On 6/10/2021 4:31 PM, Mimi Zohar wrote:
As I recall "extend" works pretty much from the beginning. There's no need to wait for the self test to complete. Registering the TPM early might be enough without having to wait. Or maybe check the selftest result.
TPM 2.0 depends somewhat on the type of self test - there are several options. They will in some sense block other commands that use the angorithm. The TPM is permitted to do an extend before the hash algorithm is tested (just not return a result) but I don't think it's required. So: - self test - extend may permit the extend to proceed while the self test is happening, but it may not.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
