Thread: [Ibmswtpm-users] jTSS support upcoming & bug report
Brought to you by:
kagoldman
From: Ronald T. <ron...@ia...> - 2010-05-31 06:49:50
Attachments:
smime.p7s
|
Hello, It's great to welcome another Trusted Computing project here at sourceforge! You'll find it interesting that I'm currently preparing a release of jTSS [1] compatible with the software TPM. I'm quite impressed with the implementation quality, although I found the following minor issues: * tpm_server and the utilities allow illegal port ranges (i.e. 300005 > 2^16) to be used. * TPM_Unseal will return a TPM_AUTH2FAIL if the sealing key is not properly authorized. The specs (incl. rev 117) require a plain TPM_AUTHFAIL. * TPM_Quote2 sometimes returns an invalid TPM_CAP_VERSION_INFO structure. This bug occurs only in the context of our full test suite, not when I repeat the individual unit test - I think it may be some minor memory corruption. Best Regards, Ronald [1] trustedjava.sourceforge.net -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
From: Kenneth G. <kgo...@us...> - 2010-06-01 17:24:11
|
Ronald Tögl <ron...@ia...> wrote on 05/31/2010 02:49:36 AM: > > It's great to welcome another Trusted Computing project here at > sourceforge! > You'll find it interesting that I'm currently preparing a release of > jTSS [1] compatible with the software TPM. > > I'm quite impressed with the implementation quality, although I found > the following minor issues: > > * tpm_server and the utilities allow illegal port ranges (i.e. 300005 > > 2^16) to be used. > * TPM_Unseal will return a TPM_AUTH2FAIL if the sealing key is not > properly authorized. The specs (incl. rev 117) require a plain TPM_AUTHFAIL. I believe that the spec has a typo, since this is the second authorization value. I will being this up on a TPM working group call. > * TPM_Quote2 sometimes returns an invalid TPM_CAP_VERSION_INFO > structure. This bug occurs only in the context of our full test suite, > not when I repeat the individual unit test - I think it may be some > minor memory corruption. Let me know what you find. Could you send a TPM trace of that ordinal when it fails? If you have trouble synchronizing the TPM and the test suite, a trick I often use is to trace session handles and nonces. Since they're random, it's easy to line up two separate traces. Also, note that the structure is only returned if addVersion is TRUE. Otherwise a length of 0 is returned. |