iaik.tc.tss.impl.java.tcs.pbg
Class TcTpmCmdMigration
java.lang.Object
iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon
iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdMigration
public class TcTpmCmdMigration
- extends TcTpmCmdCommon
|
Method Summary |
static java.lang.Object[] |
TpmAuthorizeMigrationKey(TcIStreamDest dest,
int migrationScheme,
TcTpmPubkey migrationKey,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkApproveMA(TcIStreamDest dest,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkConvertMigration(TcIStreamDest dest,
long parentHandle,
TcTpmCmkAuth restrictTicket,
TcTpmDigest sigTicket,
TcTpmKey12 migratedKey,
TcTpmMsaComposite msaList,
TcBlobData random,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcTpmDigest pubSourceKeyDigest,
TcTpmMsaComposite msaList,
TcBlobData restrictTicket,
TcBlobData sigTicket,
TcBlobData encData,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateKey(TcIStreamDest dest,
long parentHandle,
TcTpmEncauth dataUsageAuth,
TcTpmKey12 keyInfo,
TcTpmDigest migrationAuthorityApproval,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkCreateTicket(TcIStreamDest dest,
TcTpmPubkey verificationKey,
TcTpmDigest signedData,
TcBlobData signatureValue,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCmkSetRestrictions(TcIStreamDest dest,
long restriction,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmConvertMigrationBlob(TcIStreamDest dest,
long parentHandle,
TcBlobData inData,
TcBlobData random,
TcTcsAuth inAuth1)
|
static java.lang.Object[] |
TpmCreateMigrationBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcBlobData encData,
TcTcsAuth inAuth1,
TcTcsAuth inAuth2)
|
static java.lang.Object[] |
TpmMigrateKey(TcIStreamDest dest,
long maKeyHandle,
TcTpmPubkey pubKey,
TcBlobData inData,
TcTcsAuth inAuth1)
|
| Methods inherited from class java.lang.Object |
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
TcTpmCmdMigration
public TcTpmCmdMigration()
TpmCreateMigrationBlob
public static java.lang.Object[] TpmCreateMigrationBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcBlobData encData,
TcTcsAuth inAuth1,
TcTcsAuth inAuth2)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.inAuth2 - Authorization values for second authorization session.parentHandle - Handle of the parent key that can decrypt encData.migrationType - The migration type, either MIGRATE or REWRAPmigrationKeyAuth - Migration public key and its authorization session digest.encData - The encrypted entity that is to be modified.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for 1st session containing new nonceEven (TcTpmAuth)
- 2 ... outgoing authorization for 2nd session containing new nonceEven (TcTpmAuth)
- 3 ... String used for xor encryption (TcBlobData)
- 4 ... The modified, encrypted entity. (TcBlobData)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 82
TpmConvertMigrationBlob
public static java.lang.Object[] TpmConvertMigrationBlob(TcIStreamDest dest,
long parentHandle,
TcBlobData inData,
TcBlobData random,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.parentHandle - Handle of a loaded key that can decrypt keys.inData - The XOR'd and encrypted keyrandom - Random value used to hide key data.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The encrypted private key that canbe loaded with TPM_LoadKey (TcBlobData)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 86
TpmAuthorizeMigrationKey
public static java.lang.Object[] TpmAuthorizeMigrationKey(TcIStreamDest dest,
int migrationScheme,
TcTpmPubkey migrationKey,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.migrationScheme - Type of migration operation that is to be permitted for this key.migrationKey - The public key to be authorized.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... Returned public key and authorization session digest.
