com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm

Class EndorsementKeysStub

java.lang.Object

com.vmware.vapi.internal.bindings.Stub

com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKeysStub

All Implemented Interfaces:

Service, EndorsementKeys, EndorsementKeysTypes

public class EndorsementKeysStub
extends com.vmware.vapi.internal.bindings.Stub
implements EndorsementKeys

Remote stub implementation of the EndorsementKeys API service.

WARNING: Internal class, subject to change in future versions.

Nested Class Summary

Nested classes/interfaces inherited from interface com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKeysTypes

EndorsementKeysTypes.FilterSpec, EndorsementKeysTypes.Info, EndorsementKeysTypes.PolicyPcrSpec, EndorsementKeysTypes.Summary, EndorsementKeysTypes.Type, EndorsementKeysTypes.UnsealSpec

Field Summary

Fields inherited from class com.vmware.vapi.internal.bindings.Stub

apiProvider, converter, ifaceId, retryPolicy, securityContext

Fields inherited from interface com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKeysTypes

_VAPI_SERVICE_ID, RESOURCE_TYPE

Constructor Summary

Constructors

Constructor and Description
EndorsementKeysStub(ApiProvider apiProvider, StubConfigurationBase config)
EndorsementKeysStub(ApiProvider apiProvider, com.vmware.vapi.internal.bindings.TypeConverter typeConverter, StubConfigurationBase config)

Method Summary

Modifier and Type	Method and Description
EndorsementKeysTypes.Info	get(java.lang.String host, java.lang.String tpm, java.lang.String key) Get the TPM endorsement key details on a host.
void	get(java.lang.String host, java.lang.String tpm, java.lang.String key, AsyncCallback<EndorsementKeysTypes.Info> asyncCallback) Get the TPM endorsement key details on a host.
void	get(java.lang.String host, java.lang.String tpm, java.lang.String key, AsyncCallback<EndorsementKeysTypes.Info> asyncCallback, InvocationConfig invocationConfig) Get the TPM endorsement key details on a host.
EndorsementKeysTypes.Info	get(java.lang.String host, java.lang.String tpm, java.lang.String key, InvocationConfig invocationConfig) Get the TPM endorsement key details on a host.
java.util.List<EndorsementKeysTypes.Summary>	list(java.lang.String host, java.lang.String tpm, EndorsementKeysTypes.FilterSpec filter) Return a list of configured endorsement keys on a host.
void	list(java.lang.String host, java.lang.String tpm, EndorsementKeysTypes.FilterSpec filter, AsyncCallback<java.util.List<EndorsementKeysTypes.Summary>> asyncCallback) Return a list of configured endorsement keys on a host.
void	list(java.lang.String host, java.lang.String tpm, EndorsementKeysTypes.FilterSpec filter, AsyncCallback<java.util.List<EndorsementKeysTypes.Summary>> asyncCallback, InvocationConfig invocationConfig) Return a list of configured endorsement keys on a host.
java.util.List<EndorsementKeysTypes.Summary>	list(java.lang.String host, java.lang.String tpm, EndorsementKeysTypes.FilterSpec filter, InvocationConfig invocationConfig) Return a list of configured endorsement keys on a host.
byte[]	unseal(java.lang.String host, java.lang.String tpm, java.lang.String key, EndorsementKeysTypes.UnsealSpec spec) Unseal a secret that is bound to an endorsement key.
void	unseal(java.lang.String host, java.lang.String tpm, java.lang.String key, EndorsementKeysTypes.UnsealSpec spec, AsyncCallback<byte[]> asyncCallback) Unseal a secret that is bound to an endorsement key.
void	unseal(java.lang.String host, java.lang.String tpm, java.lang.String key, EndorsementKeysTypes.UnsealSpec spec, AsyncCallback<byte[]> asyncCallback, InvocationConfig invocationConfig) Unseal a secret that is bound to an endorsement key.
byte[]	unseal(java.lang.String host, java.lang.String tpm, java.lang.String key, EndorsementKeysTypes.UnsealSpec spec, InvocationConfig invocationConfig) Unseal a secret that is bound to an endorsement key.

Methods inherited from class com.vmware.vapi.internal.bindings.Stub

invokeMethod, invokeMethodAsync, invokeStreamMethod, toString

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Constructor Detail

EndorsementKeysStub

public EndorsementKeysStub(ApiProvider apiProvider,
                           com.vmware.vapi.internal.bindings.TypeConverter typeConverter,
                           StubConfigurationBase config)

EndorsementKeysStub

public EndorsementKeysStub(ApiProvider apiProvider,
                           StubConfigurationBase config)

Method Detail

list

public java.util.List<EndorsementKeysTypes.Summary> list(java.lang.String host,
                                                         java.lang.String tpm,
                                                         EndorsementKeysTypes.FilterSpec filter)

Description copied from interface: EndorsementKeys

Return a list of configured endorsement keys on a host. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Specified by:

list in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

filter - a filter for the returned list. if , the behavior is equivalent to a EndorsementKeysTypes.FilterSpec with properties null.

