SetCommandCodeAuditStatus)
@ -642,27 +645,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_CertifyCreation)
-    (COMMAND_ATTRIBUTES)(CC_CertifyCreation             *  // 0x014a
+        (COMMAND_ATTRIBUTES)(CC_CertifyCreation * // 0x014A
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_Duplicate)
-    (COMMAND_ATTRIBUTES)(CC_Duplicate                   *  // 0x014b
+        (COMMAND_ATTRIBUTES)(CC_Duplicate * // 0x014B
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_DUP+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_GetTime)
-    (COMMAND_ATTRIBUTES)(CC_GetTime                     *  // 0x014c
+        (COMMAND_ATTRIBUTES)(CC_GetTime * // 0x014C
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_GetSessionAuditDigest)
-    (COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest       *  // 0x014d
+        (COMMAND_ATTRIBUTES)(CC_GetSessionAuditDigest * // 0x014D
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+HANDLE_2_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_NV_Read)
-    (COMMAND_ATTRIBUTES)(CC_NV_Read                     *  // 0x014e
+        (COMMAND_ATTRIBUTES)(CC_NV_Read * // 0x014E
            (IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_NV_ReadLock)
-    (COMMAND_ATTRIBUTES)(CC_NV_ReadLock                 *  // 0x014f
+        (COMMAND_ATTRIBUTES)(CC_NV_ReadLock * // 0x014F
            (IS_IMPLEMENTED+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_ObjectChangeAuth)
@ -706,26 +709,26 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST)
-    (COMMAND_ATTRIBUTES)(0),                               // 0x015a
+        (COMMAND_ATTRIBUTES)(0), // 0x015A
 #endif
 #if (PAD_LIST || (CC_HMAC_Start || CC_MAC_Start))
-    (COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) *  // 0x015b
+        (COMMAND_ATTRIBUTES)((CC_HMAC_Start || CC_MAC_Start) * // 0x015B
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+R_HANDLE)),
 #endif
 #if (PAD_LIST || CC_SequenceUpdate)
-    (COMMAND_ATTRIBUTES)(CC_SequenceUpdate              *  // 0x015c
+        (COMMAND_ATTRIBUTES)(CC_SequenceUpdate * // 0x015C
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_Sign)
-    (COMMAND_ATTRIBUTES)(CC_Sign                        *  // 0x015d
+        (COMMAND_ATTRIBUTES)(CC_Sign * // 0x015D
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER)),
 #endif
 #if (PAD_LIST || CC_Unseal)
-    (COMMAND_ATTRIBUTES)(CC_Unseal                      *  // 0x015e
+        (COMMAND_ATTRIBUTES)(CC_Unseal * // 0x015E
            (IS_IMPLEMENTED+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST)
-    (COMMAND_ATTRIBUTES)(0),                               // 0x015f
+        (COMMAND_ATTRIBUTES)(0), // 0x015F
 #endif
 #if (PAD_LIST || CC_PolicySigned)
        (COMMAND_ATTRIBUTES)(CC_PolicySigned * // 0x0160
@ -767,27 +770,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_PolicyAuthorize)
-    (COMMAND_ATTRIBUTES)(CC_PolicyAuthorize             *  // 0x016a
+        (COMMAND_ATTRIBUTES)(CC_PolicyAuthorize * // 0x016A
            (IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyAuthValue)
-    (COMMAND_ATTRIBUTES)(CC_PolicyAuthValue             *  // 0x016b
+        (COMMAND_ATTRIBUTES)(CC_PolicyAuthValue * // 0x016B
            (IS_IMPLEMENTED+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyCommandCode)
-    (COMMAND_ATTRIBUTES)(CC_PolicyCommandCode           *  // 0x016c
+        (COMMAND_ATTRIBUTES)(CC_PolicyCommandCode * // 0x016C
            (IS_IMPLEMENTED+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyCounterTimer)
-    (COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer          *  // 0x016d
+        (COMMAND_ATTRIBUTES)(CC_PolicyCounterTimer * // 0x016D
            (IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyCpHash)
-    (COMMAND_ATTRIBUTES)(CC_PolicyCpHash                *  // 0x016e
+        (COMMAND_ATTRIBUTES)(CC_PolicyCpHash * // 0x016E
            (IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyLocality)
-    (COMMAND_ATTRIBUTES)(CC_PolicyLocality              *  // 0x016f
+        (COMMAND_ATTRIBUTES)(CC_PolicyLocality * // 0x016F
            (IS_IMPLEMENTED+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyNameHash)
@ -830,27 +833,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_GetCapability)
-    (COMMAND_ATTRIBUTES)(CC_GetCapability               *  // 0x017a
+        (COMMAND_ATTRIBUTES)(CC_GetCapability * // 0x017A
            (IS_IMPLEMENTED)),
 #endif
 #if (PAD_LIST || CC_GetRandom)
-    (COMMAND_ATTRIBUTES)(CC_GetRandom                   *  // 0x017b
+        (COMMAND_ATTRIBUTES)(CC_GetRandom * // 0x017B
            (IS_IMPLEMENTED+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_GetTestResult)
-    (COMMAND_ATTRIBUTES)(CC_GetTestResult               *  // 0x017c
+        (COMMAND_ATTRIBUTES)(CC_GetTestResult * // 0x017C
            (IS_IMPLEMENTED+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_Hash)
-    (COMMAND_ATTRIBUTES)(CC_Hash                        *  // 0x017d
+        (COMMAND_ATTRIBUTES)(CC_Hash * // 0x017D
            (IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_PCR_Read)
-    (COMMAND_ATTRIBUTES)(CC_PCR_Read                    *  // 0x017e
+        (COMMAND_ATTRIBUTES)(CC_PCR_Read * // 0x017E
            (IS_IMPLEMENTED)),
 #endif
 #if (PAD_LIST || CC_PolicyPCR)
-    (COMMAND_ATTRIBUTES)(CC_PolicyPCR                   *  // 0x017f
+        (COMMAND_ATTRIBUTES)(CC_PolicyPCR * // 0x017F
            (IS_IMPLEMENTED+DECRYPT_2+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyRestart)
@ -894,27 +897,27 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
            (IS_IMPLEMENTED+ALLOW_TRIAL+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_TestParms)
-    (COMMAND_ATTRIBUTES)(CC_TestParms                   *  // 0x018a
+        (COMMAND_ATTRIBUTES)(CC_TestParms * // 0x018A
            (IS_IMPLEMENTED)),
 #endif
 #if (PAD_LIST || CC_Commit)
-    (COMMAND_ATTRIBUTES)(CC_Commit                      *  // 0x018b
+        (COMMAND_ATTRIBUTES)(CC_Commit * // 0x018B
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_PolicyPassword)
-    (COMMAND_ATTRIBUTES)(CC_PolicyPassword              *  // 0x018c
+        (COMMAND_ATTRIBUTES)(CC_PolicyPassword * // 0x018C
            (IS_IMPLEMENTED+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_ZGen_2Phase)
-    (COMMAND_ATTRIBUTES)(CC_ZGen_2Phase                 *  // 0x018d
+        (COMMAND_ATTRIBUTES)(CC_ZGen_2Phase * // 0x018D
            (IS_IMPLEMENTED+DECRYPT_2+HANDLE_1_USER+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_EC_Ephemeral)
-    (COMMAND_ATTRIBUTES)(CC_EC_Ephemeral                *  // 0x018e
+        (COMMAND_ATTRIBUTES)(CC_EC_Ephemeral * // 0x018E
            (IS_IMPLEMENTED+ENCRYPT_2)),
 #endif
 #if (PAD_LIST || CC_PolicyNvWritten)
-    (COMMAND_ATTRIBUTES)(CC_PolicyNvWritten             *  // 0x018f
+        (COMMAND_ATTRIBUTES)(CC_PolicyNvWritten * // 0x018F
            (IS_IMPLEMENTED+ALLOW_TRIAL)),
 #endif
 #if (PAD_LIST || CC_PolicyTemplate)
@ -985,7 +988,6 @@ const COMMAND_ATTRIBUTES    s_commandAttributes [] = {
        (COMMAND_ATTRIBUTES)(CC_Vendor_TCG_Test * // 0x0000
            (IS_IMPLEMENTED+DECRYPT_2+ENCRYPT_2)),
 #endif
        0
 };
--- a/src/tpm2/CommandAttributes.h
+++ b/src/tpm2/CommandAttributes.h
@ -59,14 +59,19 @@
 /*										*/
 /********************************************************************************/
-#ifndef COMMANDATTRIBUTES_H
+/*(Auto-generated)
-#define COMMANDATTRIBUTES_H
+ *  Created by TpmStructures; Version 4.4 Mar 26, 2019
 *  Date: Aug 30, 2019  Time: 02:11:52PM
 */
-/* 5.7	CommandAttributes.h */
+// The attributes defined in this file are produced by the parser that
-/* The attributes defined in this file are produced by the parser that creates the structure
+// creates the structure definitions from Part 3. The attributes are defined
-   definitions from Part 3. The attributes are defined in that parser and should track the
+// in that parser and should track the attributes being tested in
-   attributes being tested in CommandCodeAttributes.c. Generally, when an attribute is added to this
+// CommandCodeAttributes.c. Generally, when an attribute is added to this list,
-   list, new code will be needed in CommandCodeAttributes.c to test it. */
+// new code will be needed in CommandCodeAttributes.c to test it.
 #ifndef COMMAND_ATTRIBUTES_H
 #define COMMAND_ATTRIBUTES_H
 typedef UINT16 COMMAND_ATTRIBUTES;
 #define NOT_IMPLEMENTED (COMMAND_ATTRIBUTES)(0)
@ -85,4 +90,5 @@ typedef  UINT16             COMMAND_ATTRIBUTES;
 #define PP_REQUIRED     ((COMMAND_ATTRIBUTES)1 << 12)
 #define R_HANDLE        ((COMMAND_ATTRIBUTES)1 << 13)
 #define ALLOW_TRIAL     ((COMMAND_ATTRIBUTES)1 << 14)
 #endif  // COMMAND_ATTRIBUTES_H
--- a/src/tpm2/CommandAudit_fp.h
+++ b/src/tpm2/CommandAudit_fp.h
@ -58,41 +58,91 @@
 /*										*/
 /********************************************************************************/
-#ifndef COMMANDAUDIT_FP_H
+/*(Auto-generated)
-#define COMMANDAUDIT_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Apr  2, 2019  Time: 04:23:27PM
 */
-void
+#ifndef _COMMAND_AUDIT_FP_H_
-CommandAuditPreInstall_Init(
+#define _COMMAND_AUDIT_FP_H_
-			    void
+
 //*** CommandAuditPreInstall_Init()
 // This function initializes the command audit list. This function simulates
 // the behavior of manufacturing. A function is used instead of a structure
 // definition because this is easier than figuring out the initialization value
 // for a bit array.
 //
 // This function would not be implemented outside of a manufacturing or
 // simulation environment.
 void CommandAuditPreInstall_Init(void);
 //*** CommandAuditStartup()
 // This function clears the command audit digest on a TPM Reset.
 BOOL CommandAuditStartup(STARTUP_TYPE type  // IN: start up type
 );
-BOOL
+
-CommandAuditStartup(
+//*** CommandAuditSet()
-		    STARTUP_TYPE     type           // IN: start up type
+// This function will SET the audit flag for a command. This function
 // will not SET the audit flag for a command that is not implemented. This
 // ensures that the audit status is not SET when TPM2_GetCapability() is
 // used to read the list of audited commands.
 //
 // This function is only used by TPM2_SetCommandCodeAuditStatus().
 //
 // The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
 // changes to be saved to NV after it is setting and clearing bits.
 //  Return Type: BOOL
 //      TRUE(1)         command code audit status was changed
 //      FALSE(0)        command code audit status was not changed
 BOOL CommandAuditSet(TPM_CC commandCode  // IN: command code
 );
-BOOL
+
-CommandAuditSet(
+//*** CommandAuditClear()
-		TPM_CC           commandCode    // IN: command code
+// This function will CLEAR the audit flag for a command. It will not CLEAR the
 // audit flag for TPM_CC_SetCommandCodeAuditStatus().
 //
 // This function is only used by TPM2_SetCommandCodeAuditStatus().
 //
 // The actions in TPM2_SetCommandCodeAuditStatus() are expected to cause the
 // changes to be saved to NV after it is setting and clearing bits.
 //  Return Type: BOOL
 //      TRUE(1)         command code audit status was changed
 //      FALSE(0)        command code audit status was not changed
 BOOL CommandAuditClear(TPM_CC commandCode  // IN: command code
 );
-BOOL
+
-CommandAuditClear(
+//*** CommandAuditIsRequired()
-		  TPM_CC           commandCode    // IN: command code
+// This function indicates if the audit flag is SET for a command.
-		  );
+//  Return Type: BOOL
-BOOL
+//      TRUE(1)         command is audited
-CommandAuditIsRequired(
+//      FALSE(0)        command is not audited
-		       COMMAND_INDEX    commandIndex   // IN: command index
+BOOL CommandAuditIsRequired(COMMAND_INDEX commandIndex  // IN: command index
 );
 //*** CommandAuditCapGetCCList()
 // This function returns a list of commands that have their audit bit SET.
 //
 // The list starts at the input commandCode.
 //  Return Type: TPMI_YES_NO
 //      YES         if there are more command code available
 //      NO          all the available command code has been returned
 TPMI_YES_NO
-CommandAuditCapGetCCList(
+CommandAuditCapGetCCList(TPM_CC   commandCode,  // IN: start command code
 			 TPM_CC           commandCode,   // IN: start command code
                         UINT32   count,        // IN: count of returned TPM_CC
                         TPML_CC* commandList   // OUT: list of TPM_CC
 );
 //*** CommandAuditCapGetOneCC()
 // This function returns true if a command has its audit bit set.
 BOOL CommandAuditCapGetOneCC(TPM_CC commandCode  // IN: command code
 );
-void
+
-CommandAuditGetDigest(
+//*** CommandAuditGetDigest
-		      TPM2B_DIGEST    *digest         // OUT: command digest
+// This command is used to create a digest of the commands being audited. The
 // commands are processed in ascending numeric order with a list of TPM_CC being
 // added to a hash. This operates as if all the audited command codes were
 // concatenated and then hashed.
 void CommandAuditGetDigest(TPM2B_DIGEST* digest  // OUT: command digest
 );
-
+#endif  // _COMMAND_AUDIT_FP_H_
 #endif
--- a/src/tpm2/CommandCodeAttributes.c
+++ b/src/tpm2/CommandCodeAttributes.c
@ -58,40 +58,44 @@
 /*										*/
 /********************************************************************************/
-/* 9.3 CommandCodeAttributes.c */
+//** Introduction
-/* 9.3.1 Introduction */
+// This file contains the functions for testing various command properties.
-/* This file contains the functions for testing various command properties. */
+
-/* 9.3.2 Includes and Defines */
+//** Includes and Defines
 #include "Tpm.h"
 #include "CommandCodeAttributes_fp.h"
-/* Set the default value for CC_VEND if not already set */
+
 // Set the default value for CC_VEND if not already set
 #ifndef CC_VEND
 #  define CC_VEND (TPM_CC)(0x20000000)
 #endif
 typedef UINT16 ATTRIBUTE_TYPE;
-/* The following file is produced from the command tables in part 3 of the specification. It defines
+
-   the attributes for each of the commands. */
+// The following file is produced from the command tables in part 3 of the
-/* NOTE: This file is currently produced by an automated process. Files produced from Part 2 or Part
+// specification. It defines the attributes for each of the commands.
-   3 tables through automated processes are not included in the specification so that there is no
+// NOTE: This file is currently produced by an automated process. Files
-   ambiguity about the table containing the information being the normative definition. */
+// produced from Part 2 or Part 3 tables through automated processes are not
 // included in the specification so that their is no ambiguity about the
 // table containing the information being the normative definition.
 #define _COMMAND_CODE_ATTRIBUTES_
 #include "CommandAttributeData.h"
 /* 9.3.3 Command Attribute Functions */
 /* 9.3.3.1 NextImplementedIndex() */
 /* This function is used when the lists are not compressed. In a compressed list, only the
   implemented commands are present. So, a search might find a value but that value may not be
   implemented. This function checks to see if the input commandIndex points to an implemented
   command and, if not, it searches upwards until it finds one. When the list is compressed, this
   function gets defined as a no-op. */
 /* Return Value	Meaning */
 /* UNIMPLEMENTED_COMMAND_INDEX	command is not implemented */
 /* other	index of the command */
 //** Command Attribute Functions
 //*** NextImplementedIndex()
 // This function is used when the lists are not compressed. In a compressed list,
 // only the implemented commands are present. So, a search might find a value
 // but that value may not be implemented. This function checks to see if the input
 // commandIndex points to an implemented command and, if not, it searches upwards
 // until it finds one. When the list is compressed, this function gets defined
 // as a no-op.
 //  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     command is not implemented
 //  other                           index of the command
 #if !COMPRESSED_LISTS
-static COMMAND_INDEX
+static COMMAND_INDEX NextImplementedIndex(COMMAND_INDEX commandIndex)
 NextImplementedIndex(
 		     COMMAND_INDEX       commandIndex
 		     )
 {
    for(; commandIndex < COMMAND_COUNT; commandIndex++)
    {
@ -106,20 +110,20 @@ NextImplementedIndex(
 #else
 #  define NextImplementedIndex(x) (x)
 #endif
 /* 9.3.3.2 GetClosestCommandIndex() */
 /* This function returns the command index for the command with a value that is equal to or greater
   than the input value */
 /* Return Value	Meaning */
 /* UNIMPLEMENTED_COMMAND_INDEX	command is not implemented */
 /* other	index of the command */
 //*** GetClosestCommandIndex()
 // This function returns the command index for the command with a value that is
 // equal to or greater than the input value
 //  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     command is not implemented
 //  other                           index of a command
 COMMAND_INDEX
-GetClosestCommandIndex(
+GetClosestCommandIndex(TPM_CC commandCode  // IN: the command code to start at
 		       TPM_CC           commandCode    // IN: the command code to start at
 )
 {
    BOOL          vendor      = (commandCode & CC_VEND) != 0;
    COMMAND_INDEX searchIndex = (COMMAND_INDEX)commandCode;
    // The commandCode is a UINT32 and the search index is UINT16. We are going to
    // search for a match but need to make sure that the commandCode value is not
    // out of range. To do this, need to clear the vendor bit of the commandCode
@ -127,6 +131,7 @@ GetClosestCommandIndex(
    // out of range, indicate that the command is not implemented
    if((commandCode & ~CC_VEND) != searchIndex)
        return UNIMPLEMENTED_COMMAND_INDEX;
    // if there is at least one vendor command, the last entry in the array will
    // have the v bit set. If the input commandCode is larger than the last
    // vendor-command, then it is out of range.
@ -144,8 +149,8 @@ GetClosestCommandIndex(
        // entry.
        // Note: Put this check first so that the typical case of only one vendor-
        // specific command doesn't waste any more time.
-	    if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC,
+        if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE], TPMA_CC, commandIndex)
-			     commandIndex) >= searchIndex)
+           >= searchIndex)
        {
            // the vendor array is always assumed to be packed so there is
            // no need to check to see if the command is implemented
@ -193,8 +198,9 @@ GetClosestCommandIndex(
 #endif
    }
    // Get here if the V-Bit was not set in 'commandCode'
-    if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC,
+
-		     commandIndex) < searchIndex)
+    if(GET_ATTRIBUTE(s_ccAttr[LIBRARY_COMMAND_ARRAY_SIZE - 1], TPMA_CC, commandIndex)
       < searchIndex)
    {
        // requested index is out of the range to the top
 #if VENDOR_COMMAND_ARRAY_SIZE > 0
@ -230,13 +236,14 @@ GetClosestCommandIndex(
        // The s_ccAttr array contains an extra entry at the end (a zero value).
        // Don't count this as an array entry. This means that max should start
        // out pointing to the last valid entry in the array which is - 2
-	    pAssert(max == (sizeof(s_ccAttr) / sizeof(TPMA_CC)
+        pAssert(
-			    - VENDOR_COMMAND_ARRAY_SIZE - 2));
+            max
            == (sizeof(s_ccAttr) / sizeof(TPMA_CC) - VENDOR_COMMAND_ARRAY_SIZE - 2));
        while(min <= max)
        {
            commandIndex = (min + max + 1) / 2;
-		    diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC,
+            diff = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex)
-					 commandIndex) - searchIndex;
+                   - searchIndex;
            if(diff == 0)
                return commandIndex;
            if(diff > 0)
@ -259,19 +266,20 @@ GetClosestCommandIndex(
        // The list is not compressed so offset into the array by the command
        // code value of the first entry in the list. Then go find the first
        // implemented command.
-	    return NextImplementedIndex(searchIndex
+        return NextImplementedIndex(
-	                                - (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
+            searchIndex - (COMMAND_INDEX)GET_ATTRIBUTE(s_ccAttr[0], TPMA_CC, commandIndex)); // libtpms changed
 #endif
    }
 }
-/* 9.3.3.3 CommandCodeToComandIndex() */
+
-/* This function returns the index in the various attributes arrays of the command. */
+//*** CommandCodeToComandIndex()
-/* Return Values Meaning */
+// This function returns the index in the various attributes arrays of the
-/* UNIMPLEMENTED_COMMAND_INDEX command is not implemented */
+// command.
-/* other index of the command */
+//  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     command is not implemented
 //  other                           index of the command
 COMMAND_INDEX
-CommandCodeToCommandIndex(
+CommandCodeToCommandIndex(TPM_CC commandCode  // IN: the command code to look up
 			  TPM_CC           commandCode    // IN: the command code to look up
 )
 {
    // Extract the low 16-bits of the command code to get the starting search index
@ -297,6 +305,7 @@ CommandCodeToCommandIndex(
 #endif
    // Need this code for any vendor code lookup or for compressed lists
    commandIndex = GetClosestCommandIndex(commandCode);
    // Look at the returned value from get closest. If it isn't the one that was
    // requested, then the command is not implemented.
    // libtpms: Or it may be runtime-disabled
@ -311,14 +320,14 @@ CommandCodeToCommandIndex(
    }
    return commandIndex;
 }
-/* 9.3.3.4 GetNextCommandIndex() */
+
-/* This function returns the index of the next implemented command. */
+//*** GetNextCommandIndex()
-/* Return Values Meaning */
+// This function returns the index of the next implemented command.
-/* UNIMPLEMENTED_COMMAND_INDEX no more implemented commands */
+//  Return Type: COMMAND_INDEX
-/* other the index of the next implemented command */
+//  UNIMPLEMENTED_COMMAND_INDEX     no more implemented commands
 //  other                           the index of the next implemented command
 COMMAND_INDEX
-GetNextCommandIndex(
+GetNextCommandIndex(COMMAND_INDEX commandIndex  // IN: the starting index
 		    COMMAND_INDEX    commandIndex   // IN: the starting index
 )
 {
    while(++commandIndex < COMMAND_COUNT)
@ -334,29 +343,30 @@ GetNextCommandIndex(
    }
    return UNIMPLEMENTED_COMMAND_INDEX;
 }
-/* 9.3.3.5 GetCommandCode() */
+
-/* This function returns the commandCode associated with the command index */
+//*** GetCommandCode()
 // This function returns the commandCode associated with the command index
 TPM_CC
-GetCommandCode(
+GetCommandCode(COMMAND_INDEX commandIndex  // IN: the command index
 	       COMMAND_INDEX    commandIndex   // IN: the command index
 )
 {
-    TPM_CC           commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex],
+    TPM_CC commandCode = GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex);
 						 TPMA_CC, commandIndex);
    if(IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
        commandCode += CC_VEND;
    return commandCode;
 }
-/* 9.3.3.6 CommandAuthRole() */
+
-/* This function returns the authorization role required of a handle. */
+//*** CommandAuthRole()
-/* Return Values Meaning */
+//
-/* AUTH_NONE no authorization is required */
+//  This function returns the authorization role required of a handle.
-/* AUTH_USER user role authorization is required */
+//
-/* AUTH_ADMIN admin role authorization is required */
+//  Return Type: AUTH_ROLE
-/* AUTH_DUP duplication role authorization is required */
+//  AUTH_NONE       no authorization is required
 //  AUTH_USER       user role authorization is required
 //  AUTH_ADMIN      admin role authorization is required
 //  AUTH_DUP        duplication role authorization is required
 AUTH_ROLE
-CommandAuthRole(
+CommandAuthRole(COMMAND_INDEX commandIndex,  // IN: command index
 		COMMAND_INDEX    commandIndex,  // IN: command index
                UINT32        handleIndex    // IN: handle index (zero based)
 )
 {
@ -364,6 +374,7 @@ CommandAuthRole(
    {
        // Any authorization role set?
        COMMAND_ATTRIBUTES properties = s_commandAttributes[commandIndex];
        if(properties & HANDLE_1_USER)
            return AUTH_USER;
        if(properties & HANDLE_1_ADMIN)
@ -378,72 +389,63 @@ CommandAuthRole(
    }
    return AUTH_NONE;
 }
 /* 9.3.3.7 EncryptSize() */
 /* This function returns the size of the decrypt size field. This function returns 0 if encryption
   is not allowed */
 /* Return Values Meaning */
 /* 0 encryption not allowed */
 /* 2 size field is two bytes */
 /* 4 size field is four bytes */
-int
+//*** EncryptSize()
-EncryptSize(
+// This function returns the size of the decrypt size field. This function returns
-	    COMMAND_INDEX    commandIndex   // IN: command index
+// 0 if encryption is not allowed
 //  Return Type: int
 //  0       encryption not allowed
 //  2       size field is two bytes
 //  4       size field is four bytes
 int EncryptSize(COMMAND_INDEX commandIndex  // IN: command index
 )
 {
-    return ((s_commandAttributes[commandIndex] & ENCRYPT_2) ? 2 :
+    return ((s_commandAttributes[commandIndex] & ENCRYPT_2)   ? 2
-	    (s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4 : 0);
+            : (s_commandAttributes[commandIndex] & ENCRYPT_4) ? 4
                                                              : 0);
 }
-/* 9.3.3.8 DecryptSize() */
+//*** DecryptSize()
-/* This function returns the size of the decrypt size field. This function returns 0 if decryption
+// This function returns the size of the decrypt size field. This function returns
-   is not allowed */
+// 0 if decryption is not allowed
-/* Return Values Meaning */
+//  Return Type: int
-/* 0 encryption not allowed */
+//  0       encryption not allowed
-/* 2 size field is two bytes */
+//  2       size field is two bytes
-/* 4 size field is four bytes */
+//  4       size field is four bytes
-
+int DecryptSize(COMMAND_INDEX commandIndex  // IN: command index
 int
 DecryptSize(
 	    COMMAND_INDEX    commandIndex   // IN: command index
 )
 {
-    return ((s_commandAttributes[commandIndex] & DECRYPT_2) ? 2 :
+    return ((s_commandAttributes[commandIndex] & DECRYPT_2)   ? 2
-	    (s_commandAttributes[commandIndex] & DECRYPT_4) ? 4 : 0);
+            : (s_commandAttributes[commandIndex] & DECRYPT_4) ? 4
                                                              : 0);
 }
-/* 9.3.3.9 IsSessionAllowed() */
+//*** IsSessionAllowed()
-/* This function indicates if the command is allowed to have sessions. */
+//
-/* This function must not be called if the command is not known to be implemented. */
+// This function indicates if the command is allowed to have sessions.
-/* Return Values Meaning */
+//
-/* TRUE session is allowed with this command */
+// This function must not be called if the command is not known to be implemented.
