Hello,
I'm in need of an example for using owner delegation, and I'm having a hard
time finding the right information. Trousers has some delegation test code
in the test suite, but it seems that it only creates the owner delegation
but doesn't actually use it to access any of the ordinals that can be
allowed in this manner. Specifically, I'd like to be able to enable
ResetLockValue, which as I understand it, needs to be called through
Tspi_TPM_SetStatus with TSS_TPMSTATUS_RESETLOCK. I have test code to set up
the owner delegation, but no working code to exercise the ResetLockValue
call (nothing I've tried works).
Now, normally I would just call Tspi_Context_GetTpmObject, and then
Tspi_Policy_SetSecret with the TPM owner password on the policy object for
the TPM object. This works fine, of course, but how would I instead use my
delegate credentials? I've tried a number of things (some quite naive), but
I'm sure there is a straightforward way of doing this. From poking at the
source, I can see the OIAP authorization call, which from the TPM spec,
seems to be able to use delegate information, but I'm not sure. The
specifics of OIAP versus xSAP are beyond my current level of familiarity
with the guts of the TSS.
Can anyone point me in the right direction?
Regards,
fes
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
