Lines Matching refs:scheme
1642 a parameter that should be a key derivation scheme (KDF) selection does not
1660 a parameter that should be signing or encryption scheme selection does not have
3547 If the TPM implements a “gap” scheme for assigning contextID values, then the TPM shall return
4247 5) If the key is an ECC key and the scheme required by the curveID is not the same as scheme in
4490 inconsistent attributes decrypt, sign, restricted and key's scheme ID;
4491 or hash algorithm is inconsistent with the scheme ID for keyed hash
4498 hash object is larger than is allowed for the scheme
4900 the signing scheme is not valid for the key
5333 the signing scheme is not valid for the key
5473 // Validate the scheme parameters
7917 inconsistent attributes decrypt, sign, restricted and key's scheme ID
7918 in objectPublic; or hash algorithm is inconsistent with the scheme ID
8234 This command performs RSA encryption using the indicated padding scheme according to PKCS#1v2.1
8235 (PKCS#1). If the scheme of keyHandle is TPM_ALG_NULL, then the caller may use inScheme to specify
8236 the padding scheme. If scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be
8237 TPM_ALG_NULL or be the same as scheme (TPM_RC_SCHEME).
8242 Requiring that the decrypt attribute be set allows the TPM to ensure that the scheme selection is
8243 done with the presumption that the scheme of the key is a decryption scheme selection. It is
8253 exponent of the key referenced by keyHandle. This scheme is only used if both the scheme
8258 keyHandle→scheme
8298 padding scheme used
8321 scheme is consistent rather than have that deferred until the key is used.
8328 If inScheme is used, and the scheme requires a hash algorithm it may not be TPM_ALG_NULL.
8334 padding scheme is supported.
8336 The message parameter is limited in size by the padding scheme according to the following table:
8371 scheme.
8374 If the scheme does not use a label, the TPM will still verify that label is properly formatted if l…
8382 desired scheme. If the scheme is to be changed, a different public area must be loaded.
8447 the padding scheme to use if scheme associated with
8514 incorrect input scheme, or the chosen scheme is not a valid RSA
8515 decrypt scheme
8587 *scheme;
8610 // Select a scheme for encryption
8611 scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
8612 if(scheme == NULL)
8639 scheme, in->message.t.size, in->message.t.buffer,
8663 This command performs RSA decryption using the indicated padding scheme according to PKCS#1v2.1
8665 The scheme selection for this command is the same as for TPM2_RSA_Encrypt() and is shown in Table
8672 the selected scheme. If the padding checks fail, TPM_RC_VALUE is returned. Otherwise, the data is
8679 If a label is used in the padding process of the scheme, the label parameter is required to be pres…
8689 If the decryption scheme does not require a hash function, the hash parameter of inScheme may be set
8691 If the description scheme does not require a label, the value in label is not used but the size of …
8748 the padding scheme to use if scheme associated with
8817 incorrect input scheme, or the chosen scheme is not a valid RSA
8818 decrypt scheme
8894 *scheme;
8929 // Select a scheme for decrypt.
8930 scheme = CryptSelectRSAScheme(in->keyHandle, &in->inScheme);
8931 if(scheme == NULL)
8968 scheme, in->cipherText.t.size,
9239 The scheme of the key referenced by keyHandle is required to be either TPM_ALG_ECDH or
9590 The TPM will compute Z or Zs and Ze according to the selected scheme. If the scheme is not a two-ph…
9591 key exchange scheme or if the scheme is not supported, the TPM will return TPM_RC_SCHEME.
9628 If the input scheme is TPM_ALG_ECDH, then outZ1 will be Zs and outZ2 will be Ze. For schemes like
9697 the key exchange scheme
9729 X and Y coordinates of the computed value (scheme
9737 (scheme dependent)
9828 the scheme of the key referenced by keyA is not TPM_ALG_NULL,
9852 scheme;
9865 // if the scheme of keyA is TPM_ALG_NULL, then use the input scheme; otherwise
9866 // the input scheme must be the same as the scheme of keyA
9867 scheme = eccKey->publicArea.parameters.asymDetail.scheme.scheme;
9868 if(scheme != TPM_ALG_NULL)
9870 if(scheme != in->inScheme)
9874 scheme = in->inScheme;
9875 if(scheme == TPM_ALG_NULL)
9932 scheme,
10673 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
10675 TPM_ALG_NULL or the same algorithm as selected in the key's scheme.
10677 A restricted key may only have one of sign or decrypt SET and the default scheme may not
10680 hashAlg is TPM_ALG_NULL the TPM will use the default scheme of the key.
10685 decrypt are set, there is no default scheme for the key and the hash algorithm must be specified .
10851 TPM_ALG_NULL not equal to that of the key scheme; or both
10852 hashAlg and the key scheme's algorithm are TPM_ALG_NULL
10887 // Assume that the key default scheme is used
10888 hashAlg = publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
10889 // if the key is restricted, then need to use the scheme of the key and the
10890 // input algorithm must be TPM_ALG_NULL or the same as the key scheme
10903 // with the key scheme or type
11280 If handle references a restricted key, then the hash algorithm specified in the key's scheme is use…
11282 TPM_ALG_NULL or the same algorithm in the key's scheme.
11284 hashAlg is TPM_ALG_NULL in which case it will use the default scheme of the key.