-/* FALSE session is not allowed with this command */
+//
-
+//  Return Type: BOOL
-BOOL
+//      TRUE(1)         session is allowed with this command
-IsSessionAllowed(
+//      FALSE(0)        session is not allowed with this command
-		 COMMAND_INDEX    commandIndex   // IN: the command to be checked
+BOOL IsSessionAllowed(COMMAND_INDEX commandIndex  // IN: the command to be checked
 )
 {
    return ((s_commandAttributes[commandIndex] & NO_SESSIONS) == 0);
 }
-/* 9.3.3.10 IsHandleInResponse() */
+//*** IsHandleInResponse()
-/* This function determines if a command has a handle in the response */
+// This function determines if a command has a handle in the response
-
+BOOL IsHandleInResponse(COMMAND_INDEX commandIndex)
 BOOL
 IsHandleInResponse(
 		   COMMAND_INDEX    commandIndex
 		   )
 {
    return ((s_commandAttributes[commandIndex] & R_HANDLE) != 0);
 }
-/* 9.3.3.11 IsWriteOperation() */
+//*** IsWriteOperation()
-/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
+// Checks to see if an operation will write to an NV Index and is subject to being
-   read-lock */
+// blocked by read-lock
-BOOL
+BOOL IsWriteOperation(COMMAND_INDEX commandIndex  // IN: Command to check
 IsWriteOperation(
 		 COMMAND_INDEX    commandIndex   // IN: Command to check
 )
 {
 #ifdef WRITE_LOCK
@ -478,17 +480,17 @@ IsWriteOperation(
    return FALSE;
 #endif
 }
-/* 9.3.3.12 IsReadOperation() */
+
-/* Checks to see if an operation will write to an NV Index and is subject to being blocked by
+//*** IsReadOperation()
-   write-lock. */
+// Checks to see if an operation will write to an NV Index and is
-BOOL
+// subject to being blocked by write-lock.
-IsReadOperation(
+BOOL IsReadOperation(COMMAND_INDEX commandIndex  // IN: Command to check
 		COMMAND_INDEX    commandIndex   // IN: Command to check
 )
 {
 #ifdef READ_LOCK
    return ((s_commandAttributes[commandIndex] & READ_LOCK) != 0);
 #else
    if(!IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V))
    {
        switch(GET_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, commandIndex))
@ -508,15 +510,15 @@ IsReadOperation(
    return FALSE;
 #endif
 }
-/* 9.3.3.13 CommandCapGetCCList() */
+
-/* This function returns a list of implemented commands and command attributes starting from the
+//*** CommandCapGetCCList()
-   command in commandCode. */
+// This function returns a list of implemented commands and command attributes
-/* Return Values Meaning */
+// starting from the command in 'commandCode'.
-/* YES more command attributes are available */
+//  Return Type: TPMI_YES_NO
-/* NO no more command attributes are available */
+//      YES         more command attributes are available
 //      NO          no more command attributes are available
 TPMI_YES_NO
-CommandCapGetCCList(
+CommandCapGetCCList(TPM_CC commandCode,  // IN: start command code
 		    TPM_CC           commandCode,   // IN: start command code
                    UINT32 count,        // IN: maximum count for number of entries in
                                         //     'commandList'
                    TPML_CCA* commandList  // OUT: list of TPMA_CC
@ -524,8 +526,10 @@ CommandCapGetCCList(
 {
    TPMI_YES_NO   more = NO;
    COMMAND_INDEX commandIndex;
    // initialize output handle list count
    commandList->count = 0;
    for(commandIndex = GetClosestCommandIndex(commandCode);
        commandIndex != UNIMPLEMENTED_COMMAND_INDEX;
        commandIndex = GetNextCommandIndex(commandIndex))
@ -542,8 +546,8 @@ CommandCapGetCCList(
        if(commandList->count < count)
        {
            // If the list is not full, add the attributes for this command.
-		    commandList->commandAttributes[commandList->count]
+            commandList->commandAttributes[commandList->count] =
-			= s_ccAttr[commandIndex];
+                s_ccAttr[commandIndex];
            commandList->count++;
        }
        else
@ -556,6 +560,7 @@ CommandCapGetCCList(
    }
    return more;
 }
 //*** CommandCapGetOneCC()
 // This function checks whether a command is implemented, and returns its
 // attributes if so.
@ -572,18 +577,15 @@ BOOL CommandCapGetOneCC(TPM_CC   commandCode,       // IN: command code
    return FALSE;
 }
 #if 0 /* libtpms added */
 /* 9.3.3.14 IsVendorCommand() */
 /* Function indicates if a command index references a vendor command. */
 /* Return Values Meaning */
 /* TRUE command is a vendor command */
 /* FALSE command is not a vendor command */
-BOOL
+//*** IsVendorCommand()
-IsVendorCommand(
+// Function indicates if a command index references a vendor command.
-		COMMAND_INDEX    commandIndex   // IN: command index to check
+//  Return Type: BOOL
 //      TRUE(1)         command is a vendor command
 //      FALSE(0)        command is not a vendor command
 BOOL IsVendorCommand(COMMAND_INDEX commandIndex  // IN: command index to check
 )
 {
    return (IS_ATTRIBUTE(s_ccAttr[commandIndex], TPMA_CC, V));
 }
 #endif /* libtpms added */
--- a/src/tpm2/CommandCodeAttributes_fp.h
+++ b/src/tpm2/CommandCodeAttributes_fp.h
@ -58,70 +58,141 @@
 /*										*/
 /********************************************************************************/
-#ifndef COMMANDCODEATTRIBUTES_FP_H
+/*(Auto-generated)
-#define COMMANDCODEATTRIBUTES_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
 #ifndef _COMMAND_CODE_ATTRIBUTES_FP_H_
 #define _COMMAND_CODE_ATTRIBUTES_FP_H_
 //*** GetClosestCommandIndex()
 // This function returns the command index for the command with a value that is
 // equal to or greater than the input value
 //  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     command is not implemented
 //  other                           index of a command
 COMMAND_INDEX
-GetClosestCommandIndex(
+GetClosestCommandIndex(TPM_CC commandCode  // IN: the command code to start at
 		       TPM_CC           commandCode    // IN: the command code to start at
 );
 //*** CommandCodeToComandIndex()
 // This function returns the index in the various attributes arrays of the
 // command.
 //  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     command is not implemented
 //  other                           index of the command
 COMMAND_INDEX
-CommandCodeToCommandIndex(
+CommandCodeToCommandIndex(TPM_CC commandCode  // IN: the command code to look up
 			  TPM_CC           commandCode    // IN: the command code to look up
 );
 //*** GetNextCommandIndex()
 // This function returns the index of the next implemented command.
 //  Return Type: COMMAND_INDEX
 //  UNIMPLEMENTED_COMMAND_INDEX     no more implemented commands
 //  other                           the index of the next implemented command
 COMMAND_INDEX
-GetNextCommandIndex(
+GetNextCommandIndex(COMMAND_INDEX commandIndex  // IN: the starting index
 		    COMMAND_INDEX    commandIndex   // IN: the starting index
 );
 //*** GetCommandCode()
 // This function returns the commandCode associated with the command index
 TPM_CC
-GetCommandCode(
+GetCommandCode(COMMAND_INDEX commandIndex  // IN: the command index
 	       COMMAND_INDEX    commandIndex   // IN: the command index
 );
 //*** CommandAuthRole()
 //
 //  This function returns the authorization role required of a handle.
 //
 //  Return Type: AUTH_ROLE
 //  AUTH_NONE       no authorization is required
 //  AUTH_USER       user role authorization is required
 //  AUTH_ADMIN      admin role authorization is required
 //  AUTH_DUP        duplication role authorization is required
 AUTH_ROLE
-CommandAuthRole(
+CommandAuthRole(COMMAND_INDEX commandIndex,  // IN: command index
 		COMMAND_INDEX    commandIndex,  // IN: command index
                UINT32        handleIndex    // IN: handle index (zero based)
 );
-int
+
-EncryptSize(
+//*** EncryptSize()
-	    COMMAND_INDEX    commandIndex   // IN: command index
+// This function returns the size of the decrypt size field. This function returns
 // 0 if encryption is not allowed
 //  Return Type: int
 //  0       encryption not allowed
 //  2       size field is two bytes
 //  4       size field is four bytes
 int EncryptSize(COMMAND_INDEX commandIndex  // IN: command index
 );
-int
+
-DecryptSize(
+//*** DecryptSize()
-	    COMMAND_INDEX    commandIndex   // IN: command index
+// This function returns the size of the decrypt size field. This function returns
 // 0 if decryption is not allowed
 //  Return Type: int
 //  0       encryption not allowed
 //  2       size field is two bytes
 //  4       size field is four bytes
 int DecryptSize(COMMAND_INDEX commandIndex  // IN: command index
 );
-BOOL
+
-IsSessionAllowed(
+//*** IsSessionAllowed()
-		 COMMAND_INDEX    commandIndex   // IN: the command to be checked
+//
 // This function indicates if the command is allowed to have sessions.
 //
 // This function must not be called if the command is not known to be implemented.
 //
 //  Return Type: BOOL
 //      TRUE(1)         session is allowed with this command
 //      FALSE(0)        session is not allowed with this command
 BOOL IsSessionAllowed(COMMAND_INDEX commandIndex  // IN: the command to be checked
 );
-BOOL
+
-IsHandleInResponse(
+//*** IsHandleInResponse()
-		   COMMAND_INDEX    commandIndex
+// This function determines if a command has a handle in the response
 BOOL IsHandleInResponse(COMMAND_INDEX commandIndex);
 //*** IsWriteOperation()
 // Checks to see if an operation will write to an NV Index and is subject to being
 // blocked by read-lock
 BOOL IsWriteOperation(COMMAND_INDEX commandIndex  // IN: Command to check
 );
-BOOL
+
-IsWriteOperation(
+//*** IsReadOperation()
-		 COMMAND_INDEX    commandIndex   // IN: Command to check
+// Checks to see if an operation will write to an NV Index and is
-		 );
+// subject to being blocked by write-lock.
-BOOL
+BOOL IsReadOperation(COMMAND_INDEX commandIndex  // IN: Command to check
 IsReadOperation(
 		COMMAND_INDEX    commandIndex   // IN: Command to check
 );
 //*** CommandCapGetCCList()
 // This function returns a list of implemented commands and command attributes
 // starting from the command in 'commandCode'.
 //  Return Type: TPMI_YES_NO
 //      YES         more command attributes are available
 //      NO          no more command attributes are available
 TPMI_YES_NO
-CommandCapGetCCList(
+CommandCapGetCCList(TPM_CC commandCode,  // IN: start command code
 		    TPM_CC           commandCode,   // IN: start command code
                    UINT32 count,        // IN: maximum count for number of entries in
                                         //     'commandList'
                    TPML_CCA* commandList  // OUT: list of TPMA_CC
 );
 //*** CommandCapGetOneCC()
 // This function checks whether a command is implemented, and returns its
 // attributes if so.
 BOOL CommandCapGetOneCC(TPM_CC   commandCode,       // IN: command code
                        TPMA_CC* commandAttributes  // OUT: Command attributes
 );
 #if 0  /* libtpms added */
-BOOL
+
-IsVendorCommand(
+//*** IsVendorCommand()
-		COMMAND_INDEX    commandIndex   // IN: command index to check
+// Function indicates if a command index references a vendor command.
 //  Return Type: BOOL
 //      TRUE(1)         command is a vendor command
 //      FALSE(0)        command is not a vendor command
 BOOL IsVendorCommand(COMMAND_INDEX commandIndex  // IN: command index to check
 );
 #endif /* libtpms added */
-
+#endif  // _COMMAND_CODE_ATTRIBUTES_FP_H_
 #endif
--- a/src/tpm2/CommandDispatchData.h
+++ b/src/tpm2/CommandDispatchData.h
--- a/src/tpm2/CommandDispatcher.c
+++ b/src/tpm2/CommandDispatcher.c
@ -59,43 +59,69 @@
 /*										*/
 /********************************************************************************/
-/* 6.3 CommandDispatcher.c */
+//* Includes and Typedefs
 /* CommandDispatcher() performs the following operations: */
 /* *	unmarshals command parameters from the input buffer; */
 /* NOTE Unlike other unmarshaling functions, parmBufferStart does not advance.  parmBufferSize Is
   reduced.  */
 /* *	invokes the function that performs the command actions; */
 /* *	marshals the returned handles, if any; and */
 /* *	marshals the returned parameters, if any, into the output buffer putting in the
   *	parameterSize field if authorization sessions are present. */
 /* NOTE 1 The output buffer is the return from the MemoryGetResponseBuffer() function.  It includes
   the header, handles, response parameters, and authorization area. respParmSize is the response
   parameter size, and does not include the header, handles, or authorization area. */
 /* NOTE 2 The reference implementation is permitted to do compare operations over a union as a byte
   array.  Therefore, the command parameter in structure must be initialized (e.g., zeroed) before
   unmarshaling so that the compare operation is valid in cases where some bytes are unused. */
 /* 6.3.1.1 Includes and Typedefs */
 #include "Tpm.h"
-// #include "Marshal.h" kgold
+#include "Marshal.h"
 #if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
 #if TABLE_DRIVEN_DISPATCH
 typedef TPM_RC(NoFlagFunction)(void* target, BYTE** buffer, INT32* size);
 typedef TPM_RC(FlagFunction)(void* target, BYTE** buffer, INT32* size, BOOL flag);
 typedef FlagFunction* UNMARSHAL_t;
 typedef INT16(MarshalFunction)(void* source, BYTE** buffer, INT32* size);
 typedef MarshalFunction* MARSHAL_t;
 typedef TPM_RC(COMMAND_NO_ARGS)(void);
 typedef TPM_RC(COMMAND_IN_ARG)(void* in);
 typedef TPM_RC(COMMAND_OUT_ARG)(void* out);
 typedef TPM_RC(COMMAND_INOUT_ARG)(void* in, void* out);
-typedef union
+
 typedef union COMMAND_t
 {
    COMMAND_NO_ARGS*   noArgs;
    COMMAND_IN_ARG*    inArg;
    COMMAND_OUT_ARG*   outArg;
    COMMAND_INOUT_ARG* inOutArg;
 } COMMAND_t;
-typedef struct
+
 // This structure is used by ParseHandleBuffer() and CommandDispatcher(). The
 // parameters in this structure are unique for each command. The parameters are:
 // command      holds the address of the command processing function that is called
 //              by Command Dispatcher
 // inSize       This is the size of the command-dependent input structure. The
 //              input structure holds the unmarshaled handles and command
 //              parameters. If the command takes no arguments (handles or
 //              parameters) then inSize will have a value of 0.
 // outSize      This is the size of the command-dependent output structure. The
 //              output structure holds the results of the command in an unmarshaled
 //              form. When command processing is completed, these values are
 //              marshaled into the output buffer. It is always the case that the
 //              unmarshaled version of an output structure is larger then the
 //              marshaled version. This is because the marshaled version contains
 //              the exact same number of significant bytes but with padding removed.
 // typesOffsets    This parameter points to the list of data types that are to be
 //              marshaled or unmarshaled. The list of types follows the 'offsets'
 //              array. The offsets array is variable sized so the typesOffset filed
 //              is necessary for the handle and command processing to be able to
 //              find the types that are being handled. The 'offsets' array may be
 //              empty. The 'types' structure is described below.
 // offsets      This is an array of offsets of each of the parameters in the
 //              command or response. When processing the command parameters (not
 //              handles) the list contains the offset of the next parameter. For
 //              example, if the first command parameter has a size of 4 and there is
 //              a second command parameter, then the offset would be 4, indicating
 //              that the second parameter starts at 4. If the second parameter has
 //              a size of 8, and there is a third parameter, then the second entry
 //              in offsets is 12 (4 for the first parameter and 8 for the second).
 //              An offset value of 0 in the list indicates the start of the response
 //              parameter list. When CommandDispatcher hits this value, it will stop
 //              unmarshaling the parameters and call 'command'. If a command has no
 //              response parameters and only one command parameter, then offsets can
 //              be an empty list.
 typedef struct COMMAND_DESCRIPTOR_t
 {
    COMMAND_t command;      // Address of the command
    UINT16    inSize;       // Maximum size of the input structure
@ -103,6 +129,26 @@ typedef struct
    UINT16    typesOffset;  // address of the types field
    UINT16    offsets[1];
 } COMMAND_DESCRIPTOR_t;
 // The 'types' list is an encoded byte array. The byte value has two parts. The most
 // significant bit is used when a parameter takes a flag and indicates if the flag
 // should be SET or not. The remaining 7 bits are an index into an array of
 // addresses of marshaling and unmarshaling functions.
 // The array of functions is divided into 6 sections with a value assigned
 // to denote the start of that section (and the end of the previous section). The
 // defined offset values for each section are:
 // 0                                unmarshaling for handles that do not take flags
 // HANDLE_FIRST_FLAG_TYPE           unmarshaling for handles that take flags
 // PARAMETER_FIRST_TYPE             unmarshaling for parameters that do not take flags
 // PARAMETER_FIRST_FLAG_TYPE        unmarshaling for parameters that take flags
 // PARAMETER_LAST_TYPE + 1          marshaling for handles
 // RESPONSE_PARAMETER_FIRST_TYPE    marshaling for parameters
 // RESPONSE_PARAMETER_LAST_TYPE     is the last value in the list of marshaling and
 //                                  unmarshaling functions.
 //
 // The types list is constructed with a byte of 0xff at the end of the command
 // parameters and with an 0xff at the end of the response parameters.
 #  if COMPRESSED_LISTS
 #    define PAD_LIST 0
 #  else
@ -110,39 +156,46 @@ typedef struct
 #  endif
 #  define _COMMAND_TABLE_DISPATCH_
 #  include "CommandDispatchData.h"
 #  define TEST_COMMAND TPM_CC_Startup
 #  define NEW_CC
 #else
 #  include "Commands.h"
 #endif
-/* 6.3.1.2   Marshal/Unmarshal Functions */
+//* Marshal/Unmarshal Functions
 /* 6.3.1.2.1 ParseHandleBuffer() */
 /* This is the table-driven version of the handle buffer unmarshaling code */
 //** ParseHandleBuffer()
 // This is the table-driven version of the handle buffer unmarshaling code
 TPM_RC
-ParseHandleBuffer(
+ParseHandleBuffer(COMMAND* command)
 		  COMMAND                 *command
 		  )
 {
    TPM_RC result;
-#if TABLE_DRIVEN_DISPATCH
+#if TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
    COMMAND_DESCRIPTOR_t* desc;
    BYTE*                 types;
    BYTE                  type;
    BYTE                  dType;
    // Make sure that nothing strange has happened
-    pAssert(command->index
+    pAssert(
-	    < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
+        command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
    // Get the address of the descriptor for this command
    desc = s_CommandDataArray[command->index];
    pAssert(desc != NULL);
    // Get the associated list of unmarshaling data types.
    types = &((BYTE*)desc)[desc->typesOffset];
    //    if(s_ccAttr[commandIndex].commandIndex == TEST_COMMAND)
    //        commandIndex = commandIndex;
    // No handles yet
    command->handleNum = 0;
    // Get the first type value
    for(type = *types++;
        // check each byte to make sure that we have not hit the start
@ -154,11 +207,12 @@ ParseHandleBuffer(
 #  if TABLE_DRIVEN_MARSHAL
        marshalIndex_t index;
        index  = unmarshalArray[dType] | ((type & 0x80) ? NULL_FLAG : 0);
-    result = Unmarshal(index, &(command->handles[command->handleNum]),
+        result = Unmarshal(index,
-		       &command->parameterBuffer, &command->parameterSize);
+                           &(command->handles[command->handleNum]),
                           &command->parameterBuffer,
                           &command->parameterSize);
 #  else
        // See if unmarshaling of this handle type requires a flag
        if(dType < HANDLE_FIRST_FLAG_TYPE)
        {
@ -173,12 +227,15 @@ ParseHandleBuffer(
        {
            //  Look up the function
            FlagFunction* f = unmarshalArray[dType];
            // Call it setting the flag to the appropriate value
            result = f(&(command->handles[command->handleNum]),
                       &command->parameterBuffer,
-			       &command->parameterSize, (type & 0x80) != 0);
+                       &command->parameterSize,
                       (type & 0x80) != 0);
        }
 #  endif
        // Got a handle
        // We do this first so that the match for the handle offset of the
        // response code works correctly.
@ -206,16 +263,13 @@ ParseHandleBuffer(
    return TPM_RC_SUCCESS;
 }
-/* 6.3.1.2.2	CommandDispatcher() */
+//** CommandDispatcher()
-/* Function to unmarshal the command parameters, call the selected action code, and marshal the
+// Function to unmarshal the command parameters, call the selected action code, and
-   response parameters. */
+// marshal the response parameters.
 TPM_RC
-CommandDispatcher(
+CommandDispatcher(COMMAND* command)
 		  COMMAND                 *command
 		  )
 {
-#if !TABLE_DRIVEN_DISPATCH
+#if !TABLE_DRIVEN_DISPATCH || TABLE_DRIVEN_MARSHAL
    TPM_RC      result;
    BYTE**      paramBuffer     = &command->parameterBuffer;
    INT32*      paramBufferSize = &command->parameterSize;
@ -223,13 +277,17 @@ CommandDispatcher(
    INT32*      respParmSize    = &command->parameterSize;
    INT32       rSize;
    TPM_HANDLE* handles = &command->handles[0];
-
+    //
-    command->handleNum = 0;	/* The command-specific code knows how many handles there are. This
+    command->handleNum = 0;           // The command-specific code knows how
-				   is for cataloging the number of response handles */
+                                      // many handles there are. This is for
-    MemoryIoBufferAllocationReset();        /* Initialize so that allocation will work properly */
+                                      // cataloging the number of response
                                      // handles
    MemoryIoBufferAllocationReset();  // Initialize so that allocation will
                                      // work properly
    switch(GetCommandCode(command->index))
    {
 #  include "CommandDispatcher.h"
        default:
            FAIL(FATAL_ERROR_INTERNAL);
            break;
@ -256,27 +314,33 @@ CommandDispatcher(
    TPM_RC                result;
    //
    // Get the address of the descriptor for this command
-    pAssert(command->index
+    pAssert(
-	    < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t *));
+        command->index < sizeof(s_CommandDataArray) / sizeof(COMMAND_DESCRIPTOR_t*));
    desc = s_CommandDataArray[command->index];
    // Get the list of parameter types for this command
    pAssert(desc != NULL);
    types = &((BYTE*)desc)[desc->typesOffset];
    // Get a pointer to the list of parameter offsets
    offsets = &desc->offsets[0];
    // pointer to handles
    handles = command->handles;
    // Get the size required to hold all the unmarshaled parameters for this command
    maxInSize = desc->inSize;
    // and the size of the output parameter structure returned by this command
    maxOutSize = desc->outSize;
    MemoryIoBufferAllocationReset();
    // Get a buffer for the input parameters
    commandIn = MemoryGetInBuffer(maxInSize);
    // And the output parameters
    commandOut = (BYTE*)MemoryGetOutBuffer((UINT32)maxOutSize);
    // Get the address of the action code dispatch
    cmd = desc->command;
    // Copy any handles into the input buffer
    for(type = *types++; (type & 0x7F) < PARAMETER_FIRST_TYPE; type = *types++)
    {
@ -295,6 +359,7 @@ CommandDispatcher(
    // maxInSize has the amount of space remaining in the command action input
    // buffer. Make sure that we don't have more data to unmarshal than is going to
    // fit.
    // type contains the last value read from types so it is not necessary to
    // reload it, which is good because *types now points to the next value
    for(; (dType = (type & 0x7F)) <= PARAMETER_LAST_TYPE; type = *types++)
@ -304,20 +369,24 @@ CommandDispatcher(
        {
            marshalIndex_t index = unmarshalArray[dType];
            index |= (type & 0x80) ? NULL_FLAG : 0;
-		result = Unmarshal(index, &commandIn[offset], &command->parameterBuffer,
+            result = Unmarshal(index,
                               &commandIn[offset],
                               &command->parameterBuffer,
                               &command->parameterSize);
        }
 #  else
        if(dType < PARAMETER_FIRST_FLAG_TYPE)
        {
            NoFlagFunction* f = (NoFlagFunction*)unmarshalArray[dType];
-		    result = f(&commandIn[offset], &command->parameterBuffer,
+            result            = f(&commandIn[offset],
                       &command->parameterBuffer,
                       &command->parameterSize);
        }
        else
        {
            FlagFunction* f = unmarshalArray[dType];
-		    result = f(&commandIn[offset], &command->parameterBuffer,
+            result          = f(&commandIn[offset],
                       &command->parameterBuffer,
                       &command->parameterSize,
                       (type & 0x80) != 0);
        }
@ -340,12 +409,14 @@ CommandDispatcher(
        result = TPM_RC_SIZE;
        goto Exit;
    }
    // The command parameter unmarshaling stopped when it hit a value that was out
    // of range for unmarshaling values and left *types pointing to the first
    // marshaling type. If that type happens to be the STOP value, then there
    // are no response parameters. So, set the flag to indicate if there are
    // output parameters.
    hasOutParameters = *types != 0xFF;
    // There are four cases for calling, with and without input parameters and with
    // and without output parameters.
    if(hasInParameters > 0)
@ -364,10 +435,13 @@ CommandDispatcher(
    }
    if(result != TPM_RC_SUCCESS)
        goto Exit;
    // Offset in the marshaled output structure
    offset = 0;
    // Process the return handles, if any
    command->handleNum = 0;
    // Could make this a loop to process output handles but there is only ever
    // one handle in the outputs (for now).
    type = *types++;
@ -386,18 +460,18 @@ CommandDispatcher(
    // no pointers to data, all of the data being returned has to be in the
    // command action output buffer. If we try to marshal more bytes than
    // could fit into the output buffer, we need to fail.
-    for(;(dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE
+    for(; (dType = (type & 0x7F)) <= RESPONSE_PARAMETER_LAST_TYPE && !g_inFailureMode;
-	    && !g_inFailureMode; type = *types++)
+        type = *types++)
    {
 #  if TABLE_DRIVEN_MARSHAL
        marshalIndex_t index = marshalArray[dType];
-	    command->parameterSize += Marshal(index, &commandOut[offset],
+        command->parameterSize += Marshal(
-					      &command->responseBuffer,
+            index, &commandOut[offset], &command->responseBuffer, &maxOutSize);
 					      &maxOutSize);
 #  else
        const MARSHAL_t f = marshalArray[dType];
-	    command->parameterSize += f(&commandOut[offset], &command->responseBuffer,
+
-					&maxOutSize);
+        command->parameterSize +=
            f(&commandOut[offset], &command->responseBuffer, &maxOutSize);
 #  endif
        offset = *offsets++;
    }
--- a/src/tpm2/CommandDispatcher_fp.h
+++ b/src/tpm2/CommandDispatcher_fp.h
@ -59,17 +59,23 @@
 /*										*/
 /********************************************************************************/
-#ifndef COMMANDDISPATCHER_FP_H
+/*(Auto-generated)
-#define COMMANDDISPATCHER_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar  7, 2020  Time: 07:06:44PM
 */
 #ifndef _COMMAND_DISPATCHER_FP_H_
 #define _COMMAND_DISPATCHER_FP_H_
 //** ParseHandleBuffer()
 // This is the table-driven version of the handle buffer unmarshaling code
 TPM_RC
-CommandDispatcher(
+ParseHandleBuffer(COMMAND* command);
-		  COMMAND                 *command
+
-		  );
+//** CommandDispatcher()
 // Function to unmarshal the command parameters, call the selected action code, and
 // marshal the response parameters.
