openssl_tpm_engine - create_tpm_key failed when tried to wrap key

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

We ran the same command with both software TPM and hardware TPM.

Please find the detailed debug logs from the tcsd attached. Also copied the
relevant portions.  For API  GetPubKey, software TPM works fine and in thsi
case it seems an 'ioctl' call is made compared to a write in case of actual
TPM.







Software TPM:



TCSD TCS tcs_key_mem_cache.c:167 keySlot is 40000000

TCSD TCS tcs_key_mem_cache.c:874 mc_update_time_stamp: TCSD mem_cached
handle: 0x40000000

TCSD TCS tcs_key_mem_cache.c:192 ensureKeyIsLoaded: Exit

TCSD TCS tcsi_key.c:254 GetPubKey: handle: 0x40000000, slot: 0x40000000

TCSD TCS tcsi_key.c:260

My Log: tcsi_key.c:tpm_rqu_buildtpm_rqu_build :result=0



To TPM: 00 C2 00 00 00 3B 00 00 00 21 40 00 00 00 02 00

To TPM: 00 00 7E 3D AE A9 13 CF 83 D7 27 56 A3 F3 C4 09

To TPM: 4F 81 FB 81 F8 C0 00 D4 C0 ED C4 68 67 45 FB FF

To TPM: B2 FC 51 B7 5A 7B DB E1 64 3D 73

TCSD TDDL tddl.c:171 Calling write to driver

TCSD TDDL tddl.c:183  Transmit Type: TDDL_TRANSMIT_IOCTL

>From TPM: 00 C5 00 00 01 4F 00 00 00 00 00 00 00 01 00 03

>From TPM: 00 01 00 00 00 0C 00 00 08 00 00 00 00 02 00 00





Hareware TPM:



TCSD TCS tcsi_key.c:254 GetPubKey: handle: 0x40000000, slot: 0x40000000

TCSD TCS tcsi_key.c:260

My Log: tcsi_key.c:tpm_rqu_buildtpm_rqu_build :result=0



To TPM: 00 C2 00 00 00 3B 00 00 00 21 40 00 00 00 00 4F

To TPM: F1 C6 5A 89 4D D3 43 81 32 CC CA B7 C0 BB 8A F4

To TPM: BC 98 C9 BC 8A 01 00 C6 FB 7D 86 4D 0E 9F E5 62

To TPM: 12 85 E3 04 73 C1 56 20 01 B0 48

TCSD TDDL tddl.c:171 Calling write to driver

TCSD TDDL tddl.c:193  Transmit Type: TDDL_TRANSMIT_RW

>From TPM: 00 C4 00 00 00 0A 00 00 00 0C

TCSD TCS tcsi_key.c:265

My Log: tcsi_key.c:req_mgr_submit_req :result=0



LOG_RETERR TPM tcsi_key.c:267: 0xc

TCSD TCS tcsi_key.c:268

My Log: tcsi_key.c:UnloadBlob_Header : result=12



To TPM: 00 C1 00 00 00 12 00 00 00 BA 00 4F F1 C6 00 00

To TPM: 00 02

TCSD TDDL tddl.c:171 Calling write to driver

TCSD TDDL tddl.c:193  Transmit Type: TDDL_TRANSMIT_RW

>From TPM: 00 C4 00 00 00 0A 00 00 00 22

LOG_RETERR TPM tcsi_admin.c:464: 0x22

TCSD TCS tcs_auth_mgr.c:287 Tried to close an invalid auth handle: 4ff1c6





src/tddl/tddl.c : Tddli_TransmitData



switch (opened_device->transmit) {

                case TDDL_UNDEF:

                        /* fall through */

                case TDDL_TRANSMIT_IOCTL:

                        LogDebug(" Transmit Type: TDDL_TRANSMIT_IOCTL");

                        errno = 0;

                        if ((sizeResult = ioctl(opened_device->fd,
TPMIOC_TRANSMIT, txBuffer)) != -1) {

                                opened_device->transmit =
TDDL_TRANSMIT_IOCTL;

                                break;

                        }

                        LogWarn("ioctl: (%d) %s", errno, strerror(errno));

                        LogInfo("Falling back to Read/Write device
support.");

                        /* fall through */

                case TDDL_TRANSMIT_RW:

                        LogDebug(" Transmit Type: TDDL_TRANSMIT_RW");

                        if ((sizeResult = write(opened_device->fd,

                                                txBuffer,

                                                TransmitBufLen)) ==
(int)TransmitBufLen) {

                                opened_device->transmit = TDDL_TRANSMIT_RW;

                                sizeResult = read(opened_device->fd,
txBuffer,

                                                  TDDL_TXBUF_SIZE);

                                break;