Returns:

A list of configured endorsement keys.

list

public java.util.List<EndorsementKeysTypes.Summary> list(java.lang.String host,
                                                         java.lang.String tpm,
                                                         EndorsementKeysTypes.FilterSpec filter,
                                                         InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Return a list of configured endorsement keys on a host. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Specified by:

list in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

filter - a filter for the returned list. if , the behavior is equivalent to a EndorsementKeysTypes.FilterSpec with properties null.

invocationConfig - Configuration for the method invocation.

Returns:

A list of configured endorsement keys.

list

public void list(java.lang.String host,
                 java.lang.String tpm,
                 EndorsementKeysTypes.FilterSpec filter,
                 AsyncCallback<java.util.List<EndorsementKeysTypes.Summary>> asyncCallback)

Description copied from interface: EndorsementKeys

Return a list of configured endorsement keys on a host. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Invocation Result:
A list of configured endorsement keys.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the TPM device, or the host is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Read.

Specified by:

list in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

filter - a filter for the returned list. if , the behavior is equivalent to a EndorsementKeysTypes.FilterSpec with properties null.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

list

public void list(java.lang.String host,
                 java.lang.String tpm,
                 EndorsementKeysTypes.FilterSpec filter,
                 AsyncCallback<java.util.List<EndorsementKeysTypes.Summary>> asyncCallback,
                 InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Return a list of configured endorsement keys on a host. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Invocation Result:
A list of configured endorsement keys.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the TPM device, or the host is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Read.

Specified by:

list in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

filter - a filter for the returned list. if , the behavior is equivalent to a EndorsementKeysTypes.FilterSpec with properties null.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.

get

public EndorsementKeysTypes.Info get(java.lang.String host,
                                     java.lang.String tpm,
                                     java.lang.String key)

Description copied from interface: EndorsementKeys

Get the TPM endorsement key details on a host.

The information returned is derived from executing the TPM2_ReadPublic command on the endorsement key object handle.

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.4 TPM2_ReadPublic

. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Specified by:

get in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

Returns:

The endorsement key info.

get

public EndorsementKeysTypes.Info get(java.lang.String host,
                                     java.lang.String tpm,
                                     java.lang.String key,
                                     InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Get the TPM endorsement key details on a host.

The information returned is derived from executing the TPM2_ReadPublic command on the endorsement key object handle.

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.4 TPM2_ReadPublic

. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Specified by:

get in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

invocationConfig - Configuration for the method invocation.

Returns:

The endorsement key info.

get

public void get(java.lang.String host,
                java.lang.String tpm,
                java.lang.String key,
                AsyncCallback<EndorsementKeysTypes.Info> asyncCallback)

Description copied from interface: EndorsementKeys

Get the TPM endorsement key details on a host.

The information returned is derived from executing the TPM2_ReadPublic command on the endorsement key object handle.

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.4 TPM2_ReadPublic

. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Invocation Result:
The endorsement key info.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the endorsement key, or the TPM device, or the host is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Read.

Specified by:

get in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

get

public void get(java.lang.String host,
                java.lang.String tpm,
                java.lang.String key,
                AsyncCallback<EndorsementKeysTypes.Info> asyncCallback,
                InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Get the TPM endorsement key details on a host.

The information returned is derived from executing the TPM2_ReadPublic command on the endorsement key object handle.

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.4 TPM2_ReadPublic

. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Invocation Result:
The endorsement key info.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the endorsement key, or the TPM device, or the host is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Read.

Specified by:

get in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.

unseal

public byte[] unseal(java.lang.String host,
                     java.lang.String tpm,
                     java.lang.String key,
                     EndorsementKeysTypes.UnsealSpec spec)

Description copied from interface: EndorsementKeys

Unseal a secret that is bound to an endorsement key.

Provided with duplicate key data, load the key as a child of the specified endorsement key using the TPM2_Import command and then unseal the secret data using the TPM2_Unseal command.

The duplicate key must include only inner wrapping (symmetric); outer wrapping (asymmetric) is not supported. The duplicate key cannot have a complex authorization policy (e.g. including command selection, locality, etc). Only PCR policy authorization is supported at this time.