 TPM_RC
-ParseHandleBuffer(
+CommandDispatcher(COMMAND* command);
 		  COMMAND                 *command
 		  );
-
+#endif  // _COMMAND_DISPATCHER_FP_H_
 #endif
--- a/src/tpm2/Commit_fp.h
+++ b/src/tpm2/Commit_fp.h
@ -59,36 +59,41 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef COMMIT_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define COMMIT_FP_H
-typedef struct {
+#if CC_Commit  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT       signHandle;
    TPM2B_ECC_POINT      P1;
    TPM2B_SENSITIVE_DATA s2;
    TPM2B_ECC_PARAMETER  y2;
 } Commit_In;
-#define RC_Commit_signHandle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_Commit_P1 		(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_Commit_s2 		(TPM_RC_P + TPM_RC_2)
+{
 #define RC_Commit_y2 		(TPM_RC_P + TPM_RC_3)
 typedef struct {
    TPM2B_ECC_POINT K;
    TPM2B_ECC_POINT L;
    TPM2B_ECC_POINT E;
    UINT16          counter;
 } Commit_Out;
 // Response code modifiers
 #    define RC_Commit_signHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_Commit_P1         (TPM_RC_P + TPM_RC_1)
 #    define RC_Commit_s2         (TPM_RC_P + TPM_RC_2)
 #    define RC_Commit_y2         (TPM_RC_P + TPM_RC_3)
 // Function prototype
 TPM_RC
-TPM2_Commit(
+TPM2_Commit(Commit_In* in, Commit_Out* out);
 	    Commit_In       *in,            // IN: input parameter list
 	    Commit_Out      *out            // OUT: output parameter list
 	    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_COMMIT_FP_H_
-
+#endif    // CC_Commit
 #endif
--- a/src/tpm2/ContextLoad_fp.h
+++ b/src/tpm2/ContextLoad_fp.h
@ -59,26 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CONTEXTLOAD_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CONTEXTLOAD_FP_H
-typedef struct {
+#if CC_ContextLoad  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMS_CONTEXT context;
 } ContextLoad_In;
-#define RC_ContextLoad_context 	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPMI_DH_CONTEXT loadedHandle;
 } ContextLoad_Out;
 // Response code modifiers
 #    define RC_ContextLoad_context (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ContextLoad(
+TPM2_ContextLoad(ContextLoad_In* in, ContextLoad_Out* out);
 		 ContextLoad_In      *in,            // IN: input parameter list
 		 ContextLoad_Out     *out            // OUT: output parameter list
 		 );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTLOAD_FP_H_
-#endif
+#endif    // CC_ContextLoad
--- a/src/tpm2/ContextSave_fp.h
+++ b/src/tpm2/ContextSave_fp.h
@ -59,26 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CONTEXTSAVE_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CONTEXTSAVE_FP_H
-typedef struct {
+#if CC_ContextSave  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_CONTEXT saveHandle;
 } ContextSave_In;
-#define RC_ContextSave_saveHandle	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPMS_CONTEXT context;
 } ContextSave_Out;
 // Response code modifiers
 #    define RC_ContextSave_saveHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ContextSave(
+TPM2_ContextSave(ContextSave_In* in, ContextSave_Out* out);
 		 ContextSave_In      *in,            // IN: input parameter list
 		 ContextSave_Out     *out            // OUT: output parameter list
 		 );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CONTEXTSAVE_FP_H_
-#endif
+#endif    // CC_ContextSave
--- a/src/tpm2/Context_spt.c
+++ b/src/tpm2/Context_spt.c
@ -236,7 +236,7 @@ TPM_RC ComputeContextIntegrity(TPMS_CONTEXT* contextBlob,  // IN: context blob
    return TPM_RC_SUCCESS;
 }
-#if 0
+#if 0						// libtpms added
 //*** SequenceDataExport();
 // This function is used scan through the sequence object and
 // either modify the hash state data for export (contextSave) or to
@ -290,4 +290,4 @@ void SequenceDataImport(
        CryptHashImportState(hash, (EXPORT_HASH_STATE*)importHash);
    }
 }
-#endif
+#endif						// libtpms added
--- a/src/tpm2/CreateLoaded_fp.h
+++ b/src/tpm2/CreateLoaded_fp.h
@ -59,32 +59,39 @@
 /*										*/
 /********************************************************************************/
 #ifndef CREATELOADED_FP_H
 #define CREATELOADED_FP_H
-/* rev 136 */
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
-typedef struct {
+#if CC_CreateLoaded  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_PARENT         parentHandle;
    TPM2B_SENSITIVE_CREATE inSensitive;
    TPM2B_TEMPLATE         inPublic;
 } CreateLoaded_In;
-#define RC_CreateLoaded_parentHandle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_CreateLoaded_inSensitive 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_CreateLoaded_inPublic 	(TPM_RC_P + TPM_RC_2)
+{
 typedef struct {
    TPM_HANDLE    objectHandle;
    TPM2B_PRIVATE outPrivate;
    TPM2B_PUBLIC  outPublic;
    TPM2B_NAME    name;
 } CreateLoaded_Out;
-TPM_RC
+// Response code modifiers
-TPM2_CreateLoaded(
+#    define RC_CreateLoaded_parentHandle (TPM_RC_H + TPM_RC_1)
-		  CreateLoaded_In       *in,            // IN: input parameter list
+#    define RC_CreateLoaded_inSensitive  (TPM_RC_P + TPM_RC_1)
-		  CreateLoaded_Out      *out            // OUT: output parameter list
+#    define RC_CreateLoaded_inPublic     (TPM_RC_P + TPM_RC_2)
 		  );
-#endif
+// Function prototype
 TPM_RC
 TPM2_CreateLoaded(CreateLoaded_In* in, CreateLoaded_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATELOADED_FP_H_
 #endif    // CC_CreateLoaded
--- a/src/tpm2/CreatePrimary_fp.h
+++ b/src/tpm2/CreatePrimary_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef CREATEPRIMARY_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CREATEPRIMARY_FP_H
-typedef struct {
+#if CC_CreatePrimary  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_HIERARCHY      primaryHandle;
    TPM2B_SENSITIVE_CREATE inSensitive;
    TPM2B_PUBLIC           inPublic;
@ -72,13 +77,9 @@ typedef struct {
    TPML_PCR_SELECTION     creationPCR;
 } CreatePrimary_In;
-#define RC_CreatePrimary_primaryHandle	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_CreatePrimary_inSensitive 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_CreatePrimary_inPublic 	(TPM_RC_P + TPM_RC_2)
+{
 #define RC_CreatePrimary_outsideInfo	(TPM_RC_P + TPM_RC_3)
 #define RC_CreatePrimary_creationPCR	(TPM_RC_P + TPM_RC_4)
 typedef struct {
    TPM_HANDLE          objectHandle;
    TPM2B_PUBLIC        outPublic;
    TPM2B_CREATION_DATA creationData;
@ -87,10 +88,16 @@ typedef struct {
    TPM2B_NAME          name;
 } CreatePrimary_Out;
-TPM_RC
+// Response code modifiers
-TPM2_CreatePrimary(
+#    define RC_CreatePrimary_primaryHandle (TPM_RC_H + TPM_RC_1)
-		   CreatePrimary_In    *in,            // IN: input parameter list
+#    define RC_CreatePrimary_inSensitive   (TPM_RC_P + TPM_RC_1)
-		   CreatePrimary_Out   *out            // OUT: output parameter list
+#    define RC_CreatePrimary_inPublic      (TPM_RC_P + TPM_RC_2)
-		   );
+#    define RC_CreatePrimary_outsideInfo   (TPM_RC_P + TPM_RC_3)
 #    define RC_CreatePrimary_creationPCR   (TPM_RC_P + TPM_RC_4)
-#endif
+// Function prototype
 TPM_RC
 TPM2_CreatePrimary(CreatePrimary_In* in, CreatePrimary_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATEPRIMARY_FP_H_
 #endif    // CC_CreatePrimary
--- a/src/tpm2/Create_fp.h
+++ b/src/tpm2/Create_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 137 */
-#ifndef CREATE_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define CREATE_FP_H
-typedef struct {
+#if CC_Create  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT         parentHandle;
    TPM2B_SENSITIVE_CREATE inSensitive;
    TPM2B_PUBLIC           inPublic;
@ -72,13 +77,9 @@ typedef struct {
    TPML_PCR_SELECTION     creationPCR;
 } Create_In;
-#define RC_Create_parentHandle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_Create_inSensitive 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_Create_inPublic 	(TPM_RC_P + TPM_RC_2)
+{
 #define RC_Create_outsideInfo	(TPM_RC_P + TPM_RC_3)
 #define RC_Create_creationPCR	(TPM_RC_P + TPM_RC_4)
 typedef struct {
    TPM2B_PRIVATE       outPrivate;
    TPM2B_PUBLIC        outPublic;
    TPM2B_CREATION_DATA creationData;
@ -86,11 +87,16 @@ typedef struct {
    TPMT_TK_CREATION    creationTicket;
 } Create_Out;
 // Response code modifiers
 #    define RC_Create_parentHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_Create_inSensitive  (TPM_RC_P + TPM_RC_1)
 #    define RC_Create_inPublic     (TPM_RC_P + TPM_RC_2)
 #    define RC_Create_outsideInfo  (TPM_RC_P + TPM_RC_3)
 #    define RC_Create_creationPCR  (TPM_RC_P + TPM_RC_4)
 // Function prototype
 TPM_RC
-TPM2_Create(
+TPM2_Create(Create_In* in, Create_Out* out);
 	    Create_In       *in,            // IN: input parameter list
 	    Create_Out      *out            // OUT: output parameter list
 	    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_CREATE_FP_H_
-#endif
+#endif    // CC_Create
--- a/src/tpm2/CryptSelfTest_fp.h
+++ b/src/tpm2/CryptSelfTest_fp.h
@ -59,29 +59,69 @@
 /*										*/
 /********************************************************************************/
-#ifndef CRYPTSELFTEST_FP_H
+/*(Auto-generated)
-#define CRYPTSELFTEST_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar  4, 2020  Time: 02:36:44PM
 */
 #ifndef _CRYPT_SELF_TEST_FP_H_
 #define _CRYPT_SELF_TEST_FP_H_
 //*** CryptSelfTest()
 // This function is called to start/complete a full self-test.
 // If 'fullTest' is NO, then only the untested algorithms will be run. If
 // 'fullTest' is YES, then 'g_untestedDecryptionAlgorithms' is reinitialized and then
 // all tests are run.
 // This implementation of the reference design does not support processing outside
 // the framework of a TPM command. As a consequence, this command does not
 // complete until all tests are done. Since this can take a long time, the TPM
 // will check after each test to see if the command is canceled. If so, then the
 // TPM will returned TPM_RC_CANCELLED. To continue with the self-tests, call
 // TPM2_SelfTest(fullTest == No) and the TPM will complete the testing.
 //  Return Type: TPM_RC
 //      TPM_RC_CANCELED        if the command is canceled
 LIB_EXPORT
 TPM_RC
-CryptSelfTest(
+CryptSelfTest(TPMI_YES_NO fullTest  // IN: if full test is required
 	      TPMI_YES_NO      fullTest       // IN: if full test is required
 );
 //*** CryptIncrementalSelfTest()
 // This function is used to perform an incremental self-test. This implementation
 // will perform the toTest values before returning. That is, it assumes that the
 // TPM cannot perform background tasks between commands.
 //
 // This command may be canceled. If it is, then there is no return result.
 // However, this command can be run again and the incremental progress will not
 // be lost.
 //  Return Type: TPM_RC
 //      TPM_RC_CANCELED         processing of this command was canceled
 //      TPM_RC_TESTING          if toTest list is not empty
 //      TPM_RC_VALUE            an algorithm in the toTest list is not implemented
 TPM_RC
-CryptIncrementalSelfTest(
+CryptIncrementalSelfTest(TPML_ALG* toTest,   // IN: list of algorithms to be tested
 			 TPML_ALG            *toTest,        // IN: list of algorithms to be tested
                         TPML_ALG* toDoList  // OUT: list of algorithms needing test
 );
-void
+
-CryptInitializeToTest(
+//*** CryptInitializeToTest()
-		      void
+// This function will initialize the data structures for testing all the
-		      );
+// algorithms. This should not be called unless CryptAlgsSetImplemented() has
 // been called
 void CryptInitializeToTest(void);
 //*** CryptTestAlgorithm()
 // Only point of contact with the actual self tests. If a self-test fails, there
 // is no return and the TPM goes into failure mode.
 // The call to TestAlgorithm uses an algorithm selector and a bit vector. When the
 // test is run, the corresponding bit in 'toTest' and in 'g_toTest' is CLEAR. If
 // 'toTest' is NULL, then only the bit in 'g_toTest' is CLEAR.
 // There is a special case for the call to TestAlgorithm(). When 'alg' is
 // ALG_ERROR, TestAlgorithm() will CLEAR any bit in 'toTest' for which it has
 // no test. This allows the knowledge about which algorithms have test to be
 // accessed through the interface that provides the test.
 //  Return Type: TPM_RC
 //      TPM_RC_CANCELED     test was canceled
 LIB_EXPORT
 TPM_RC
-CryptTestAlgorithm(
+CryptTestAlgorithm(TPM_ALG_ID alg, ALGORITHM_VECTOR* toTest);
 		   TPM_ALG_ID           alg,
 		   ALGORITHM_VECTOR    *toTest
 		   );
-
+#endif  // _CRYPT_SELF_TEST_FP_H_
 #endif
--- a/src/tpm2/CryptUtil.c
+++ b/src/tpm2/CryptUtil.c
@ -189,7 +189,7 @@ static TPM_RC CryptGenerateKeyedHash(
    if(scheme->scheme == TPM_ALG_NULL)
        hashAlg = publicArea->nameAlg;
    else if(scheme->scheme == TPM_ALG_XOR)
-	hashAlg = scheme->details.xorr.hashAlg;
+        hashAlg = scheme->details.xor.hashAlg;
    else
        hashAlg = scheme->details.hmac.hashAlg;
    digestSize = CryptHashGetDigestSize(hashAlg);
@ -905,8 +905,8 @@ CryptSecretDecrypt(OBJECT*      decryptKey,   // IN: decrypt key
                {
                    if(nonceCaller->t.size > sizeof(iv.t.buffer))
                        return TPM_RC_FAILURE;
-				  MemoryCopy(iv.t.buffer, nonceCaller->t.buffer,  // libtpms changed: use iv.t.buffer
+                    MemoryCopy(
-					     nonceCaller->t.size);
+                        iv.t.buffer, nonceCaller->t.buffer, nonceCaller->t.size); // libtpms changed: use iv.t.buffer
                }
                // make sure secret will fit
                if(secret->t.size > sizeof(data->t.buffer))
@ -1316,8 +1316,7 @@ BOOL CryptIsSplitSign(TPM_ALG_ID scheme  // IN: the algorithm selector
 }
 //*** CryptIsAsymSignScheme()
-// This function indicates if a scheme algorithm is a sign algorithm valid for the
+// This function indicates if a scheme algorithm is a sign algorithm.
 // public key type.
 BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC      publicType,  // IN: Type of the object
                           TPMI_ALG_ASYM_SCHEME scheme       // IN: the scheme
 )
@ -1351,6 +1350,7 @@ BOOL CryptIsAsymSignScheme(TPMI_ALG_PUBLIC      publicType,  // IN: Type of the
 #  endif
            switch(scheme)
            {
                // Support for ECDSA is required for ECC
                case TPM_ALG_ECDSA:
 #  if ALG_ECDAA  // ECDAA is optional
                case TPM_ALG_ECDAA:
@ -1483,10 +1483,8 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType,  // IN: Type of the ob
 //*** CryptSelectSignScheme()
 // This function is used by the attestation and signing commands.  It implements
-// the rules for selecting the signature scheme to use in signing and validates
+// the rules for selecting the signature scheme to use in signing. This function
-// that the selected scheme is compatible with the key type. It also ensures
+// requires that the signing key either be TPM_RH_NULL or be loaded.
 // the selected scheme specifies a valid hash algorithm. This function requires
 // that the signing key either be TPM_RH_NULL or be loaded.
 //
 // If a default scheme is defined in object, the default scheme should be chosen,
 // otherwise, the input scheme should be chosen.
@ -1501,9 +1499,7 @@ BOOL CryptIsAsymDecryptScheme(TPMI_ALG_PUBLIC publicType,  // IN: Type of the ob
 //      FALSE(0)        both 'scheme' and key's default scheme are empty; or
 //                      'scheme' is empty while key's default scheme requires
 //                      explicit input scheme (split signing); or
-//                      non-empty default key scheme differs from 'scheme'; or
+//                      non-empty default key scheme differs from 'scheme'
 //                      'scheme' not valid for key type; or invalid hash
 //                      algorithm specified; or key type is ALG_SYMCIPHER
 BOOL CryptSelectSignScheme(OBJECT*          signObject,  // IN: signing key
                           TPMT_SIG_SCHEME* scheme       // IN/OUT: signing scheme
 )
@ -1550,6 +1546,8 @@ BOOL CryptSelectSignScheme(OBJECT*          signObject,  // IN: signing key
        {
            // Input and default can't both be NULL
            OK = (scheme->scheme != TPM_ALG_NULL);
            // Assume that the scheme is compatible with the key. If not,
            // an error will be generated in the signing operation.
        }
        else if(scheme->scheme == TPM_ALG_NULL)
        {
@ -1584,7 +1582,6 @@ BOOL CryptSelectSignScheme(OBJECT*          signObject,  // IN: signing key
            // valid hash algorithm specified.
            OK = CryptIsValidSignScheme(publicArea->type, scheme);
        }
    }
    return OK;
 }
@ -1907,7 +1904,7 @@ CryptValidateKeys(TPMT_PUBLIC*    publicArea,
                    scheme = &params->keyedHashDetail.scheme;
                    if(scheme->scheme == TPM_ALG_XOR)
                    {
-				    maxSize = CryptHashGetBlockSize(scheme->details.xorr.hashAlg);
+                        maxSize = CryptHashGetBlockSize(scheme->details.xor.hashAlg);
                    }
                    else if(scheme->scheme == TPM_ALG_HMAC)
                    {
--- a/src/tpm2/CryptoInterface.h
+++ b/src/tpm2/CryptoInterface.h
@ -0,0 +1,66 @@
 /********************************************************************************/
 /*										*/
 /*			  CryptoInterface header file				*/
 /*			     Written by Stefan Berger				*/
 /*		       IBM Thomas J. Watson Research Center			*/
 /*										*/
 /* (c) Copyright IBM Corporation 2017,2018.					*/
 /*										*/
 /* All rights reserved.								*/
 /* 										*/
 /* Redistribution and use in source and binary forms, with or without		*/
 /* modification, are permitted provided that the following conditions are	*/
 /* met:										*/
 /* 										*/
 /* Redistributions of source code must retain the above copyright notice,	*/
 /* this list of conditions and the following disclaimer.			*/
 /* 										*/
 /* Redistributions in binary form must reproduce the above copyright		*/
 /* notice, this list of conditions and the following disclaimer in the		*/
 /* documentation and/or other materials provided with the distribution.		*/
 /* 										*/
 /* Neither the names of the IBM Corporation nor the names of its		*/
 /* contributors may be used to endorse or promote products derived from		*/
 /* this software without specific prior written permission.			*/
 /* 										*/
 /* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS		*/
 /* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT		*/
 /* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR	*/
 /* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT		*/
 /* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,	*/
 /* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT		*/
 /* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,	*/
 /* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY	*/
 /* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT		*/
 /* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE	*/
 /* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.		*/
 /********************************************************************************/
 //** Introduction
 //
 // This file contains prototypes that are common to all TPM crypto interfaces.
 //
 #ifndef CRYPTO_INTERFACE_H
 #define CRYPTO_INTERFACE_H
 #include "TpmBuildSwitches.h"
 #if SIMULATION && CRYPTO_LIB_REPORTING
 typedef struct crypto_impl_description
 {
    // The name of the crypto library, ASCII encoded.
    char name[32];
    // The version of the crypto library, ASCII encoded.
    char version[32];
 } _CRYPTO_IMPL_DESCRIPTION;
 // When building the simulator, the plugged-in crypto libraries can report its
 // version information by implementing these interfaces.
 void _crypto_GetSymImpl(_CRYPTO_IMPL_DESCRIPTION* result);
 void _crypto_GetHashImpl(_CRYPTO_IMPL_DESCRIPTION* result);
 void _crypto_GetMathImpl(_CRYPTO_IMPL_DESCRIPTION* result);
 #endif  // SIMULATION && CRYPTO_LIB_REPORTING
 #endif  // CRYPTO_INTERFACE_H
--- a/src/tpm2/DA.c
+++ b/src/tpm2/DA.c
@ -59,45 +59,50 @@
 /*										*/
 /********************************************************************************/
-/* 8.2 DA.c */
+//** Introduction
-/* 8.2.1 Introduction */
+// This file contains the functions and data definitions relating to the
-/* This file contains the functions and data definitions relating to the dictionary attack logic. */
+// dictionary attack logic.
-/* 8.2.2 Includes and Data Definitions */
+
 //** Includes and Data Definitions
 #define DA_C
 #include "Tpm.h"
-/* 8.2.3 Functions */
+
-/* 8.2.3.1 DAPreInstall_Init() */
+//** Functions
-/* This function initializes the DA parameters to their manufacturer-default values. The default
+
-   values are determined by a platform-specific specification. */
+//*** DAPreInstall_Init()
-/* This function should not be called outside of a manufacturing or simulation environment. */
+// This function initializes the DA parameters to their manufacturer-default
-/* The DA parameters will be restored to these initial values by TPM2_Clear(). */
+// values. The default values are determined by a platform-specific specification.
-void
+//
-DAPreInstall_Init(
+// This function should not be called outside of a manufacturing or simulation
-		  void
+// environment.
-		  )
+//
 // The DA parameters will be restored to these initial values by TPM2_Clear().
 void DAPreInstall_Init(void)
 {
    gp.failedTries        = 0;
    gp.maxTries           = 3;
    gp.recoveryTime       = 1000;  // in seconds (~16.67 minutes)
    gp.lockoutRecovery    = 1000;  // in seconds
    gp.lockOutAuthEnabled = TRUE;  // Use of lockoutAuth is enabled
    // Record persistent DA parameter changes to NV
    NV_SYNC_PERSISTENT(failedTries);
    NV_SYNC_PERSISTENT(maxTries);
    NV_SYNC_PERSISTENT(recoveryTime);
    NV_SYNC_PERSISTENT(lockoutRecovery);
    NV_SYNC_PERSISTENT(lockOutAuthEnabled);
    return;
 }
-/* 8.2.3.2 DAStartup() */
+
-/* This function is called by TPM2_Startup() to initialize the DA parameters. In the case of
+//*** DAStartup()
-   Startup(CLEAR), use of lockoutAuth will be enabled if the lockout recovery time is 0. Otherwise,
+// This function is called  by TPM2_Startup() to initialize the DA parameters.
-   lockoutAuth will not be enabled until the TPM has been continuously powered for the
+// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
-   lockoutRecovery time. */
+// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
-/* This function requires that NV be available and not rate limiting. */
+// the TPM has been continuously powered for the lockoutRecovery time.
-BOOL
+//
-DAStartup(
+// This function requires that NV be available and not rate limiting.
-	  STARTUP_TYPE     type           // IN: startup type
+BOOL DAStartup(STARTUP_TYPE type  // IN: startup type
 )
 {
    NOT_REFERENCED(type);
@ -126,6 +131,7 @@ DAStartup(
        }
    }
 #endif
    // For any Startup(), if lockoutRecovery is 0, enable use of lockoutAuth.
    if(gp.lockoutRecovery == 0)
    {
@ -133,10 +139,10 @@ DAStartup(
        // Record the changes to NV
        NV_SYNC_PERSISTENT(lockOutAuthEnabled);
    }
    // If DA has not been disabled and the previous shutdown is not orderly
    // failedTries is not already at its maximum then increment 'failedTries'
-    if(gp.recoveryTime != 0
+    if(gp.recoveryTime != 0 && gp.failedTries < gp.maxTries
       && gp.failedTries < gp.maxTries
       && !IS_ORDERLY(g_prevOrderlyState))
    {
 #if USE_DA_USED
@ -151,15 +157,16 @@ DAStartup(
    // Before Startup, the TPM will not do clock updates. At startup, need to
    // do a time update which will do the DA update.
    TimeUpdate();
    return TRUE;
 }
-/* 8.2.3.3 DARegisterFailure() */
+
-/* This function is called when an authorization failure occurs on an entity that is subject to
+//*** DARegisterFailure()
-   dictionary-attack protection. When a DA failure is triggered, register the failure by resetting
+// This function is called when an authorization failure occurs on an entity
-   the relevant self-healing timer to the current time. */
+// that is subject to dictionary-attack protection. When a DA failure is
-void
+// triggered, register the failure by resetting the relevant self-healing
-DARegisterFailure(
+// timer to the current time.
-		  TPM_HANDLE       handle         // IN: handle for failure
+void DARegisterFailure(TPM_HANDLE handle  // IN: handle for failure
 )
 {
    // Reset the timer associated with lockout if the handle is the lockoutAuth.
@ -169,14 +176,13 @@ DARegisterFailure(
        s_selfHealTimer = g_time;
    return;
 }
-/* 8.2.3.4 DASelfHeal() */
+
-/* This function is called to check if sufficient time has passed to allow decrement of failedTries
+//*** DASelfHeal()
-   or to re-enable use of lockoutAuth. */
+// This function is called to check if sufficient time has passed to allow
-/* This function should be called when the time interval is updated. */
+// decrement of failedTries or to re-enable use of lockoutAuth.
-void
+//
-DASelfHeal(
+// This function should be called when the time interval is updated.
-	   void
+void DASelfHeal(void)
 	   )
 {
    // Regular authorization self healing logic
    // If no failed authorization tries, do nothing.  Otherwise, try to
@ -194,22 +200,26 @@ DASelfHeal(
        else
        {
            UINT64 decreaseCount;
-#if 0 // Errata eliminates this code
+#if 0
            // Errata eliminates this code
            // In the unlikely event that failedTries should become larger than
            // maxTries
            if(gp.failedTries > gp.maxTries)
                gp.failedTries = gp.maxTries;
 #endif
            // How much can failedTries be decreased
            // Cast s_selfHealTimer to an int in case it became negative at
            // startup
-		    decreaseCount = ((g_time - (INT64)s_selfHealTimer) / 1000)
+            decreaseCount =
-				    / gp.recoveryTime;
+                ((g_time - (INT64)s_selfHealTimer) / 1000) / gp.recoveryTime;
            if(gp.failedTries <= (UINT32)decreaseCount)
                // should not set failedTries below zero
                gp.failedTries = 0;
            else
                gp.failedTries -= (UINT32)decreaseCount;
            // the cast prevents overflow of the product
            s_selfHealTimer += (decreaseCount * (UINT64)gp.recoveryTime) * 1000;
            if(decreaseCount != 0)
@ -218,6 +228,7 @@ DASelfHeal(
                NV_SYNC_PERSISTENT(failedTries);
        }
    }
    // LockoutAuth self healing logic
    // If lockoutAuth is enabled, do nothing.  Otherwise, try to see if we
    // may enable it
--- a/src/tpm2/DA_fp.h
+++ b/src/tpm2/DA_fp.h
@ -59,29 +59,47 @@
 /*										*/
 /********************************************************************************/
-#ifndef DA_FP_H
+/*(Auto-generated)
-#define DA_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Apr  2, 2019  Time: 04:23:27PM
 */
-void
+#ifndef _DA_FP_H_
-DAPreInstall_Init(
+#define _DA_FP_H_
-		  void
+
-		  );
+//*** DAPreInstall_Init()
-void
+// This function initializes the DA parameters to their manufacturer-default
-DAInit(
+// values. The default values are determined by a platform-specific specification.
