Lines Matching refs:scheme
1642 a parameter that should be a key derivation scheme (KDF) selection does not
1660 a parameter that should be signing or encryption scheme selection does not have
3547 If the TPM implements a “gap” scheme for assigning contextID values, then the TPM shall return
4245 5) If the key is an ECC key and the scheme required by the curveID is not the same as scheme in
4488 inconsistent attributes decrypt, sign, restricted and key's scheme ID;
4489 or hash algorithm is inconsistent with the scheme ID for keyed hash
4496 hash object is larger than is allowed for the scheme
4898 the signing scheme is not valid for the key
5331 the signing scheme is not valid for the key
5471 // Validate the scheme parameters
7906 inconsistent attributes decrypt, sign, restricted and key's scheme ID
7907 in objectPublic; or hash algorithm is inconsistent with the scheme ID
8223 This command performs RSA encryption using the indicated padding scheme according to PKCS#1v2.1
8224 (PKCS#1). If the scheme of keyHandle is TPM_ALG_NULL, then the caller may use inScheme to specify
8225 the padding scheme. If scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be
8226 TPM_ALG_NULL or be the same as scheme (TPM_RC_SCHEME).
8231 Requiring that the decrypt attribute be set allows the TPM to ensure that the scheme selection is
8232 done with the presumption that the scheme of the key is a decryption scheme selection. It is
8242 exponent of the key referenced by keyHandle. This scheme is only used if both the scheme
8247 keyHandle→scheme
8287 padding scheme used
8310 scheme is consistent rather than have that deferred until the key is used.
8317 If inScheme is used, and the scheme requires a hash algorithm it may not be TPM_ALG_NULL.
8323 padding scheme is supported.
8325 The message parameter is limited in size by the padding scheme according to the following table:
8360 scheme.
8363 If the scheme does not use a label, the TPM will still verify that label is properly formatted if l…
8371 desired scheme. If the scheme is to be changed, a different public area must be loaded.
8436 the padding scheme to use if scheme associated with
8503 incorrect input scheme, or the chosen scheme is not a valid RSA
8504 decrypt scheme
8576 *scheme;
8599 // Select a scheme for encryption
8600 scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
8601 if(scheme == NULL)
8628 scheme, in->message.t.size, in->message.t.buffer,
8652 This command performs RSA decryption using the indicated padding scheme according to PKCS#1v2.1
8654 The scheme selection for this command is the same as for TPM2_RSA_Encrypt() and is shown in Table
8661 the selected scheme. If the padding checks fail, TPM_RC_VALUE is returned. Otherwise, the data is
8668 If a label is used in the padding process of the scheme, the label parameter is required to be pres…
8678 If the decryption scheme does not require a hash function, the hash parameter of inScheme may be set
8680 If the description scheme does not require a label, the value in label is not used but the size of …
8737 the padding scheme to use if scheme associated with
8806 incorrect input scheme, or the chosen scheme is not a valid RSA
8807 decrypt scheme
8883 *scheme;
8918 // Select a scheme for decrypt.
8919 scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
8920 if(scheme == NULL)
8957 scheme, in->cipherText.t.size,
9228 The scheme of the key referenced by keyHandle is required to be either TPM_ALG_ECDH or
9579 The TPM will compute Z or Zs and Ze according to the selected scheme. If the scheme is not a two-ph…
9580 key exchange scheme or if the scheme is not supported, the TPM will return TPM_RC_SCHEME.
9617 If the input scheme is TPM_ALG_ECDH, then outZ1 will be Zs and outZ2 will be Ze. For schemes like
9686 the key exchange scheme
9718 X and Y coordinates of the computed value (scheme
9726 (scheme dependent)
9817 the scheme of the key referenced by keyA is not TPM_ALG_NULL,
9841 scheme;
9854 // if the scheme of keyA is TPM_ALG_NULL, then use the input scheme; otherwise
9855 // the input scheme must be the same as the scheme of keyA
9856 scheme = eccKey->publicArea.parameters.asymDetail.scheme.scheme;
9857 if(scheme != TPM_ALG_NULL)
9859 if(scheme != in->inScheme)
9863 scheme = in->inScheme;
9864 if(scheme == TPM_ALG_NULL)
9921 scheme,
10662 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
10664 TPM_ALG_NULL or the same algorithm as selected in the key's scheme.
10666 A restricted key may only have one of sign or decrypt SET and the default scheme may not
10669 hashAlg is TPM_ALG_NULL the TPM will use the default scheme of the key.
10674 decrypt are set, there is no default scheme for the key and the hash algorithm must be specified .
10840 TPM_ALG_NULL not equal to that of the key scheme; or both
10841 hashAlg and the key scheme's algorithm are TPM_ALG_NULL
10876 // Assume that the key default scheme is used
10877 hashAlg = publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
10878 // if the key is restricted, then need to use the scheme of the key and the
10879 // input algorithm must be TPM_ALG_NULL or the same as the key scheme
10892 // with the key scheme or type
11269 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
11271 TPM_ALG_NULL or the same algorithm in the key's scheme.
11273 hashAlg is TPM_ALG_NULL in which case it will use the default scheme of the key.