11290 handle→scheme
11292 from key's scheme)
11326 handle→scheme
11328 same as handle→scheme
11330 handle→scheme
11336 handle→scheme
11347 handle→scheme
11365 The scheme for the handle may only be TPM_ALG_NULL if both sign and decrypt are SET.
11373 A restricted key is required to have a scheme with a valid hash algorithm. A restricted key may not…
11378 The scheme for a restricted key cannot be overridden.
11545 TPM_ALG_NULL not equal to that of the key scheme; or both
11546 hashAlg and the key scheme's algorithm are TPM_ALG_NULL
11578 // Assume that the key default scheme is used
11579 hashAlg = publicArea->parameters.keyedHashDetail.scheme.details.hmac.hashAlg;
11580 // if the key is restricted, then need to use the scheme of the key and the
11581 // input algorithm must be TPM_ALG_NULL or the same as the key scheme
12756 For all signing commands, provisions are made for the caller to provide a scheme to be used for the
12757 signing operation. This scheme will be applied only if the scheme of the key is TPM_ALG_NULL. If the
12758 scheme for signHandle is not TPM_ALG_NULL, then inScheme.scheme shall be TPM_ALG_NULL or the
12759 same as scheme in the public area of the key. If the scheme for signHandle is TPM_ALG_NULL, then
12761 TPM_RC_SCHEME to indicate that the scheme is not appropriate.
12762 For a signing key that is not restricted, the caller may specify the scheme to be used as long as t…
12763 scheme is compatible with the family of the key (for example, TPM_ALG_RSAPSS cannot be selected for
12764 an ECC key). If the caller sets scheme to TPM_ALG_NULL, then the default scheme of the key is used.
12774 When signHandle is TPM_RH_NULL, scheme is still required to be a valid signing scheme (may be
12775 TPM_ALG_NULL), but the scheme will have no effect on the format of the signature. It will always
12803 If the signing scheme of signHandle is an anonymous scheme, then the attestation blocks will not co…
12847 See 20.1 for description of how the signing scheme is selected.
12923 signing scheme to use if the scheme for signHandle is
13047 split scheme).
13167 See 20.1 for description of how the signing scheme is selected.
13254 signing scheme to use if the scheme for signHandle is
13382 split scheme).
13516 See 20.1 for description of how the signing scheme is selected.
13519 signHandle (this is the hash algorithm of the signing scheme, not the nameAlg of signHandle).
13576 signing scheme to use if the scheme for signHandle is
13697 the scheme is not compatible with sign key type, or input scheme is
13698 not compatible with default scheme, or the chosen scheme is not a
13699 valid sign scheme
13740 // Get hash algorithm in sign scheme. This hash algorithm is used to
13833 See 20.1 for description of how the signing scheme is selected.
13924 signing scheme to use if the scheme for signHandle is
13990 inScheme is incompatible with signHandle type; or both scheme and
13991 key's default scheme are empty; or scheme is empty while key's
13992 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14044 digest generated for the given scheme is greater than the modulus of
14184 See 20.1 for description of how the signing scheme is selected.
14262 signing scheme to use if the scheme for signHandle is
14326 inScheme is incompatible with signHandle type; or both scheme and
14327 key's default scheme are empty; or scheme is empty while key's
14328 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14378 digest generated for the given scheme is greater than the modulus of
14513 See 20.1 for description of how the signing scheme is selected.
14595 signing scheme to use if the scheme for signHandle is
14663 inScheme is incompatible with signHandle type; or both scheme and
14664 key's default scheme are empty; or scheme is empty while key's
14665 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
14715 digest generated for the given scheme is greater than the modulus of
14888 anonymous signing scheme (TPM_RC_SCHEME).
15128 anonymous scheme
15216 // if the key is restricted, it must be a signing key using an anonymous scheme
15222 eccKey->publicArea.parameters.eccDetail.scheme.scheme))
15937 If the scheme of keyHandle is not TPM_ALG_NULL, then inScheme shall either be the same scheme as
15939 If the scheme of keyHandle is TPM_ALG_NULL, the TPM will sign using inScheme; otherwise, it will si…
15940 using the scheme of keyHandle.
15943 When the signing scheme requires a hash algorithm, the hash is defined in the qualifying data of the
15944 scheme.
15946 If inScheme is not a valid signing scheme for the type of keyHandle (or TPM_ALG_NULL), then the TPM
15948 If the scheme of keyHandle is an anonymous scheme, then inScheme shall have the same scheme
15952 the signature operation may fail if digest is too large for the selected scheme.
16007 signing scheme to use if the scheme for keyHandle is
16081 key's default scheme are empty; or inScheme is empty while key's
16082 default scheme requires explicit input scheme (split signing); or nonempty default key scheme diffe…
16171 // pick a scheme for sign. If the input sign scheme is not compatible with
16172 // the default scheme, return an error.
19040 Each signature and key combination indicates the scheme and each scheme has an
19276 authObject is not a signing scheme
19284 the signing scheme of auth is not supported by the TPM
25193 inconsistent attributes decrypt, sign, restricted and key's scheme ID;
25194 or hash algorithm is inconsistent with the scheme ID for keyed hash
25201 hash object is larger than is allowed for the scheme
28009 upgrade scheme may be used for replacement or augmentation of the firmware installed in the TPM.
35264 See 20.1 for description of how the signing scheme is selected.
35338 signing scheme to use if the scheme for signHandle is