TcIRsaKey (IAIK jTSS - TCG Software Stack for the Java (tm) Platform [TSP API] (ver. 0.7.1))

Overview

Package

Class

Tree

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

iaik.tc.tss.api.tspi
Interface TcIRsaKey

All Superinterfaces:: TcIAttributes, TcIAuthObject, TcIWorkingObject

public interface TcIRsaKey
extends TcIWorkingObject, TcIAttributes, TcIAuthObject
extends TcIWorkingObject, TcIAttributes, TcIAuthObject

The key class defined by the TSS service provider represents an entry into the TCG key handling functionality. Each instance of the key class represents a specific key node, that is part of the TSS key path (hierarchy). A key object, which needs authentication, can be assigned to a policy object that controls the secret management.

Method Summary
`TcTssValidation`	`certifyKey(TcIRsaKey certifyingKey, TcTssValidation validation)` This method signs a public key inside the TPM using `TcTssConstants.TSS_SS_RSASSAPKCS1V15_SHA1`).
`void`	`CMKConvertMigration(TcIRsaKey parentKey, TcIMigData migrationData, TcBlobData random)` This method completes the migration of a certified migration process.
`TcBlobData`	`CMKCreateBlob(TcIRsaKey parentKey, TcIMigData migrationData)` This method implements the first step in the process of moving a certified-migrateable-key to a new parent platform.
`void`	`convertMigrationBlob(TcIRsaKey parent, TcBlobData random, TcBlobData migrationBlob)` This method takes the migration blob built by Tspi_Key_CreateMigrationBlob using the migration scheme TSS_MS_MIGRATE and creates a normal wrapped key.
`void`	`createKey(TcIRsaKey wrappingKey, TcIPcrComposite pcrComposite)` This method creates a key pair within the TPM and wraps it with the key addressed by wrappingKey. If the internal key structure is a 1.1 TPM key, the provided PcrComposite must be a `TcTssConstants.TSS_PCRS_STRUCT_INFO`.
`TcBlobData[]`	`createMigrationBlob(TcIRsaKey parent, TcTpmMigrationkeyAuth migTicket)` This method creates a migration blob of the key.
`TcTssVersion`	`getAttribKeyInfoVersion()` This method returns the version of the key.
`TcTssUuid`	`getAttribUuid()` This method returns the UUID of the key.
`TcIPolicy`	`getMigrationPolicyObject()` This method returns a policy object representing the migration policy currently assigned to the object.
`TcBlobData`	`getPubKey()` This method returns the public key of the key object.
`void`	`loadKey(TcIRsaKey unwrappingKey)` This method loads the key blob into the TPM.
`void`	`migrateKey(TcIRsaKey publicKey, TcIRsaKey migData)` This method decrypts with assistance of the TPM the input package (e.g.
`void`	`setAttribUuid(TcTssUuid uuid)` This method sets the UUID of the key.
`void`	`unloadKey()` This method unloads the key from the TPM.
`void`	`wrapKey(TcIRsaKey wrappingKey, TcIPcrComposite pcrComposite)` This method wraps a key (created externally) with the key addressed by wrappingKey.

Methods inherited from interface TcIAttributes
`getAttribData, getAttribUint32, setAttribData, setAttribUint32`

Methods inherited from interface TcIAuthObject
`changeAuth, changeAuthAsym, getPolicyObject, getUsagePolicyObject`

Method Detail

createKey

void createKey(TcIRsaKey wrappingKey,
               TcIPcrComposite pcrComposite)
               throws TcTssException

This method creates a key pair within the TPM and wraps it with the key addressed by wrappingKey.
If the internal key structure is a 1.1 TPM key, the provided PcrComposite must be a TcTssConstants.TSS_PCRS_STRUCT_INFO. If the key is a 1.2 TPM key, the PcrComposite must be a TcTssConstants.TSS_PCRS_STRUCT_INFO_LONG. If a wrong combination is used, a TcTssException with error code TcTssErrors.TSS_E_INVALID_OBJ_ACCESS is thrown.
The key must already be properly set up via the key init flags or TcIAttributes.setAttribData(long, long, TcBlobData) and TcIAttributes.setAttribUint32(long, long, long).

Parameters:: wrappingKey - The key used to wrap the newly created key.; pcrComposite - If this parameter is not omitted (i.e. set to null), the newly created key will be bound to the PCR values described within this object.
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 323
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 154

loadKey

void loadKey(TcIRsaKey unwrappingKey)
             throws TcTssException

This method loads the key blob into the TPM. The TPM will unwrap the key when it is loaded.

Parameters:: unwrappingKey - The key which should be used for unwrapping.
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 318
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 150

unloadKey

void unloadKey()
               throws TcTssException

This method unloads the key from the TPM.

Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 319
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 151

getAttribUuid

TcTssUuid getAttribUuid()
                        throws TcTssException

This method returns the UUID of the key.

Returns:: UUID of the key.
Throws:: TcTssException
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 149

setAttribUuid

void setAttribUuid(TcTssUuid uuid)
                   throws TcTssException

This method sets the UUID of the key.

Throws:: TcTssException

getAttribKeyInfoVersion

TcTssVersion getAttribKeyInfoVersion()
                                     throws TcTssException

This method returns the version of the key.

Returns:: Version of the key.
Throws:: TcTssException
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 149

getPubKey

TcBlobData getPubKey()
                     throws TcTssException

This method returns the public key of the key object.

Returns:: Memory block containing the public key blob retrieved for the key. The returned blob is of type TcTpmPubkey.
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 320
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 152

certifyKey

TcTssValidation certifyKey(TcIRsaKey certifyingKey,
                           TcTssValidation validation)
                           throws TcTssException

This method signs a public key inside the TPM using TcTssConstants.TSS_SS_RSASSAPKCS1V15_SHA1).

Parameters:: certifyingKey - Certifying key used to sign the key.; validation - Structure of the type TcTssValidation. After successful completion of the call the validationData field of this structure contains the signature data of the command. The data field of the structure contains an instance of TcTpmCertifyInfo or TcTpmCertifyInfo2.
Returns:: The filled validation object.
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 320
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 153

wrapKey

void wrapKey(TcIRsaKey wrappingKey,
             TcIPcrComposite pcrComposite)
             throws TcTssException

This method wraps a key (created externally) with the key addressed by wrappingKey.

Parameters:: wrappingKey - kKey used for wrapping.; pcrComposite - object of the type PcrComposite. If the value of the handle doesn't equal to NULL, the key addressed by hKey will be bound to the PCR values described with this object.
Throws:: TcTssException
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 155

createMigrationBlob

TcBlobData[] createMigrationBlob(TcIRsaKey parent,
                                 TcTpmMigrationkeyAuth migTicket)
                                 throws TcTssException

This method creates a migration blob of the key.

Parameters:: parent - Parent key related to the key.; migTicket - Migration ticket (migration public key and its authorization digest). This data previously has been returned by the method TPM.authorizeMigrationTicket()
Returns:: An array with 2 elements: Element[0]: random data Element[1]: migration blob
Throws:: TcTssException
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 156

convertMigrationBlob

void convertMigrationBlob(TcIRsaKey parent,
                          TcBlobData random,
                          TcBlobData migrationBlob)
                          throws TcTssException

This method takes the migration blob built by Tspi_Key_CreateMigrationBlob using the migration scheme TSS_MS_MIGRATE and creates a normal wrapped key. The resulting normal wrapped key. It may be retrieved from that instance by Tspi_GetAttribData().

Parameters:: parent - Parent key related to the key.; random - Random data as returned together with the migration blob by the method CreateMigrationBlob.; migrationBlob - Migration blob data as returned by a previously called method CreateMigrationBlob.
Throws:: TcTssException
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 158

migrateKey

void migrateKey(TcIRsaKey publicKey,
                TcIRsaKey migData)
                throws TcTssException

This method decrypts with assistance of the TPM the input package (e.g. Key) and then re-encrypts it with the input public key. This command exists to allow the TPM to be a migration authority

Parameters:: publicKey - Public key to which the blob is to be migrated; migData - Migration data key object to transfer the input and output data blob during the migration process. The input data blob is from the previous call of the function Tspi_CreateMigrationBlob() or Tspi_CMK_CreateBlob().
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 346

CMKCreateBlob

TcBlobData CMKCreateBlob(TcIRsaKey parentKey,
                         TcIMigData migrationData)
                         throws TcTssException

This method implements the first step in the process of moving a certified-migrateable-key to a new parent platform.

Parameters:: parentKey - The parent key related to this key object.; migrationData - Migration data key object to transfer the input and output data blob during the migration process.
Returns:: the random data
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 347

CMKConvertMigration

void CMKConvertMigration(TcIRsaKey parentKey,
                         TcIMigData migrationData,
                         TcBlobData random)
                         throws TcTssException

This method completes the migration of a certified migration process. This function takes a certified migration blob and creates a normal wrapped key blob which must be loaded into the TPM using the normal LoadKey operation.

Parameters:: parentKey - The parent key related to this key object.; migrationData - Migration data key object to transfer the input and output data blob during the migration process.; random - The random data as returned together with the migration blob by the method Tspi_CMKCreateBlob().
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 349

getMigrationPolicyObject

TcIPolicy getMigrationPolicyObject()
                                   throws TcTssException

This method returns a policy object representing the migration policy currently assigned to the object. It is based on the getPolicy method of the TSS with TSS_POLICY_MIGRATION as parameter.

Returns:: Migration policy object.
Throws:: TcTssException
TSS Spec. 1.2 Errata A, page number:: 182
TSS Spec. 1.10 Golden, Aug. 20, 2003, page number:: 73