Great! It works fine now. Thank you very much for your help. This is my code:
Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &m_size, &m); Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &e_size, &e); rsa = RSA_new(); rsa->n = BN_bin2bn(m, m_size, NULL); rsa->e = BN_bin2bn(e, e_size, NULL); But now I have troubles with registering this key. I have this key flags: TSS_KEY_TYPE_LEGACY | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | TSS_KEY_NO_AUTHORIZATION. Tspi_Context_RegisterKey works good, but when I'm trying to load stored key from another program, I get error 0x21 (Decryption error): Tspi_Context_GetKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, keyUUID, &hKey); Tspi_Key_LoadKey(hKey, hSRK); // decryption error 0x21 here I've also tried this code: Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, keyUUID, &hKey); and got the same error. What does it mean? I've loaded SRK and set it's password before calling this funtion. My RSA-key does not use authorization, so I just don't understand why I get such error. Thanks a lot in advance. Evgeny On Tue, Nov 23, 2010 at 1:31 PM, Hal Finney <[email protected]> wrote: > This won't work because the SRK cannot decrypt. > > What you should do is create a new TPM key of type legacy. Read its > modulus and exponent and set them into the n and e fields of an > OpenSSL RSA object. Then there is an OpenSSL call to write the RSA > object in PEM format. > > Hal Finney > > On Monday, November 22, 2010, Evgeny Bronnikov <[email protected]> wrote: >> Hello! >> >> I'm trying to save SRK in PEM format, but still unsuccessfull. Here is my >> code: >> >> BYTE* srk_buf = NULL; >> UINT32 srk_buf_len = 0; >> result = Tspi_TPM_OwnerGetSRKPubKey(hTPM, &srk_buf_len, &srk_buf); >> //srk_buf contains some 284 bytes data >> >> TCPA_PUBKEY srk_pub; >> memset(&srk_pub, 0, sizeof(TCPA_PUBKEY)); >> UINT64 offset = 0; >> Trspi_LoadBlob_PUBKEY(&offset, srk_buf, &srk_pub); >> // here I have empty srk_pub. all fields of TCPA_PUBKEY are zero >> >> >> Is it possible to save SRK public to PEM format? I want to use this >> public key to encrypt some data on the remote server, and then decrypt >> this data by TPM on local machine. >> I'm not shure if SRK public is accessable outside the TPM. If not, >> please suggest how to create RSA key inside TPM and export its public >> part as PEM: just a "BEGIN PUBLIC KEY", but not "BEGIN TSS KEY BLOB". >> >> Thank you very much in advance. >> Evgeny ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
