Dear all,
I'm testing at the moment a self-made application that should encrypt/bind
data remotely such that only my TPM can decrypt/unbind it.
In order to do this I proceed as follows:
- I generate a key on my local TPM for which I then export the public key
(using Tspi_Key_GetPubKey) to a file.
- I "send" the file to the server
- The server reads the file and imports the public key (by a combination of
Tspi_SetAttribData, Tspi_Key_CreateKey and Tspi_Key_LoadKey) and uses it to
bind some data. The EncData-blob is again exported and written to a file.
- The EncData-file is transferred back to the client.
- On client side I load the key generated in the first step back into the
TPM (running by Tspi_Context_LoadKeyByBlob with the corresponding key blob,
not the EncData). Then I try to unbind EncData.
And that's where my problem arises. Tspi_Data_Unbind returns everytime with
an error code of 0x21 (or TSS_E_PS_KEY_EXISTS) which I don't understand...
That error also occurs when I bind and unbind data using the public key blob
on my local machine.
However it does not occur when I bind data using the key blob (which I got
by Tspi_GetAttribData), and not the public key.
Does anyone have an idea? Any comments?
Am I loading keys correctly?
Is it preferable to use KeyBlobs or rather KeyUUIDs?
Just to mention it: I'm not using an actual TPM but the tpm-emulator from
http://tpm-emulator.berlios.de/ . Maybe that's a reason, too?
Thanks,
-Maennel
------------------------------------------------------------------------------
The Next 800 Companies to Lead America's Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a
Billion" shares his insights and actions to help propel your
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
