I don't see anything wrong in what you're doing. You might try doing GetKeyByUuid and LoadKey immediately after RegisterKey in the first program to make sure it works there.
Hal On Tue, Nov 23, 2010 at 12:40 AM, Evgeny Bronnikov <[email protected]> wrote: > Great! It works fine now. Thank you very much for your help. > > This is my code: > > Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &m_size, &m); > Tspi_GetAttribData(hKey, TSS_TSPATTRIB_RSAKEY_INFO, > TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &e_size, &e); > rsa = RSA_new(); > rsa->n = BN_bin2bn(m, m_size, NULL); > rsa->e = BN_bin2bn(e, e_size, NULL); > > > But now I have troubles with registering this key. I have this key flags: > TSS_KEY_TYPE_LEGACY | TSS_KEY_SIZE_2048 | TSS_KEY_VOLATILE | > TSS_KEY_NO_AUTHORIZATION. > > Tspi_Context_RegisterKey works good, but when I'm trying to load > stored key from another program, I get error 0x21 (Decryption error): > > Tspi_Context_GetKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, keyUUID, &hKey); > Tspi_Key_LoadKey(hKey, hSRK); // decryption error 0x21 here > > I've also tried this code: > Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, keyUUID, &hKey); > and got the same error. > > What does it mean? I've loaded SRK and set it's password before > calling this funtion. My RSA-key does not use authorization, so I just > don't understand why I get such error. > > Thanks a lot in advance. > Evgeny > > > On Tue, Nov 23, 2010 at 1:31 PM, Hal Finney <[email protected]> wrote: >> This won't work because the SRK cannot decrypt. >> >> What you should do is create a new TPM key of type legacy. Read its >> modulus and exponent and set them into the n and e fields of an >> OpenSSL RSA object. Then there is an OpenSSL call to write the RSA >> object in PEM format. >> >> Hal Finney >> >> On Monday, November 22, 2010, Evgeny Bronnikov <[email protected]> wrote: >>> Hello! >>> >>> I'm trying to save SRK in PEM format, but still unsuccessfull. Here is my >>> code: >>> >>> BYTE* srk_buf = NULL; >>> UINT32 srk_buf_len = 0; >>> result = Tspi_TPM_OwnerGetSRKPubKey(hTPM, &srk_buf_len, &srk_buf); >>> //srk_buf contains some 284 bytes data >>> >>> TCPA_PUBKEY srk_pub; >>> memset(&srk_pub, 0, sizeof(TCPA_PUBKEY)); >>> UINT64 offset = 0; >>> Trspi_LoadBlob_PUBKEY(&offset, srk_buf, &srk_pub); >>> // here I have empty srk_pub. all fields of TCPA_PUBKEY are zero >>> >>> >>> Is it possible to save SRK public to PEM format? I want to use this >>> public key to encrypt some data on the remote server, and then decrypt >>> this data by TPM on local machine. >>> I'm not shure if SRK public is accessable outside the TPM. If not, >>> please suggest how to create RSA key inside TPM and export its public >>> part as PEM: just a "BEGIN PUBLIC KEY", but not "BEGIN TSS KEY BLOB". >>> >>> Thank you very much in advance. >>> Evgeny > > ------------------------------------------------------------------------------ > Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! > Tap into the largest installed PC base & get more eyes on your game by > optimizing for Intel(R) Graphics Technology. Get started today with the > Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. > http://p.sf.net/sfu/intelisp-dev2dev > _______________________________________________ > TrouSerS-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/trousers-users > ------------------------------------------------------------------------------ Increase Visibility of Your 3D Game App & Earn a Chance To Win $500! Tap into the largest installed PC base & get more eyes on your game by optimizing for Intel(R) Graphics Technology. Get started today with the Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. http://p.sf.net/sfu/intelisp-dev2dev _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
