Gets all the informatin necessary to send to a trusted third party (ttp), repartory to asking the ttp to create a certificate for identity.
#include <tss/platform.h> #include <tss/tcpa_defines.h> #include <tss/tcpa_typedef.h> #include <tss/tcpa_struct.h> #include <tss/tss_typedef.h> #include <tss/tss_structs.h> #include <tss/tspi.h> TSS_RESULT Tspi_TPM_CollateIdentityRequest(TSS_HTPM hTPM, TSS_HKEY hKeySRK, TSS_HKEY hCAPPubKey, UINT32 ulIdentityLabelData, BYTE* rgbIdentityLabelData, TSS_HKEY hIdentityKey, TSS_ALGORITHM_ID algid, UINT32* pulTCPAIdentityReqLength, BYTE** prgbTCPAIdentityReq);
TSS_TPM_CollateIdentityRequest creates an identity key, binds it to the label and returns a certificate request package. The privacty CA requires this certificate request to attest the identity key.
Only the Owner of the TPM has the privledge of creating a TPM identity key.
The symmetric session key is required to provide confidentiality of the "TCPA_IDENTITY_REQ" data structure, which should be sent to the Privacy CA chosen by the owner.
Handle of the TPM object.
Handle to the key object representing the Storage Root Key
Handle to the key object representing the public key of the CA which signs the certificate of the created identity key.
Supplies the length (in bytes) of the rgbIdentityLabelData parameter
Pointer to a memory block containing the identity label, which should be a UNICODE string
Handle to the identity key object
The type of symmetric algorithm touse as required by the Enhanced CA.
Recieves the length (in bytes) of the prgbTCPAIdentityReq parameter
Pointer to the memory block containing the certicficate request structure.
Tspi_TPM_CollateIdentityRequest returns TSS_SUCCESS on success, otherwise one of the following values are returned:
TSS_E_INVALID_HANDLE
Either hTPM or hKeySRK or hCAPubKey is not a valid handle.
TSS_E_BAD_PARAMETER
TSS_E_INTERNAL_ERROR
An error occurred internal to the TSS.
Tspi_TPM_CollateIdentityRequest conforms to the Trusted Computing Group Software Specification version 1.1 Golden