-       void
+//
-       );
+// This function should not be called outside of a manufacturing or simulation
-BOOL
+// environment.
-DAStartup(
+//
-	  STARTUP_TYPE     type           // IN: startup type
+// The DA parameters will be restored to these initial values by TPM2_Clear().
-	  );
+void DAPreInstall_Init(void);
-void
+
-DARegisterFailure(
+//*** DAStartup()
-		  TPM_HANDLE       handle         // IN: handle for failure
+// This function is called  by TPM2_Startup() to initialize the DA parameters.
-		  );
+// In the case of Startup(CLEAR), use of lockoutAuth will be enabled if the
-void
+// lockout recovery time is 0. Otherwise, lockoutAuth will not be enabled until
-DASelfHeal(
+// the TPM has been continuously powered for the lockoutRecovery time.
-	   void
+//
 // This function requires that NV be available and not rate limiting.
 BOOL DAStartup(STARTUP_TYPE type  // IN: startup type
 );
 //*** DARegisterFailure()
 // This function is called when a authorization failure occurs on an entity
 // that is subject to dictionary-attack protection. When a DA failure is
 // triggered, register the failure by resetting the relevant self-healing
 // timer to the current time.
 void DARegisterFailure(TPM_HANDLE handle  // IN: handle for failure
 );
-#endif
+//*** DASelfHeal()
 // This function is called to check if sufficient time has passed to allow
 // decrement of failedTries or to re-enable use of lockoutAuth.
 //
 // This function should be called when the time interval is updated.
 void DASelfHeal(void);
 #endif  // _DA_FP_H_
--- a/src/tpm2/DebugHelpers.c
+++ b/src/tpm2/DebugHelpers.c
@ -59,29 +59,25 @@
 /*										*/
 /********************************************************************************/
-/* C.13	DebugHelpers.c */
+//** Description
-/* C.13.1.	Description */
+//
-/* This file contains the NV read and write access methods. This implementation uses RAM/file and
+//    This file contains the NV read and write access methods.  This implementation
-   does not manage the RAM/file as NV blocks. The implementation may become more sophisticated over
+//    uses RAM/file and does not manage the RAM/file as NV blocks.
-   time. */
+//    The implementation may become more sophisticated over time.
-/* C.13.2.	Includes and Local */
+//
 //** Includes and Local
 #include <stdio.h>
 #include <time.h>
 #include "Platform.h"
 #include "DebugHelpers_fp.h"
 #if CERTIFYX509_DEBUG
 const char* debugFileName = "DebugFile.txt";
-/* C.13.2.1.	fileOpen() */
+//*** fileOpen()
-
+// This exists to allow use of the 'safe' version of fopen() with a MS runtime.
-/* This exists to allow use of the safe version of fopen() with a MS runtime. */
+static FILE* fileOpen(const char* fn, const char* mode)
 static FILE *
 fileOpen(
 	 const char       *fn,
 	 const char       *mode
 	 )
 {
    FILE*     f;
 #  if defined _MSC_VER
@ -92,17 +88,14 @@ fileOpen(
 #  endif
    return f;
 }
-/* C.13.2.2.	DebugFileInit() */
+
-/* This function initializes the file containing the debug data with the time of the file
+//*** DebugFileInit()
-   creation. */
+// This function initializes the file containing the debug data with the time of the
-/* This function opens the file used to hold the debug data. */
+// file creation.
-/* Return Value	Meaning */
+//  Return Type: int
-/* 0	success */
+//   0              success
-/* != 0	error */
+//  != 0            error
-int
+int DebugFileInit(void)
 DebugFileInit(
 	      void
 	      )
 {
    FILE*  f = NULL;
    time_t t = time(NULL);
@ -119,7 +112,7 @@ DebugFileInit(
    f = fileOpen(debugFileName, "w");
    if(f)
    {
-	    /* Initialize the contents with the time. */
+        // Initialize the contents with the time.
        fprintf(f, "%s\n", timeString);
        fclose(f);
        return 0;
@ -127,14 +120,8 @@ DebugFileInit(
    return -1;
 }
-/* C.13.2.3.	DebugDumpBuffer() */
+//*** DebugDumpBuffer()
-
+void DebugDumpBuffer(int size, unsigned char* buf, const char* identifier)
 void
 DebugDumpBuffer(
 		int             size,
 		unsigned char   *buf,
 		const char      *identifier
 		)
 {
    int i;
    //
--- a/src/tpm2/DictionaryAttackLockReset_fp.h
+++ b/src/tpm2/DictionaryAttackLockReset_fp.h
@ -59,21 +59,26 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef DICTIONARYATTACKLOCKRESET_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define DICTIONARYATTACKLOCKRESET_FP_H
-typedef struct {
+#if CC_DictionaryAttackLockReset  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_LOCKOUT lockHandle;
 } DictionaryAttackLockReset_In;
 // Response code modifiers
 #    define RC_DictionaryAttackLockReset_lockHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_DictionaryAttackLockReset(
+TPM2_DictionaryAttackLockReset(DictionaryAttackLockReset_In* in);
 			       DictionaryAttackLockReset_In    *in             // IN: input parameter list
 			       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKLOCKRESET_FP_H_
-#endif
+#endif    // CC_DictionaryAttackLockReset
--- a/src/tpm2/DictionaryAttackParameters_fp.h
+++ b/src/tpm2/DictionaryAttackParameters_fp.h
@ -59,28 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef DICTIONARYATTACKPARAMETERS_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define DICTIONARYATTACKPARAMETERS_FP_H
 #if CC_DictionaryAttackParameters  // Command must be enabled
-typedef struct {
+#  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_LOCKOUT lockHandle;
    UINT32          newMaxTries;
    UINT32          newRecoveryTime;
    UINT32          lockoutRecovery;
 } DictionaryAttackParameters_In;
 // Response code modifiers
 #    define RC_DictionaryAttackParameters_lockHandle      (TPM_RC_H + TPM_RC_1)
 #    define RC_DictionaryAttackParameters_newMaxTries     (TPM_RC_P + TPM_RC_1)
 #    define RC_DictionaryAttackParameters_newRecoveryTime (TPM_RC_P + TPM_RC_2)
 #    define RC_DictionaryAttackParameters_lockoutRecovery (TPM_RC_P + TPM_RC_3)
 // Function prototype
 TPM_RC
-TPM2_DictionaryAttackParameters(
+TPM2_DictionaryAttackParameters(DictionaryAttackParameters_In* in);
 				DictionaryAttackParameters_In   *in             // IN: input parameter list
 				);
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DICTIONARYATTACKPARAMETERS_FP_H_
-#endif
+#endif    // CC_DictionaryAttackParameters
--- a/src/tpm2/Duplicate_fp.h
+++ b/src/tpm2/Duplicate_fp.h
@ -59,33 +59,40 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef DUPLICATE_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define DUPLICATE_FP_H
-typedef struct {
+#if CC_Duplicate  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT      objectHandle;
    TPMI_DH_OBJECT      newParentHandle;
    TPM2B_DATA          encryptionKeyIn;
    TPMT_SYM_DEF_OBJECT symmetricAlg;
 } Duplicate_In;
-typedef struct {
+// Output structure definition
 typedef struct
 {
    TPM2B_DATA             encryptionKeyOut;
    TPM2B_PRIVATE          duplicate;
    TPM2B_ENCRYPTED_SECRET outSymSeed;
 } Duplicate_Out;
 // Response code modifiers
 #    define RC_Duplicate_objectHandle    (TPM_RC_H + TPM_RC_1)
 #    define RC_Duplicate_newParentHandle (TPM_RC_H + TPM_RC_2)
 #    define RC_Duplicate_encryptionKeyIn (TPM_RC_P + TPM_RC_1)
 #    define RC_Duplicate_symmetricAlg    (TPM_RC_P + TPM_RC_2)
 // Function prototype
 TPM_RC
-TPM2_Duplicate(
+TPM2_Duplicate(Duplicate_In* in, Duplicate_Out* out);
 	       Duplicate_In    *in,            // IN: input parameter list
 	       Duplicate_Out   *out            // OUT: output parameter list
 	       );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_DUPLICATE_FP_H_
 #endif    // CC_Duplicate
--- a/src/tpm2/EACommands.c
+++ b/src/tpm2/EACommands.c
@ -1643,7 +1643,7 @@ TPM2_PolicyAuthorizeNV(PolicyAuthorizeNV_In* in)
 #include "CommandCodeAttributes_fp.h"
 #include "CryptEccMain_fp.h"
 #include "Handle_fp.h"
-#include "NVDynamic_fp.h"
+#include "NvDynamic_fp.h"
 #include "Object_fp.h"
 #include "PCR_fp.h"
 #include "PP_fp.h"
--- a/src/tpm2/ECC_Parameters_fp.h
+++ b/src/tpm2/ECC_Parameters_fp.h
@ -59,26 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef ECC_PARAMETERS_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ECC_PARAMETERS_FP_H
-typedef struct {
+#if CC_ECC_Parameters  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_ECC_CURVE curveID;
 } ECC_Parameters_In;
-#define RC_ECC_Parameters_curveID 	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPMS_ALGORITHM_DETAIL_ECC parameters;
 } ECC_Parameters_Out;
 // Response code modifiers
 #    define RC_ECC_Parameters_curveID (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ECC_Parameters(
+TPM2_ECC_Parameters(ECC_Parameters_In* in, ECC_Parameters_Out* out);
 		    ECC_Parameters_In   *in,            // IN: input parameter list
 		    ECC_Parameters_Out  *out            // OUT: output parameter list
 		    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECC_PARAMETERS_FP_H_
-#endif
+#endif    // CC_ECC_Parameters
--- a/src/tpm2/ECDH_KeyGen_fp.h
+++ b/src/tpm2/ECDH_KeyGen_fp.h
@ -59,27 +59,33 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef ECDH_KEYGEN_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ECDH_KEYGEN_FP_H
-typedef struct {
+#if CC_ECDH_KeyGen  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT keyHandle;
 } ECDH_KeyGen_In;
-#define RC_ECDH_KeyGen_keyHandle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPM2B_ECC_POINT zPoint;
    TPM2B_ECC_POINT pubPoint;
 } ECDH_KeyGen_Out;
 // Response code modifiers
 #    define RC_ECDH_KeyGen_keyHandle (TPM_RC_H + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ECDH_KeyGen(
+TPM2_ECDH_KeyGen(ECDH_KeyGen_In* in, ECDH_KeyGen_Out* out);
 		 ECDH_KeyGen_In      *in,            // IN: input parameter list
 		 ECDH_KeyGen_Out     *out            // OUT: output parameter list
 		 );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_KEYGEN_FP_H_
-#endif
+#endif    // CC_ECDH_KeyGen
--- a/src/tpm2/ECDH_ZGen_fp.h
+++ b/src/tpm2/ECDH_ZGen_fp.h
@ -59,28 +59,34 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef ECDH_ZGEN_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ECDH_ZGEN_FP_H
-typedef struct {
+#if CC_ECDH_ZGen  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT  keyHandle;
    TPM2B_ECC_POINT inPoint;
 } ECDH_ZGen_In;
-#define RC_ECDH_ZGen_keyHandle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_ECDH_ZGen_inPoint 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-
+{
 typedef struct {
    TPM2B_ECC_POINT outPoint;
 } ECDH_ZGen_Out;
 // Response code modifiers
 #    define RC_ECDH_ZGen_keyHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_ECDH_ZGen_inPoint   (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_ECDH_ZGen(
+TPM2_ECDH_ZGen(ECDH_ZGen_In* in, ECDH_ZGen_Out* out);
 	       ECDH_ZGen_In    *in,            // IN: input parameter list
 	       ECDH_ZGen_Out   *out            // OUT: output parameter list
 	       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ECDH_ZGEN_FP_H_
-#endif
+#endif    // CC_ECDH_ZGen
--- a/src/tpm2/EC_Ephemeral_fp.h
+++ b/src/tpm2/EC_Ephemeral_fp.h
@ -59,26 +59,33 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef EC_EPHEMERAL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define EC_EPHEMERAL_FP_H
-typedef struct {
+#if CC_EC_Ephemeral  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_ECC_CURVE curveID;
 } EC_Ephemeral_In;
-#define RC_EC_Ephemeral_curveID	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPM2B_ECC_POINT Q;
    UINT16          counter;
 } EC_Ephemeral_Out;
-TPM_RC
+// Response code modifiers
-TPM2_EC_Ephemeral(
+#    define RC_EC_Ephemeral_curveID (TPM_RC_P + TPM_RC_1)
 		  EC_Ephemeral_In     *in,            // IN: input parameter list
 		  EC_Ephemeral_Out    *out            // OUT: output parameter list
 		  );
-#endif
+// Function prototype
 TPM_RC
 TPM2_EC_Ephemeral(EC_Ephemeral_In* in, EC_Ephemeral_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EC_EPHEMERAL_FP_H_
 #endif    // CC_EC_Ephemeral
--- a/src/tpm2/EccTestData.h
+++ b/src/tpm2/EccTestData.h
@ -59,97 +59,153 @@
 /*										*/
 /********************************************************************************/
 // This file contains the parameter data for ECC testing.
 #ifdef SELF_TEST_DATA
 TPM2B_TYPE(EC_TEST, 32);
 const TPM_ECC_CURVE c_testCurve = 00003;
 // The static key
 const  TPM2B_EC_TEST    c_ecTestKey_ds = {{32, {
 	    0xdf,0x8d,0xa4,0xa3,0x88,0xf6,0x76,0x96,0x89,0xfc,0x2f,0x2d,0xa1,0xb4,0x39,0x7a,
 	    0x78,0xc4,0x7f,0x71,0x8c,0xa6,0x91,0x85,0xc0,0xbf,0xf3,0x54,0x20,0x91,0x2f,0x73}}};
 const  TPM2B_EC_TEST    c_ecTestKey_QsX = {{32, {
 	    0x17,0xad,0x2f,0xcb,0x18,0xd4,0xdb,0x3f,0x2c,0x53,0x13,0x82,0x42,0x97,0xff,0x8d,
 	    0x99,0x50,0x16,0x02,0x35,0xa7,0x06,0xae,0x1f,0xda,0xe2,0x9c,0x12,0x77,0xc0,0xf9}}};
 const  TPM2B_EC_TEST    c_ecTestKey_QsY = {{32, {
 	    0xa6,0xca,0xf2,0x18,0x45,0x96,0x6e,0x58,0xe6,0x72,0x34,0x12,0x89,0xcd,0xaa,0xad,
 	    0xcb,0x68,0xb2,0x51,0xdc,0x5e,0xd1,0x6d,0x38,0x20,0x35,0x57,0xb2,0xfd,0xc7,0x52}}};
 // The ephemeral key
 const  TPM2B_EC_TEST    c_ecTestKey_de = {{32, {
 	    0xb6,0xb5,0x33,0x5c,0xd1,0xee,0x52,0x07,0x99,0xea,0x2e,0x8f,0x8b,0x19,0x18,0x07,
 	    0xc1,0xf8,0xdf,0xdd,0xb8,0x77,0x00,0xc7,0xd6,0x53,0x21,0xed,0x02,0x53,0xee,0xac}}};
 const  TPM2B_EC_TEST    c_ecTestKey_QeX = {{32, {
 	    0xa5,0x1e,0x80,0xd1,0x76,0x3e,0x8b,0x96,0xce,0xcc,0x21,0x82,0xc9,0xa2,0xa2,0xed,
 	    0x47,0x21,0x89,0x53,0x44,0xe9,0xc7,0x92,0xe7,0x31,0x48,0x38,0xe6,0xea,0x93,0x47}}};
 const  TPM2B_EC_TEST    c_ecTestKey_QeY = {{32, {
 	    0x30,0xe6,0x4f,0x97,0x03,0xa1,0xcb,0x3b,0x32,0x2a,0x70,0x39,0x94,0xeb,0x4e,0xea,
 	    0x55,0x88,0x81,0x3f,0xb5,0x00,0xb8,0x54,0x25,0xab,0xd4,0xda,0xfd,0x53,0x7a,0x18}}};
 // ECDH test results
 const  TPM2B_EC_TEST    c_ecTestEcdh_X = {{32, {
 	    0x64,0x02,0x68,0x92,0x78,0xdb,0x33,0x52,0xed,0x3b,0xfa,0x3b,0x74,0xa3,0x3d,0x2c,
 	    0x2f,0x9c,0x59,0x03,0x07,0xf8,0x22,0x90,0xed,0xe3,0x45,0xf8,0x2a,0x0a,0xd8,0x1d}}};
 const  TPM2B_EC_TEST    c_ecTestEcdh_Y = {{32, {
 	    0x58,0x94,0x05,0x82,0xbe,0x5f,0x33,0x02,0x25,0x90,0x3a,0x33,0x90,0x89,0xe3,0xe5,
 	    0x10,0x4a,0xbc,0x78,0xa5,0xc5,0x07,0x64,0xaf,0x91,0xbc,0xe6,0xff,0x85,0x11,0x40}}};
 TPM2B_TYPE(TEST_VALUE, 64);
 const TPM2B_TEST_VALUE        c_ecTestValue = {{64, {
 	    0x78,0xd5,0xd4,0x56,0x43,0x61,0xdb,0x97,0xa4,0x32,0xc4,0x0b,0x06,0xa9,0xa8,0xa0,
 	    0xf4,0x45,0x7f,0x13,0xd8,0x13,0x81,0x0b,0xe5,0x76,0xbe,0xaa,0xb6,0x3f,0x8d,0x4d,
 	    0x23,0x65,0xcc,0xa7,0xc9,0x19,0x10,0xce,0x69,0xcb,0x0c,0xc7,0x11,0x8d,0xc3,0xff,
 	    0x62,0x69,0xa2,0xbe,0x46,0x90,0xe7,0x7d,0x81,0x77,0x94,0x65,0x1c,0x3e,0xc1,0x3e}}};
 #if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST    c_TestEcDsa_r = {{32, {
 	    0x57,0xf3,0x36,0xb7,0xec,0xc2,0xdd,0x76,0x0e,0xe2,0x81,0x21,0x49,0xc5,0x66,0x11,
 	    0x4b,0x8a,0x4f,0x17,0x62,0x82,0xcc,0x06,0xf6,0x64,0x78,0xef,0x6b,0x7c,0xf2,0x6c}}};
 const TPM2B_EC_TEST    c_TestEcDsa_s = {{32, {
 	    0x1b,0xed,0x23,0x72,0x8f,0x17,0x5f,0x47,0x2e,0xa7,0x97,0x2c,0x51,0x57,0x20,0x70,
 	    0x6f,0x89,0x74,0x8a,0xa8,0xf4,0x26,0xf4,0x96,0xa1,0xb8,0x3e,0xe5,0x35,0xc5,0x94}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_r = {{32,{
 	    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1b,0x08,0x9f,0xde,
 	    0xef,0x62,0xe3,0xf1,0x14,0xcb,0x54,0x28,0x13,0x76,0xfc,0x6d,0x69,0x22,0xb5,0x3e}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_s = {{32,{
 	    0xd9,0xd3,0x20,0xfb,0x4d,0x16,0xf2,0xe6,0xe2,0x45,0x07,0x45,0x1c,0x92,0x92,0x92,
 	    0xa9,0x6b,0x48,0xf8,0xd1,0x98,0x29,0x4d,0xd3,0x8f,0x56,0xf2,0xbb,0x2e,0x22,0x3b}}};
 #endif // SHA1
 #if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST    c_TestEcDsa_r = {{32, {
 	    0x04,0x7d,0x54,0xeb,0x04,0x6f,0x56,0xec,0xa2,0x6c,0x38,0x8c,0xeb,0x43,0x0b,0x71,
 	    0xf8,0xf2,0xf4,0xa5,0xe0,0x1d,0x3c,0xa2,0x39,0x31,0xe4,0xe7,0x36,0x3b,0xb5,0x5f}}};
 const TPM2B_EC_TEST    c_TestEcDsa_s = {{32, {
 	    0x8f,0xd0,0x12,0xd9,0x24,0x75,0xf6,0xc4,0x3b,0xb5,0x46,0x75,0x3a,0x41,0x8d,0x80,
 	    0x23,0x99,0x38,0xd7,0xe2,0x40,0xca,0x9a,0x19,0x2a,0xfc,0x54,0x75,0xd3,0x4a,0x6e}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_r = {{32, {
 	    0xf7,0xb9,0x15,0x4c,0x34,0xf6,0x41,0x19,0xa3,0xd2,0xf1,0xbd,0xf4,0x13,0x6a,0x4f,
 	    0x63,0xb8,0x4d,0xb5,0xc8,0xcd,0xde,0x85,0x95,0xa5,0x39,0x0a,0x14,0x49,0x3d,0x2f}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_s = {{32,{
 	    0xfe,0xbe,0x17,0xaa,0x31,0x22,0x9f,0xd0,0xd2,0xf5,0x25,0x04,0x92,0xb0,0xaa,0x4e,
 	    0xcc,0x1c,0xb6,0x79,0xd6,0x42,0xb3,0x4e,0x3f,0xbb,0xfe,0x5f,0xd0,0xd0,0x8b,0xc3}}};
 #endif // SHA256
 #if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST    c_TestEcDsa_r = {{32, {
 	    0xf5,0x74,0x6d,0xd6,0xc6,0x56,0x86,0xbb,0xba,0x1c,0xba,0x75,0x65,0xee,0x64,0x31,
 	    0xce,0x04,0xe3,0x9f,0x24,0x3f,0xbd,0xfe,0x04,0xcd,0xab,0x7e,0xfe,0xad,0xcb,0x82}}};
 const TPM2B_EC_TEST    c_TestEcDsa_s = {{32, {
 	    0xc2,0x4f,0x32,0xa1,0x06,0xc0,0x85,0x4f,0xc6,0xd8,0x31,0x66,0x91,0x9f,0x79,0xcd,
 	    0x5b,0xe5,0x7b,0x94,0xa1,0x91,0x38,0xac,0xd4,0x20,0xa2,0x10,0xf0,0xd5,0x9d,0xbf}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_r = {{32, {
 	    0x1e,0xb8,0xe1,0xbf,0xa1,0x9e,0x39,0x1e,0x58,0xa2,0xe6,0x59,0xd0,0x1a,0x6a,0x03,
 	    0x6a,0x1f,0x1c,0x4f,0x36,0x19,0xc1,0xec,0x30,0xa4,0x85,0x1b,0xe9,0x74,0x35,0x66}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_s = {{32,{
 	    0xb9,0xe6,0xe3,0x7e,0xcb,0xb9,0xea,0xf1,0xcc,0xf4,0x48,0x44,0x4a,0xda,0xc8,0xd7,
 	    0x87,0xb4,0xba,0x40,0xfe,0x5b,0x68,0x11,0x14,0xcf,0xa0,0x0e,0x85,0x46,0x99,0x01}}};
 #endif // SHA384
 #if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST    c_TestEcDsa_r = {{32, {
 	    0xc9,0x71,0xa6,0xb4,0xaf,0x46,0x26,0x8c,0x27,0x00,0x06,0x3b,0x00,0x0f,0xa3,0x17,
 	    0x72,0x48,0x40,0x49,0x4d,0x51,0x4f,0xa4,0xcb,0x7e,0x86,0xe9,0xe7,0xb4,0x79,0xb2}}};
 const TPM2B_EC_TEST    c_TestEcDsa_s = {{32,{
 	    0x87,0xbc,0xc0,0xed,0x74,0x60,0x9e,0xfa,0x4e,0xe8,0x16,0xf3,0xf9,0x6b,0x26,0x07,
 	    0x3c,0x74,0x31,0x7e,0xf0,0x62,0x46,0xdc,0xd6,0x45,0x22,0x47,0x3e,0x0c,0xa0,0x02}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_r = {{32,{
 	    0xcc,0x07,0xad,0x65,0x91,0xdd,0xa0,0x10,0x23,0xae,0x53,0xec,0xdf,0xf1,0x50,0x90,
 	    0x16,0x96,0xf4,0x45,0x09,0x73,0x9c,0x84,0xb5,0x5c,0x5f,0x08,0x51,0xcb,0x60,0x01}}};
 const TPM2B_EC_TEST    c_TestEcSchnorr_s = {{32,{
 	    0x55,0x20,0x21,0x54,0xe2,0x49,0x07,0x47,0x71,0xf4,0x99,0x15,0x54,0xf3,0xab,0x14,
 	    0xdb,0x8e,0xda,0x79,0xb6,0x02,0x0e,0xe3,0x5e,0x6f,0x2c,0xb6,0x05,0xbd,0x14,0x10}}};
 #endif // SHA512
 #endif // SELF_TEST_DATA
 // The "static" key
 const TPM2B_EC_TEST c_ecTestKey_ds = {
    {32, {0xdf, 0x8d, 0xa4, 0xa3, 0x88, 0xf6, 0x76, 0x96, 0x89, 0xfc, 0x2f,
          0x2d, 0xa1, 0xb4, 0x39, 0x7a, 0x78, 0xc4, 0x7f, 0x71, 0x8c, 0xa6,
          0x91, 0x85, 0xc0, 0xbf, 0xf3, 0x54, 0x20, 0x91, 0x2f, 0x73}}};
 const TPM2B_EC_TEST c_ecTestKey_QsX = {
    {32, {0x17, 0xad, 0x2f, 0xcb, 0x18, 0xd4, 0xdb, 0x3f, 0x2c, 0x53, 0x13,
          0x82, 0x42, 0x97, 0xff, 0x8d, 0x99, 0x50, 0x16, 0x02, 0x35, 0xa7,
          0x06, 0xae, 0x1f, 0xda, 0xe2, 0x9c, 0x12, 0x77, 0xc0, 0xf9}}};
 const TPM2B_EC_TEST c_ecTestKey_QsY = {
    {32, {0xa6, 0xca, 0xf2, 0x18, 0x45, 0x96, 0x6e, 0x58, 0xe6, 0x72, 0x34,
          0x12, 0x89, 0xcd, 0xaa, 0xad, 0xcb, 0x68, 0xb2, 0x51, 0xdc, 0x5e,
          0xd1, 0x6d, 0x38, 0x20, 0x35, 0x57, 0xb2, 0xfd, 0xc7, 0x52}}};
 // The "ephemeral" key
 const TPM2B_EC_TEST c_ecTestKey_de = {
    {32, {0xb6, 0xb5, 0x33, 0x5c, 0xd1, 0xee, 0x52, 0x07, 0x99, 0xea, 0x2e,
          0x8f, 0x8b, 0x19, 0x18, 0x07, 0xc1, 0xf8, 0xdf, 0xdd, 0xb8, 0x77,
          0x00, 0xc7, 0xd6, 0x53, 0x21, 0xed, 0x02, 0x53, 0xee, 0xac}}};
 const TPM2B_EC_TEST c_ecTestKey_QeX = {
    {32, {0xa5, 0x1e, 0x80, 0xd1, 0x76, 0x3e, 0x8b, 0x96, 0xce, 0xcc, 0x21,
          0x82, 0xc9, 0xa2, 0xa2, 0xed, 0x47, 0x21, 0x89, 0x53, 0x44, 0xe9,
          0xc7, 0x92, 0xe7, 0x31, 0x48, 0x38, 0xe6, 0xea, 0x93, 0x47}}};
 const TPM2B_EC_TEST c_ecTestKey_QeY = {
    {32, {0x30, 0xe6, 0x4f, 0x97, 0x03, 0xa1, 0xcb, 0x3b, 0x32, 0x2a, 0x70,
          0x39, 0x94, 0xeb, 0x4e, 0xea, 0x55, 0x88, 0x81, 0x3f, 0xb5, 0x00,
          0xb8, 0x54, 0x25, 0xab, 0xd4, 0xda, 0xfd, 0x53, 0x7a, 0x18}}};
 // ECDH test results
 const TPM2B_EC_TEST c_ecTestEcdh_X = {
    {32, {0x64, 0x02, 0x68, 0x92, 0x78, 0xdb, 0x33, 0x52, 0xed, 0x3b, 0xfa,
          0x3b, 0x74, 0xa3, 0x3d, 0x2c, 0x2f, 0x9c, 0x59, 0x03, 0x07, 0xf8,
          0x22, 0x90, 0xed, 0xe3, 0x45, 0xf8, 0x2a, 0x0a, 0xd8, 0x1d}}};
 const TPM2B_EC_TEST c_ecTestEcdh_Y = {
    {32, {0x58, 0x94, 0x05, 0x82, 0xbe, 0x5f, 0x33, 0x02, 0x25, 0x90, 0x3a,
          0x33, 0x90, 0x89, 0xe3, 0xe5, 0x10, 0x4a, 0xbc, 0x78, 0xa5, 0xc5,
          0x07, 0x64, 0xaf, 0x91, 0xbc, 0xe6, 0xff, 0x85, 0x11, 0x40}}};
 TPM2B_TYPE(TEST_VALUE, 64);
 const TPM2B_TEST_VALUE c_ecTestValue = {
    {64,
     {0x78, 0xd5, 0xd4, 0x56, 0x43, 0x61, 0xdb, 0x97, 0xa4, 0x32, 0xc4, 0x0b, 0x06,
      0xa9, 0xa8, 0xa0, 0xf4, 0x45, 0x7f, 0x13, 0xd8, 0x13, 0x81, 0x0b, 0xe5, 0x76,
