Hi,
I apologize for my previous two messed messages.. I was not sure how
to make text organized, and how to delete them..
Could anyone please help me to figure out why I can't run
Tspi_Context_LoadKeyByBlob() function? When calling this function, I
get the error message: "Bad input size". The following is my source
code. I've been debugging for 10 hours for this, but still can't
figure out why it goes wrong...
-----------------------------------------------------------
#include <stdio.h>
#include <string.h>
#include <memory.h>
#include <trousers/tss.h>
#include <openssl/x509.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include "config.h"
#include <arpa/inet.h>
#include <trousers/trousers.h>
#define CKERR if (result != TSS_SUCCESS) goto error
int main (int ac, char **av)
{
TSS_HCONTEXT hContext;
TSS_HTPM hTPM;
TSS_HKEY hSRK;
TSS_HKEY hAIK;
TSS_HKEY hPCA;
TSS_HPOLICY hTPMPolicy;
TSS_HPOLICY hSrkPolicy;
TSS_UUID SRK_UUID = TSS_UUID_SRK;
BYTE srkSecret[] = TSS_WELL_KNOWN_SECRET;
BYTE n[2048/8];
FILE *f_in;
FILE *f_out;
char *pass = NULL;
char *ownerSecret = NULL;
char *configPath = ".";
UINT32 initFlags;
BYTE *blob;
UINT32 blobLen;
UINT32 tt[1];
int i;
int result;
result = Tspi_Context_Create(&hContext); CKERR;
result = Tspi_Context_Connect(hContext, NULL); CKERR;
result = Tspi_Context_LoadKeyByUUID(hContext,
TSS_PS_TYPE_SYSTEM, SRK_UUID, &hSRK); CKERR;
result = Tspi_GetPolicyObject (hSRK, TSS_POLICY_USAGE, &hSrkPolicy); CKERR;
result = Tspi_Policy_SetSecret(hSrkPolicy, TSS_SECRET_MODE_SHA1,
sizeof(srkSecret), srkSecret); CKERR;
result = Tspi_Context_GetTpmObject (hContext, &hTPM); CKERR;
result = Tspi_Policy_AssignToObject(hTPMPolicy, hTPM);
/* Create dummy PCA key */
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
TSS_KEY_TYPE_LEGACY|TSS_KEY_SIZE_2048,
&hPCA); CKERR;
memset (n, 0xff, sizeof(n));
result = Tspi_SetAttribData (hPCA, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, sizeof(n), n); CKERR;
/* Create AIK object */
initFlags = TSS_KEY_TYPE_IDENTITY | TSS_KEY_SIZE_2048;
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY, initFlags, &hAIK); CKERR;
/* Output file with AIK pub key and certs, preceded by 4-byte lengths */
result = Tspi_GetAttribData (hAIK, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PUBLIC_KEY, &blobLen, &blob); CKERR;
result = Tspi_GetAttribData (hAIK, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_PRIVATE_KEY, &blobLen, &blob); CKERR;
result = Tspi_GetAttribData (hAIK, TSS_TSPATTRIB_KEY_BLOB,
TSS_TSPATTRIB_KEYBLOB_BLOB, &blobLen, &blob); CKERR;
printf("%d %p\n", blobLen, blob);
result = Tspi_Context_LoadKeyByBlob (hContext, hSRK, blobLen,
blob, &hAIK); CKERR;
Tspi_Context_FreeMemory (hContext, blob);
return 0;
error:
printf ("Failure, error code: 0x%x\n", result);
printf("%s\n", Trspi_Error_String(result));
return 1;
}
=========================================================
Another problem is, when I call
Tspi_TPM_CollateIdentityRequest(hTPM, hSRK, hPCA, 0, " ", hAIK,
TSS_ALG_AES, &blobLen, &blob);
I get the error message: "Second authorization session failed".
I have no idea why I get this message...