On 11/17/2015 12:22 PM, Bill Martin wrote: > I am using Trousers 0.3.10 and use an Infineon SLB9645 TPM. > > In 15.2 of "TPM Main Part 3 Commands" spec for TPM 1.2 I see from the > description of the TPM_ActivateIdentity command that the hash of the > identity key might be calculated - provided a payload is a > TPM_ASYM_CA_CONTENTS form. Does this hash get stored in the TPM?
At a high level, during TPM_ActivateIdentity: The TPM calculates the hash of the public part of the already loaded identity key. It compares that to the supplied TPM_ASYM_CA_CONTENTS->idDigest. It previously checked that the key is really an identity key. The prevents an attacker from activating a key that isn't an identity key, or of an identity key not connected to this TPM. ------------------------------------------------------------------------------ _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
