tspi_tpm_collateidentityrequest(3) - Linux man page

Name

Tspi_TPM_CollateIdentityRequest - Gets all the informatin necessary to send to a trusted third party (TTP), repartory to asking the TTP to create a certificate for identity.

Synopsis

#include <tss/platform.h>
#include <tss/tcpa_defines.h>
#include <tss/tcpa_typedef.h>
#include <tss/tcpa_struct.h>
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
#include <tss/tspi.h>

TSS_RESULT Tspi_TPM_CollateIdentityRequest(TSS_HTPM hTPM,                     TSS_HKEY         hKeySRK,
                                           TSS_HKEY hCAPPubKey,
                                           UINT32   ulIdentityLabelData,      BYTE*            rgbIdentityLabelData,
                                           TSS_HKEY hIdentityKey,             TSS_ALGORITHM_ID algid,
                                           UINT32*  pulTCPAIdentityReqLength, BYTE**           prgbTCPAIdentityReq);

Description

TSS_TPM_CollateIdentityRequest creates an identity key, binds it to the label and returns a certificate request package. The privacty CA requires this certificate request to attest the identity key.

Only the Owner of the TPM has the privledge of creating a TPM identity key.

The symmetric session key is required to provide confidentiality of the "TCPA_IDENTITY_REQ" data structure, which should be sent to the Privacy CA chosen by the owner.

Parameters

hTPM

Handle of the TPM object.

hKeySRK

Handle to the key object representing the Storage Root Key

hCAPubKey

Handle to the key object representing the public key of the CA which signs the certificate of the created identity key.

ulIdentityLabelLength

Supplies the length (in bytes) of the rgbIdentityLabelData parameter

rgbLabelData

Pointer to a memory block containing the identity label, which should be a UNICODE string

hIdentityKey

Handle to the identity key object

algid

The type of symmetric algorithm touse as requred by the Enhanced CA.

pulTCPAIdentityReqLength

Recieves the length (in bytes) of the prgbTCPAIdentityReq parameter

prgbTCPAIdentyReq

Pointer to the memory block containing the certicficate request structure.

Return Codes

Tspi_TPM_CollateIdentityRequest returns TSS_SUCCESS on success, otherwise one of the following values are returned:

TSS_E_INVALID_HANDLE

Either hTPM or hKeySRK or hCAPubKey is not a valid handle.

TSS_E_BAD_PARAMETER

TSS_E_INTERNAL_ERROR

An error occurred internal to the TSS.

Conforming To

Tspi_TPM_CollateIdentityRequest conforms to the Trusted Computing Group Software Specification version 1.1 Golden

See Also

tspi_context_loadkeybyuuid(3).