On Fri, Feb 27, 2015 at 7:23 PM, Ken Goldman <kgoldman at us.ibm.com> wrote:

> I don't know  trousers very well, but there is a mailing list specifically
> for it.
>
> trousers supports the software TPM from
>
>         http://sourceforge.net/projects/ibmswtpm/
>
> If you run with that, it traces the TPM operation in detail.  Send me the
> trace and I can probably tell you what's wrong.
>
> On 2/27/2015 12:16 AM, zakkir hussain Kharim wrote:
>
>> *Problem*
>>
>> We are trying to wrap a private key using storage root key using the
>> "create_tpm_key" tool which is part of openssl tpm engine. But it is
>> failing. We tried to debug this in multiple ways, but not able to
>> understand what is wrong*. * We are trying to wrap using Storage root
>> key. Input private key is a 2048 bit length RSA key without any
>> passphrase. The failure seems to related to getting public key of SRK
>> from the SRK handle loaded.
>>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150306/d1e5a871/attachment-0001.html>
-------------- next part --------------
TCSD svrside.c:556 accepted socket 7
TCSD svrside.c:531 Waiting for connections
TCSD tcsd_threads.c:232 total_recv_size 28, buf_size 1024, recd_so_far 28
TCSD tcsd_threads.c:284 Rx'd packet
TCSD TCS rpc/tcstp/rpc.c:582 Dispatching ordinal 1 (OpenContext)
TCSD TCS rpc/tcstp/rpc_context.c:37 tcs_wrap_OpenContext: thread 140136657467136
TCSD TCS rpc/tcstp/rpc_context.c:53 New context is 0xa0d3ec03
TCSD tcsd_threads.c:313 Sending 0x26 bytes back
TCSD tcsd_threads.c:232 total_recv_size 168, buf_size 1024, recd_so_far 28
TCSD tcsd_threads.c:277 recv_chunk_size 140 recd_so_far 28
TCSD tcsd_threads.c:284 Rx'd packet
TCSD TCS rpc/tcstp/rpc.c:582 Dispatching ordinal 12 (LoadKeyByUUID)
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 0 .
TCSD TCS rpc/tcstp/rpc_ps.c:181 tcs_wrap_LoadKeyByUUID: thread 140136657467136 context a0d3ec03
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 1 .
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 2 .
TCSD TCS tcsi_ps.c:518 TCSP_LoadKeyByUUID_Internal: Enter: uuid: 0x7f741bb02d80 auth? 0x0 ***********
TCSD TCS tcs_key_mem_cache.c:639 key_mgr_inc_ref_count: TCSD mem_cached handle: 0x40000000
TCSD TCS tcs_ps.c:170 Key successfully loaded by UUID w/ TCS handle: 0x40000000
TCSD tcsd_threads.c:313 Sending 0x97 bytes back
TCSD tcsd_threads.c:232 total_recv_size 50, buf_size 1024, recd_so_far 28
TCSD tcsd_threads.c:277 recv_chunk_size 22 recd_so_far 28
TCSD tcsd_threads.c:284 Rx'd packet
TCSD TCS rpc/tcstp/rpc.c:582 Dispatching ordinal 9 (GetRegisteredKeyBlob)
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 0 .
TCSD TCS rpc/tcstp/rpc_ps.c:140 tcs_wrap_GetRegisteredKeyBlob: thread 140136657467136 context a0d3ec03
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 1 .
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: Version: 1.1.0.0
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: keyUsage: 0x11
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: keyFlags: 0x0
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: authDatausage: 1
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: pcrInfosize: 0
TCSD TCS ps/tcsps.c:191 psfile_get_key_by_uuid: encDataSize: 0
TCSD tcsd_threads.c:313 Sending 0x151 bytes back
TCSD tcsd_threads.c:232 total_recv_size 33, buf_size 1024, recd_so_far 28
TCSD tcsd_threads.c:277 recv_chunk_size 5 recd_so_far 28
TCSD tcsd_threads.c:284 Rx'd packet
TCSD TCS rpc/tcstp/rpc.c:582 Dispatching ordinal 23 (OIAP)
TCSD TCS rpc/tcstp/rpc.c:234 My log: ******** Data type of TCS packet element 0 .
TCSD TCS rpc/tcstp/rpc_auth.c:44 tcs_wrap_OIAP: thread 140136657467136 context a0d3ec03
TCSD TCS tcsi_auth.c:40 Entering TCSI_OIAP
To TPM: 00 C1 00 00 00 0A 00 00 00 0A 
TCSD TDDL tddl.c:171 Calling write to driver
TCSD TDDL tddl.c:183  Transmit Type: TDDL_TRANSMIT_IOCTL
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux