tspi_daa_verifysignature(3) - Linux man page

TCG Software Stack Developer's Reference

Name

Tspi_DAA_VerifySignature - creates a challenge for the TCG platform

Synopsis

#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
#include <tss/tspi.h>

TSPICALL Tspi_DAA_VerifySignature(
    TSS_HDAA                    hDAA,
    TSS_DAA_SIGNATURE           daaSignature,
    TSS_HKEY                    hPubKeyIssuer,
    TSS_DAA_SIGN_DATA           signData,
    UINT32                      attributesLength,
    BYTE**                      attributes,
    UINT32                      nonceVerifierLength,
    BYTE*                       nonceVerifier,
    UINT32                      baseNameLength,
    BYTE*                       baseName,
    TSS_BOOL*                   isCorrect
);

Description

Tspi_DAA_VerifySignature is part of the DAA Verifier component. It's the last function out of 2 in order to verify a DAA Credential of a TCG platform. It verifies the DAA Credential and detects public rogue TPMs. This is an optional function and does not require a TPM or a TCS.

Parameters

hDAA

The hDAA parameter is used to specify the handle of the DAA object.

daaSignature

The daaSignature parameter is the DAA signature contains proof of ownership of the DAA Credential, as well as a signature on either an AIK or a message.

hPubKeyIssuer

The hPubKeyIssuer parameter is the handle of the DAA public key of the DAA Issuer of the credential.

signData

The signData parameter defines what data is signed (AIK or message).

attributesLength

The attributesLength parameter is the Length of attributes array that is determined by the DAA Issuer public key (lh+li). The length of a single attribute is lf/8.

attributes

The attributes parameter is the array of attributes which the DAA Credential owner reveals.

nonceVerifierLength

The nonceVerifierLength parameter is the length of nonceVerifier (20 bytes).

nonceVerifier

The nonceVerifier parameter is the nonce that was computed in the previous function (Tspi_VerifyInit).

baseNameLength

The baseNameLength parameter the length of the baseName.

baseName

The baseName parameter is the base name that was chosen for the DAA Signature.

isCorrect

The isCorrect parameter denotes if the verification of the DAA Signature was successful.

Return Codes

Tspi_DAA_VerifySignature returns TSS_SUCCESS on success, otherwise one of the following values is returned:

TSS_E_BAD_PARAMETER

TSS_E_INTERNAL_ERROR

An internal SW error has been detected.

Conforming To

Tspi_DAA_VerifySignature conforms to the Trusted Computing Group Software Specification version 1.2

See Also

tspi_daa_issuerkeyverification(3)