Signing with TPM Identities
TPM identity keys are used to sign certain data structures generated by the TPM; hence, they vouch for the validity of that data. These capabilities can use TPM identity keys for signatures:
TPM_ChangeAuthAsymStart certifies that a temporary key can be used to change a TPM object's authorization data and hides the new value from the owner of the parent TPM object.
TPM_Quote certifies the current values of the platform configuration registers.
TPM_CertifyKey certifies the properties of a key.
TPM_CertifySelfTest certifies the results of a TPM self-test.
TPM_GetCapabilitySigned certifies the capabilities of the TPM.
TPM_GetAuditEventSigned certifies the events currently being audited by a TPM.
TPM identities deliberately ...
Get Trusted Computing Platforms: TCPA Technology in Context now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.