Lets say we have a key hierarchy as follows:
SRK -> SK1 -> SK2 -> BK
With the public part of BK, I decrypt a symmetric AES key. For a proper decryption, the private key of SK2 is needed in the TPM. To obtain the private key SK2 the private key of SK1 is needed and for SK1 the private key of SRK is needed.
Tspi_Key_LoadKey()
is used to load a key into the TPM and takes the key itself and its parent as its arguments.
Let's say I would load BK and its parent SK2 into the TPM. The TPM wouldn't be able to decrypt BK because for that the private key of SK2 is needed. SK2 can only be decrypted if SK1 is known to the TPM which is not.
How is the procedure for this example to decrypt BK in the TPM?
Idea 1:
- Load SK1 with parent SRK into TPM (SK1 can be decrypted with SRK)
- Load SK2 with parent SK1 into TPM (SK2 can be decrypted with SK1)
- (optional) Unload SK1 because it's not needed anymore
- Load BK with parent SK2 into TPM (BK can be decrypted with SK2)
- (optional) Unload SK2 because it's not needed anymore
Idea 2 (whole chain must be in TPM at once):
- Load BK with parent SK2 into TPM
- Load SK2 with parent SK1 into TPM
- Load SK1 with parent SRK into TPM