From: Raja <raj...@ho...> - 2015-06-24 05:49:20
|
Folks, For the first time I was able to define my NV space. I have struggled with it for quite some time and found an issue with hmac calculation. The NV Slot gets defined and the TPM returns some response auth. In this code snip the resultCode is zero (which is success and I could confirm NV slot created (with tpm_nvinfo.exe from Trousers) in several attempts, but ValidateRespAuth is through with error 275 (Authentication Failed). I was initially struggling with error code 1 (directly from TPM) which indicated Authentication Failure (which Johannes helped identify). Now NV Slot is created, should I care about the post-TPM validation failures? I mean even if it validates fine I am not going to do anything with the response auth :) TcITcsBinding tcs = context.getTcsBinding(); Object[] outDataTpm = tcs.TcsipNvDefineOrReleaseSpace(context.getTcsContextHandle(), pubInfo, encAuth, inAuth1); // get return values long resultCode = (long)outDataTpm[0]; if (auth) { TcTcsAuth outAuth1 = (TcTcsAuth)outDataTpm[1]; // validate output data TcBlobData[] blob1Hout = { // 1H TcTspCommon.blobUINT32(resultCode), // 1S TcTspCommon.blobUINT32(ordinal) }; // 2S TcTspCommon.validateRespAuth(blob1Hout, inAuth1, outAuth1, ownerAuth.getEncoded()); <<<<==== This call is throwing return outAuth1; } |