TCG Software Stack Developers Reference
Tspi_Context_RegisterKey - register a key in the TSS Persistent Storage database
#include <tss/platform.h>
#include <tss/tcpa_defines.h>
#include <tss/tcpa_typedef.h>
#include <tss/tcpa_struct.h>
#include <tss/tss_typedef.h>
#include <tss/tss_structs.h>
#include <tss/tspi.h>
TSS_RESULT Tspi_Context_RegisterKey(TSS_HCONTEXT hContext, TSS_HKEY hKey,
TSS_FLAG persistentStorageType, TSS_UUID uuidKey,
TSS_FLAG persistentStorageTypeParent, TSS_UUID uuidParentKey);
Tspi_Context_RegisterKey is the API that registers a key with the TSS
Persistent Storage database so that it can be loaded as necessary. It also
includes all information required for loading the key, as well as information
about its parent key.
The hContext parameter is the handle of the context object.
The hKey parameter is the handle of the key object addressing the key to
be registered.
The persistentStorageType parameter indicates the persistent storage the
key is registered in.
The uuidKey parameter is the UUID by which the key is registered in
persistent storage.
The persistentStorageTypeParent parameter indicates the persistent
storage that the parent key is registered in.
The uuidParentKey parameter is the UUID by which the parent key is
registered in persistent storage.
Tspi_Context_RegisterKey returns TSS_SUCCESS on success, otherwise one of
the following values is returned:
- TSS_E_INVALID_HANDLE
- hContext is not a valid handle.
- TSS_E_PS_KEY_NOTFOUND
- The key cannot be found in the persistent storage database.
- TSS_E_INTERNAL_ERROR
- An internal SW error has been detected.
- TSS_E_BAD_PARAMETER
- One or more parameters is bad.
#include <trousers/tss.h>
int
main(void)
{
TSS_FLAGS initFlags = ...;
TSS_HKEY hKey, hSRK;
TSS_UUID keyUUID = {...};
// Create a TSP handle
result = Tspi_Context_Create(&hContext);
if (result != TSS_SUCCESS)
Error_Path();
// Connect to the TCSD
result = Tspi_Context_Connect(hContext, GLOBALSERVER);
if (result != TSS_SUCCESS)
Error_Path();
// Create the Key Object
result = Tspi_Context_CreateObject(hContext,
TSS_OBJECT_TYPE_RSAKEY,
initFlags, &hKey);
if (result != TSS_SUCCESS)
Error_Path();
// Load parent Key by UUID
result = Tspi_Context_LoadKeyByUUID(hContext, TSS_PS_TYPE_SYSTEM,
SRK_UUID, &hSRK);
if (result != TSS_SUCCESS)
Error_Path();
// Do policy/secret handling here
result = Tspi_Key_CreateKey(hKey, hSRK, 0);
if (result != TSS_SUCCESS)
Error_Path();
// Register the Key in System PS (on the TCSD's platform)
result = Tspi_Context_RegisterKey(hContext, hKey, TSS_PS_TYPE_SYSTEM,
keyUUID, TSS_PS_TYPE_SYSTEM,
SRK_UUID);
if (result != TSS_SUCCESS)
Error_Path();
/* ...
*
* Use the key as needed, exiting the program if necessary, reloading
* the key using Tspi_Context_LoadKeyByUUID() after each restart. Once
* the key is no longer useful, unregister it from system PS as part
* of clean up.
*/
// Unregister the Key
result = Tspi_Context_UnregisterKey(hContext, TSS_PS_TYPE_SYSTEM,
migratableSignUUID, &hKey);
if (result != TSS_SUCCESS)
Error_Path();
// exit, discarding hKey
}
Tspi_Context_RegisterKey conforms to the Trusted Computing Group Software
Specification version 1.1 Golden
Tspi_Context_UnregisterKey(3), Tspi_Context_LoadKeyByUUID(3),
Tspi_Context_GetRegisteredKeyByUUID(3).