Index: create_tpm_key.c
===================================================================
RCS file: /cvsroot/trousers/applications/openssl_tpm_engine/create_tpm_key.c,v
retrieving revision 1.9
diff -u -p -r1.9 create_tpm_key.c
--- create_tpm_key.c	21 Dec 2007 18:10:11 -0000	1.9
+++ create_tpm_key.c	28 Sep 2008 07:26:25 -0000
@@ -138,7 +138,7 @@ int main(int argc, char **argv)
 	TSS_HKEY	hKey;
 	TSS_HKEY	hSRK;
 	TSS_RESULT	result;
-	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy;
+	TSS_HPOLICY	srkUsagePolicy, keyUsagePolicy, keyMigrationPolicy;
 	BYTE		*blob;
 	UINT32		blob_size, srk_authusage;
 	FILE		*out;
@@ -151,7 +151,7 @@ int main(int argc, char **argv)
 
 	while (1) {
 		option_index = 0;
-		c = getopt_long(argc, argv, "pe:q:s:ah",
+		c = getopt_long(argc, argv, "pe:q:s:ahw:",
 				long_options, &option_index);
 		if (c == -1)
 			break;
@@ -385,6 +385,30 @@ int main(int argc, char **argv)
 		}
 	}
 
+	if ((result = Tspi_Context_CreateObject(hContext,
+						TSS_OBJECT_TYPE_POLICY,
+						TSS_POLICY_MIGRATION,
+						&keyMigrationPolicy))) {
+		print_error("Tspi_Context_CreateObject", result);
+		Tspi_Context_Close(hContext);
+		exit(result);
+	}
+
+	if ((result = Tspi_Policy_SetSecret(keyMigrationPolicy,
+					    TSS_SECRET_MODE_NONE,
+					    0, NULL))) {
+		print_error("Tspi_Policy_SetSecret", result);
+		Tspi_Context_Close(hContext);
+		exit(result);
+	}
+
+	if ((result = Tspi_Policy_AssignToObject(keyMigrationPolicy, hKey))) {
+		print_error("Tspi_Policy_AssignToObject", result);
+		Tspi_Context_CloseObject(hContext, hKey);
+		Tspi_Context_Close(hContext);
+		exit(result);
+	}
+
 	// Create or Wrap Key
 	if (wrap) {
 		char n[256], p[128];