Tspi_TPM_CMKSetRestrictions - set restrictions on use of delegated Certified Migratable Keys

Tspi_TPM_CMKSetRestrictions  conforms  to  the Trusted Computing Group Software Specification version 1.2
       Errata A

Tspi_TPM_CMKSetRestrictions is used to set restrictions on the delegated use of Certified Migratable Keys
       (CMKs).  Use of this command cannot itself be delegated.

       Tspi_TPM_CMKSetRestrictions - set restrictions on use of delegated Certified Migratable Keys

hTPM
       The hTPM parameter is used to specify the handle of the TPM object.

   CmkDelegate
       The  CmkDelegate parameter is a bitmask describing the kinds of CMKs that can be used in a delegated auth
       session.  Each bit represents a type of key.  If the bit of a key type is set, then the CMK can  be  used
       in  a  delegated authorization session, otherwise use of that key will result in a TPM_E_INVALID_KEYUSAGE
       return code from the TPM.

       The possible values of CmkDelegate are any combination of the following flags logically OR'd together:

       TSS_CMK_DELEGATE_SIGNING
              Allow use of signing keys.

       TSS_CMK_DELEGATE_STORAGE
              Allow use of storage keys.

       TSS_CMK_DELEGATE_BIND
              Allow use of binding keys.

       TSS_CMK_DELEGATE_LEGACY
              Allow use of legacy keys.

       TSS_CMK_DELEGATE_MIGRATE
              Allow use of migratable keys.

Tspi_TPM_CMKSetRestrictions returns TSS_SUCCESS on success, otherwise one of the following values is  re‐
       turned:

       TSS_E_INVALID_HANDLE
              hTPM is not a valid handle.

       TSS_E_INTERNAL_ERROR
              An internal SW error has been detected.

Tspi_TPM_CMKApproveMA(3), Tspi_TPM_CMKCreateTicket(3), Tspi_Key_CMKCreateBlob(3)

TSS 1.2                                            2007-12-13                     Tspi_TPM_CMKSetRestrictions(3)

#include<tss/tspi.h>TSS_RESULTTspi_TPM_CMKSetRestrictions(TSS_HTPMhTPM,TSS_CMK_DELEGATECmkDelegate);