When Tspi_Context_LoadKeyByUUID() function used with one level hierarchy (i.e. with encryption key directly under SRK) it works fine. However, if there is one or more extra levels in the key hierarchy it loads wrong key into TPM. For example, with hierarchy SRK -> StorageKey -> BindingKey, calling Tspi_Context_LoadKeyByUUID() with UUID of BindingKey will result with Storage key being loaded and associated with key handle instead of the BindingKey.
I'm attaching a test case and the TPM log. The SRK in this example require authorization with well-known password.
Log in to post a comment.