HP-UX Trusted Computing Services A.01.00 Administrator's Guide
// Connect to TCSD
if(host) {
tResult = Tspi_Context_Connect(hContext, (UNICODE *)Trspi_Native_To_UNICODE((BYTE *)host, NULL));
}
else {
tResult = Tspi_Context_Connect(hContext, NULL);
}
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_Connect failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Get a software representation of the TPM
if (Tspi_Context_GetTpmObject(hContext, &hTpm) != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_GetTpmObject failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Load Storage Root Key by UUID
tResult = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_LoadKeyByUUID failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Set the correct SRK policy
tResult = Tspi_GetPolicyObject(hSRK, TSS_POLICY_USAGE, &hSRKp);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_GetPolicyObject failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
tResult = Tspi_Policy_SetSecret(hSRKp, TSS_SECRET_MODE_PLAIN, 0, (BYTE *)0);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Policy_SetSecret failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Actually create the key in the TPM
// Adjust new key flags if authorization is required
if(password) {
keyInitFlags |= TSS_KEY_AUTHORIZATION;
}
// Create the Key Object (in software)
tResult = Tspi_Context_CreateObject(hContext, TSS_OBJECT_TYPE_RSAKEY, keyInitFlags, &hKey);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_CreateObject failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Set key password, if needed
tResult = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hPolicy);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_GetPolicyObject failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
if(password) {
tResult = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN, strlen(password), (BYTE *)password);
}
else {
tResult = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_NONE, 0, NULL);
}
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Policy_SetSecret failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Actually create the key in the TPM
tResult = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Key_CreateKey failed. Error: [#%d] %s\n", tResult, Trspi_Error_String(tResult));
goto out_close;
}
// Register the key in system persistent storage (on the TCSD's platform)
keyUUID = uuidGen(hTpm);
tResult = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM, *(keyUUID), TSS_PS_TYPE_SYSTEM,
SRK_UUID);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_RegisterKey failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
// Load the new key
tResult = Tspi_Key_LoadKey(hKey, hSRK);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Key_LoadKey failed. Error: %s\n", Trspi_Error_String(tResult));
goto out_close;
}
46 Sample TSS Application