TPM STDLL README
Kent Yoder <shpedoikal@gmail.com>
Current architecture:
SRK
|
+ User Root Key (URK)
| |
| + [1..N] User Base Key (UBK)
| |
| + Migratable Leaf Key (MLK)
| | |
| | + Auth Data for User Created Keys
| |
| + [1..N] User Created Keys
|
+ Migratable Root Key (MRK)
|
+ Migratable Leaf Key (MLK)
1. When the SO logs in:
A) its verified that she is root (currently commented out)
B) the token searches for the User Root Key (URK), and if found, the SO's key
chain is loaded, up to the SO's protection key. Some junk data is encrypted
and decrypted to challenge the auth data passed in and if that test passes,
the SO is logged in
C) if the URK isn't found, its assumed that the SO is logging in for the
first time, and
i. The URK is generated in software
ii. The URK's private key is wrapped with the public key of the SRK, and
TSS and PKCS#11 objects are created for it, storing it in the PKCS#11
data store
D) i and ii are repeated for the Migratable Root Key (MRK)
E) The Protection Key is generated by the TPM as a child of the MRK
F) Some junk data is encrypted and decrypted to challenge the auth data passed
in and if that test passes, the SO is logged in
2. When the USER logs in:
A) The URK is searched for and if not found, failure (The SO has not
initialized the token)
B) If the URK is found, the User's Base Key (UBK) is searched for and if found,
the user's key chain is loaded, up to the USER's protection key. Some junk
data is encrypted and decrypted to challenge the auth data passed in and if
that test passes, the USER is logged in
C) if the UBK is not found:
i. The UBK is generated in software
ii.The UBK's private key is wrapped with the public key of the URK, and
TSS and PKCS#11 objects are created for it, storing it in the PKCS#11
data store
D) The User's Protection Key is generated by the TPM as a child of the UBK
E) Some junk data is encrypted and decrypted to challenge the auth data
passed in and if that test passes, the USER is logged in