(TcTpmMigrationkeyAuth)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 88
TpmMigrateKey
public static java.lang.Object[] TpmMigrateKey(TcIStreamDest dest,
long maKeyHandle,
TcTpmPubkey pubKey,
TcBlobData inData,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.maKeyHandle - Handle of the key to be used to migrate the key.pubKey - Public key to which the blob is to be migratedinData - The input blob
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The re-encrypted blob (TcBlobData)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 90
TpmCmkSetRestrictions
public static java.lang.Object[] TpmCmkSetRestrictions(TcIStreamDest dest,
long restriction,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.restriction - The bit mask of how to set the restrictions on CMK keys
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 92
TpmCmkApproveMA
public static java.lang.Object[] TpmCmkApproveMA(TcIStreamDest dest,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.migrationAuthorityDigest - A digest of a TcTpmMsaComposite structure (itself one or more
digests of public keys belonging to migration authorities)
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... HMAC of migrationAuthorityDigest (TcTpmDigest)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 94
TpmCmkCreateKey
public static java.lang.Object[] TpmCmkCreateKey(TcIStreamDest dest,
long parentHandle,
TcTpmEncauth dataUsageAuth,
TcTpmKey12 keyInfo,
TcTpmDigest migrationAuthorityApproval,
TcTpmDigest migrationAuthorityDigest,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.parentHandle - Handle of a loaded key that can perform key wrapping.dataUsageAuth - Encrypted usage AuthData for thesealed data.keyInfo - Information about key to be created, pubkey.keyLength and keyInfo.encData
elements are 0. MUST be TcTpmKey12migrationAuthorityApproval - A ticket, created by the TPM Owner using TPM_CMK_ApproveMA,
approving a TcTpmMsaComposite structuremigrationAuthorityDigest - The digest of a TcTpmMsaComposite structure
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The TcTpmKey structure which includes the public and encrypted private key.
MUST be TcTpmKey12 (TcTpmKey12)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 96
TpmCmkCreateTicket
public static java.lang.Object[] TpmCmkCreateTicket(TcIStreamDest dest,
TcTpmPubkey verificationKey,
TcTpmDigest signedData,
TcBlobData signatureValue,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.verificationKey - The public key to be used to check signatureValuesignedData - The data to be verifiedsignatureValue - The signatureValue to be verified
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... Ticket that proves digest created on this TPM (TcTpmDigest)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 99
TpmCmkCreateBlob
public static java.lang.Object[] TpmCmkCreateBlob(TcIStreamDest dest,
long parentHandle,
int migrationType,
TcTpmMigrationkeyAuth migrationKeyAuth,
TcTpmDigest pubSourceKeyDigest,
TcTpmMsaComposite msaList,
TcBlobData restrictTicket,
TcBlobData sigTicket,
TcBlobData encData,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.parentHandle - Handle of the parent key that can decrypt encData.migrationType - The migration type, either TPM_MS_RESTRICT_MIGRATE or
TPM_MS_RESTRICT_APPROVE_DOUBLEmigrationKeyAuth - Migration public key and its authorization session digest.pubSourceKeyDigest - The digest of the TcTpmPubkey of the entity to be migratedmsaList - One or more digests of public keysbelonging to migration authoritiesrestrictTicket - Either a NULL parameter or a TcTpmCmkAuth structure, containingthe
digests of the public keys belonging to the Migration Authority, the destination
parent key and the key-to-be-migrated.sigTicket - Either a NULL parameter or a TcTpmDigest structure, generated by the TPM,
signaling a valid signature over restrictTicketencData - The encrypted entity that is to bemodified.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... String used for xor encryption (TcBlobData)
- 3 ... The modified, encrypted entity. (TcBlobData)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 101
TpmCmkConvertMigration
public static java.lang.Object[] TpmCmkConvertMigration(TcIStreamDest dest,
long parentHandle,
TcTpmCmkAuth restrictTicket,
TcTpmDigest sigTicket,
TcTpmKey12 migratedKey,
TcTpmMsaComposite msaList,
TcBlobData random,
TcTcsAuth inAuth1)
throws TcTddlException,
TcTpmException
- Parameters:
dest - The destination where the byte stream is written to.inAuth1 - Authorization values for first authorization session.parentHandle - Handle of a loaded key that can decrypt keys.restrictTicket - The digests of public keys belonging to the Migration Authority, the
destination parentkey and the key-to-be-migrated.sigTicket - A signature ticket, generated by the TPM, signaling a valid signature over
restrictTicketmigratedKey - The public key of the key-to-be-migrated. The private portion MUST be
TcTpmMigrateAsymkey properly XOR'dmsaList - One or more digests of public keys belonging to migration authoritiesrandom - Random value used to hide key data.
- Returns:
- The returned Object[] holds the following elements:
- 0 ... TPM return code (Long)
- 1 ... outgoing authorization for session containing new nonceEven (TcTpmAuth)
- 2 ... The encrypted private key that canbe loaded with TPM_LoadKey (TcBlobData)
- Throws:
TcTpmException - This exception indicates that a TPM error has occurred. The specific
error code id held by the exception.
TcTddlException- TPM 1.2 Spec, page number:
- 106