Lines Matching full:primary
88 The mechanism chosen for the Linux Kernel is to derive the primary
102 certifying the null seed primary with that key) which is too complex
103 to run within the kernel, so we keep a copy of the null primary key
106 that if the null primary key certifies correctly, you know all your
114 In the current null primary scenario, the TPM must be completely
137 kernel must be created using the null primary key as the salt key
139 derivation. Thus, the kernel creates the null primary key once (as a
150 For every in-kernel operation we use null primary salted HMAC to
155 Null Primary Key Certification in Userspace
159 primary endorsement key. This document assumes that the Elliptic
163 The first step in the certification is primary creation using the
165 of the generated primary key against the one in the certificate (the
166 public key must match). Note that generation of the EK primary
168 EC primary should exist at 81010002 and a TPM2_ReadPublic() may be
177 certification of the null primary key whose name the kernel has
188 derived storage primary. The TPM2_Import() is done using a parameter
189 decryption HMAC session salted to the EK primary (which also does not
195 loaded into the TPM and the Storage primary flushed (to free up space
198 The null EC primary is now generated using the Storage profile
204 using the null primary as the object handle and the loaded private key