mirror of
https://github.com/tpm2dev/tpm.dev.tutorials.git
synced 2024-11-10 01:12:10 +00:00
Intro: Describe how authValues are proved
This commit is contained in:
parent
f481bf9865
commit
4628effd78
1 changed files with 9 additions and 0 deletions
|
@ -856,6 +856,15 @@ session.
|
||||||
> sessions as inputs to any TPM command (some TPM commands have no input
|
> sessions as inputs to any TPM command (some TPM commands have no input
|
||||||
> handle parameters, some have one, and some have two).
|
> handle parameters, some have one, and some have two).
|
||||||
|
|
||||||
|
### Proving Knowledge of a Shared `authValue`
|
||||||
|
|
||||||
|
Each session used in a command can prove the caller's (and TPM's)
|
||||||
|
knowledge of the session's `bind` object's `authValue`. As well, the
|
||||||
|
`TPM2_PolicySecret()` command can be used to inject the `authValue` of
|
||||||
|
arbitrary objects into the session's state computations, once again
|
||||||
|
having the caller prove its knowledge of the `authValue`, and the TPM
|
||||||
|
will prove its knowledge of it back to the caller on its response.
|
||||||
|
|
||||||
## Restricted Cryptographic Keys
|
## Restricted Cryptographic Keys
|
||||||
|
|
||||||
Cryptographic keys can either be unrestricted or restricted.
|
Cryptographic keys can either be unrestricted or restricted.
|
||||||
|
|
Loading…
Reference in a new issue