Jump to content
Sign in to follow this  

Create Endorsement Key Pair (WMI)

Recommended Posts


Dear Friends!

I need a programm to create the EndorsementKeyPair on my notebooks.

EKP can be created by starting the WMI-Function "CreateEndorsementKeyPair".

Following script:

MsgBox(0,"Start","Start of Skript")

; get the WIM object
$objWMIService = ObjGet("WinMgmts:{impersonationLevel=impersonate,AuthenticationLevel=pktprivacy}//" & "." & "\root\CIMV2\Security\MicrosoftTpm")
$objTPMwmi = $objWMIService.InstancesOf("Win32_Tpm")

Dim $ReturnPresent
Dim $ReturnCreate
Dim $objSetting

For $objSetting In $objTPMwmi
$settingEK = $objSetting.IsEndorsementKeyPairPresent($ReturnPresent)

MsgBox(0,"Text","For Check: IsEndorsementKeyPresent Value($ReturnPresent) should be False(0) if Not available: " & $ReturnPresent)
MsgBox(0,"Text","For Check2: IsEndorsementKeyPresent Return($settingEK) should be 0 if run: " & $settingEK)

If $ReturnPresent = 1 Then ; <== Means EKP is available
MsgBox(0,"text","ReturnCode ReturnPresent = TRUE (1) - EK available " & $ReturnPresent)
ElseIf $ReturnPresent = 0 Then ; <== Means EKP NOT available
MsgBox(0,"text","ReturnCode ReturnPresent = FALSE (0) - EK NOT available " & $ReturnPresent)
MsgBox(0,"text","I now create the EndorsementKeyPair")

$settingCR = $objSetting.CreateEndorsementKeyPair($ReturnCreate)
MsgBox(0,"Text","I created the EKP. Return Code of $ReturnCreate: " & $ReturnCreate)
MsgBox(0,"Text","I created the EKP. Return Code of the methode: " & $settingCR)

MsgBox(0,"End","End of script")

Evereything is running fine up to "MsgBox(0,"text","I now create the EndorsementKeyPair")"

But then it's telling me "Line 24: Error: Variable must be of type "object".

Could you help me out, please?

Share this post

Link to post
Share on other sites

untested with no error checking. It should point you in the right direction.

MsgBox(0, "Start", "Start of Skript")

; get the WIM object

Local $objWMIService = ObjGet("Winmgmts:{ImpersonationLevel=Impersonate,AuthenticationLevel=PktPrivacy,(Debug,Security)}!.rootCIMV2SecurityMicrosoftTpm")

Local $objTPMwmi = $objWMIService.InstancesOf("Win32_Tpm")

Local $ReturnPresent

For $objSetting In $objTPMwmi
    If $ReturnPresent Then
        MsgBox(0, "text", "ReturnCode ReturnPresent = TRUE (1) - EK available: " & $ReturnPresent)
        ;Method: CreateEndorsementKeyPair()
        ;Quote: "This method has no parameters."
        ;Source: "http://msdn.microsoft.com/en-us/library/windows/desktop/aa376422(v=vs.85).aspx"
        If $objSetting.CreateEndorsementKeyPair() Then
            MsgBox(0, "text", "An endorsement key pair already exists on this TPM.")
            MsgBox(0, "text", "An endorsement key pair was successfully created."); A return of 0 = Success

MsgBox(0, "End", "End of script")

"The mediocre teacher tells. The Good teacher explains. The superior teacher demonstrates. The great teacher inspires." -William Arthur Ward

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this