| Property | Type | Description | |
|---|---|---|---|
| Transform | void |
| Method | Description | |
|---|---|---|
|
Copy ( ) : |
||
| CreateActivationCredentials ( byte secret, TpmAlgId nameAlgId, byte nameOfKeyToBeActivated, byte &encryptedSecret ) : byte[] |
Create activation blobs that can be passed to ActivateCredential. Two blobs are returned - (a) - encryptedSecret - is the symmetric key cfb-symmetrically encrypted with an enveloping key (b) credentialBlob (the return value of this function) - is the enveloping key OEAP (RSA) encrypted by the public part of this key.
|
|
|
EcdhGetKeyExchangeKey ( byte encodingParms, TpmAlgId decryptKeyNameAlg, |
Get an ECDH key exchange key (one pass ephemeral) and the public key of the ephemeral key using ECDH with encodingParms as input to the KDF (ECC only)
|
|
| EncryptOaep ( byte dataToEncrypt, byte encodingParms ) : byte[] |
OEAP pad and encrypt the data using the specified encoding parameters (RSA only)
|
|
| GetName ( ) : byte[] |
Calculate and return the name of the entity. The name is an alg-prepended hash in a byte[]
|
|
| TpmPublic ( ) : System | ||
| TpmPublic ( TpmAlgId the_nameAlg, ObjectAttr the_objectAttributes, byte the_authPolicy, IPublicParmsUnion the_parameters, IPublicIdUnion the_unique ) : System | ||
|
TpmPublic ( |
||
|
VerifyCertify ( |
Verify that quotedInfo is properly signed by an associated private key holder, and that the quotedInfo.type, .extraData and .magic are correct. Also check that the certified name is what the caller expects. The caller must check other fields (for instance the qualified name)
|
|
|
VerifyQuote ( TpmAlgId pcrDigestAlg, |
Verify that a TPM quote matches an expect PCR selection, is well formed, and is properly signed by the private key corresponding to this public key.
|
|
| VerifySignatureOverData ( byte signedData, ISignatureUnion signature, TpmAlgId sigHashAlg = TpmAlgId.Null ) : bool |
The TPM always signs hash-sized data. This version of the VerifySignature performs the necessary hash operation over arbitrarily-length data and verifies that the hash is properly signed (i.e. the library performs the hash)
|
|
|
VerifySignatureOverHash ( |
Verify a TPM signature structure of the hash of some data (caller hashes the data that will be verified)
|
|
| _SetTransformer ( Transformer transformer ) : void |
Install a transformer callback (for debugging). Transformer is called on several code-paths in creating SW-generated keys, import blobs, and activation blobs. Transformer can arbitrarily manipulate the byte array parameter and the transformed value will be used (this allows a caller to transform parameters that are hard to affect in the raw TPM command because they are protected by crypto. Note that the transformer callback should only work on a fraction (say 10%) of the calls because the it is called several times during preparation of some data structures and if one always modifies the first then it is possible that the second is never processed by the TPM.
|
| Method | Description | |
|---|---|---|
| Transform ( byte x ) : void |
| public CreateActivationCredentials ( byte secret, TpmAlgId nameAlgId, byte nameOfKeyToBeActivated, byte &encryptedSecret ) : byte[] | ||
| secret | byte | |
| nameAlgId | TpmAlgId | |
| nameOfKeyToBeActivated | byte | |
| encryptedSecret | byte | |
| return | byte[] | |
|
public EcdhGetKeyExchangeKey ( byte encodingParms, TpmAlgId decryptKeyNameAlg, |
||
| encodingParms | byte | |
| decryptKeyNameAlg | TpmAlgId | |
| pubEphem | ||
| return | byte[] | |
| public EncryptOaep ( byte dataToEncrypt, byte encodingParms ) : byte[] | ||
| dataToEncrypt | byte | |
| encodingParms | byte | |
| return | byte[] | |
| public TpmPublic ( TpmAlgId the_nameAlg, ObjectAttr the_objectAttributes, byte the_authPolicy, IPublicParmsUnion the_parameters, IPublicIdUnion the_unique ) : System | ||
| the_nameAlg | TpmAlgId | algorithm used for computing the Name of the object NOTE The "+" indicates that the instance of a TPMT_PUBLIC may have a "+" to indicate that the nameAlg may be TPM_ALG_NULL. |
| the_objectAttributes | ObjectAttr | attributes that, along with type, determine the manipulations of this object |
| the_authPolicy | byte | optional policy for using this key The policy is computed using the nameAlg of the object. NOTE Shall be the Empty Policy if no authorization policy is present. |
| the_parameters | IPublicParmsUnion | the algorithm or structure details(One of KeyedhashParms, SymcipherParms, RsaParms, EccParms, AsymParms) |
| the_unique | IPublicIdUnion | the unique identifier of the structure For an asymmetric key, this would be the public key.(One of Tpm2bDigestKeyedhash, Tpm2bDigestSymcipher, Tpm2bPublicKeyRsa, EccPoint, TpmDerive) |
| return | System | |
|
public TpmPublic ( |
||
| the_TpmPublic | ||
| return | System | |
|
public VerifyCertify ( |
||
| name | ||
| nonce | byte | |
| quotedInfo | Attest | |
| expectedName | byte | |
| signature | ISignatureUnion | |
| return | bool | |
|
public VerifyQuote ( TpmAlgId pcrDigestAlg, |
||
| pcrDigestAlg | TpmAlgId | |
| expectedSelectedPcr | ||
| expectedPcrValues | ||
| nonce | byte | |
| quotedInfo | Attest | |
| signature | ISignatureUnion | |
| qualifiedNameOfSigner | byte | |
| return | bool | |
| public VerifySignatureOverData ( byte signedData, ISignatureUnion signature, TpmAlgId sigHashAlg = TpmAlgId.Null ) : bool | ||
| signedData | byte | |
| signature | ISignatureUnion | |
| sigHashAlg | TpmAlgId | |
| return | bool | |
|
public VerifySignatureOverHash ( |
||
| signedHash | ||
| signature | ISignatureUnion | |
| return | bool | |
| public _SetTransformer ( Transformer transformer ) : void | ||
| transformer | Transformer | |
| return | void | |