[TrouSerS-users] Keys registered in the TPM

Tue, 05 Feb 2013 07:37:54 -0800 

Hello,
Does anyone know a good way to list the keys in Persistent Storage, that
are registered in the TPM?
I have tried the following piece of code, and I get about 50 entries, but I
am not sure how to make sense of what I am looking at. If anyone has any
suggestions, I would greatly appreciate it!
Here is the code:

I created two sample keys (one signing and one storage). I registered them
under the following UUIDs:
    TSS_UUID    StorageKeyUUID = {0, 0, 0, 0, 0, {0, 0, 0, 0, 2, 10}};
    TSS_UUID    SigningKeyUUID = {0, 0, 0, 0, 0, {0, 0, 0, 0, 2, 11}};

They are both children of the SRK.

Then I try to retrieve the key hierarchy (and also try to parse whatever it
is that I retrieved) as follows:

checkFail("Tspi_Context_GetRegisteredKeysByUUID",
               Tspi_Context_GetRegisteredKeysByUUID(hContext,
TSS_PS_TYPE_USER, hierarchyUUID, &keyHierarchySize, &keyHierarchy1));

    for (i=0; i<keyHierarchySize; i++){
        currentKey1 = keyHierarchy1[i];
        printf("******* Key %d (TPM 1.1) *******\n", i);
        printf("AuthDataUsage: %d\n", currentKey1.bAuthDataUsage);
        printf("VendorDataLen: %d\n", currentKey1.ulVendorDataLength);
        printf("UUID.timelow: %ud, UUUID.timemid: %us, UUID.timehigh:
%us\n", currentKey1.keyUUID.ulTimeLow, currentKey1.keyUUID.usTimeMid,
currentKey1.keyUUID.usTimeHigh);
        printf("ClockSeqHi: %d ClockSeqLow: %d\n",
currentKey1.keyUUID.bClockSeqHigh, currentKey1.keyUUID.bClockSeqLow);
        printf("RGBNode: ");
        for (j=0; j<6; j++){
            printf("%d", currentKey1.keyUUID.rgbNode[j]);
        }
        printf("**********************************\n");
    }

I guess, what I tried to do here is just print out anything that looked
"printable". The output I get is less than comprehensible to say the least.
I've also tried to use GetRegisteredKeysByUUID2 to get TPM 1.2 information.
I've also tried to list keys in both system and user storage, but that
didn't help either. If anyone can suggest a better way of parsing this
information (or even a different way of doing this!) that would be greatly
appreciated!

Thanks in advance! Sincerely,

Olga

------------------------------------------------------------------------------
Free Next-Gen Firewall Hardware Offer
Buy your Sophos next-gen firewall before the end March 2013 
and get the hardware for free! Learn more.
http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users

Reply via email to