Getting the EK is not as easy as one would expect, it depends on how the TPM manufacturer provisions it. Some require that you generate the EK and then get a hash and look it up online, some store it in NV indices. IIRC, Infineon TPM's store them in NV incidces. The tpm2_getekcertificate tool looks in the following NV indices: #define RSA_EK_CERT_NV_INDEX 0x01C00002 #define ECC_EK_CERT_NV_INDEX 0x01C0000A Since the EK is a primary key, you usually need to create it with a template defined in the link below. This will then create a key that matches the manufacturer generated EK Certificate. IIRC the NV indices and templates needed are covered in: - https://trustedcomputinggroup.org/wp-content/uploads/TCG_IWG_Credential_P... So this would involve a NV read using the C API would look like calling the function Esys_NV_Read(). ________________________________ From: Andy Purcell <andy_purcell(a)keysight.com&gt; Sent: Tuesday, July 20, 2021 12:18 PM To: tpm2(a)lists.01.org <tpm2(a)lists.01.org&gt; Subject: [tpm2] Want to use c++ to get TPM Serial Number - how do it? I have a need to use C++ to obtain the unique TPM information – like a Serial Number. My system is running Windows 10/64. This is on an HP Desktop PC with TPM 2.0 chip. I can use PowerShell Get-TpmEndorsementKeyInfo -hashalgorithm sha256 To get this output: … ManufacturerCertificates : {[Subject] TPMVersion=id:073E, TPMModel=SLB 9670 TPM2.0, TPMManufacturer=id:49465800 [Issuer] CN=Infineon OPTIGA(TM) RSA Manufacturing CA 034, OU=OPTIGA(TM) TPM2.0, O=Infineon Technologies AG, C=DE … [Serial Number] 4880DE8E [Thumbprint] B8395DA6A1D661C8CCD35D47E3DA6E9532EFFEC4 But how can I get this same Serial Number information using C++? ap