All TPMs (2.0) must have decrypt-only Endorsement Keys (EKs).
Some TPMs may have signing-only EKs. E.g., Google cloud vTPMs have signing-only EKs as well as decrypt-only EKs.
Somehow one must make do with decrypt-only EKs to authenticate a TPM. The obvious answer is to make the TPM prove possession of an EK by sending a challenge encrypted to the EK's public key (EKpub).
This is what TPM2_MakeCredential() (encrypt)
and TPM2_ActivateCredential() (decrypt)
are all about, except that they add some structure to the plaintext and
semantics to the decryption function.
See README for details of how
TPM2_MakeCredential() and
TPM2_ActivateCredential() are used in
attestation protocols.