Re: [opencryptoki-users] OpenCryptoki 2.2.4 Problems
Brought to you by:
ebarretto
Menu
▾
▴
Re: [opencryptoki-users] OpenCryptoki 2.2.4 Problems
|
From: <bur...@ya...> - 2006-11-02 07:32:39
|
Yes I am working on trousers 0.2.8. I will check the code on the CVS. =0AI = have deleted the root directory which is in the /usr/local/var/lib/opencryp= toki/tpm several times and each time =0AI have experienced the same problem= s each time. =0A=0AI will report again after trying the cvs code.=0A=0AThan= x...=0A =0A-- burak()=0A(ps: bf)=0AMETU CENG '06=0A=0A----- Original Messag= e ----=0AFrom: Tom Lendacky <to...@us...>=0ATo: Kent Yoder <shpedoikal@= gmail.com>=0ACc: BurakO=D0UZ <bur...@ya...>; opencryptoki-users@lis= ts.sourceforge.net; ope...@li...=0ASent= : Wednesday, November 1, 2006 7:47:54 PM=0ASubject: Re: [opencryptoki-users= ] OpenCryptoki 2.2.4 Problems=0A=0As...@gm... wrote on 11/01/2006= 10:08:06 AM:=0A=0A> Hi Burak,=0A=0A> Are you using trousers 0.2.8? It loo= ks like we haven't done an=0A> opencryptoki release since that release of t= rousers, which may be=0A> breaking things here. The compatibility code is = in opencryptoki CVS,=0A> please try that out and see if it fixes this probl= em (if you're on=0A> trousers 0.2.8).=0A=0A> Kent=0A=0AIn addition to what = Kent has suggested, once the token has been=0Ainitialized (even though you = received a segfault during=0Atpmtoken_init), the "87654321" PIN is no longe= r valid. You will=0Aneed to use the PIN/password that you entered when you = executed=0Athe tpmtoken_init command. Alternatively (since you have no dat= a=0Ain the token yet), you can go to /var/lib/opencryptoki/tpm (or=0A/usr/l= ocal/var/lib/opencryptoki/tpm if you built and installed to=0A/usr/local) a= nd remove the directory that has your username (this=0Aassumes that you hav= e root access of course).=0A=0AThanks,=0ATom=0A=0A> On 11/1/06, Burak O=D0U= Z <bur...@ya...> wrote:=0A> >=0A> > I have problems using cryptoki = using with TPM. My TPM is working fine I=0Aam=0A> > sure about it.=0A> > I = have applied the method mentioned in trousers faq. SRK is NULL.=0A> >=0A> >= [root@dungeon opencryptoki]# tpmtoken_init=0A> > A new TPM security office= r password is needed. The password must be=0Abetween=0A> > 6 and 127 charac= ters in length.=0A> > Enter new password:=0A> > Confirm password:=0A> > Seg= mentation fault=0A> > [root@dungeon opencryptoki]# tpmtoken_init=0A> > Warn= ing: The TPM token has already been initialized. Reinitializing the=0ATPM= =0A> > token will cause all TPM token data to be lost.=0A> > Clear the TPM = token data? [y/N]: y=0A> > Enter the TPM security officer password:=0A> > C= _InitToken failed: 0x000000a0 (160)=0A> >=0A> > I have entered SO PIN as 87= 654321.=0A> >=0A> > [root@dungeon opencryptoki]# pkcsconf -P -c 0=0A> > Ent= er the SO PIN: ********=0A> > Enter the new SO PIN: ********=0A> > Re-enter= the new SO PIN: ********=0A> > Error setting PIN: 0x6=0A> >=0A> > But Cryp= toki has seen my TPM.