      0xbe, 0xaa, 0xb6, 0x3f, 0x8d, 0x4d, 0x23, 0x65, 0xcc, 0xa7, 0xc9, 0x19, 0x10,
      0xce, 0x69, 0xcb, 0x0c, 0xc7, 0x11, 0x8d, 0xc3, 0xff, 0x62, 0x69, 0xa2, 0xbe,
      0x46, 0x90, 0xe7, 0x7d, 0x81, 0x77, 0x94, 0x65, 0x1c, 0x3e, 0xc1, 0x3e}}};
 #  if ALG_SHA1_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST c_TestEcDsa_r = {
    {32, {0x57, 0xf3, 0x36, 0xb7, 0xec, 0xc2, 0xdd, 0x76, 0x0e, 0xe2, 0x81,
          0x21, 0x49, 0xc5, 0x66, 0x11, 0x4b, 0x8a, 0x4f, 0x17, 0x62, 0x82,
          0xcc, 0x06, 0xf6, 0x64, 0x78, 0xef, 0x6b, 0x7c, 0xf2, 0x6c}}};
 const TPM2B_EC_TEST c_TestEcDsa_s = {
    {32, {0x1b, 0xed, 0x23, 0x72, 0x8f, 0x17, 0x5f, 0x47, 0x2e, 0xa7, 0x97,
          0x2c, 0x51, 0x57, 0x20, 0x70, 0x6f, 0x89, 0x74, 0x8a, 0xa8, 0xf4,
          0x26, 0xf4, 0x96, 0xa1, 0xb8, 0x3e, 0xe5, 0x35, 0xc5, 0x94}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_r = {
    {32, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
          0x00, 0x1b, 0x08, 0x9f, 0xde, 0xef, 0x62, 0xe3, 0xf1, 0x14, 0xcb,
          0x54, 0x28, 0x13, 0x76, 0xfc, 0x6d, 0x69, 0x22, 0xb5, 0x3e}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_s = {
    {32, {0xd9, 0xd3, 0x20, 0xfb, 0x4d, 0x16, 0xf2, 0xe6, 0xe2, 0x45, 0x07,
          0x45, 0x1c, 0x92, 0x92, 0x92, 0xa9, 0x6b, 0x48, 0xf8, 0xd1, 0x98,
          0x29, 0x4d, 0xd3, 0x8f, 0x56, 0xf2, 0xbb, 0x2e, 0x22, 0x3b}}};
 #  endif  // SHA1
 #  if ALG_SHA256_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST c_TestEcDsa_r = {
    {32, {0x04, 0x7d, 0x54, 0xeb, 0x04, 0x6f, 0x56, 0xec, 0xa2, 0x6c, 0x38,
          0x8c, 0xeb, 0x43, 0x0b, 0x71, 0xf8, 0xf2, 0xf4, 0xa5, 0xe0, 0x1d,
          0x3c, 0xa2, 0x39, 0x31, 0xe4, 0xe7, 0x36, 0x3b, 0xb5, 0x5f}}};
 const TPM2B_EC_TEST c_TestEcDsa_s = {
    {32, {0x8f, 0xd0, 0x12, 0xd9, 0x24, 0x75, 0xf6, 0xc4, 0x3b, 0xb5, 0x46,
          0x75, 0x3a, 0x41, 0x8d, 0x80, 0x23, 0x99, 0x38, 0xd7, 0xe2, 0x40,
          0xca, 0x9a, 0x19, 0x2a, 0xfc, 0x54, 0x75, 0xd3, 0x4a, 0x6e}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_r = {
    {32, {0xf7, 0xb9, 0x15, 0x4c, 0x34, 0xf6, 0x41, 0x19, 0xa3, 0xd2, 0xf1,
          0xbd, 0xf4, 0x13, 0x6a, 0x4f, 0x63, 0xb8, 0x4d, 0xb5, 0xc8, 0xcd,
          0xde, 0x85, 0x95, 0xa5, 0x39, 0x0a, 0x14, 0x49, 0x3d, 0x2f}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_s = {
    {32, {0xfe, 0xbe, 0x17, 0xaa, 0x31, 0x22, 0x9f, 0xd0, 0xd2, 0xf5, 0x25,
          0x04, 0x92, 0xb0, 0xaa, 0x4e, 0xcc, 0x1c, 0xb6, 0x79, 0xd6, 0x42,
          0xb3, 0x4e, 0x3f, 0xbb, 0xfe, 0x5f, 0xd0, 0xd0, 0x8b, 0xc3}}};
 #  endif  // SHA256
 #  if ALG_SHA384_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST c_TestEcDsa_r = {
    {32, {0xf5, 0x74, 0x6d, 0xd6, 0xc6, 0x56, 0x86, 0xbb, 0xba, 0x1c, 0xba,
          0x75, 0x65, 0xee, 0x64, 0x31, 0xce, 0x04, 0xe3, 0x9f, 0x24, 0x3f,
          0xbd, 0xfe, 0x04, 0xcd, 0xab, 0x7e, 0xfe, 0xad, 0xcb, 0x82}}};
 const TPM2B_EC_TEST c_TestEcDsa_s = {
    {32, {0xc2, 0x4f, 0x32, 0xa1, 0x06, 0xc0, 0x85, 0x4f, 0xc6, 0xd8, 0x31,
          0x66, 0x91, 0x9f, 0x79, 0xcd, 0x5b, 0xe5, 0x7b, 0x94, 0xa1, 0x91,
          0x38, 0xac, 0xd4, 0x20, 0xa2, 0x10, 0xf0, 0xd5, 0x9d, 0xbf}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_r = {
    {32, {0x1e, 0xb8, 0xe1, 0xbf, 0xa1, 0x9e, 0x39, 0x1e, 0x58, 0xa2, 0xe6,
          0x59, 0xd0, 0x1a, 0x6a, 0x03, 0x6a, 0x1f, 0x1c, 0x4f, 0x36, 0x19,
          0xc1, 0xec, 0x30, 0xa4, 0x85, 0x1b, 0xe9, 0x74, 0x35, 0x66}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_s = {
    {32, {0xb9, 0xe6, 0xe3, 0x7e, 0xcb, 0xb9, 0xea, 0xf1, 0xcc, 0xf4, 0x48,
          0x44, 0x4a, 0xda, 0xc8, 0xd7, 0x87, 0xb4, 0xba, 0x40, 0xfe, 0x5b,
          0x68, 0x11, 0x14, 0xcf, 0xa0, 0x0e, 0x85, 0x46, 0x99, 0x01}}};
 #  endif  // SHA384
 #  if ALG_SHA512_VALUE == DEFAULT_TEST_HASH
 const TPM2B_EC_TEST c_TestEcDsa_r = {
    {32, {0xc9, 0x71, 0xa6, 0xb4, 0xaf, 0x46, 0x26, 0x8c, 0x27, 0x00, 0x06,
          0x3b, 0x00, 0x0f, 0xa3, 0x17, 0x72, 0x48, 0x40, 0x49, 0x4d, 0x51,
          0x4f, 0xa4, 0xcb, 0x7e, 0x86, 0xe9, 0xe7, 0xb4, 0x79, 0xb2}}};
 const TPM2B_EC_TEST c_TestEcDsa_s = {
    {32, {0x87, 0xbc, 0xc0, 0xed, 0x74, 0x60, 0x9e, 0xfa, 0x4e, 0xe8, 0x16,
          0xf3, 0xf9, 0x6b, 0x26, 0x07, 0x3c, 0x74, 0x31, 0x7e, 0xf0, 0x62,
          0x46, 0xdc, 0xd6, 0x45, 0x22, 0x47, 0x3e, 0x0c, 0xa0, 0x02}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_r = {
    {32, {0xcc, 0x07, 0xad, 0x65, 0x91, 0xdd, 0xa0, 0x10, 0x23, 0xae, 0x53,
          0xec, 0xdf, 0xf1, 0x50, 0x90, 0x16, 0x96, 0xf4, 0x45, 0x09, 0x73,
          0x9c, 0x84, 0xb5, 0x5c, 0x5f, 0x08, 0x51, 0xcb, 0x60, 0x01}}};
 const TPM2B_EC_TEST c_TestEcSchnorr_s = {
    {32, {0x55, 0x20, 0x21, 0x54, 0xe2, 0x49, 0x07, 0x47, 0x71, 0xf4, 0x99,
          0x15, 0x54, 0xf3, 0xab, 0x14, 0xdb, 0x8e, 0xda, 0x79, 0xb6, 0x02,
          0x0e, 0xe3, 0x5e, 0x6f, 0x2c, 0xb6, 0x05, 0xbd, 0x14, 0x10}}};
 #  endif  // SHA512
 #endif  // SELF_TEST_DATA
--- a/src/tpm2/EncryptDecrypt2_fp.h
+++ b/src/tpm2/EncryptDecrypt2_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 146 */
-#ifndef ENCRYPTDECRYPT2_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ENCRYPTDECRYPT2_FP_H
-typedef struct {
+#if CC_EncryptDecrypt2  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT       keyHandle;
    TPM2B_MAX_BUFFER     inData;
    TPMI_YES_NO          decrypt;
@ -72,22 +77,23 @@ typedef struct {
    TPM2B_IV             ivIn;
 } EncryptDecrypt2_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_MAX_BUFFER outData;
    TPM2B_IV         ivOut;
 } EncryptDecrypt2_Out;
 // Response code modifiers
 #    define RC_EncryptDecrypt2_keyHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_EncryptDecrypt2_inData    (TPM_RC_P + TPM_RC_1)
 #    define RC_EncryptDecrypt2_decrypt   (TPM_RC_P + TPM_RC_2)
 #    define RC_EncryptDecrypt2_mode      (TPM_RC_P + TPM_RC_3)
 #    define RC_EncryptDecrypt2_ivIn      (TPM_RC_P + TPM_RC_4)
-typedef struct {
+// Function prototype
    TPM2B_MAX_BUFFER	outData;
    TPM2B_IV		ivOut;
 } EncryptDecrypt2_Out;
 TPM_RC
-TPM2_EncryptDecrypt2(
+TPM2_EncryptDecrypt2(EncryptDecrypt2_In* in, EncryptDecrypt2_Out* out);
 		     EncryptDecrypt2_In   *in,            // IN: input parameter list
 		     EncryptDecrypt2_Out  *out            // OUT: output parameter list
 		     );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT2_FP_H_
-#endif
+#endif    // CC_EncryptDecrypt2
--- a/src/tpm2/EncryptDecrypt_fp.h
+++ b/src/tpm2/EncryptDecrypt_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef ENCRYPTDECRYPT_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define ENCRYPTDECRYPT_FP_H
-typedef struct {
+#if CC_EncryptDecrypt  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT       keyHandle;
    TPMI_YES_NO          decrypt;
    TPMI_ALG_CIPHER_MODE mode;
@ -72,22 +77,23 @@ typedef struct {
    TPM2B_MAX_BUFFER     inData;
 } EncryptDecrypt_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_MAX_BUFFER outData;
    TPM2B_IV         ivOut;
 } EncryptDecrypt_Out;
 // Response code modifiers
 #    define RC_EncryptDecrypt_keyHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_EncryptDecrypt_decrypt   (TPM_RC_P + TPM_RC_1)
 #    define RC_EncryptDecrypt_mode      (TPM_RC_P + TPM_RC_2)
 #    define RC_EncryptDecrypt_ivIn      (TPM_RC_P + TPM_RC_3)
 #    define RC_EncryptDecrypt_inData    (TPM_RC_P + TPM_RC_4)
-typedef struct {
+// Function prototype
    TPM2B_MAX_BUFFER	outData;
    TPM2B_IV		ivOut;
 } EncryptDecrypt_Out;
 TPM_RC
-TPM2_EncryptDecrypt(
+TPM2_EncryptDecrypt(EncryptDecrypt_In* in, EncryptDecrypt_Out* out);
 		    EncryptDecrypt_In   *in,            // IN: input parameter list
 		    EncryptDecrypt_Out  *out            // OUT: output parameter list
 		    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_ENCRYPTDECRYPT_FP_H_
-#endif
+#endif    // CC_EncryptDecrypt
--- a/src/tpm2/EncryptDecrypt_spt.c
+++ b/src/tpm2/EncryptDecrypt_spt.c
@ -59,25 +59,30 @@
 /*										*/
 /********************************************************************************/
 /* 7.7 Encrypt Decrypt Support (EncryptDecrypt_spt.c) */
 #include "Tpm.h"
 #include "EncryptDecrypt_fp.h"
 #include "EncryptDecrypt_spt_fp.h"
 #if CC_EncryptDecrypt2
-/* Error Returns Meaning */
+
-/* TPM_RC_KEY is not a symmetric decryption key with both public and private portions loaded */
+/*(See part 3 specification)
-/* TPM_RC_SIZE IvIn size is incompatible with the block cipher mode; or inData size is not an even
+// symmetric encryption or decryption
-   multiple of the block size for CBC or ECB mode */
+*/
-/* TPM_RC_VALUE keyHandle is restricted and the argument mode does not match the key's mode */
+//  Return Type: TPM_RC
 //      TPM_RC_KEY          is not a symmetric decryption key with both
 //                          public and private portions loaded
 //      TPM_RC_SIZE         'IvIn' size is incompatible with the block cipher mode;
 //                          or 'inData' size is not an even multiple of the block
 //                          size for CBC or ECB mode
 //      TPM_RC_VALUE        'keyHandle' is restricted and the argument 'mode' does
 //                          not match the key's mode
 TPM_RC
-EncryptDecryptShared(
+EncryptDecryptShared(TPMI_DH_OBJECT      keyHandleIn,
 		     TPMI_DH_OBJECT        keyHandleIn,
                     TPMI_YES_NO         decryptIn,
                     TPMI_ALG_SYM_MODE   modeIn,
                     TPM2B_IV*           ivIn,
                     TPM2B_MAX_BUFFER*   inData,
-		     EncryptDecrypt_Out    *out
+                     EncryptDecrypt_Out* out)
 		     )
 {
    OBJECT*    symKey;
    UINT16     keySize;
@ -90,23 +95,26 @@ EncryptDecryptShared(
    // Input Validation
    symKey = HandleToObject(keyHandleIn);
    mode   = symKey->publicArea.parameters.symDetail.sym.mode.sym;
    // The input key should be a symmetric key
    if(symKey->publicArea.type != TPM_ALG_SYMCIPHER)
        return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
    // The key must be unrestricted and allow the selected operation
-    OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
+    OK = !IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, restricted);
 		       TPMA_OBJECT, restricted);
    if(YES == decryptIn)
-	OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
+        OK = OK
-				TPMA_OBJECT, decrypt);
+             && IS_ATTRIBUTE(
                 symKey->publicArea.objectAttributes, TPMA_OBJECT, decrypt);
    else
-	OK = OK && IS_ATTRIBUTE(symKey->publicArea.objectAttributes,
+        OK = OK
-				TPMA_OBJECT, sign);
+             && IS_ATTRIBUTE(symKey->publicArea.objectAttributes, TPMA_OBJECT, sign);
    if(!OK)
        return TPM_RCS_ATTRIBUTES + RC_EncryptDecrypt_keyHandle;
    // Make sure that key is an encrypt/decrypt key and not SMAC
    if(!CryptSymModeIsValid(mode, TRUE))
        return TPM_RCS_MODE + RC_EncryptDecrypt_keyHandle;
    // If the key mode is not TPM_ALG_NULL...
    // or TPM_ALG_NULL
    if(mode != TPM_ALG_NULL)
@ -127,21 +135,26 @@ EncryptDecryptShared(
    keySize   = symKey->publicArea.parameters.symDetail.sym.keyBits.sym;
    alg       = symKey->publicArea.parameters.symDetail.sym.algorithm;
    blockSize = CryptGetSymmetricBlockSize(alg, keySize);
    // reverify the algorithm. This is mainly to keep static analysis tools happy
    if(blockSize == 0)
        return TPM_RCS_KEY + RC_EncryptDecrypt_keyHandle;
    if(((mode == TPM_ALG_ECB) && (ivIn->t.size != 0))
       || ((mode != TPM_ALG_ECB) && (ivIn->t.size != blockSize)))
        return TPM_RCS_SIZE + RC_EncryptDecrypt_ivIn;
    // The input data size of CBC mode or ECB mode must be an even multiple of
    // the symmetric algorithm's block size
    if(((mode == TPM_ALG_CBC) || (mode == TPM_ALG_ECB))
       && ((inData->t.size % blockSize) != 0))
        return TPM_RCS_SIZE + RC_EncryptDecrypt_inData;
    // Copy IV
    // Note: This is copied here so that the calls to the encrypt/decrypt functions
    // will modify the output buffer, not the input buffer
    out->ivOut = *ivIn;
    // Command Output
    key = symKey->sensitive.sensitive.sym.t.buffer;
    // For symmetric encryption, the cipher data size is the same as plain data
@ -150,17 +163,28 @@ EncryptDecryptShared(
    if(decryptIn == YES)
    {
        // Decrypt data to output
-	    result = CryptSymmetricDecrypt(out->outData.t.buffer, alg, keySize, key,
+        result = CryptSymmetricDecrypt(out->outData.t.buffer,
-					   &(out->ivOut), mode, inData->t.size,
+                                       alg,
                                       keySize,
                                       key,
                                       &(out->ivOut),
                                       mode,
                                       inData->t.size,
                                       inData->t.buffer);
    }
    else
    {
        // Encrypt data to output
-	    result = CryptSymmetricEncrypt(out->outData.t.buffer, alg, keySize, key,
+        result = CryptSymmetricEncrypt(out->outData.t.buffer,
-					   &(out->ivOut), mode, inData->t.size,
+                                       alg,
                                       keySize,
                                       key,
                                       &(out->ivOut),
                                       mode,
                                       inData->t.size,
                                       inData->t.buffer);
    }
    return result;
 }
 #endif  // CC_EncryptDecrypt
--- a/src/tpm2/EncryptDecrypt_spt_fp.h
+++ b/src/tpm2/EncryptDecrypt_spt_fp.h
@ -59,17 +59,31 @@
 /*										*/
 /********************************************************************************/
-#ifndef ENCRYPTDECRYPT_SPT_FP_H
+/*(Auto-generated)
-#define ENCRYPTDECRYPT_SPT_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:18PM
 */
 #ifndef _ENCRYPT_DECRYPT_SPT_FP_H_
 #define _ENCRYPT_DECRYPT_SPT_FP_H_
 #if CC_EncryptDecrypt2
 //  Return Type: TPM_RC
 //      TPM_RC_KEY          is not a symmetric decryption key with both
 //                          public and private portions loaded
 //      TPM_RC_SIZE         'IvIn' size is incompatible with the block cipher mode;
 //                          or 'inData' size is not an even multiple of the block
 //                          size for CBC or ECB mode
 //      TPM_RC_VALUE        'keyHandle' is restricted and the argument 'mode' does
 //                          not match the key's mode
 TPM_RC
-EncryptDecryptShared(
+EncryptDecryptShared(TPMI_DH_OBJECT      keyHandleIn,
 		     TPMI_DH_OBJECT        keyHandleIn,
                     TPMI_YES_NO         decryptIn,
                     TPMI_ALG_SYM_MODE   modeIn,
                     TPM2B_IV*           ivIn,
                     TPM2B_MAX_BUFFER*   inData,
-		     EncryptDecrypt_Out    *out
+                     EncryptDecrypt_Out* out);
-		     );
+#endif  // CC_EncryptDecrypt
-#endif
+#endif  // _ENCRYPT_DECRYPT_SPT_FP_H_
--- a/src/tpm2/Entity_fp.h
+++ b/src/tpm2/Entity_fp.h
@ -59,32 +59,71 @@
 /*										*/
 /********************************************************************************/
-#ifndef ENTITY_FP_H
+/*(Auto-generated)
-#define ENTITY_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar  7, 2020  Time: 07:19:36PM
 */
 #ifndef _ENTITY_FP_H_
 #define _ENTITY_FP_H_
 //** Functions
 //*** EntityGetLoadStatus()
 // This function will check that all the handles access loaded entities.
 //  Return Type: TPM_RC
 //      TPM_RC_HANDLE           handle type does not match
 //      TPM_RC_REFERENCE_Hx     entity is not present
 //      TPM_RC_HIERARCHY        entity belongs to a disabled hierarchy
 //      TPM_RC_OBJECT_MEMORY    handle is an evict object but there is no
 //                               space to load it to RAM
 TPM_RC
-EntityGetLoadStatus(
+EntityGetLoadStatus(COMMAND* command  // IN/OUT: command parsing structure
 		    COMMAND         *command        // IN/OUT: command parsing structure
 );
 //*** EntityGetAuthValue()
 // This function is used to access the 'authValue' associated with a handle.
 // This function assumes that the handle references an entity that is accessible
 // and the handle is not for a persistent objects. That is EntityGetLoadStatus()
 // should have been called. Also, the accessibility of the authValue should have
 // been verified by IsAuthValueAvailable().
 //
 // This function copies the authorization value of the entity to 'auth'.
 // Return Type: UINT16
 //      count           number of bytes in the authValue with 0's stripped
 UINT16
-EntityGetAuthValue(
+EntityGetAuthValue(TPMI_DH_ENTITY handle,  // IN: handle of entity
 		   TPMI_DH_ENTITY   handle,        // IN: handle of entity
                   TPM2B_AUTH*    auth     // OUT: authValue of the entity
 );
 //*** EntityGetAuthPolicy()
 // This function is used to access the 'authPolicy' associated with a handle.
 // This function assumes that the handle references an entity that is accessible
 // and the handle is not for a persistent objects. That is EntityGetLoadStatus()
 // should have been called. Also, the accessibility of the authPolicy should have
 // been verified by IsAuthPolicyAvailable().
 //
 // This function copies the authorization policy of the entity to 'authPolicy'.
 //
 //  The return value is the hash algorithm for the policy.
 TPMI_ALG_HASH
-EntityGetAuthPolicy(
+EntityGetAuthPolicy(TPMI_DH_ENTITY handle,     // IN: handle of entity
 		    TPMI_DH_ENTITY   handle,        // IN: handle of entity
                    TPM2B_DIGEST*  authPolicy  // OUT: authPolicy of the entity
 );
-TPM2B_NAME *
+
-EntityGetName(
+//*** EntityGetName()
-	      TPMI_DH_ENTITY   handle,        // IN: handle of entity
+// This function returns the Name associated with a handle.
 TPM2B_NAME* EntityGetName(TPMI_DH_ENTITY handle,  // IN: handle of entity
                          TPM2B_NAME*    name     // OUT: name of entity
 );
 //*** EntityGetHierarchy()
 // This function returns the hierarchy handle associated with an entity.
 // a) A handle that is a hierarchy handle is associated with itself.
 // b) An NV index belongs to TPM_RH_PLATFORM if TPMA_NV_PLATFORMCREATE,
 //    is SET, otherwise it belongs to TPM_RH_OWNER
 // c) An object handle belongs to its hierarchy.
 TPMI_RH_HIERARCHY
-EntityGetHierarchy(
+EntityGetHierarchy(TPMI_DH_ENTITY handle  // IN :handle of entity
 		   TPMI_DH_ENTITY   handle         // IN :handle of entity
 );
-
+#endif  // _ENTITY_FP_H_
 #endif
--- a/src/tpm2/Entropy.c
+++ b/src/tpm2/Entropy.c
@ -59,8 +59,8 @@
 /*										*/
 /********************************************************************************/
-/* C.4 Entropy.c */
+//** Includes and Local Values
-/* C.4.1. Includes and Local values*/
+
 #define _CRT_RAND_S
 #include <stdlib.h>
 #include <memory.h>
@ -70,29 +70,29 @@
 #include <time.h>
 #include "Platform.h"
-#if defined _MSC_VER || defined _MINGW
+#if defined _MSC_VER || defined _MINGW		// libtpms changed
 #  include <process.h>
 #else
 #  include <unistd.h>
 #endif
-/* This is the last 32-bits of hardware entropy produced. We have to check to see that two
+// This is the last 32-bits of hardware entropy produced. We have to check to
-   consecutive 32-bit values are not the same because (according to FIPS 140-2, annex C */
+// see that two consecutive 32-bit values are not the same because
-/* "If each call to a RNG produces blocks of n bits (where n > 15), the first n-bit block generated
+// according to FIPS 140-2, annex C:
-   after power-up, initialization, or reset shall not be used, but shall be saved for comparison
+//
-   with the next n-bit block to be generated. Each subsequent generation of an n-bit block shall be
+// "If each call to an RNG produces blocks of n bits (where n > 15), the first
-   compared with the previously generated block. The test shall fail if any two compared n-bit
+// n-bit block generated after power-up, initialization, or reset shall not be
-   blocks are equal." */
+// used, but shall be saved for comparison with the next n-bit block to be
 // generated. Each subsequent generation of an n-bit block shall be compared with
 // the previously generated block. The test shall fail if any two compared n-bit
 // blocks are equal."
 extern uint32_t lastEntropy;
-/* C.4.2.	Functions */
+//** Functions
 /* C.4.2.1.	rand32() */
 /* Local function to get a 32-bit random number */
-static uint32_t
+//*** rand32()
-rand32(
+// Local function to get a 32-bit random number
-       void
+static uint32_t rand32(void)
       )
 {
    uint32_t rndNum = rand();
 #if RAND_MAX < UINT16_MAX
@ -111,15 +111,15 @@ rand32(
    return rndNum;
 }
-/* C.4.2.2 _plat__GetEntropy() */
+//*** _plat__GetEntropy()
-/* This function is used to get available hardware entropy. In a hardware implementation of this
+// This function is used to get available hardware entropy. In a hardware
-   function, there would be no call to the system to get entropy. */
+// implementation of this function, there would be no call to the system
-/* Return Values Meaning */
+// to get entropy.
