Reputation: 677
TPM Windows Key creation
Once Windows has taken ownership of the TPM chip inside my computer is it still possible to create a persistent key inside it ? (Given that I don't have the Owner Password because Windows throws it aways after initializing the TPM).
Is the Storage Root Key (SRK) created by Windows inside the TPM protected with a pin code to perform cipher operations ? If it is where is that password stored in windows ?
Thx!
Upvotes: 0
Views: 418
Answers (1)
Reputation: 677
For those who pass by, It is possible.
I did a dual boot with a Windows 10 and an Ubuntu. I put the excellent tools developped here tpm2-tools on the Ubuntu and I got to insert my own persistent primary key inside the chip.
The funny/weird thing is that I can create that key and make it persistent under linux (with these tools) also under EFI with a program that I wrote. But under Windows I can't get it to work. I'm going to ask why on another post.
Upvotes: 1
Related Questions
- How to encrypt bytes using the TPM (Trusted Platform Module)
- Proper export of TPM 2.0 key handle (in TSS.MSR .NET)
- How do I encrypt my message with Microsofts TPM-Library in .net
- How to export public key from TPM with TSS.net?
- Public key encryption on TPM2 using TSS.NET
- How Store key in TPM 1.2
- How to load and use a persistent symmetric key in the TPM?
- TPM and private key protection
- How to ensure that keys are created inside TPM?
- How to create a private key in TPM, create a CSR and lock down the TPM?