iaik.tc.tss.impl.java.tcs.pbg
Class TcTpmCmdMigration
java.lang.Object
iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon
iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdMigration
public class TcTpmCmdMigration
- extends TcTpmCmdCommon
Method Summary |
static java.lang.Object[] |
TpmAuthorizeMigrationKey(TcIStreamDest dest,
int migrationScheme,
TcTpmPubkey migrationKey,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkApproveMA(TcIStreamDest dest,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkConvertMigration(TcIStreamDest dest,
long parentHandle,
TcTpmCmkAuth restrictTicket,
TcTpmDigest sigTicket,
TcTpmKey12 migratedKey,
TcTpmMsaComposite msaList,
TcBlobData random,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcTpmDigest pubSourceKeyDigest,
TcTpmMsaComposite msaList,
TcBlobData restrictTicket,
TcBlobData sigTicket,
TcBlobData encData,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateKey(TcIStreamDest dest,
long parentHandle,
TcTpmEncauth dataUsageAuth,
TcTpmKey12 keyInfo,
TcTpmDigest migrationAuthorityApproval,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateTicket(TcIStreamDest dest,
TcTpmPubkey verificationKey,
TcTpmDigest signedData,
TcBlobData signatureValue,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkSetRestrictions(TcIStreamDest dest,
long restriction,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmConvertMigrationBlob(TcIStreamDest dest,
long parentHandle,
TcBlobData inData,
TcBlobData random,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCreateMigrationBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcBlobData encData,
TcTcsAuth inAuth1,
TcTcsAuth inAuth2)
|
static java.lang.Object[] |
TpmMigrateKey(TcIStreamDest dest,
long maKeyHandle,
TcTpmPubkey pubKey,
TcBlobData inData,
TcTcsAuth inAuth1)
|
Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TcTpmCmdMigration
public TcTpmCmdMigration()
TpmCreateMigrationBlob
public static java.lang.Object[] TpmCreateMigrationBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcBlobData encData,
TcTcsAuth inAuth1,
TcTcsAuth inAuth2)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.inAuth2
- Authorization values for second authorization session.parentHandle
- Handle of the parent key that can decrypt encData.migrationType
- The migration type, either MIGRATE or REWRAPmigrationKeyAuth
- Migration public key and its authorization session digest.encData
- The encrypted entity that is to be modified.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for 1st session containing new nonceEven (TcTpmAuth)
- 2 ... outgoing authorization for 2nd session containing new nonceEven (TcTpmAuth)
- 3 ... String used for xor encryption (TcBlobData)
- 4 ... The modified, encrypted entity. (TcBlobData)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 82
TpmConvertMigrationBlob
public static java.lang.Object[] TpmConvertMigrationBlob(TcIStreamDest dest,
long parentHandle,
TcBlobData inData,
TcBlobData random,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.parentHandle
- Handle of a loaded key that can decrypt keys.inData
- The XOR'd and encrypted keyrandom
- Random value used to hide key data.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The encrypted private key that canbe loaded with TPM_LoadKey (TcBlobData)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 86
TpmAuthorizeMigrationKey
public static java.lang.Object[] TpmAuthorizeMigrationKey(TcIStreamDest dest,
int migrationScheme,
TcTpmPubkey migrationKey,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.migrationScheme
- Type of migration operation that is to be permitted for this key.migrationKey
- The public key to be authorized.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... Returned public key and authorization session digest.