=0A> > [root@dungeon opencryptoki]# pkcsconf -s -t=0A>= > Token #0 Info:=0A> > Label: IBM PKCS#11 TPM Token=0A> > = Manufacturer: IBM Corp.=0A> > Model: TPM v1.1 Token=0A> > S= erial Number: 123=0A> > Flags: 0x980445=0A> >=0A>=0A(RNG|LOGIN_REQU= IRED|CLOCK_ON_TOKEN|TOKEN_INITIALIZED|USER_PIN_TO_BE_CHANGED|SO_PIN_COUNT_L= OW|SO_PIN_TO_BE_CHANGED)=0A=0A> > Sessions: -1/-1=0A> > R/W= Sessions: -1/-1=0A> > PIN Length: 6-127=0A> > Public Memor= y: 0xFFFFFFFF/0xFFFFFFFF=0A> > Private Memory: 0xFFFFFFFF/0xFFFFFFF= F=0A> > Hardware Version: 1.0=0A> > Firmware Version: 1.0= =0A> > Time: 05:52:06 PM=0A> > Token #1 Info:=0A> > Label: = IBM OS PKCS#11=0A> > Manufacturer: IBM Corp.=0A> > Model: I= BM SoftTok=0A> > Serial Number: 123=0A> > Flags: 0x880045= =0A> >=0A>=0A(RNG|LOGIN_REQUIRED|CLOCK_ON_TOKEN|USER_PIN_TO_BE_CHANGED|SO_P= IN_TO_BE_CHANGED)=0A=0A> > Sessions: -1/-1=0A> > R/W Sessio= ns: -1/-1=0A> > PIN Length: 4-8=0A> > Public Memory: 0xFFFF= FFFF/0xFFFFFFFF=0A> > Private Memory: 0xFFFFFFFF/0xFFFFFFFF=0A> > = Hardware Version: 1.0=0A> > Firmware Version: 1.0=0A> > = Time: 05:52:06 PM=0A> > Slot #0 Info=0A> > Description: Linux 2= .6.18 Linux (TPM)=0A> > Manufacturer: Linux 2.6.18=0A> > Fl= ags: 0x5 (TOKEN_PRESENT|HW_SLOT)=0A> > Hardware Version: 0.0=0A> > = Firmware Version: 1.1=0A> > Slot #1 Info=0A> > Description:= Linux 2.6.18 Linux (Soft)=0A> > Manufacturer: Linux 2.6.18=0A> > = Flags: 0x1 (TOKEN_PRESENT)=0A> > Hardware Version: 0.0=0A> >= Firmware Version: 1.1=0A> >=0A> > Do you have any idea what is goi= ng on? What should I do?=0A> >=0A> > Thanx in advance.=0A> > -- burak()=0A= > > (ps: bf)=0A> > METU CENG '06=0A> >=0A> >=0A> >=0A> >=0A----------------= ---------------------------------------------------------=0A> > Using Tomca= t but need to do more? Need to support web services,=0Asecurity?=0A> > Get = stuff done quickly with pre-integrated technology to make your job=0A> > ea= sier=0A> > Download IBM WebSphere Application Server v.1.0.1 based on Apach= e=0AGeronimo=0A> >=0Ahttp://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709= &bid=3D263057&dat=3D121642=0A> >=0A> > ____________________________________= ___________=0A> > opencryptoki-users mailing list=0A> > opencryptoki-users@= lists.sourceforge.net=0A> > https://lists.sourceforge.net/lists/listinfo/op= encryptoki-users=0A> >=0A> >=0A> >=0A=0A>=0A> --=0A> Kent Yoder=0A> IBM LTC= Security Dev.=0A=0A> -----------------------------------------------------= --------------------=0A> Using Tomcat but need to do more? Need to support = web services, security?=0A> Get stuff done quickly with pre-integrated tech= nology to make your job=0Aeasier=0A> Download IBM WebSphere Application Ser= ver v.1.0.1 based on Apache=0AGeronimo=0A> http://sel.as-us.falkag.net/sel?= cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D121642=0A> ______________________= _________________________=0A> opencryptoki-users mailing list=0A> opencrypt= oki...@li...=0A> https://lists.sourceforge.net/lists/lis= tinfo/opencryptoki-users=0A=0A=0A=0A=0A=0A=0A=0A |
