Shameless plug for the IBM emulator. This trace makes the error obvious: TPM_KeyParms_CheckProperties: keyUsage 0011 TPM_KeyParms_CheckProperties: sigScheme 0003 TPM_KeyParms_CheckProperties: encScheme 0003 TPM_KeyParms_CheckProperties: Error, Storage sigScheme 0003 is not TPM_SS_NONE
It's not the key usage that's the problem. 0x0011 is a storage key. The problem is that you specified 0003 (DER signing key) for the signature scheme. For a storage key, the signature scheme must be TPM_SS_NONE, 0x0001. Storage keys cannot have a signing scheme. BTW, encScheme of 0003 is TPM_ES_RSAESOAEP_SHA1_MGF1, correct for a storage key. On 3/12/2014 2:59 PM, Dmitri Toubelis wrote: > I noticed that key usage for storage key is set to 0x0011 which is > signing I think. That might be the problem. Do I need to explicitly > set key usage on the key object when creating the key? > ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