(TcTpmMigrationkeyAuth)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 88
TpmMigrateKey
public static java.lang.Object[] TpmMigrateKey(TcIStreamDest dest,
long maKeyHandle,
TcTpmPubkey pubKey,
TcBlobData inData,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.maKeyHandle
- Handle of the key to be used to migrate the key.pubKey
- Public key to which the blob is to be migratedinData
- The input blob
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The re-encrypted blob (TcBlobData)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 90
TpmCmkSetRestrictions
public static java.lang.Object[] TpmCmkSetRestrictions(TcIStreamDest dest,
long restriction,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.restriction
- The bit mask of how to set the restrictions on CMK keys
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 92
TpmCmkApproveMA
public static java.lang.Object[] TpmCmkApproveMA(TcIStreamDest dest,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.migrationAuthorityDigest
- A digest of a TcTpmMsaComposite structure (itself one or more
digests of public keys belonging to migration authorities)
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... HMAC of migrationAuthorityDigest (TcTpmDigest)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 94
TpmCmkCreateKey
public static java.lang.Object[] TpmCmkCreateKey(TcIStreamDest dest,
long parentHandle,
TcTpmEncauth dataUsageAuth,
TcTpmKey12 keyInfo,
TcTpmDigest migrationAuthorityApproval,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.parentHandle
- Handle of a loaded key that can perform key wrapping.dataUsageAuth
- Encrypted usage AuthData for thesealed data.keyInfo
- Information about key to be created, pubkey.keyLength and keyInfo.encData
elements are 0. MUST be TcTpmKey12migrationAuthorityApproval
- A ticket, created by the TPM Owner using TPM_CMK_ApproveMA,
approving a TcTpmMsaComposite structuremigrationAuthorityDigest
- The digest of a TcTpmMsaComposite structure
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The TcTpmKey structure which includes the public and encrypted private key.
MUST be TcTpmKey12 (TcTpmKey12)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 96
TpmCmkCreateTicket
public static java.lang.Object[] TpmCmkCreateTicket(TcIStreamDest dest,
TcTpmPubkey verificationKey,
TcTpmDigest signedData,
TcBlobData signatureValue,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.verificationKey
- The public key to be used to check signatureValuesignedData
- The data to be verifiedsignatureValue
- The signatureValue to be verified
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... Ticket that proves digest created on this TPM (TcTpmDigest)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 99
TpmCmkCreateBlob
public static java.lang.Object[] TpmCmkCreateBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcTpmDigest pubSourceKeyDigest,
TcTpmMsaComposite msaList,
TcBlobData restrictTicket,
TcBlobData sigTicket,
TcBlobData encData,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.parentHandle
- Handle of the parent key that can decrypt encData.migrationType
- The migration type, either TPM_MS_RESTRICT_MIGRATE or
TPM_MS_RESTRICT_APPROVE_DOUBLEmigrationKeyAuth
- Migration public key and its authorization session digest.pubSourceKeyDigest
- The digest of the TcTpmPubkey of the entity to be migratedmsaList
- One or more digests of public keysbelonging to migration authoritiesrestrictTicket
- Either a NULL parameter or a TcTpmCmkAuth structure, containingthe
digests of the public keys belonging to the Migration Authority, the destination
parent key and the key-to-be-migrated.sigTicket
- Either a NULL parameter or a TcTpmDigest structure, generated by the TPM,
signaling a valid signature over restrictTicketencData
- The encrypted entity that is to bemodified.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... String used for xor encryption (TcBlobData)
- 3 ... The modified, encrypted entity. (TcBlobData)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 101
TpmCmkConvertMigration
public static java.lang.Object[] TpmCmkConvertMigration(TcIStreamDest dest,
long parentHandle,
TcTpmCmkAuth restrictTicket,
TcTpmDigest sigTicket,
TcTpmKey12 migratedKey,
TcTpmMsaComposite msaList,
TcBlobData random,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest
- The destination where the byte stream is written to.inAuth1
- Authorization values for first authorization session.parentHandle
- Handle of a loaded key that can decrypt keys.restrictTicket
- The digests of public keys belonging to the Migration Authority, the
destination parentkey and the key-to-be-migrated.sigTicket
- A signature ticket, generated by the TPM, signaling a valid signature over
restrictTicketmigratedKey
- The public key of the key-to-be-migrated. The private portion MUST be
TcTpmMigrateAsymkey properly XOR'dmsaList
- One or more digests of public keys belonging to migration authoritiesrandom
- Random value used to hide key data.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The encrypted private key that canbe loaded with TPM_LoadKey (TcBlobData)
- Throws:
TcTpmException
- This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException
- TPM 1.2 Spec, page number:
- 106