-/* < 0 hardware failure of the entropy generator, this is sticky */
+//  Return Type: int32_t
-/* >= 0 the returned amount of entropy (bytes) */
+//  < 0        hardware failure of the entropy generator, this is sticky
-LIB_EXPORT int32_t
+// >= 0        the returned amount of entropy (bytes)
-_plat__GetEntropy(
+//
-		  unsigned char       *entropy,           // output buffer
+LIB_EXPORT int32_t _plat__GetEntropy(unsigned char* entropy,  // output buffer
                                     uint32_t       amount    // amount requested
 )
 {
@ -134,21 +134,21 @@ _plat__GetEntropy(
    if(amount == 0)
    {
-	    // Seed the platform entropy source if the entropy source is software. There is
+        // Seed the platform entropy source if the entropy source is software. There
-	    // no reason to put a guard macro (#if or #ifdef) around this code because this
+        // is no reason to put a guard macro (#if or #ifdef) around this code because
-	    // code would not be here if someone was changing it for a system with actual
+        // this code would not be here if someone was changing it for a system with
-	    // hardware.
+        // actual hardware.
        //
-	    // NOTE 1: The following command does not provide proper cryptographic entropy.
+        // NOTE 1: The following command does not provide proper cryptographic
-	    // Its primary purpose to make sure that different instances of the simulator,
+        // entropy. Its primary purpose to make sure that different instances of the
-	    // possibly started by a script on the same machine, are seeded differently.
+        // simulator, possibly started by a script on the same machine, are seeded
-	    // Vendors of the actual TPMs need to ensure availability of proper entropy
+        // differently. Vendors of the actual TPMs need to ensure availability of
-	    // using their platform specific means.
+        // proper entropy using their platform-specific means.
        //
        // NOTE 2: In debug builds by default the reference implementation will seed
        // its RNG deterministically (without using any platform provided randomness).
        // See the USE_DEBUG_RNG macro and DRBG_GetEntropy() function.
-#if defined _MSC_VER || defined _MINGW
+#if defined _MSC_VER || defined _MINGW		// libtpms changed
        srand((unsigned)_plat__RealTime() ^ _getpid());
 #else
        srand((unsigned)_plat__RealTime() ^ getpid());
@ -166,14 +166,15 @@ _plat__GetEntropy(
        else
        {
            lastEntropy = rndNum;
-		    // Each process will have its random number generator initialized according
+            // Each process will have its random number generator initialized
-		    // to the process id and the initialization time. This is not a lot of
+            // according to the process id and the initialization time. This is not a
-		    // entropy so, to add a bit more, XOR the current time value into the
+            // lot of entropy so, to add a bit more, XOR the current time value into
-		    // returned entropy value.
+            // the returned entropy value.
            // NOTE: the reason for including the time here rather than have it in
            // in the value assigned to lastEntropy is that rand() could be broken and
            // using the time would in the lastEntropy value would hide this.
            rndNum ^= (uint32_t)_plat__RealTime();
            // Only provide entropy 32 bits at a time to test the ability
            // of the caller to deal with partial results.
            ret = MIN(amount, sizeof(rndNum));
@ -182,4 +183,3 @@ _plat__GetEntropy(
    }
    return ret;
 }
--- a/src/tpm2/EventSequenceComplete_fp.h
+++ b/src/tpm2/EventSequenceComplete_fp.h
@ -59,30 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef EVENTSEQUENCECOMPLETE_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define EVENTSEQUENCECOMPLETE_FP_H
-typedef struct {
+#if CC_EventSequenceComplete  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_PCR      pcrHandle;
    TPMI_DH_OBJECT   sequenceHandle;
    TPM2B_MAX_BUFFER buffer;
 } EventSequenceComplete_In;
 // Output structure definition
 typedef struct
 {
    TPML_DIGEST_VALUES results;
 } EventSequenceComplete_Out;
 // Response code modifiers
 #    define RC_EventSequenceComplete_pcrHandle      (TPM_RC_H + TPM_RC_1)
 #    define RC_EventSequenceComplete_sequenceHandle (TPM_RC_H + TPM_RC_2)
 #    define RC_EventSequenceComplete_buffer         (TPM_RC_P + TPM_RC_1)
-typedef struct {
+// Function prototype
    TPML_DIGEST_VALUES	results;
 } EventSequenceComplete_Out;
 TPM_RC
-TPM2_EventSequenceComplete(
+TPM2_EventSequenceComplete(EventSequenceComplete_In*  in,
-			   EventSequenceComplete_In    *in,            // IN: input parameter list
+                           EventSequenceComplete_Out* out);
 			   EventSequenceComplete_Out   *out            // OUT: output parameter list
 			   );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVENTSEQUENCECOMPLETE_FP_H_
-#endif
+#endif    // CC_EventSequenceComplete
--- a/src/tpm2/EvictControl_fp.h
+++ b/src/tpm2/EvictControl_fp.h
@ -59,24 +59,30 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef EVICTCONTROL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define EVICTCONTROL_FP_H
-typedef struct {
+#if CC_EvictControl  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_PROVISION  auth;
    TPMI_DH_OBJECT     objectHandle;
    TPMI_DH_PERSISTENT persistentHandle;
 } EvictControl_In;
 // Response code modifiers
 #    define RC_EvictControl_auth             (TPM_RC_H + TPM_RC_1)
 #    define RC_EvictControl_objectHandle     (TPM_RC_H + TPM_RC_2)
 #    define RC_EvictControl_persistentHandle (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_EvictControl(
+TPM2_EvictControl(EvictControl_In* in);
 		  EvictControl_In     *in             // IN: input parameter list
 		  );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_EVICTCONTROL_FP_H_
 #endif    // CC_EvictControl
--- a/src/tpm2/ExecCommand.c
+++ b/src/tpm2/ExecCommand.c
@ -58,22 +58,32 @@
 /*										*/
 /********************************************************************************/
-/* 6.2 ExecCommand.c */
+//** Introduction
-/* This file contains the entry function ExecuteCommand() which provides the main control flow for
+//
-   TPM command execution. */
+// This file contains the entry function ExecuteCommand() which provides the main
 // control flow for TPM command execution.
 //** Includes
 #include "Tpm.h"
-#include "ExecCommand_fp.h"
+#include "Marshal.h"
 // TODO_RENAME_INC_FOLDER:platform_interface refers to the TPM_CoreLib platform interface
 #include "ExecCommand_fp.h"	// libtpms changed
 // Uncomment this next #include if doing static command/response buffer sizing
 // #include "CommandResponseSizes_fp.h"
 #define TPM_HAVE_TPM2_DECLARATIONS
 #include "tpm_library_intern.h"  // libtpms added
-/* Uncomment this next #include if doing static command/response buffer sizing */
+//** ExecuteCommand()
-// #include "CommandResponseSizes_fp.h"
+//
 // The function performs the following steps.
 //
 //  a)  Parses the command header from input buffer.
 //  b)  Calls ParseHandleBuffer() to parse the handle area of the command.
 //  c)  Validates that each of the handles references a loaded entity.
-//     d)	Calls ParseSessionBuffer() () to:
+//  d)  Calls ParseSessionBuffer () to:
 //      1)  unmarshal and parse the session area;
 //      2)  check the authorizations; and
 //      3)  when necessary, decrypt a parameter.
@ -81,24 +91,29 @@
 //      1)  unmarshal the command parameters from the command buffer;
 //      2)  call the routine that performs the command actions; and
 //      3)  marshal the responses into the response buffer.
-// f)	If any error occurs in any of the steps above create the error response and return.
+//  f)  If any error occurs in any of the steps above create the error response
 //      and return.
 //  g)  Calls BuildResponseSession() to:
 //      1)  when necessary, encrypt a parameter
 //      2)  build the response authorization sessions
 //      3)  update the audit sessions and nonces
 //  h)  Calls BuildResponseHeader() to complete the construction of the response.
-
+//
-// 	  responseSize is set by the caller to the maximum number of bytes available in the output
+// 'responseSize' is set by the caller to the maximum number of bytes available in
-// 	  buffer. ExecuteCommand() will adjust the value and return the number of bytes placed in
+// the output buffer. ExecuteCommand will adjust the value and return the number
-// 	  the buffer.
+// of bytes placed in the buffer.
-// 	  response is also set by the caller to indicate the buffer into which ExecuteCommand() is
+//
-// 	  to place the response.
+// 'response' is also set by the caller to indicate the buffer into which
-// 	  request and response may point to the same buffer
+//  ExecuteCommand is to place the response.
-// 	  NOTE: As of February, 2016, the failure processing has been moved to the platform-specific
+//
-// 	  code. When the TPM code encounters an unrecoverable failure, it will SET g_inFailureMode
+//  'request' and 'response' may point to the same buffer
-// 	  and call _plat__Fail(). That function should not return but may call ExecuteCommand().
+//
-LIB_EXPORT void
+// Note: As of February, 2016, the failure processing has been moved to the
-ExecuteCommand(
+// platform-specific code. When the TPM code encounters an unrecoverable failure, it
 // will SET g_inFailureMode and call _plat__Fail(). That function should not return
 // but may call ExecuteCommand().
 //
 LIB_EXPORT void ExecuteCommand(
    uint32_t        requestSize,   // IN: command buffer size
    unsigned char*  request,       // IN: command buffer
    uint32_t*       responseSize,  // IN/OUT: response buffer size
@ -108,6 +123,7 @@ ExecuteCommand(
    // Command local variables
    UINT32  commandSize;
    COMMAND command;
    // Response local variables
    UINT32 maxResponse = *responseSize;
    TPM_RC result;  // return code for the command
@ -119,7 +135,7 @@ ExecuteCommand(
    }
    // This next function call is used in development to size the command and response
    // buffers. The values printed are the sizes of the internal structures and
-    // not the sizes of the canonical forms of he command response structures. Also,
+    // not the sizes of the canonical forms of the command response structures. Also,
    // the sizes do not include the tag, command.code, requestSize, or the authorization
    // fields.
    //CommandResponseSizes();
@ -142,32 +158,34 @@ ExecuteCommand(
    // is not available later when it is necessary to write to NV, then the TPM
    // will go into failure mode.
    NvCheckState();
    // Due to the limitations of the simulation, TPM clock must be explicitly
    // synchronized with the system clock whenever a command is received.
    // This function call is not necessary in a hardware TPM. However, taking
    // a snapshot of the hardware timer at the beginning of the command allows
    // the time value to be consistent for the duration of the command execution.
    TimeUpdateToCurrent();
    // Any command through this function will unceremoniously end the
    // _TPM_Hash_Data/_TPM_Hash_End sequence.
    if(g_DRTMHandle != TPM_RH_UNASSIGNED)
        ObjectTerminateEvent();
    // Get command buffer size and command buffer.
    command.tag = 0;				// libtpms added: Coverity
    command.parameterBuffer = request;
    command.parameterSize   = requestSize;
    // Parse command header: tag, commandSize and command.code.
    // First parse the tag. The unmarshaling routine will validate
    // that it is either TPM_ST_SESSIONS or TPM_ST_NO_SESSIONS.
-    result = TPMI_ST_COMMAND_TAG_Unmarshal(&command.tag,
+    result = TPMI_ST_COMMAND_TAG_Unmarshal(
-					   &command.parameterBuffer,
+        &command.tag, &command.parameterBuffer, &command.parameterSize);
 					   &command.parameterSize);
    if(result != TPM_RC_SUCCESS)
        goto Cleanup;
    // Unmarshal the commandSize indicator.
-    result = UINT32_Unmarshal(&commandSize,
+    result = UINT32_Unmarshal(
-			      &command.parameterBuffer,
+        &commandSize, &command.parameterBuffer, &command.parameterSize);
 			      &command.parameterSize);
    if(result != TPM_RC_SUCCESS)
        goto Cleanup;
    // On a TPM that receives bytes on a port, the number of bytes that were
@ -183,8 +201,8 @@ ExecuteCommand(
        goto Cleanup;
    }
    // Unmarshal the command code.
-    result = TPM_CC_Unmarshal(&command.code, &command.parameterBuffer,
+    result = TPM_CC_Unmarshal(
-			      &command.parameterSize);
+        &command.code, &command.parameterBuffer, &command.parameterSize);
    if(result != TPM_RC_SUCCESS)
        goto Cleanup;
    // Check to see if the command is implemented.
@ -239,13 +257,13 @@ ExecuteCommand(
        // the command, then it is an error. NOTE: This check could pass but the
        // session size could still be wrong. That will be determined after the
        // sessions are unmarshaled.
-	    if(command.authSize < 9
+        if(command.authSize < 9 || command.authSize > command.parameterSize)
 	       || command.authSize > command.parameterSize)
        {
            result = TPM_RC_SIZE;
            goto Cleanup;
        }
        command.parameterSize -= command.authSize;
        // The actions of ParseSessionBuffer() are described in the introduction.
        // As the sessions are parsed command.parameterBuffer is advanced so, on a
        // successful return, command.parameterBuffer should be pointing at the
@ -269,26 +287,29 @@ ExecuteCommand(
    //*response = MemoryGetResponseBuffer(command.index);
    // leave space for the command header
    command.responseBuffer = *response + STD_RESPONSE_HEADER;
    // leave space for the parameter size field if needed
    if(command.tag == TPM_ST_SESSIONS)
        command.responseBuffer += sizeof(UINT32);
    if(IsHandleInResponse(command.index))
        command.responseBuffer += sizeof(TPM_HANDLE);
    // CommandDispatcher returns a response handle buffer and a response parameter
    // buffer if it succeeds. It will also set the parameterSize field in the
    // buffer if the tag is TPM_RC_SESSIONS.
    result = CommandDispatcher(&command);
    if(result != TPM_RC_SUCCESS)
        goto Cleanup;
    // Build the session area at the end of the parameter area.
    result = BuildResponseSession(&command);
    if(result != TPM_RC_SUCCESS)
    {
        goto Cleanup;
    }
 Cleanup:
-    if(g_clearOrderly == TRUE
+    if(g_clearOrderly == TRUE && NV_IS_ORDERLY)
       && NV_IS_ORDERLY)
    {
 #if USE_DA_USED
        gp.orderlyState = g_daUsed ? SU_DA_USED_VALUE : SU_NONE_VALUE;
@ -302,9 +323,11 @@ ExecuteCommand(
    // access to any object is the same. These temporary objects need to be
    // cleared from RAM whether the command succeeds or fails.
    ObjectCleanupEvict();
    // The parameters and sessions have been marshaled. Now tack on the header and
    // set the sizes
    BuildResponseHeader(&command, *response, result);
    // Try to commit all the writes to NV if any NV write happened during this
    // command execution. This check should be made for both succeeded and failed
    // commands, because a failed one may trigger a NV write in DA logic as well.
@ -319,9 +342,12 @@ ExecuteCommand(
        g_updateNV = UT_NONE;
    }
    pAssert((UINT32)command.parameterSize <= maxResponse);
    // Clear unused bits in response buffer.
    MemorySet(*response + *responseSize, 0, maxResponse - *responseSize);
    // as a final act, and not before, update the response size.
    *responseSize = (UINT32)command.parameterSize;
    return;
 }
--- a/src/tpm2/ExecCommand_fp.h
+++ b/src/tpm2/ExecCommand_fp.h
@ -59,15 +59,56 @@
 /*										*/
 /********************************************************************************/
-#ifndef EXECCOMMAND_FP_H
+/*(Auto-generated)
-#define EXECCOMMAND_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
-LIB_EXPORT void
+#ifndef _EXEC_COMMAND_FP_H_
-ExecuteCommand(
+#define _EXEC_COMMAND_FP_H_
 //** ExecuteCommand()
 //
 // The function performs the following steps.
 //
 //  a)  Parses the command header from input buffer.
 //  b)  Calls ParseHandleBuffer() to parse the handle area of the command.
 //  c)  Validates that each of the handles references a loaded entity.
 //  d)  Calls ParseSessionBuffer () to:
 //      1)  unmarshal and parse the session area;
 //      2)  check the authorizations; and
 //      3)  when necessary, decrypt a parameter.
 //  e)  Calls CommandDispatcher() to:
 //      1)  unmarshal the command parameters from the command buffer;
 //      2)  call the routine that performs the command actions; and
 //      3)  marshal the responses into the response buffer.
 //  f)  If any error occurs in any of the steps above create the error response
 //      and return.
 //  g)  Calls BuildResponseSession() to:
 //      1)  when necessary, encrypt a parameter
 //      2)  build the response authorization sessions
 //      3)  update the audit sessions and nonces
 //  h)  Calls BuildResponseHeader() to complete the construction of the response.
 //
 // 'responseSize' is set by the caller to the maximum number of bytes available in
 // the output buffer. ExecuteCommand will adjust the value and return the number
 // of bytes placed in the buffer.
 //
 // 'response' is also set by the caller to indicate the buffer into which
 //  ExecuteCommand is to place the response.
 //
 //  'request' and 'response' may point to the same buffer
 //
 // Note: As of February, 2016, the failure processing has been moved to the
 // platform-specific code. When the TPM code encounters an unrecoverable failure, it
 // will SET g_inFailureMode and call _plat__Fail(). That function should not return
 // but may call ExecuteCommand().
 //
 LIB_EXPORT void ExecuteCommand(
    uint32_t        requestSize,   // IN: command buffer size
    unsigned char*  request,       // IN: command buffer
    uint32_t*       responseSize,  // IN/OUT: response buffer size
    unsigned char** response       // IN/OUT: response buffer
 );
-#endif
+#endif  // _EXEC_COMMAND_FP_H_
--- a/src/tpm2/FlushContext_fp.h
+++ b/src/tpm2/FlushContext_fp.h
@ -59,20 +59,26 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef FLUSHCONTEXT_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define FLUSHCONTEXT_FP_H
-typedef struct {
+#if CC_FlushContext  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_CONTEXT flushHandle;
 } FlushContext_In;
 // Response code modifiers
 #    define RC_FlushContext_flushHandle (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_FlushContext(
+TPM2_FlushContext(FlushContext_In* in);
 		  FlushContext_In     *in             // IN: input parameter list
 		  );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_FLUSHCONTEXT_FP_H_
 #endif    // CC_FlushContext
--- a/src/tpm2/GetCapability_fp.h
+++ b/src/tpm2/GetCapability_fp.h
@ -59,32 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETCAPABILITY_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETCAPABILITY_FP_H
-typedef struct {
+#if CC_GetCapability  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
 // Input structure definition
 typedef struct
 {
    TPM_CAP capability;
    UINT32  property;
    UINT32  propertyCount;
 } GetCapability_In;
-#define RC_GetCapability_capability	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-#define RC_GetCapability_property 	(TPM_RC_P + TPM_RC_2)
+typedef struct
-#define RC_GetCapability_propertyCount	(TPM_RC_P + TPM_RC_3)
+{
 typedef struct {
    TPMI_YES_NO          moreData;
    TPMS_CAPABILITY_DATA capabilityData;
 } GetCapability_Out;
 // Response code modifiers
 #    define RC_GetCapability_capability    (TPM_RC_P + TPM_RC_1)
 #    define RC_GetCapability_property      (TPM_RC_P + TPM_RC_2)
 #    define RC_GetCapability_propertyCount (TPM_RC_P + TPM_RC_3)
 // Function prototype
 TPM_RC
-TPM2_GetCapability(
+TPM2_GetCapability(GetCapability_In* in, GetCapability_Out* out);
 		   GetCapability_In    *in,            // IN: input parameter list
 		   GetCapability_Out   *out            // OUT: output parameter list
 		   );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCAPABILITY_FP_H_
-#endif
+#endif    // CC_GetCapability
--- a/src/tpm2/GetCommandAuditDigest_fp.h
+++ b/src/tpm2/GetCommandAuditDigest_fp.h
@ -59,33 +59,40 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETCOMMANDAUDITDIGEST_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETCOMMANDAUDITDIGEST_FP_H
-typedef struct {
+#if CC_GetCommandAuditDigest  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_ENDORSEMENT privacyHandle;
    TPMI_DH_OBJECT      signHandle;
    TPM2B_DATA          qualifyingData;
    TPMT_SIG_SCHEME     inScheme;
 } GetCommandAuditDigest_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_ATTEST   auditInfo;
    TPMT_SIGNATURE signature;
 } GetCommandAuditDigest_Out;
 // Response code modifiers
 #    define RC_GetCommandAuditDigest_privacyHandle  (TPM_RC_H + TPM_RC_1)
 #    define RC_GetCommandAuditDigest_signHandle     (TPM_RC_H + TPM_RC_2)
 #    define RC_GetCommandAuditDigest_qualifyingData (TPM_RC_P + TPM_RC_1)
 #    define RC_GetCommandAuditDigest_inScheme       (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_ATTEST	auditInfo;
    TPMT_SIGNATURE	signature;
 } GetCommandAuditDigest_Out;
 TPM_RC
-TPM2_GetCommandAuditDigest(
+TPM2_GetCommandAuditDigest(GetCommandAuditDigest_In*  in,
-			   GetCommandAuditDigest_In    *in,            // IN: input parameter list
+                           GetCommandAuditDigest_Out* out);
 			   GetCommandAuditDigest_Out   *out            // OUT: output parameter list
 			   );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETCOMMANDAUDITDIGEST_FP_H_
-#endif
+#endif    // CC_GetCommandAuditDigest
--- a/src/tpm2/GetRandom_fp.h
+++ b/src/tpm2/GetRandom_fp.h
@ -59,26 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETRANDOM_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETRANDOM_FP_H
-typedef struct {
+#if CC_GetRandom  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
 // Input structure definition
 typedef struct
 {
    UINT16 bytesRequested;
 } GetRandom_In;
-#define RC_GetRandom_bytesRequested	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-
+typedef struct
-typedef struct {
+{
    TPM2B_DIGEST randomBytes;
 } GetRandom_Out;
 // Response code modifiers
 #    define RC_GetRandom_bytesRequested (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_GetRandom(
+TPM2_GetRandom(GetRandom_In* in, GetRandom_Out* out);
 	       GetRandom_In    *in,            // IN: input parameter list
 	       GetRandom_Out   *out            // OUT: output parameter list
 	       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETRANDOM_FP_H_
-#endif
+#endif    // CC_GetRandom
--- a/src/tpm2/GetSessionAuditDigest_fp.h
+++ b/src/tpm2/GetSessionAuditDigest_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETSESSIONAUDITDIGEST_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETSESSIONAUDITDIGEST_FP_H
-typedef struct {
+#if CC_GetSessionAuditDigest  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_ENDORSEMENT privacyAdminHandle;
    TPMI_DH_OBJECT      signHandle;
    TPMI_SH_HMAC        sessionHandle;
@ -72,22 +77,24 @@ typedef struct {
    TPMT_SIG_SCHEME     inScheme;
 } GetSessionAuditDigest_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_ATTEST   auditInfo;
    TPMT_SIGNATURE signature;
 } GetSessionAuditDigest_Out;
 // Response code modifiers
 #    define RC_GetSessionAuditDigest_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_GetSessionAuditDigest_signHandle         (TPM_RC_H + TPM_RC_2)
 #    define RC_GetSessionAuditDigest_sessionHandle      (TPM_RC_H + TPM_RC_3)
 #    define RC_GetSessionAuditDigest_qualifyingData     (TPM_RC_P + TPM_RC_1)
 #    define RC_GetSessionAuditDigest_inScheme           (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_ATTEST	auditInfo;
    TPMT_SIGNATURE	signature;
 } GetSessionAuditDigest_Out;
 TPM_RC
-TPM2_GetSessionAuditDigest(
+TPM2_GetSessionAuditDigest(GetSessionAuditDigest_In*  in,
-			   GetSessionAuditDigest_In    *in,            // IN: input parameter list
+                           GetSessionAuditDigest_Out* out);
 			   GetSessionAuditDigest_Out   *out            // OUT: output parameter list
 			   );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETSESSIONAUDITDIGEST_FP_H_
-#endif
+#endif    // CC_GetSessionAuditDigest
--- a/src/tpm2/GetTestResult_fp.h
+++ b/src/tpm2/GetTestResult_fp.h
@ -59,21 +59,24 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETTESTRESULT_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETTESTRESULT_FP_H
-typedef struct{
+#if CC_GetTestResult  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
 // Output structure definition
 typedef struct
 {
    TPM2B_MAX_BUFFER outData;
    TPM_RC           testResult;
 } GetTestResult_Out;
-
+// Function prototype
 TPM_RC
-TPM2_GetTestResult(
+TPM2_GetTestResult(GetTestResult_Out* out);
 		   GetTestResult_Out   *out            // OUT: output parameter list
 		   );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTESTRESULT_FP_H_
-#endif
+#endif    // CC_GetTestResult
--- a/src/tpm2/GetTime_fp.h
+++ b/src/tpm2/GetTime_fp.h
@ -59,33 +59,39 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef GETTIME_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define GETTIME_FP_H
-typedef struct {
+#if CC_GetTime  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_ENDORSEMENT privacyAdminHandle;
    TPMI_DH_OBJECT      signHandle;
    TPM2B_DATA          qualifyingData;
    TPMT_SIG_SCHEME     inScheme;
 } GetTime_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_ATTEST   timeInfo;
    TPMT_SIGNATURE signature;
 } GetTime_Out;
 // Response code modifiers
 #    define RC_GetTime_privacyAdminHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_GetTime_signHandle         (TPM_RC_H + TPM_RC_2)
 #    define RC_GetTime_qualifyingData     (TPM_RC_P + TPM_RC_1)
 #    define RC_GetTime_inScheme           (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_ATTEST	timeInfo;
    TPMT_SIGNATURE	signature;
 } GetTime_Out;
 TPM_RC
-TPM2_GetTime(
+TPM2_GetTime(GetTime_In* in, GetTime_Out* out);
 	     GetTime_In      *in,            // IN: input parameter list
 	     GetTime_Out     *out            // OUT: output parameter list
 	     );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_GETTIME_FP_H_
-#endif
+#endif    // CC_GetTime
--- a/src/tpm2/Global.h
+++ b/src/tpm2/Global.h
@ -1093,9 +1093,9 @@ typedef struct state_reset_data
                            // default reset value is from the RNG.
    TPM2B_SEED nullSeed;  // The seed value for the TPM_RN_NULL
    SEED_COMPAT_LEVEL   nullSeedCompatLevel; // libtpms added
                          // hierarchy. The default reset value
                          // is from the RNG.
    SEED_COMPAT_LEVEL   nullSeedCompatLevel; // libtpms added
    //*****************************************************************************
    //           Context
--- a/src/tpm2/HMAC_Start_fp.h
+++ b/src/tpm2/HMAC_Start_fp.h
@ -59,30 +59,36 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HMAC_START_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HMAC_START_FP_H
-typedef struct {
+#if CC_HMAC_Start  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT handle;
    TPM2B_AUTH     auth;
    TPMI_ALG_HASH  hashAlg;
 } HMAC_Start_In;
-typedef struct {
+// Output structure definition
 typedef struct
 {
    TPMI_DH_OBJECT sequenceHandle;
 } HMAC_Start_Out;
 // Response code modifiers
 #    define RC_HMAC_Start_handle  (TPM_RC_H + TPM_RC_1)
 #    define RC_HMAC_Start_auth    (TPM_RC_P + TPM_RC_1)
 #    define RC_HMAC_Start_hashAlg (TPM_RC_P + TPM_RC_2)
 // Function prototype
 TPM_RC
-TPM2_HMAC_Start(
+TPM2_HMAC_Start(HMAC_Start_In* in, HMAC_Start_Out* out);
 		HMAC_Start_In   *in,            // IN: input parameter list
 		HMAC_Start_Out  *out            // OUT: output parameter list
 		);
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_START_FP_H_
-#endif
+#endif    // CC_HMAC_Start
--- a/src/tpm2/HMAC_fp.h
+++ b/src/tpm2/HMAC_fp.h
@ -59,30 +59,36 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HMAC_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HMAC_FP_H
-typedef struct {
+#if CC_HMAC  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT   handle;
    TPM2B_MAX_BUFFER buffer;
    TPMI_ALG_HASH    hashAlg;
 } HMAC_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_DIGEST outHMAC;
 } HMAC_Out;
 // Response code modifiers
 #    define RC_HMAC_handle  (TPM_RC_H + TPM_RC_1)
 #    define RC_HMAC_buffer  (TPM_RC_P + TPM_RC_1)
 #    define RC_HMAC_hashAlg (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_DIGEST	outHMAC;
 } HMAC_Out;
 TPM_RC
-TPM2_HMAC(
+TPM2_HMAC(HMAC_In* in, HMAC_Out* out);
 	  HMAC_In         *in,            // IN: input parameter list
 	  HMAC_Out        *out            // OUT: output parameter list
 	  );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HMAC_FP_H_
-#endif
+#endif    // CC_HMAC
--- a/src/tpm2/Handle_fp.h
+++ b/src/tpm2/Handle_fp.h
@ -58,33 +58,63 @@
 /*										*/
 /********************************************************************************/
-#ifndef HANDLE_FP_H
+/*(Auto-generated)
-#define HANDLE_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
 #ifndef _HANDLE_FP_H_
 #define _HANDLE_FP_H_
 //*** HandleGetType()
 // This function returns the type of a handle which is the MSO of the handle.
