This is not Trousers-related per se, but since there is a lot of TPM expertise
in this forum (and since I could not find any relevant forums in the TCG pages,
at least not any available without forking over membership $$$) I thought that
somebody here might be able to give useful feedback.
The 1.1b standard (TCPA Main Specification, Vesion 1.1b 22 February 2002, sec.
5.6.1, p. 120) mandates that the HMAC key to be used for computing the
authorization HMAC for the OIAP session in the TPM_ChangeAuth command must be
the NEW usage authorization data for the target entity. However, the 1.2
standard (TPM Main Part 3 Commands, Specification Version 1.2, Level 2 Revision
103, 9 July 2007, sec. 17.1, p. 169) mandates that the HMAC key must be the
ORIGINAL usage authorization value, not the NEW one.
The question now is, Is this intentional? Is this particular aspect of the
TPM_ChangeAuth command meant to differ so crucially between 1.1b and 1.2 TPMs?
I have access to an Infineon 1.1b TPM and it does exactly as the 1.1b spec
mandates in this respect. Might the 1.2 spec be erroneous here? Or am I just
misinterpreting it?
------------------------------------------------------------------------------
Nokia and AT&T present the 2010 Calling All Innovators-North America contest
Create new apps & games for the Nokia N8 for consumers in U.S. and Canada
$10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing
Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store
http://p.sf.net/sfu/nokia-dev2dev
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
