On 4/22/2016 3:04 PM, Tadd Seiff wrote: > > Which I believe is coming from here in tspi_certify.c: > if (useAuthCert && !useAuthKey) > return TSPERR(TSS_E_BAD_PARAMETER); > > Which boils down to some object having the flag TSS_OBJ_FLAG_USAGEAUTH set.
I believe (I'm not a Trousers expert) it's this from Part 3: "TPM_CertifyKey does not support the case where (a) the certifying key requires a usage authorization to be provided but (b) the key-to-be-certified does not. In such cases, TPM_CertifyKey2 must be used." I assume that the TSS noticed that you supplied auth for the certifying key (useAuthCert) but not the bind key (useAuthKey). Perhaps try Certify2, which is the reverse. "TPM_CertifyKey2 does not support the case where (a) the key-to-be-certified requires a usage authorization to be provided but (b) the certifying key does not." Of course, if your bind key requires authorization (TPM_AUTH_ALWAYS), then you have to supply both auths. Or you can supply both anyway. ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
