fmaury/tpm.dev.tutorials
1
0
Fork 0
mirror of https://github.com/tpm2dev/tpm.dev.tutorials.git synced 2024-09-19 20:32:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

Intro: Describe how authValues are proved

Browse source
This commit is contained in:
Nicolas Williams 2021-08-26 10:41:50 -05:00
parent f481bf9865
commit 4628effd78
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
Intro/README.md
View file

@ -856,6 +856,15 @@ session.
> sessions as inputs to any TPM command (some TPM commands have no input > sessions as inputs to any TPM command (some TPM commands have no input
> handle parameters, some have one, and some have two). > handle parameters, some have one, and some have two).
### Proving Knowledge of a Shared `authValue`
Each session used in a command can prove the caller's (and TPM's)
knowledge of the session's `bind` object's `authValue`. As well, the
`TPM2_PolicySecret()` command can be used to inject the `authValue` of
arbitrary objects into the session's state computations, once again
having the caller prove its knowledge of the `authValue`, and the TPM
will prove its knowledge of it back to the caller on its response.
## Restricted Cryptographic Keys ## Restricted Cryptographic Keys
Cryptographic keys can either be unrestricted or restricted. Cryptographic keys can either be unrestricted or restricted.