 TPM_HT
-HandleGetType(
+HandleGetType(TPM_HANDLE handle  // IN: a handle to be checked
 	      TPM_HANDLE       handle         // IN: a handle to be checked
 );
 //*** NextPermanentHandle()
 // This function returns the permanent handle that is equal to the input value or
 // is the next higher value. If there is no handle with the input value and there
 // is no next higher value, it returns 0:
 TPM_HANDLE
-NextPermanentHandle(
+NextPermanentHandle(TPM_HANDLE inHandle  // IN: the handle to check
 		    TPM_HANDLE       inHandle       // IN: the handle to check
 );
 //*** PermanentCapGetHandles()
 // This function returns a list of the permanent handles of PCR, started from
 // 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
 // will be returned with 'more' set to NO.
 //  Return Type: TPMI_YES_NO
 //      YES         if there are more handles available
 //      NO          all the available handles has been returned
 TPMI_YES_NO
-PermanentCapGetHandles(
+PermanentCapGetHandles(TPM_HANDLE   handle,     // IN: start handle
 		       TPM_HANDLE       handle,        // IN: start handle
                       UINT32       count,      // IN: count of returned handles
                       TPML_HANDLE* handleList  // OUT: list of handle
 );
 //*** PermanentCapGetOneHandle()
 // This function returns whether a permanent handle exists.
 BOOL PermanentCapGetOneHandle(TPM_HANDLE handle  // IN: handle
 );
 //*** PermanentHandleGetPolicy()
 // This function returns a list of the permanent handles of PCR, started from
 // 'handle'. If 'handle' is larger than the largest permanent handle, an empty list
 // will be returned with 'more' set to NO.
 //  Return Type: TPMI_YES_NO
 //      YES         if there are more handles available
 //      NO          all the available handles has been returned
 TPMI_YES_NO
-PermanentHandleGetPolicy(
+PermanentHandleGetPolicy(TPM_HANDLE handle,  // IN: start handle
-			 TPM_HANDLE           handle,        // IN: start handle
+                         UINT32     count,   // IN: max count of returned handles
 			 UINT32               count,         // IN: count of returned handles
                         TPML_TAGGED_POLICY* policyList  // OUT: list of handle
 );
 //*** PermanentHandleGetOnePolicy()
 // This function returns a permanent handle's policy, if present.
 BOOL PermanentHandleGetOnePolicy(TPM_HANDLE          handle,  // IN: handle
                                 TPMS_TAGGED_POLICY* policy   // OUT: tagged policy
 );
-#endif
+#endif  // _HANDLE_FP_H_
--- a/src/tpm2/HashSequenceStart_fp.h
+++ b/src/tpm2/HashSequenceStart_fp.h
@ -59,30 +59,34 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HASHSEQUENCESTART_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HASHSEQUENCESTART_FP_H
-typedef struct {
+#if CC_HashSequenceStart  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
 // Input structure definition
 typedef struct
 {
    TPM2B_AUTH    auth;
    TPMI_ALG_HASH hashAlg;
 } HashSequenceStart_In;
-#define RC_HashSequenceStart_auth	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-#define RC_HashSequenceStart_hashAlg	(TPM_RC_P + TPM_RC_2)
+typedef struct
-
+{
 typedef struct {
    TPMI_DH_OBJECT sequenceHandle;
 } HashSequenceStart_Out;
 // Response code modifiers
 #    define RC_HashSequenceStart_auth    (TPM_RC_P + TPM_RC_1)
 #    define RC_HashSequenceStart_hashAlg (TPM_RC_P + TPM_RC_2)
-
+// Function prototype
 TPM_RC
-TPM2_HashSequenceStart(
+TPM2_HashSequenceStart(HashSequenceStart_In* in, HashSequenceStart_Out* out);
 		       HashSequenceStart_In    *in,            // IN: input parameter list
 		       HashSequenceStart_Out   *out            // OUT: output parameter list
 		       );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASHSEQUENCESTART_FP_H_
-#endif
+#endif    // CC_HashSequenceStart
--- a/src/tpm2/HashTestData.h
+++ b/src/tpm2/HashTestData.h
@ -59,72 +59,81 @@
 /*										*/
 /********************************************************************************/
-#ifndef HASHTESTDATA_H
+//
-#define HASHTESTDATA_H
+// Hash Test Vectors
 //
 /* 10.1.8 HashTestData.h */
 /* Hash Test Vectors */
 TPM2B_TYPE(HASH_TEST_KEY, 128);  // Twice the largest digest size
-TPM2B_HASH_TEST_KEY        c_hashTestKey = {{128, {
+TPM2B_HASH_TEST_KEY c_hashTestKey = {
-	    0xa0,0xed,0x5c,0x9a,0xd2,0x4a,0x21,0x40,0x1a,0xd0,0x81,0x47,0x39,0x63,0xf9,0x50,
+    {128,
-	    0xdc,0x59,0x47,0x11,0x40,0x13,0x99,0x92,0xc0,0x72,0xa4,0x0f,0xe2,0x33,0xe4,0x63,
+     {0xa0, 0xed, 0x5c, 0x9a, 0xd2, 0x4a, 0x21, 0x40, 0x1a, 0xd0, 0x81, 0x47, 0x39,
-	    0x9b,0xb6,0x76,0xc3,0x1e,0x6f,0x13,0xee,0xcc,0x99,0x71,0xa5,0xc0,0xcf,0x9a,0x40,
+      0x63, 0xf9, 0x50, 0xdc, 0x59, 0x47, 0x11, 0x40, 0x13, 0x99, 0x92, 0xc0, 0x72,
-	    0xcf,0xdb,0x66,0x70,0x05,0x63,0x54,0x12,0x25,0xf4,0xe0,0x1b,0x23,0x35,0xe3,0x70,
+      0xa4, 0x0f, 0xe2, 0x33, 0xe4, 0x63, 0x9b, 0xb6, 0x76, 0xc3, 0x1e, 0x6f, 0x13,
-	    0x7d,0x19,0x5f,0x00,0xe4,0xf1,0x61,0x73,0x05,0xd8,0x58,0x7f,0x60,0x61,0x84,0x36,
+      0xee, 0xcc, 0x99, 0x71, 0xa5, 0xc0, 0xcf, 0x9a, 0x40, 0xcf, 0xdb, 0x66, 0x70,
-	    0xec,0xbe,0x96,0x1b,0x69,0x00,0xf0,0x9a,0x6e,0xe3,0x26,0x73,0x0d,0x17,0x5b,0x33,
+      0x05, 0x63, 0x54, 0x12, 0x25, 0xf4, 0xe0, 0x1b, 0x23, 0x35, 0xe3, 0x70, 0x7d,
-	    0x41,0x44,0x9d,0x90,0xab,0xd9,0x6b,0x7d,0x48,0x99,0x25,0x93,0x29,0x14,0x2b,0xce,
+      0x19, 0x5f, 0x00, 0xe4, 0xf1, 0x61, 0x73, 0x05, 0xd8, 0x58, 0x7f, 0x60, 0x61,
-	    0x93,0x8d,0x8c,0xaf,0x31,0x0e,0x9c,0x57,0xd8,0x5b,0x57,0x20,0x1b,0x9f,0x2d,0xa5
+      0x84, 0x36, 0xec, 0xbe, 0x96, 0x1b, 0x69, 0x00, 0xf0, 0x9a, 0x6e, 0xe3, 0x26,
-	}}};
+      0x73, 0x0d, 0x17, 0x5b, 0x33, 0x41, 0x44, 0x9d, 0x90, 0xab, 0xd9, 0x6b, 0x7d,
      0x48, 0x99, 0x25, 0x93, 0x29, 0x14, 0x2b, 0xce, 0x93, 0x8d, 0x8c, 0xaf, 0x31,
      0x0e, 0x9c, 0x57, 0xd8, 0x5b, 0x57, 0x20, 0x1b, 0x9f, 0x2d, 0xa5}}};
 TPM2B_TYPE(HASH_TEST_DATA, 256);  // Twice the largest block size
-TPM2B_HASH_TEST_DATA       c_hashTestData = {{256, {
+TPM2B_HASH_TEST_DATA c_hashTestData = {
-	    0x88,0xac,0xc3,0xe5,0x5f,0x66,0x9d,0x18,0x80,0xc9,0x7a,0x9c,0xa4,0x08,0x90,0x98,
+    {256,
-	    0x0f,0x3a,0x53,0x92,0x4c,0x67,0x4e,0xb7,0x37,0xec,0x67,0x87,0xb6,0xbe,0x10,0xca,
+     {0x88, 0xac, 0xc3, 0xe5, 0x5f, 0x66, 0x9d, 0x18, 0x80, 0xc9, 0x7a, 0x9c, 0xa4,
-	    0x11,0x5b,0x4a,0x0b,0x45,0xc3,0x32,0x68,0x48,0x69,0xce,0x25,0x1b,0xc8,0xaf,0x44,
+      0x08, 0x90, 0x98, 0x0f, 0x3a, 0x53, 0x92, 0x4c, 0x67, 0x4e, 0xb7, 0x37, 0xec,
-	    0x79,0x22,0x83,0xc8,0xfb,0xe2,0x63,0x94,0xa2,0x3c,0x59,0x3e,0x3e,0xc6,0x64,0x2c,
+      0x67, 0x87, 0xb6, 0xbe, 0x10, 0xca, 0x11, 0x5b, 0x4a, 0x0b, 0x45, 0xc3, 0x32,
-	    0x1f,0x8c,0x11,0x93,0x24,0xa3,0x17,0xc5,0x2f,0x37,0xcf,0x95,0x97,0x8e,0x63,0x39,
+      0x68, 0x48, 0x69, 0xce, 0x25, 0x1b, 0xc8, 0xaf, 0x44, 0x79, 0x22, 0x83, 0xc8,
-	    0x68,0xd5,0xca,0xba,0x18,0x37,0x69,0x6e,0x4f,0x19,0xfd,0x8a,0xc0,0x8d,0x87,0x3a,
+      0xfb, 0xe2, 0x63, 0x94, 0xa2, 0x3c, 0x59, 0x3e, 0x3e, 0xc6, 0x64, 0x2c, 0x1f,
-	    0xbc,0x31,0x42,0x04,0x05,0xef,0xb5,0x02,0xef,0x1e,0x92,0x4b,0xb7,0x73,0x2c,0x8c,
+      0x8c, 0x11, 0x93, 0x24, 0xa3, 0x17, 0xc5, 0x2f, 0x37, 0xcf, 0x95, 0x97, 0x8e,
-	    0xeb,0x23,0x13,0x81,0x34,0xb9,0xb5,0xc1,0x17,0x37,0x39,0xf8,0x3e,0xe4,0x4c,0x06,
+      0x63, 0x39, 0x68, 0xd5, 0xca, 0xba, 0x18, 0x37, 0x69, 0x6e, 0x4f, 0x19, 0xfd,
-	    0xa8,0x81,0x52,0x2f,0xef,0xc9,0x9c,0x69,0x89,0xbc,0x85,0x9c,0x30,0x16,0x02,0xca,
+      0x8a, 0xc0, 0x8d, 0x87, 0x3a, 0xbc, 0x31, 0x42, 0x04, 0x05, 0xef, 0xb5, 0x02,
-	    0xe3,0x61,0xd4,0x0f,0xed,0x34,0x1b,0xca,0xc1,0x1b,0xd1,0xfa,0xc1,0xa2,0xe0,0xdf,
+      0xef, 0x1e, 0x92, 0x4b, 0xb7, 0x73, 0x2c, 0x8c, 0xeb, 0x23, 0x13, 0x81, 0x34,
-	    0x52,0x2f,0x0b,0x4b,0x9f,0x0e,0x45,0x54,0xb9,0x17,0xb6,0xaf,0xd6,0xd5,0xca,0x90,
+      0xb9, 0xb5, 0xc1, 0x17, 0x37, 0x39, 0xf8, 0x3e, 0xe4, 0x4c, 0x06, 0xa8, 0x81,
-	    0x29,0x57,0x7b,0x70,0x50,0x94,0x5c,0x8e,0xf6,0x4e,0x21,0x8b,0xc6,0x8b,0xa6,0xbc,
+      0x52, 0x2f, 0xef, 0xc9, 0x9c, 0x69, 0x89, 0xbc, 0x85, 0x9c, 0x30, 0x16, 0x02,
-	    0xb9,0x64,0xd4,0x4d,0xf3,0x68,0xd8,0xac,0xde,0xd8,0xd8,0xb5,0x6d,0xcd,0x93,0xeb,
+      0xca, 0xe3, 0x61, 0xd4, 0x0f, 0xed, 0x34, 0x1b, 0xca, 0xc1, 0x1b, 0xd1, 0xfa,
-	    0x28,0xa4,0xe2,0x5c,0x44,0xef,0xf0,0xe1,0x6f,0x38,0x1a,0x3c,0xe6,0xef,0xa2,0x9d,
+      0xc1, 0xa2, 0xe0, 0xdf, 0x52, 0x2f, 0x0b, 0x4b, 0x9f, 0x0e, 0x45, 0x54, 0xb9,
-	    0xb9,0xa8,0x05,0x2a,0x95,0xec,0x5f,0xdb,0xb0,0x25,0x67,0x9c,0x86,0x7a,0x8e,0xea,
+      0x17, 0xb6, 0xaf, 0xd6, 0xd5, 0xca, 0x90, 0x29, 0x57, 0x7b, 0x70, 0x50, 0x94,
-	    0x51,0xcc,0xc3,0xd3,0xff,0x6e,0xf0,0xed,0xa3,0xae,0xf9,0x5d,0x33,0x70,0xf2,0x11
+      0x5c, 0x8e, 0xf6, 0x4e, 0x21, 0x8b, 0xc6, 0x8b, 0xa6, 0xbc, 0xb9, 0x64, 0xd4,
-	}}};
+      0x4d, 0xf3, 0x68, 0xd8, 0xac, 0xde, 0xd8, 0xd8, 0xb5, 0x6d, 0xcd, 0x93, 0xeb,
      0x28, 0xa4, 0xe2, 0x5c, 0x44, 0xef, 0xf0, 0xe1, 0x6f, 0x38, 0x1a, 0x3c, 0xe6,
      0xef, 0xa2, 0x9d, 0xb9, 0xa8, 0x05, 0x2a, 0x95, 0xec, 0x5f, 0xdb, 0xb0, 0x25,
      0x67, 0x9c, 0x86, 0x7a, 0x8e, 0xea, 0x51, 0xcc, 0xc3, 0xd3, 0xff, 0x6e, 0xf0,
      0xed, 0xa3, 0xae, 0xf9, 0x5d, 0x33, 0x70, 0xf2, 0x11}}};
 #if ALG_SHA1 == YES
 TPM2B_TYPE(SHA1, 20);
-TPM2B_SHA1    c_SHA1_digest = {{20, {
+TPM2B_SHA1 c_SHA1_digest = {
-	    0xee,0x2c,0xef,0x93,0x76,0xbd,0xf8,0x91,0xbc,0xe6,0xe5,0x57,0x53,0x77,0x01,0xb5,
+    {20, {0xee, 0x2c, 0xef, 0x93, 0x76, 0xbd, 0xf8, 0x91, 0xbc, 0xe6,
-	    0x70,0x95,0xe5,0x40
+          0xe5, 0x57, 0x53, 0x77, 0x01, 0xb5, 0x70, 0x95, 0xe5, 0x40}}};
 	}}};
 #endif
 #if ALG_SHA256 == YES
 TPM2B_TYPE(SHA256, 32);
-TPM2B_SHA256    c_SHA256_digest = {{32, {
+TPM2B_SHA256 c_SHA256_digest = {
-	    0x64,0xe8,0xe0,0xc3,0xa9,0xa4,0x51,0x49,0x10,0x55,0x8d,0x31,0x71,0xe5,0x2f,0x69,
+    {32, {0x64, 0xe8, 0xe0, 0xc3, 0xa9, 0xa4, 0x51, 0x49, 0x10, 0x55, 0x8d,
-	    0x3a,0xdc,0xc7,0x11,0x32,0x44,0x61,0xbd,0x34,0x39,0x57,0xb0,0xa8,0x75,0x86,0x1b
+          0x31, 0x71, 0xe5, 0x2f, 0x69, 0x3a, 0xdc, 0xc7, 0x11, 0x32, 0x44,
-	}}};
+          0x61, 0xbd, 0x34, 0x39, 0x57, 0xb0, 0xa8, 0x75, 0x86, 0x1b}}};
 #endif
 #if ALG_SHA384 == YES
 TPM2B_TYPE(SHA384, 48);
-TPM2B_SHA384    c_SHA384_digest = {{48, {
+TPM2B_SHA384 c_SHA384_digest = {
-	    0x37,0x75,0x29,0xb5,0x20,0x15,0x6e,0xa3,0x7e,0xa3,0x0d,0xcd,0x80,0xa8,0xa3,0x3d,
+    {48, {0x37, 0x75, 0x29, 0xb5, 0x20, 0x15, 0x6e, 0xa3, 0x7e, 0xa3, 0x0d, 0xcd,
-	    0xeb,0xe8,0xad,0x4e,0x1c,0x77,0x94,0x5a,0xaf,0x6c,0xd0,0xc1,0xfa,0x43,0x3f,0xc7,
+          0x80, 0xa8, 0xa3, 0x3d, 0xeb, 0xe8, 0xad, 0x4e, 0x1c, 0x77, 0x94, 0x5a,
-	    0xb8,0xf1,0x01,0xc0,0x60,0xbf,0xf2,0x87,0xe8,0x71,0x9e,0x51,0x97,0xa0,0x09,0x8d
+          0xaf, 0x6c, 0xd0, 0xc1, 0xfa, 0x43, 0x3f, 0xc7, 0xb8, 0xf1, 0x01, 0xc0,
-	}}};
+          0x60, 0xbf, 0xf2, 0x87, 0xe8, 0x71, 0x9e, 0x51, 0x97, 0xa0, 0x09, 0x8d}}};
 #endif
 #if ALG_SHA512 == YES
 TPM2B_TYPE(SHA512, 64);
-TPM2B_SHA512    c_SHA512_digest = {{64, {
+TPM2B_SHA512 c_SHA512_digest = {
-	    0xe2,0x7b,0x10,0x3d,0x5e,0x48,0x58,0x44,0x67,0xac,0xa3,0x81,0x8c,0x1d,0xc5,0x71,
+    {64,
-	    0x66,0x92,0x8a,0x89,0xaa,0xd4,0x35,0x51,0x60,0x37,0x31,0xd7,0xba,0xe7,0x93,0x0b,
+     {0xe2, 0x7b, 0x10, 0x3d, 0x5e, 0x48, 0x58, 0x44, 0x67, 0xac, 0xa3, 0x81, 0x8c,
-	    0x16,0x4d,0xb3,0xc8,0x34,0x98,0x3c,0xd3,0x53,0xde,0x5e,0xe8,0x0c,0xbc,0xaf,0xc9,
+      0x1d, 0xc5, 0x71, 0x66, 0x92, 0x8a, 0x89, 0xaa, 0xd4, 0x35, 0x51, 0x60, 0x37,
-	    0x24,0x2c,0xcc,0xed,0xdb,0xde,0xba,0x1f,0x14,0x14,0x5a,0x95,0x80,0xde,0x66,0xbd
+      0x31, 0xd7, 0xba, 0xe7, 0x93, 0x0b, 0x16, 0x4d, 0xb3, 0xc8, 0x34, 0x98, 0x3c,
-	}}};
+      0xd3, 0x53, 0xde, 0x5e, 0xe8, 0x0c, 0xbc, 0xaf, 0xc9, 0x24, 0x2c, 0xcc, 0xed,
      0xdb, 0xde, 0xba, 0x1f, 0x14, 0x14, 0x5a, 0x95, 0x80, 0xde, 0x66, 0xbd}}};
 #endif
 TPM2B_TYPE(EMPTY, 1);
@ -207,4 +216,3 @@ static const struct CMACTest {
 #endif
 // libtpms added end
 #endif
--- a/src/tpm2/Hash_fp.h
+++ b/src/tpm2/Hash_fp.h
@ -59,31 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HASH_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HASH_FP_H
-typedef struct {
+#if CC_Hash  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
 // Input structure definition
 typedef struct
 {
    TPM2B_MAX_BUFFER  data;
    TPMI_ALG_HASH     hashAlg;
    TPMI_RH_HIERARCHY hierarchy;
 } Hash_In;
-#define RC_Hash_data		(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-#define RC_Hash_hashAlg		(TPM_RC_P + TPM_RC_2)
+typedef struct
-#define RC_Hash_hierarchy	(TPM_RC_P + TPM_RC_3)
+{
 typedef struct {
    TPM2B_DIGEST      outHash;
    TPMT_TK_HASHCHECK validation;
 } Hash_Out;
 // Response code modifiers
 #    define RC_Hash_data      (TPM_RC_P + TPM_RC_1)
 #    define RC_Hash_hashAlg   (TPM_RC_P + TPM_RC_2)
 #    define RC_Hash_hierarchy (TPM_RC_P + TPM_RC_3)
 // Function prototype
 TPM_RC
-TPM2_Hash(
+TPM2_Hash(Hash_In* in, Hash_Out* out);
 	  Hash_In         *in,            // IN: input parameter list
 	  Hash_Out        *out            // OUT: output parameter list
 	  );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HASH_FP_H_
-#endif
+#endif    // CC_Hash
--- a/src/tpm2/HierarchyChangeAuth_fp.h
+++ b/src/tpm2/HierarchyChangeAuth_fp.h
@ -59,22 +59,28 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HIERARCHYCHANGEAUTH_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HIERARCHYCHANGEAUTH_FP_H
-typedef struct {
+#if CC_HierarchyChangeAuth  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_HIERARCHY_AUTH authHandle;
    TPM2B_AUTH             newAuth;
 } HierarchyChangeAuth_In;
 // Response code modifiers
 #    define RC_HierarchyChangeAuth_authHandle (TPM_RC_H + TPM_RC_1)
-#define RC_HierarchyChangeAuth_newAuth 		(TPM_RC_P + TPM_RC_2)
+#    define RC_HierarchyChangeAuth_newAuth    (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_HierarchyChangeAuth(
+TPM2_HierarchyChangeAuth(HierarchyChangeAuth_In* in);
 			 HierarchyChangeAuth_In  *in             // IN: input parameter list
 			 );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCHANGEAUTH_FP_H_
 #endif    // CC_HierarchyChangeAuth
--- a/src/tpm2/HierarchyControl_fp.h
+++ b/src/tpm2/HierarchyControl_fp.h
@ -59,25 +59,30 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef HIERARCHYCONTROL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define HIERARCHYCONTROL_FP_H
-typedef struct {
+#if CC_HierarchyControl  // Command must be enabled
-    TPMI_RH_HIERARCHY	authHandle;
+
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_RH_BASE_HIERARCHY authHandle;
    TPMI_RH_ENABLES        enable;
    TPMI_YES_NO            state;
 } HierarchyControl_In;
 // Response code modifiers
 #    define RC_HierarchyControl_authHandle (TPM_RC_H + TPM_RC_1)
 #    define RC_HierarchyControl_enable     (TPM_RC_P + TPM_RC_1)
 #    define RC_HierarchyControl_state      (TPM_RC_P + TPM_RC_2)
 // Function prototype
 TPM_RC
-TPM2_HierarchyControl(
+TPM2_HierarchyControl(HierarchyControl_In* in);
 		      HierarchyControl_In     *in             // IN: input parameter list
 		      );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_HIERARCHYCONTROL_FP_H_
-#endif
+#endif    // CC_HierarchyControl
--- a/src/tpm2/Hierarchy_fp.h
+++ b/src/tpm2/Hierarchy_fp.h
@ -125,8 +125,7 @@ TPM_RC ValidateHierarchy(TPMI_RH_HIERARCHY hierarchy  // IN: hierarchy
 // libtpms added begin
 SEED_COMPAT_LEVEL
-HierarchyGetPrimarySeedCompatLevel(
+HierarchyGetPrimarySeedCompatLevel(TPMI_RH_HIERARCHY    hierarchy     // IN: hierarchy
                                   TPMI_RH_HIERARCHY    hierarchy     // IN: hierarchy
 );
 // libtpms added end
--- a/src/tpm2/Import_fp.h
+++ b/src/tpm2/Import_fp.h
@ -59,12 +59,17 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef IMPORT_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define IMPORT_FP_H
-typedef struct {
+#if CC_Import  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT         parentHandle;
    TPM2B_DATA             encryptionKey;
    TPM2B_PUBLIC           objectPublic;
@ -73,6 +78,13 @@ typedef struct {
    TPMT_SYM_DEF_OBJECT    symmetricAlg;
 } Import_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_PRIVATE outPrivate;
 } Import_Out;
 // Response code modifiers
 #    define RC_Import_parentHandle  (TPM_RC_H + TPM_RC_1)
 #    define RC_Import_encryptionKey (TPM_RC_P + TPM_RC_1)
 #    define RC_Import_objectPublic  (TPM_RC_P + TPM_RC_2)
@ -80,14 +92,9 @@ typedef struct {
 #    define RC_Import_inSymSeed     (TPM_RC_P + TPM_RC_4)
 #    define RC_Import_symmetricAlg  (TPM_RC_P + TPM_RC_5)
-typedef struct {
+// Function prototype
    TPM2B_PRIVATE	outPrivate;
 } Import_Out;
 TPM_RC
-TPM2_Import(
+TPM2_Import(Import_In* in, Import_Out* out);
 	    Import_In       *in,            // IN: input parameter list
 	    Import_Out      *out            // OUT: output parameter list
 	    );
-#endif
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_IMPORT_FP_H_
 #endif    // CC_Import
--- a/src/tpm2/IncrementalSelfTest_fp.h
+++ b/src/tpm2/IncrementalSelfTest_fp.h
@ -59,26 +59,32 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef INCREMENTALSELFTEST_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define INCREMENTALSELFTEST_FP_H
-typedef struct{
+#if CC_IncrementalSelfTest  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
 // Input structure definition
 typedef struct
 {
    TPML_ALG toTest;
 } IncrementalSelfTest_In;
-typedef struct{
+// Output structure definition
 typedef struct
 {
    TPML_ALG toDoList;
 } IncrementalSelfTest_Out;
 // Response code modifiers
 #    define RC_IncrementalSelfTest_toTest (TPM_RC_P + TPM_RC_1)
 // Function prototype
 TPM_RC
-TPM2_IncrementalSelfTest(
+TPM2_IncrementalSelfTest(IncrementalSelfTest_In* in, IncrementalSelfTest_Out* out);
 			 IncrementalSelfTest_In      *in,            // IN: input parameter list
 			 IncrementalSelfTest_Out     *out            // OUT: output parameter list
 			 );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_INCREMENTALSELFTEST_FP_H_
-#endif
+#endif    // CC_IncrementalSelfTest
--- a/src/tpm2/InternalRoutines.h
+++ b/src/tpm2/InternalRoutines.h
@ -59,32 +59,35 @@
 /*										*/
 /********************************************************************************/
-#ifndef INTERNALROUTINES_H
+#ifndef INTERNAL_ROUTINES_H
-#define INTERNALROUTINES_H
+#define INTERNAL_ROUTINES_H
 #if !defined _LIB_SUPPORT_H_ && !defined _TPM_H_
 #  error "Should not be called"
 #endif
-/* DRTM functions */
+
 // DRTM functions
 #include "_TPM_Hash_Start_fp.h"
 #include "_TPM_Hash_Data_fp.h"
 #include "_TPM_Hash_End_fp.h"
-/* Internal subsystem functions */
+
 // Internal subsystem functions
 #include "Object_fp.h"
 #include "Context_spt_fp.h"
 #include "Object_spt_fp.h"
 #include "Entity_fp.h"
 #include "Session_fp.h"
 #include "Hierarchy_fp.h"
-#include "NVReserved_fp.h"
+#include "NvReserved_fp.h"
-#include "NVDynamic_fp.h"
+#include "NvDynamic_fp.h"
 #include "NV_spt_fp.h"
 #include "ACT_spt_fp.h"
 #include "PCR_fp.h"
 #include "DA_fp.h"
 #include "TpmFail_fp.h"
 #include "SessionProcess_fp.h"
-/* Internal support functions */
+
 // Internal support functions
 #include "CommandCodeAttributes_fp.h"
 #include "Marshal_fp.h"
 #include "Unmarshal_fp.h"	/* kgold */
@ -97,10 +100,12 @@
 #include "Power_fp.h"
 #include "Response_fp.h"
 #include "CommandDispatcher_fp.h"
 #if CC_AC_Send
 #   include "AC_spt_fp.h"
 #endif // CC_AC_Send
-/* Miscellaneous */
+
 // Miscellaneous
 #include "Bits_fp.h"
 #include "AlgorithmCap_fp.h"
 #include "PropertyCap_fp.h"
@ -122,16 +127,19 @@
 #include "MathOnByteBuffers_fp.h"
 #include "CryptSym_fp.h"
 #include "AlgorithmTests_fp.h"
 #if ALG_RSA
 #  include "CryptRsa_fp.h"
 #  include "CryptPrimeSieve_fp.h"
 #endif
 #if ALG_ECC
 #  include "CryptEccMain_fp.h"
 #  include "CryptEccSignature_fp.h"
 #  include "CryptEccKeyExchange_fp.h"
 #  include "CryptEccCrypt_fp.h"
 #endif
 #if CC_MAC || CC_MAC_Start
 #  include "CryptSmac_fp.h"
 #  if ALG_CMAC
--- a/src/tpm2/IoBuffers.c
+++ b/src/tpm2/IoBuffers.c
@ -59,42 +59,43 @@
 /*										*/
 /********************************************************************************/
-/* 9.7	IoBuffers.c */
+
-/* 9.7.1	Includes and Data Definitions */
+//** Includes and Data Definitions
-/* This definition allows this module to see the values that are private to this module but kept in
+
-   Global.c for ease of state migration. */
+// This definition allows this module to "see" the values that are private
 // to this module but kept in Global.c for ease of state migration.
