tspi_tpm_daa_sign(3) [debian man page]
Tspi_TPM_DAA_Sign(3) Library Functions Manual Tspi_TPM_DAA_Sign(3) TCG Software Stack Developer's Reference NAME
Tspi_TPM_DAA_Sign - creates a DAA Signature that proofs ownership of the DAA Credential SYNOPSIS
#include <tss/tss_typedef.h> #include <tss/tss_structs.h> #include <tss/tspi.h> TSS_RESULT Tspi_TPM_DAA_Sign( TSS_HDAA hDAA, TSS_HTPM hTPM, TSS_HKEY hDaaCredential, TSS_DAA_SELECTED_ATTRIB revealAttributes, UINT32 verifierBaseNameLength, BYTE* verifierBaseName, UINT32 verifierNonceLength, BYTE* verifierNonce, TSS_DAA_SIGN_DATA signData, TSS_DAA_SIGNATURE* daaSignature ); DESCRIPTION
Tspi_TPM_DAA_Sign creates a DAA Signature that proofs ownership of the DAA Credential and includes a signature on either a public AIK or a message. If anonymity revocation is enabled, the value Nv is not provided in the clear anymore but encrypted under the public key of anonymity revocation authority, a trusted third party (TTP). Thus the DAA Verifier cannot check for revocation or link a transaction/signa- ture to prior ones. Depending on how is chosen, the protocol either allows implementing anonymity revocation (i.e., using the DAA Issuer's long-term base name as the DAA Verifier's base name ), or having the TTP doing the linking of different signatures for the same DAA Veri- fier (i.e., using the DAA Verifier's base name ). PARAMETERS
hDAA The hDAA parameter is used to specify the handle of the DAA object. hTPM The hTPM parameter is the handle to the TPM object. hDaaCredential The hDaaCredential parameter is the Handle of the DAA Credential. revealAttributes The revealAttributes parameter is the attributes which the credential owner wants to reveal to the DAA Verifier. verifierBaseNameLength The verifierBaseNameLength parameter is the Length of verifierBaseName. verifierBaseName The verifierBaseName parameter is the base name chosen by the DAA Verifier. If it equals to null, the platform chooses a random base name. verifierNonceLength The verifierNonceLength parameter is the length of verifierNonceName (20 bytes). verifierNonce The verifierNonce parameter is the nonce created by the DAA Verifier. signData The signData parameter is the handle of the received DAA Credential. daaSignature The daaSignature parameter is the DAA signature containing the proof of ownership of the DAA Credential, as well as a signature on either an AIK or a message. RETURN CODES
Tspi_TPM_DAA_Sign returns TSS_SUCCESS on success, otherwise one of the following values is returned: TSS_E_INVALID_HANDLE Either the DAA or the TPM handler is not valid. TSS_E_BAD_PARAMETER TSS_E_INTERNAL_ERROR An internal SW error has been detected. CONFORMING TO
Tspi_TPM_DAA_Sign conforms to the Trusted Computing Group Software Specification version 1.2 SEE ALSO
TSS 1.2 2006-09-04 Tspi_TPM_DAA_Sign(3)
Check Out this Related Man Page
Tspi_TPM_DAA_JoinCreateDaaPubKey(3) Library Functions Manual Tspi_TPM_DAA_JoinCreateDaaPubKey(3) TCG Software Stack Developer's Reference NAME
Tspi_TPM_DAA_JoinCreateDaaPubKey - computes the credential request for the DAA Issuer SYNOPSIS
#include <tss/tss_typedef.h> #include <tss/tss_structs.h> #include <tss/tspi.h> TSS_RESULT Tspi_TPM_DAA_JoinCreateDaaPubKey( TSS_HDAA hDAA, TSS_HTPM hTPM, UINT32 authenticationChallengeLength, BYTE* authenticationChallenge, UINT32 nonceIssuerLength, BYTE* nonceIssuer, UINT32 attributesPlatformLength, BYTE** attributesPlatform, TSS_DAA_JOIN_SESSION* joinSession, TSS_DAA_CREDENTIAL_REQUEST* credentialRequest ); DESCRIPTION
Tspi_TPM_DAA_JoinCreateDaaPubKey is the second (between Tspi_TPM_DAA_JoinInit() and Tspi_TPM_DAA_JoinStoreCredential()) out of 3 functions to execute in order to receive a DAA Credential. It computes the credential request for the DAA Issuer, which also in- cludes the Platforms's DAA public key and the attributes that were chosen by the Platform, and which are not visible to the DAA Issuer. The Platform can commit to the attribute values it has chosen. PARAMETERS
hDAA The hDAA parameter is used to specify the handle of the DAA object. hTPM The hTPM parameter is the handle to the TPM object. authenticationChallengeLength The authenticationChallengeLength parameter is length of authenticationChallenge (256 bytes - DAA_SIZE_NE1). authenticationChallenge The authenticationChallenge parameter is the second nonce of the DAA Issuer that is encrypted by the endorsement public key. It is used as a challenge to authenticate the underlying TPM. nonceIssuerLength The nonceIssuerLength parameter is the length of nonceIssuer (20 bytes). nonceIssuer The nonceIssuer parameter is the nonce of the DAA Issuer. attributesPlatformLength The attributesPlatformLength parameter is length of attributesPlatform array, which is determined by the DAA Issuer public key (). The length of a single attribute is ln/8. ln is defined as the size of the RSA modulus (2048). attributesPlatform The attributesPlatform parameter is an array of attributes to be encoded into the DAA Credential not visible to the DAA Issuer. joinSession The joinSession parameter is a structure containing the DAA Join session information. credentialRequest The credentialRequest parameter is the credential request of the Platform, it contains the blinded DAA public key of the platform on which the DAA Issuer will issue the credential the blinded attributes chosen by the Platform. RETURN CODES
Tspi_TPM_DAA_JoinCreateDaaPubKey returns TSS_SUCCESS on success, otherwise one of the following values is returned: TSS_E_INVALID_HANDLE Either the DAA is not valid. TSS_E_BAD_PARAMETER TSS_E_INTERNAL_ERROR An internal SW error has been detected. CONFORMING TO
Tspi_TPM_DAA_JoinCreateDaaPubKey conforms to the Trusted Computing Group Software Specification version 1.2 SEE ALSO
Tspi_TPM_DAA_JoinInit(3) Tspi_TPM_DAA_JoinStoreCredential(3) TSS 1.2 2006-09-04 Tspi_TPM_DAA_JoinCreateDaaPubKey(3)