11279 handle→scheme
11281 from key's scheme)
11315 handle→scheme
11317 same as handle→scheme
11319 handle→scheme
11325 handle→scheme
11336 handle→scheme
11354 The scheme for the handle may only be TPM_ALG_NULL if both sign and decrypt are SET.
11362 A restricted key is required to have a scheme with a valid hash algorithm. A restricted key may not…
11367 The scheme for a restricted key cannot be overridden.
11534 TPM_ALG_NULL not equal to that of the key scheme; or both
11535 hashAlg and the key scheme's algorithm are TPM_ALG_NULL
11567 // Assume that the key default scheme is used
11568 hashAlg = publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
11569 // if the key is restricted, then need to use the scheme of the key and the
11570 // input algorithm must be TPM_ALG_NULL or the same as the key scheme
12745 For all signing commands, provisions are made for the caller to provide a scheme to be used for the
12746 signing operation. This scheme will be applied only if the scheme of the key is TPM_ALG_NULL. If the
12747 scheme for signHandle is not TPM_ALG_NULL, then inScheme.scheme shall be TPM_ALG_NULL or the
12748 same as scheme in the public area of the key. If the scheme for signHandle is TPM_ALG_NULL, then
12750 TPM_RC_SCHEME to indicate that the scheme is not appropriate.
12751 For a signing key that is not restricted, the caller may specify the scheme to be used as long as t…
12752 scheme is compatible with the family of the key (for example, TPM_ALG_RSAPSS cannot be selected for
12753 an ECC key). If the caller sets scheme to TPM_ALG_NULL, then the default scheme of the key is used.
12763 When signHandle is TPM_RH_NULL, scheme is still required to be a valid signing scheme (may be
12764 TPM_ALG_NULL), but the scheme will have no effect on the format of the signature. It will always
12792 If the signing scheme of signHandle is an anonymous scheme, then the attestation blocks will not co…
12836 See 20.1 for description of how the signing scheme is selected.
12910 signing scheme to use if the scheme for signHandle is
13036 split scheme).
13156 See 20.1 for description of how the signing scheme is selected.
13243 signing scheme to use if the scheme for signHandle is
13371 split scheme).
13505 See 20.1 for description of how the signing scheme is selected.
13508 signHandle (this is the hash algorithm of the signing scheme, not the nameAlg of signHandle).
13565 signing scheme to use if the scheme for signHandle is
13686 the scheme is not compatible with sign key type, or input scheme is
13687 not compatible with default scheme, or the chosen scheme is not a
13688 valid sign scheme
13729 // Get hash algorithm in sign scheme. This hash algorithm is used to
13822 See 20.1 for description of how the signing scheme is selected.
13911 signing scheme to use if the scheme for signHandle is
13979 inScheme is incompatible with signHandle type; or both scheme and
13980 key's default scheme are empty; or scheme is empty while key's
13981 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14033 digest generated for the given scheme is greater than the modulus of
14173 See 20.1 for description of how the signing scheme is selected.
14251 signing scheme to use if the scheme for signHandle is
14315 inScheme is incompatible with signHandle type; or both scheme and
14316 key's default scheme are empty; or scheme is empty while key's
14317 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14367 digest generated for the given scheme is greater than the modulus of
14502 See 20.1 for description of how the signing scheme is selected.
14582 signing scheme to use if the scheme for signHandle is
14652 inScheme is incompatible with signHandle type; or both scheme and
14653 key's default scheme are empty; or scheme is empty while key's
14654 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14704 digest generated for the given scheme is greater than the modulus of
14877 anonymous signing scheme (TPM_RC_SCHEME).
15117 anonymous scheme
15205 // if the key is restricted, it must be a signing key using an anonymous scheme
15211 eccKey->publicArea.parameters.eccDetail.scheme.scheme))
15926 If the scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be the same scheme as
15928 If the scheme of keyHandle is TPM_ALG_NULL, the TPM will sign using inScheme; otherwise, it will si…
15929 using the scheme of keyHandle.
15932 When the signing scheme requires a hash algorithm, the hash is defined in the qualifying data of the
15933 scheme.
15935 If inScheme is not a valid signing scheme for the type of keyHandle (or TPM_ALG_NULL), then the TPM
15937 If the scheme of keyHandle is an anonymous scheme, then inScheme shall have the same scheme
15941 the signature operation may fail if digest is too large for the selected scheme.
15996 signing scheme to use if the scheme for keyHandle is
16070 key's default scheme are empty; or inScheme is empty while key's
16071 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
16160 // pick a scheme for sign. If the input sign scheme is not compatible with
16161 // the default scheme, return an error.
19029 Each signature and key combination indicates the scheme and each scheme has an
19265 authObject is not a signing scheme
19273 the signing scheme of auth is not supported by the TPM
25182 inconsistent attributes decrypt, sign, restricted and key's scheme ID;
25183 or hash algorithm is inconsistent with the scheme ID for keyed hash
25190 hash object is larger than is allowed for the scheme
27998 upgrade scheme may be used for replacement or augmentation of the firmware installed in the TPM.
35255 See 20.1 for description of how the signing scheme is selected.
35329 signing scheme to use if the scheme for signHandle is