Next: Using keys, Previous: Keys in TPM, Up: Trusted Platform Module [Contents][Index]
All keys used by the TPM must be generated by the TPM. This can be done using gnutls_tpm_privkey_generate.
pk: the public key algorithm
bits: the security bits
srk_password: a password to protect the exported key (optional)
key_password: the password for the TPM (optional)
format: the format of the private key
pub_format: the format of the public key
privkey: the generated key
pubkey: the corresponding public key (may be null)
flags: should be a list of GNUTLS_TPM_* flags
This function will generate a private key in the TPM
chip. The private key will be generated within the chip
and will be exported in a wrapped with TPM’s master key
form. Furthermore the wrapped key can be protected with
the provided password
.
Note that bits in TPM is quantized value. If the input value is not one of the allowed values, then it will be quantized to one of 512, 1024, 2048, 4096, 8192 and 16384.
Allowed flags are:
Returns: On success, GNUTLS_E_SUCCESS
(0) is returned, otherwise a
negative error value.
Since: 3.1.0
int gnutls_tpm_get_registered (gnutls_tpm_key_list_t * list)
void gnutls_tpm_key_list_deinit (gnutls_tpm_key_list_t list)
int gnutls_tpm_key_list_get_url (gnutls_tpm_key_list_t list, unsigned int idx, char** url, unsigned int flags)
url: the URL describing the key
srk_password: a password for the SRK key
This function will unregister the private key from the TPM chip.
Returns: On success, GNUTLS_E_SUCCESS
(0) is returned, otherwise a
negative error value.
Since: 3.1.0
Next: Using keys, Previous: Keys in TPM, Up: Trusted Platform Module [Contents][Index]