iaik.tc.tss.api.tspi
Interface TcIAuthObject

All Known Subinterfaces:

TcIEncData, TcIMonotonicCtr, TcINvRam, TcIRsaKey, TcITpm

public interface TcIAuthObject

This class implements common methods for all auth objects. That are all those working objects that require authorization to be used. Amon those objects are e.g. the TPM, key or EncData objects.

Method Summary

void	changeAuth(TcIAuthObject parentObject, TcIPolicy newPolicy) This method changes the authorization data (secret) of an entity (object) and assigns the object to the newPolicy object.
void	changeAuthAsym(TcIAuthObject parentObject, TcIRsaKey identKey, TcIPolicy newPolicy) This method changes the authorization data (secret) of an entity (object) utilizing the asymmetric change protocol and assigns the object to the newPolicy object.
TcIPolicy	getPolicyObject(long policyType) This method returns the policy object currently assigned to a working object.
TcIPolicy	getUsagePolicyObject() This method returns a policy object representing the usage policy currently assigned to the object.

Method Detail

changeAuth

void changeAuth(TcIAuthObject parentObject,
                TcIPolicy newPolicy)
                throws TcTssException

This method changes the authorization data (secret) of an entity (object) and assigns the object to the newPolicy object. All classes using secrets provide this method for changing their authorization data. To change the TPM owner authorization, this method has to be called on the TPM object. The parent has to be set to null. To change the SRK authorization, this method has to be called on the SRK key object and the parent has to be set to the TPM object.

Parameters:

parentObject - The parent object wrapping this object.

newPolicy - Policy object providing the new authorization data.

Throws:

TcTssException

TSS Spec. 1.2 Errata A, page number:

179

TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:

71

changeAuthAsym

void changeAuthAsym(TcIAuthObject parentObject,
                    TcIRsaKey identKey,
                    TcIPolicy newPolicy)
                    throws TcTssException

This method changes the authorization data (secret) of an entity (object) utilizing the asymmetric change protocol and assigns the object to the newPolicy object. All classes using secrets provide this method for changing their authorization data. This method changes the authorization data of an object ensuring that the parent of the object does not get knowledge of the new secret.

Parameters:

parentObject - The parent object wrapping this object

identKey - The identity key object required to proof the internally created temporary key.

newPolicy - The policy object providing the new authorization data.

Throws:

TcTssException

TSS Spec. 1.2 Errata A, page number:

180

TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:

72

getPolicyObject

TcIPolicy getPolicyObject(long policyType)
                          throws TcTssException

This method returns the policy object currently assigned to a working object. If an application does not create a policy object and does not create a policy object and does not assign it to the working object prior to this call, this function returns the default context policy. Setting a new secret to the default policy will affect all future objects associated with this policy.

Parameters:

policyType - The policy type to be returned (TSS_POLICY_*)

Returns:

Policy object currently assigned to the object.

Throws:

TcTssException

TSS Spec. 1.2 Errata A, page number:

182

TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:

73

getUsagePolicyObject

TcIPolicy getUsagePolicyObject()
                               throws TcTssException

This method returns a policy object representing the usage policy currently assigned to the object. It is based on the getPolicy method of the TSS with TSS_POLICY_USAGE as parameter.

Returns:

Usage policy object.

Throws:

TcTssException

TSS Spec. 1.2 Errata A, page number:

182

TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:

73