Trusted Platform Module Library Part 1: Architecture, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 23.3 Duplication

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 13.3 TPM2_Import

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.7 TPM2_Unseal

. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value.

Specified by:

unseal in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

spec - the unseal spec.

Returns:

The unsealed secret.

unseal

public byte[] unseal(java.lang.String host,
                     java.lang.String tpm,
                     java.lang.String key,
                     EndorsementKeysTypes.UnsealSpec spec,
                     InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Unseal a secret that is bound to an endorsement key.

Provided with duplicate key data, load the key as a child of the specified endorsement key using the TPM2_Import command and then unseal the secret data using the TPM2_Unseal command.

The duplicate key must include only inner wrapping (symmetric); outer wrapping (asymmetric) is not supported. The duplicate key cannot have a complex authorization policy (e.g. including command selection, locality, etc). Only PCR policy authorization is supported at this time.

Trusted Platform Module Library Part 1: Architecture, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 23.3 Duplication

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 13.3 TPM2_Import

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.7 TPM2_Unseal

. This method was added in vSphere API 8.0.0.1.

Synchronous method overload. Result of the invocation will be reported as a method return value. Use invocationConfig to specify configuration for this particular invocation.

Specified by:

unseal in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

spec - the unseal spec.

invocationConfig - Configuration for the method invocation.

Returns:

The unsealed secret.

unseal

public void unseal(java.lang.String host,
                   java.lang.String tpm,
                   java.lang.String key,
                   EndorsementKeysTypes.UnsealSpec spec,
                   AsyncCallback<byte[]> asyncCallback)

Description copied from interface: EndorsementKeys

Unseal a secret that is bound to an endorsement key.

Provided with duplicate key data, load the key as a child of the specified endorsement key using the TPM2_Import command and then unseal the secret data using the TPM2_Unseal command.

The duplicate key must include only inner wrapping (symmetric); outer wrapping (asymmetric) is not supported. The duplicate key cannot have a complex authorization policy (e.g. including command selection, locality, etc). Only PCR policy authorization is supported at this time.

Trusted Platform Module Library Part 1: Architecture, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 23.3 Duplication

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 13.3 TPM2_Import

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.7 TPM2_Unseal

. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback.

Invocation Result:
The unsealed secret.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the endorsement key or TPM is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Unseal.

Specified by:

unseal in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

spec - the unseal spec.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

unseal

public void unseal(java.lang.String host,
                   java.lang.String tpm,
                   java.lang.String key,
                   EndorsementKeysTypes.UnsealSpec spec,
                   AsyncCallback<byte[]> asyncCallback,
                   InvocationConfig invocationConfig)

Description copied from interface: EndorsementKeys

Unseal a secret that is bound to an endorsement key.

Provided with duplicate key data, load the key as a child of the specified endorsement key using the TPM2_Import command and then unseal the secret data using the TPM2_Unseal command.

The duplicate key must include only inner wrapping (symmetric); outer wrapping (asymmetric) is not supported. The duplicate key cannot have a complex authorization policy (e.g. including command selection, locality, etc). Only PCR policy authorization is supported at this time.

Trusted Platform Module Library Part 1: Architecture, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 23.3 Duplication

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 13.3 TPM2_Import

Trusted Platform Module Library Part 3: Commands, Family "2.0", Level 00 Revision 01.59, November 8, 2019, Section 12.7 TPM2_Unseal

. This method was added in vSphere API 8.0.0.1.

Asynchronous method overload. Result of the invocation will be reported via the specified asyncCallback. Use invocationConfig to specify configuration for this particular invocation.

Invocation Result:
The unsealed secret.

Operation Errors:
Error - if there is a generic error.
InvalidArgument - if the arguments are invalid.
NotFound - if the endorsement key or TPM is not found.
ServiceUnavailable - if too many requests are in progress.
Unauthenticated - if the caller is not authenticated.
Unauthorized - if the caller is not authorized.
Unauthorized - if you do not have all of the privileges described as follows:

• The resource HostSystem referenced by the parameter host requires Host.Tpm.Unseal.

Specified by:

unseal in interface EndorsementKeys

Parameters:

host - Identifier of the host. The parameter must be an identifier for the resource type: HostSystem.

tpm - the TPM identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.Tpm.

key - the endorsement key identifier. The parameter must be an identifier for the resource type: com.vmware.vcenter.trusted_infrastructure.hosts.hardware.tpm.EndorsementKey.

spec - the unseal spec.

asyncCallback - Receives the status (progress, result or error) of the operation invocation.

invocationConfig - Configuration for the method invocation.