This function retrieves the public endorsement key (PubEK) from the TPM and creates a TSS
key object for it, whose handle is returned in phEndorsementPubKey. Due to
the fact that different TPM chips validate the PubEK in different ways, application
verification of the PubEK (using a non-NULL pValidationData is broken.
Tspi_TPM_GetPubEndorsementKey should be called with a NULL pValidationData parameter
to allow the TSS to verify the PubEK itself.
The hTPM parameter is used to specify the handle of the TPM object.
If TRUE, the TPM owner secret must be provided to get the public endorsement key.
If FALSE, no TPM owner secret must be provided to get the public endorsement key.
If non-NULL, the application should set the pValidationData->rgbExternalData parameter
to 20 bytes of random data before calling Tspi_TPM_GetPubEndorsementKey. On successful
completion of the command, the structure will provide buffers containing the validation
data and the buffer the validation data was computed from.
Receives a handle to a key object representing the TPM's public endorsement key.
Tspi_TPM_GetPubEndorsementKey returns TSS_SUCCESS on success,
otherwise one of the following values is returned:
hTPM is not a valid handle.
An internal SW error has been detected.
One or more parameters is bad.
Reading of PubEK from TPM has been disabled.
Tspi_TPM_GetPubEndorsementKey conforms to the Trusted Computing
Group Software Specification version 1.1 Golden