 #define IO_BUFFER_C
 #include "Tpm.h"
 #include "IoBuffers_fp.h"
-/* 9.7.2	Buffers and Functions */
+
-/* These buffers are set aside to hold command and response values. In this implementation, it is
+//** Buffers and Functions
-   not guaranteed that the code will stop accessing the s_actionInputBuffer before starting to put
+
-   values in the s_actionOutputBuffer so different buffers are required. */
+// These buffers are set aside to hold command and response values. In this
-/*     9.7.2.1 MemoryIoBufferAllocationReset() */
+// implementation, it is not guaranteed that the code will stop accessing
-/*     This function is used to reset the allocation of buffers. */
+// the s_actionInputBuffer before starting to put values in the
-void
+// s_actionOutputBuffer so different buffers are required.
-MemoryIoBufferAllocationReset(
+//
-			      void
+
-			      )
+//*** MemoryIoBufferAllocationReset()
 // This function is used to reset the allocation of buffers.
 void MemoryIoBufferAllocationReset(void)
 {
    s_actionIoAllocation = 0;
 }
-/* 9.7.2.2	MemoryIoBufferZero() */
+
-/* Function zeros the action I/O buffer at the end of a command. Calling this is not mandatory for
+//*** MemoryIoBufferZero()
-   proper functionality. */
+// Function zeros the action I/O buffer at the end of a command. Calling this is
-void
+// not mandatory for proper functionality.
-MemoryIoBufferZero(
+void MemoryIoBufferZero(void)
 		   void
 		   )
 {
    memset(s_actionIoBuffer, 0, s_actionIoAllocation);
 }
-/* 9.7.2.3	MemoryGetInBuffer() */
+
-/* This function returns the address of the buffer into which the command parameters will be
+//*** MemoryGetInBuffer()
-   unmarshaled in preparation for calling the command actions. */
+// This function returns the address of the buffer into which the
-BYTE *
+// command parameters will be unmarshaled in preparation for calling
-MemoryGetInBuffer(
+// the command actions.
-		  UINT32           size           // Size, in bytes, required for the input
+BYTE* MemoryGetInBuffer(UINT32 size  // Size, in bytes, required for the input
                                     // unmarshaling
 )
 {
@ -110,12 +111,11 @@ MemoryGetInBuffer(
    s_actionIoAllocation = size;
    return (BYTE*)&s_actionIoBuffer[0];
 }
-/* 9.7.2.4	MemoryGetOutBuffer() */
+
-/* This function returns the address of the buffer into which the command action code places its
+//*** MemoryGetOutBuffer()
-   output values. */
+// This function returns the address of the buffer into which the command
-BYTE *
+// action code places its output values.
-MemoryGetOutBuffer(
+BYTE* MemoryGetOutBuffer(UINT32 size  // required size of the buffer
 		   UINT32           size           // required size of the buffer
 )
 {
    BYTE* retVal = (BYTE*)(&s_actionIoBuffer[s_actionIoAllocation / UoM]);
@ -126,20 +126,14 @@ MemoryGetOutBuffer(
    s_actionIoAllocation += size;
    return retVal;
 }
 /* 9.7.2.5	IsLabelProperlyFormatted() */
 /* This function checks that a label is a null-terminated string. */
 /* NOTE:	this function is here because there was no better place for it. */
 /* Return Value	Meaning */
 /* FALSE	string is not null terminated */
 /* TRUE	string is null terminated */
-BOOL
+//*** IsLabelProperlyFormatted()
-IsLabelProperlyFormatted(
+// This function checks that a label is a null-terminated string.
-			 TPM2B           *x
+// NOTE: this function is here because there was no better place for it.
-			 )
+//  Return Type: BOOL
 //      TRUE(1)         string is null terminated
 //      FALSE(0)        string is not null terminated
 BOOL IsLabelProperlyFormatted(TPM2B* x)
 {
    return (((x)->size == 0) || ((x)->buffer[(x)->size - 1] == 0));
 }
--- a/src/tpm2/IoBuffers_fp.h
+++ b/src/tpm2/IoBuffers_fp.h
@ -59,29 +59,43 @@
 /*										*/
 /********************************************************************************/
-#ifndef IOBUFFERS_FP_H
+/*(Auto-generated)
-#define IOBUFFERS_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
-void
+#ifndef _IO_BUFFERS_FP_H_
-MemoryIoBufferAllocationReset(
+#define _IO_BUFFERS_FP_H_
-			      void
+
-			      );
+//*** MemoryIoBufferAllocationReset()
-void
+// This function is used to reset the allocation of buffers.
-MemoryIoBufferZero(
+void MemoryIoBufferAllocationReset(void);
-		   void
+
-		   );
+//*** MemoryIoBufferZero()
-BYTE *
+// Function zeros the action I/O buffer at the end of a command. Calling this is
-MemoryGetInBuffer(
+// not mandatory for proper functionality.
-		  UINT32           size           // Size, in bytes, required for the input
+void MemoryIoBufferZero(void);
 //*** MemoryGetInBuffer()
 // This function returns the address of the buffer into which the
 // command parameters will be unmarshaled in preparation for calling
 // the command actions.
 BYTE* MemoryGetInBuffer(UINT32 size  // Size, in bytes, required for the input
                                     // unmarshaling
 );
-BYTE *
+
-MemoryGetOutBuffer(
+//*** MemoryGetOutBuffer()
-		   UINT32           size           // required size of the buffer
+// This function returns the address of the buffer into which the command
-		   );
+// action code places its output values.
-BOOL
+BYTE* MemoryGetOutBuffer(UINT32 size  // required size of the buffer
 IsLabelProperlyFormatted(
 			 TPM2B           *x
 );
-#endif
+//*** IsLabelProperlyFormatted()
 // This function checks that a label is a null-terminated string.
 // NOTE: this function is here because there was no better place for it.
 //  Return Type: BOOL
 //      TRUE(1)         string is null terminated
 //      FALSE(0)        string is not null terminated
 BOOL IsLabelProperlyFormatted(TPM2B* x);
 #endif  // _IO_BUFFERS_FP_H_
--- a/src/tpm2/KdfTestData.h
+++ b/src/tpm2/KdfTestData.h
@ -59,42 +59,67 @@
 /*										*/
 /********************************************************************************/
 //
 // Hash Test Vectors
 //
 #define TEST_KDF_KEY_SIZE 20
 TPM2B_TYPE(KDF_TEST_KEY, TEST_KDF_KEY_SIZE);
-TPM2B_KDF_TEST_KEY      c_kdfTestKeyIn = {{TEST_KDF_KEY_SIZE, {
+TPM2B_KDF_TEST_KEY c_kdfTestKeyIn = {
-	    0x27, 0x1F, 0xA0, 0x8B, 0xBD, 0xC5, 0x06, 0x0E, 0xC3, 0xDF,
+    {TEST_KDF_KEY_SIZE,
     {0x27, 0x1F, 0xA0, 0x8B, 0xBD, 0xC5, 0x06, 0x0E, 0xC3, 0xDF,
      0xA9, 0x28, 0xFF, 0x9B, 0x73, 0x12, 0x3A, 0x12, 0xDA, 0x0C}}};
 TPM2B_TYPE(KDF_TEST_LABEL, 17);
-TPM2B_KDF_TEST_LABEL    c_kdfTestLabel = {{17, {
+TPM2B_KDF_TEST_LABEL c_kdfTestLabel = {{17,
-	    0x4B, 0x44, 0x46, 0x53, 0x45, 0x4C, 0x46, 0x54,
+                                        {0x4B,
-	    0x45, 0x53, 0x54, 0x4C, 0x41, 0x42, 0x45, 0x4C, 0x00 }}};
+                                         0x44,
                                         0x46,
                                         0x53,
                                         0x45,
                                         0x4C,
                                         0x46,
                                         0x54,
                                         0x45,
                                         0x53,
                                         0x54,
                                         0x4C,
                                         0x41,
                                         0x42,
                                         0x45,
                                         0x4C,
                                         0x00}}};
 TPM2B_TYPE(KDF_TEST_CONTEXT, 8);
-TPM2B_KDF_TEST_CONTEXT  c_kdfTestContextU = {{8, {
+TPM2B_KDF_TEST_CONTEXT c_kdfTestContextU = {
-	    0xCE, 0x24, 0x4F, 0x39, 0x5D, 0xCA, 0x73, 0x91 }}};
+    {8, {0xCE, 0x24, 0x4F, 0x39, 0x5D, 0xCA, 0x73, 0x91}}};
-TPM2B_KDF_TEST_CONTEXT  c_kdfTestContextV = {{8, {
+
-	    0xDA, 0x50, 0x40, 0x31, 0xDD, 0xF1, 0x2E, 0x83 }}};
+TPM2B_KDF_TEST_CONTEXT c_kdfTestContextV = {
    {8, {0xDA, 0x50, 0x40, 0x31, 0xDD, 0xF1, 0x2E, 0x83}}};
 #if ALG_SHA512 == ALG_YES
-TPM2B_KDF_TEST_KEY  c_kdfTestKeyOut = {{20, {
+TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
-	    0x8b, 0xe2, 0xc1, 0xb8, 0x5b, 0x78, 0x56, 0x9b, 0x9f, 0xa7,
+    {20, {0x8b, 0xe2, 0xc1, 0xb8, 0x5b, 0x78, 0x56, 0x9b, 0x9f, 0xa7,
          0x59, 0xf5, 0x85, 0x7c, 0x56, 0xd6, 0x84, 0x81, 0x0f, 0xd3}}};
 #  define KDF_TEST_ALG TPM_ALG_SHA512
 #elif ALG_SHA384 == ALG_YES
-TPM2B_KDF_TEST_KEY  c_kdfTestKeyOut = {{20, {
+TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
-	    0x1d, 0xce, 0x70, 0xc9, 0x11, 0x3e, 0xb2, 0xdb, 0xa4, 0x7b,
+    {20, {0x1d, 0xce, 0x70, 0xc9, 0x11, 0x3e, 0xb2, 0xdb, 0xa4, 0x7b,
          0xd9, 0xcf, 0xc7, 0x2b, 0xf4, 0x6f, 0x45, 0xb0, 0x93, 0x12}}};
 #  define KDF_TEST_ALG TPM_ALG_SHA384
 #elif ALG_SHA256 == ALG_YES
-TPM2B_KDF_TEST_KEY  c_kdfTestKeyOut = {{20, {
+TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
-	    0xbb, 0x02, 0x59, 0xe1, 0xc8, 0xba, 0x60, 0x7e, 0x6a, 0x2c,
+    {20, {0xbb, 0x02, 0x59, 0xe1, 0xc8, 0xba, 0x60, 0x7e, 0x6a, 0x2c,
          0xd7, 0x04, 0xb6, 0x9a, 0x90, 0x2e, 0x9a, 0xde, 0x84, 0xc4}}};
 #  define KDF_TEST_ALG TPM_ALG_SHA256
 #elif ALG_SHA1 == ALG_YES
-TPM2B_KDF_TEST_KEY  c_kdfTestKeyOut = {{20, {
+TPM2B_KDF_TEST_KEY c_kdfTestKeyOut = {
-	    0x55, 0xb5, 0xa7, 0x18, 0x4a, 0xa0, 0x74, 0x23, 0xc4, 0x7d,
+    {20, {0x55, 0xb5, 0xa7, 0x18, 0x4a, 0xa0, 0x74, 0x23, 0xc4, 0x7d,
          0xae, 0x76, 0x6c, 0x26, 0xa2, 0x37, 0x7d, 0x7c, 0xf8, 0x51}}};
 #  define KDF_TEST_ALG TPM_ALG_SHA1
 #endif
--- a/src/tpm2/LoadExternal_fp.h
+++ b/src/tpm2/LoadExternal_fp.h
@ -59,29 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef LOADEXTERNAL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define LOADEXTERNAL_FP_H
-typedef struct {
+#if CC_LoadExternal  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPM2B_SENSITIVE   inPrivate;
    TPM2B_PUBLIC      inPublic;
    TPMI_RH_HIERARCHY hierarchy;
 } LoadExternal_In;
-#define RC_LoadExternal_inPrivate	(TPM_RC_P + TPM_RC_1)
+// Output structure definition
-#define RC_LoadExternal_inPublic 	(TPM_RC_P + TPM_RC_2)
+typedef struct
-#define RC_LoadExternal_hierarchy 	(TPM_RC_P + TPM_RC_3)
+{
 typedef struct {
    TPM_HANDLE objectHandle;
    TPM2B_NAME name;
 } LoadExternal_Out;
 // Response code modifiers
 #    define RC_LoadExternal_inPrivate (TPM_RC_P + TPM_RC_1)
 #    define RC_LoadExternal_inPublic  (TPM_RC_P + TPM_RC_2)
 #    define RC_LoadExternal_hierarchy (TPM_RC_P + TPM_RC_3)
 // Function prototype
 TPM_RC
-TPM2_LoadExternal(
+TPM2_LoadExternal(LoadExternal_In* in, LoadExternal_Out* out);
-		  LoadExternal_In     *in,            // IN: input parameter list
+
-		  LoadExternal_Out    *out            // OUT: output parameter list
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOADEXTERNAL_FP_H_
-		  );
+#endif    // CC_LoadExternal
 #endif
--- a/src/tpm2/Load_fp.h
+++ b/src/tpm2/Load_fp.h
@ -59,30 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef LOAD_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define LOAD_FP_H
-typedef struct {
+#if CC_Load  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT parentHandle;
    TPM2B_PRIVATE  inPrivate;
    TPM2B_PUBLIC   inPublic;
 } Load_In;
-#define RC_Load_parentHandle	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_Load_inPrivate 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_Load_inPublic	(TPM_RC_P + TPM_RC_2)
+{
 typedef struct {
    TPM_HANDLE objectHandle;
    TPM2B_NAME name;
 } Load_Out;
-TPM_RC
+// Response code modifiers
-TPM2_Load(
+#    define RC_Load_parentHandle (TPM_RC_H + TPM_RC_1)
-	  Load_In         *in,            // IN: input parameter list
+#    define RC_Load_inPrivate    (TPM_RC_P + TPM_RC_1)
-	  Load_Out        *out            // OUT: output parameter list
+#    define RC_Load_inPublic     (TPM_RC_P + TPM_RC_2)
 	  );
-#endif
+// Function prototype
 TPM_RC
 TPM2_Load(Load_In* in, Load_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_LOAD_FP_H_
 #endif    // CC_Load
--- a/src/tpm2/Locality.c
+++ b/src/tpm2/Locality.c
@ -59,19 +59,21 @@
 /*										*/
 /********************************************************************************/
-/* 9.8 Locality.c */
+//** Includes
 /* 9.8.1 Includes */
 #include "Tpm.h"
-/* 9.8.2 LocalityGetAttributes() */
+
-/* This function will convert a locality expressed as an integer into TPMA_LOCALITY form. */
+//** LocalityGetAttributes()
-/* The function returns the locality attribute. */
+// This function will convert a locality expressed as an integer into
 // TPMA_LOCALITY form.
 //
 // The function returns the locality attribute.
 TPMA_LOCALITY
-LocalityGetAttributes(
+LocalityGetAttributes(UINT8 locality  // IN: locality value
 		      UINT8            locality       // IN: locality value
 )
 {
    TPMA_LOCALITY locality_attributes;
    BYTE*         localityAsByte = (BYTE*)&locality_attributes;
    MemorySet(&locality_attributes, 0, sizeof(TPMA_LOCALITY));
    switch(locality)
    {
--- a/src/tpm2/LocalityPlat.c
+++ b/src/tpm2/LocalityPlat.c
@ -59,26 +59,23 @@
 /*										*/
 /********************************************************************************/
-/* C.5 LocalityPlat.c */
+//** Includes
 /* C.5.1. Includes */
 #include "Platform.h"
-/* C.5.2. Functions */
+
-/* C.5.2.1. _plat__LocalityGet() */
+//** Functions
-/* Get the most recent command locality in locality value form. This is an integer value for
+
-   locality and not a locality structure The locality can be 0-4 or 32-255. 5-31 is not allowed. */
+//***_plat__LocalityGet()
-LIB_EXPORT unsigned char
+// Get the most recent command locality in locality value form.
-_plat__LocalityGet(
+// This is an integer value for locality and not a locality structure
-		   void
+// The locality can be 0-4 or 32-255. 5-31 is not allowed.
-		   )
+LIB_EXPORT unsigned char _plat__LocalityGet(void)
 {
    return s_locality;
 }
-/* C.5.2.2. _plat__LocalitySet() */
+
-/* Set the most recent command locality in locality value form */
+//***_plat__LocalitySet()
-LIB_EXPORT void
+// Set the most recent command locality in locality value form
-_plat__LocalitySet(
+LIB_EXPORT void _plat__LocalitySet(unsigned char locality)
 		   unsigned char    locality
 		   )
 {
    if(locality > 4 && locality < 32)
        locality = 0;
--- a/src/tpm2/Locality_fp.h
+++ b/src/tpm2/Locality_fp.h
@ -59,13 +59,21 @@
 /*										*/
 /********************************************************************************/
-#ifndef LOCALITY_FP_H
+/*(Auto-generated)
-#define LOCALITY_FP_H
+ *  Created by TpmPrototypes; Version 3.0 July 18, 2017
 *  Date: Mar 28, 2019  Time: 08:25:19PM
 */
 #ifndef _LOCALITY_FP_H_
 #define _LOCALITY_FP_H_
 //** LocalityGetAttributes()
 // This function will convert a locality expressed as an integer into
 // TPMA_LOCALITY form.
 //
 // The function returns the locality attribute.
 TPMA_LOCALITY
-LocalityGetAttributes(
+LocalityGetAttributes(UINT8 locality  // IN: locality value
 		      UINT8            locality       // IN: locality value
 );
-
+#endif  // _LOCALITY_FP_H_
 #endif
--- a/src/tpm2/MAC_Start_fp.h
+++ b/src/tpm2/MAC_Start_fp.h
@ -59,30 +59,36 @@
 /*										*/
 /********************************************************************************/
 /* rev 146 */
-#ifndef MAC_START_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define MAC_START_FP_H
-typedef struct {
+#if CC_MAC_Start  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT      handle;
    TPM2B_AUTH          auth;
    TPMI_ALG_MAC_SCHEME inScheme;
 } MAC_Start_In;
-typedef struct {
+// Output structure definition
 typedef struct
 {
    TPMI_DH_OBJECT sequenceHandle;
 } MAC_Start_Out;
 // Response code modifiers
 #    define RC_MAC_Start_handle   (TPM_RC_H + TPM_RC_1)
 #    define RC_MAC_Start_auth     (TPM_RC_P + TPM_RC_1)
 #    define RC_MAC_Start_inScheme (TPM_RC_P + TPM_RC_2)
 // Function prototype
 TPM_RC
-TPM2_MAC_Start(
+TPM2_MAC_Start(MAC_Start_In* in, MAC_Start_Out* out);
 		MAC_Start_In   *in,            // IN: input parameter list
 		MAC_Start_Out  *out            // OUT: output parameter list
 		);
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_START_FP_H_
-#endif
+#endif    // CC_MAC_Start
--- a/src/tpm2/MAC_fp.h
+++ b/src/tpm2/MAC_fp.h
@ -59,30 +59,36 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef MAC_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define MAC_FP_H
-typedef struct {
+#if CC_MAC  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT      handle;
    TPM2B_MAX_BUFFER    buffer;
    TPMI_ALG_MAC_SCHEME inScheme;
 } MAC_In;
 // Output structure definition
 typedef struct
 {
    TPM2B_DIGEST outMAC;
 } MAC_Out;
 // Response code modifiers
 #    define RC_MAC_handle   (TPM_RC_H + TPM_RC_1)
 #    define RC_MAC_buffer   (TPM_RC_P + TPM_RC_1)
 #    define RC_MAC_inScheme (TPM_RC_P + TPM_RC_2)
-typedef struct {
+// Function prototype
    TPM2B_MAX_BUFFER	outMAC;
 } MAC_Out;
 TPM_RC
-TPM2_MAC(
+TPM2_MAC(MAC_In* in, MAC_Out* out);
 		    MAC_In   *in,            // IN: input parameter list
 		    MAC_Out  *out            // OUT: output parameter list
 		    );
-
+#  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAC_FP_H_
-#endif
+#endif    // CC_MAC
--- a/src/tpm2/MakeCredential_fp.h
+++ b/src/tpm2/MakeCredential_fp.h
@ -59,31 +59,37 @@
 /*										*/
 /********************************************************************************/
 /* rev 119 */
-#ifndef MAKECREDENTIAL_FP_H
+// FILE GENERATED BY TpmExtractCode: DO NOT EDIT
 #define MAKECREDENTIAL_FP_H
-typedef struct {
+#if CC_MakeCredential  // Command must be enabled
 #  ifndef _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
 #    define _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
 // Input structure definition
 typedef struct
 {
    TPMI_DH_OBJECT handle;
    TPM2B_DIGEST   credential;
    TPM2B_NAME     objectName;
 } MakeCredential_In;
-#define RC_MakeCredential_handle 	(TPM_RC_H + TPM_RC_1)
+// Output structure definition
-#define RC_MakeCredential_credential 	(TPM_RC_P + TPM_RC_1)
+typedef struct
-#define RC_MakeCredential_objectName	(TPM_RC_P + TPM_RC_2)
+{
 typedef struct {
    TPM2B_ID_OBJECT        credentialBlob;
    TPM2B_ENCRYPTED_SECRET secret;
 } MakeCredential_Out;
-TPM_RC
+// Response code modifiers
-TPM2_MakeCredential(
+#    define RC_MakeCredential_handle     (TPM_RC_H + TPM_RC_1)
-		    MakeCredential_In   *in,            // IN: input parameter list
+#    define RC_MakeCredential_credential (TPM_RC_P + TPM_RC_1)
-		    MakeCredential_Out  *out            // OUT: output parameter list
+#    define RC_MakeCredential_objectName (TPM_RC_P + TPM_RC_2)
 		    );
-#endif
+// Function prototype
 TPM_RC
 TPM2_MakeCredential(MakeCredential_In* in, MakeCredential_Out* out);
 #  endif  // _TPM_INCLUDE_PRIVATE_PROTOTYPES_MAKECREDENTIAL_FP_H_
 #endif    // CC_MakeCredential
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Stefan Berger	5a2d812442	tpm2: Add definitions for new algorithms and curves Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 21:08:37 -04:00
Stefan Berger	ac75bf725c	tpm2: Sync with new defines on symmetric algorithms' sizes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 21:08:37 -04:00
Stefan Berger	2ab67c8268	tpm2: Move defines for commands from TpmAlgorithmDefines to TpmTypes.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 21:08:37 -04:00
Stefan Berger	13a41ca095	tpm2: Add missing defines for existing structures, remove others Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	2a5baa8800	tpm2: Sync up RunCommand.c with upstream Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	e60fafc61a	tpm2: Add missing SVN-related cases in TPMPropertyIsDefined Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	b2839e2613	tpm2: Sync TPM_PT_MODES case in TPMPropertyIsDefined Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	865b356292	tpm2: Add missing '\|\| TABLE_DRIVEN_MARSHAL' to CommandDispatcher.c Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	fccc05845b	tpm2: Add support for CRYPTO_LIB_REPORTING but do not use it Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	74bd4ee1d6	tpm2: Use TPM2B_DIGEST in MAC_Out Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	79e233c607	tpm2: Remove CLOCK_ defines for header since already in Clock.c Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	1278421db9	tpm2: Add TPMI_RH_BASE_HIERARCHY type and use it Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	04dab706c5	tpm2: Add (unused) defines to TpmTcpProtocol.h Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	fa637145b8	tpm2: Fix definition of CertifyX509 error codes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	0945ad07ef	tpm2: Fix definition of ChangePPS error codes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	a954fa214b	tpm2: Fix definition of NV_ReadPublic error codes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	2360ec6d83	tpm2: Fix definition of HierarchyChnageAuth error codes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	bd282cce6a	tpm2: Fix definition of SequenceUpdate error codes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	f8ddf879af	tpm2: Replace occurrences of xorr with xor Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	4c7dcf2db3	tpm2: Rebase on TPM v1.83: Reduce diffs - Rename files so the filenames match - Reduce whitespace diffs - Other trivial changes Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00
Stefan Berger	5de6c7fe40	scripts: Implement scripts to be able to use meld on upstream codebase Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>	2025-07-31 18:57:14 -04:00