Create a tss key object from the tpm's public endorsement key
#include <tss/platform.h> #include <tss/tcpa_defines.h> #include <tss/tcpa_typedef.h> #include <tss/tcpa_struct.h> #include <tss/tss_typedef.h> #include <tss/tss_structs.h> #include <tss/tspi.h> TSS_RESULT Tspi_TPM_GetPubEndorsementKey(TSS_HTPM hTPM, TSS_BOOL fOwnerAuthorized, TSS_VALIDATION* pValidationData, TSS_HKEY* phEndorsementPubKey);
Tspi_TPM_GetPubEndorsementKey This function retrieves the public endorsement key (PubEK) from the TPM and creates a TSS key object for it, whose handle is returned in phEndorsementPubKey. Due to the fact that different TPM chips validate the PubEK in different ways, application verification of the PubEK (using a non-NULL pValidationData is broken. Tspi_TPM_GetPubEndorsementKey should be called with a NULL pValidationData parameter to allow the TSS to verify the PubEK itself.
The hTPM parameter is used to specify the handle of the TPM object.
If TRUE, the TPM owner secret must be provided to get the public endorsement key. If FALSE, no TPM owner secret must be provided to get the public endorsement key.
If non-NULL, the application should set the pValidationData->rgbExternalData parameter to 20 bytes of random data before calling Tspi_TPM_GetPubEndorsementKey. On successful completion of the command, the structure will provide buffers containing the validation data and the buffer the validation data was computed from.
Receives a handle to a key object representing the TPM's public endorsement key.
Tspi_TPM_GetPubEndorsementKey returns TSS_SUCCESS on success, otherwise one of the following values is returned:
TSS_E_INVALID_HANDLE
hTPM is not a valid handle.
TSS_E_INTERNAL_ERROR
An internal SW error has been detected.
TSS_E_BAD_PARAMETER
One or more parameters is bad.
TPM_E_DISABLED_CMD
Reading of PubEK from TPM has been disabled.
Tspi_TPM_GetPubEndorsementKey conforms to the Trusted Computing Group Software Specification version 1.1 Golden