NAME
Tspi_TPM_DAA_Sign - creates a DAA Signature that proofs ownership of
the DAA Credential
SYNOPSIS
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
#include <tss/tspi.h>
TSS_RESULT Tspi_TPM_DAA_Sign(
TSS_HDAA hDAA,
TSS_HTPM hTPM,
TSS_HKEY hDaaCredential,
TSS_DAA_SELECTED_ATTRIB revealAttributes,
UINT32 verifierBaseNameLength,
BYTE* verifierBaseName,
UINT32 verifierNonceLength,
BYTE* verifierNonce,
TSS_DAA_SIGN_DATA signData,
TSS_DAA_SIGNATURE* daaSignature
);
DESCRIPTION
Tspi_TPM_DAA_Sign creates a DAA Signature that proofs ownership of the
DAA Credential and includes a signature on either a public AIK or a
message. If anonymity revocation is enabled, the value Nv is not
provided in the clear anymore but encrypted under the public key of
anonymity revocation authority, a trusted third party (TTP). Thus the
DAA Verifier cannot check for revocation or link a
transaction/signature to prior ones. Depending on how is chosen, the
protocol either allows implementing anonymity revocation (i.e., using
the DAA Issuer’s long-term base name as the DAA Verifier’s base name
), or having the TTP doing the linking of different signatures for the
same DAA Verifier (i.e., using the DAA Verifier’s base name ).
PARAMETERS
hDAA
The hDAA parameter is used to specify the handle of the DAA object.
hTPM
The hTPM parameter is the handle to the TPM object.
hDaaCredential
The hDaaCredential parameter is the Handle of the DAA Credential.
revealAttributes
The revealAttributes parameter is the attributes which the credential
owner wants to reveal to the DAA Verifier.
verifierBaseNameLength
The verifierBaseNameLength parameter is the Length of verifierBaseName.
verifierBaseName
The verifierBaseName parameter is the base name chosen by the DAA
Verifier. If it equals to null, the platform chooses a random base
name.
verifierNonceLength
The verifierNonceLength parameter is the length of verifierNonceName
(20 bytes).
verifierNonce
The verifierNonce parameter is the nonce created by the DAA Verifier.
signData
The signData parameter is the handle of the received DAA Credential.
daaSignature
The daaSignature parameter is the DAA signature containing the proof of
ownership of the DAA Credential, as well as a signature on either an
AIK or a message.
RETURN CODES
Tspi_TPM_DAA_Sign returns TSS_SUCCESS on success, otherwise one of the
following values is returned:
TSS_E_INVALID_HANDLE
Either the DAA or the TPM handler is not valid.
TSS_E_BAD_PARAMETER
TSS_E_INTERNAL_ERROR
An internal SW error has been detected.
CONFORMING TO
Tspi_TPM_DAA_Sign conforms to the Trusted Computing Group Software
Specification version 1.2
SEE ALSO