HP-UX Trusted Computing Services A.02.00 Administrator's Guide
// Adjust new key flags if authorization is required
if(password) {
keyInitFlags |= TSS_KEY_AUTHORIZATION;
}
// Create the Key Object (in software)
tResult = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY, keyInitFlags, &hKey);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_CreateObject failed. Error: %s\n",
Trspi_Error_String(tResult));
goto out_close;
}
// Set key password, if needed
tResult = Tspi_GetPolicyObject(hKey, TSS_POLICY_USAGE, &hPolicy);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_GetPolicyObject failed. Error: %s\n",
Trspi_Error_String(tResult));
goto out_close;
}
if(password) {
tResult = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN,
strlen(password), (BYTE *)password);
}
else {
tResult = Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_NONE, 0, NULL);
}
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Policy_SetSecret failed. Error: %s\n",
Trspi_Error_String(tResult));
goto out_close;
}
// Actually create the key in the TPM
tResult = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Key_CreateKey failed. Error: [#%d] %s\n",
tResult, Trspi_Error_String(tResult));
goto out_close;
}
/* Register the key in system persistent storage (on the TCSD's
platform) */
keyUUID = uuidGen(hTpm);
tResult = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM,
*(keyUUID), TSS_PS_TYPE_SYSTEM, SRK_UUID);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Context_RegisterKey failed. Error: %s\n",
Trspi_Error_String(tResult));
goto out_close;
}
// Load the new key
tResult = Tspi_Key_LoadKey(hKey, hSRK);
if (tResult != TSS_SUCCESS) {
fprintf(stderr, "Tspi_Key_LoadKey failed. Error: %s\n",
Trspi_Error_String(tResult));
goto out_close;
}
// Create the encrypted blob object (in software)
tResult = Tspi_Context_CreateObject(hContext,
95