Re: [opencryptoki-users] OpenCryptoki 2.2.4 Problems

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

This time it did not start the TPM token.=0A=0A[root@dungeon opencryptoki]#=
 pkcsconf -t=0AToken #0 Info:=0A        Label: IBM OS PKCS#11=0A        Man=
ufacturer: IBM Corp.=0A        Model: IBM SoftTok=0A        Serial Number: =
123=0A        Flags: 0x880045 (RNG|LOGIN_REQUIRED|CLOCK_ON_TOKEN|USER_PIN_T=
O_BE_CHANGED|SO_PIN_TO_BE_CHANGED)=0A        Sessions: -1/-1=0A        R/W =
Sessions: -1/-1=0A        PIN Length: 4-8=0A        Public Memory: 0xFFFFFF=
FF/0xFFFFFFFF=0A        Private Memory: 0xFFFFFFFF/0xFFFFFFFF=0A        Har=
dware Version: 1.0=0A        Firmware Version: 1.0=0A        Time: 09:53:25=
 AM=0A=0A=0A =0A-- burak()=0A(ps: bf)=0AMETU CENG '06=0A=0A----- Original M=
essage ----=0AFrom: Burak O=D0UZ <bur...@ya...>=0ATo: Tom Lendacky =
<to...@us...>; Kent Yoder <shp...@gm...>=0ACc: opencryptoki-use=
rs...@li...; ope...@li...=
=0ASent: Thursday, November 2, 2006 9:32:33 AM=0ASubject: Re: [opencryptoki=
-users] OpenCryptoki 2.2.4 Problems=0A=0AYes I am working on trousers 0.2.8=
. I will check the code on the CVS. =0AI have deleted the root directory wh=
ich is in the /usr/local/var/lib/opencryptoki/tpm several times and each ti=
me =0AI have experienced the same problems each time. =0A=0AI will report a=
gain after trying the cvs code.=0A=0AThanx...=0A =0A-- burak()=0A(ps: bf)=
=0AMETU CENG '06=0A=0A----- Original Message ----=0AFrom: Tom Lendacky <tom=
l...@us...>=0ATo: Kent Yoder <shp...@gm...>=0ACc: BurakO=D0UZ <bu=
rak...@ya...>; ope...@li...; opencryptoki=
-us...@li...=0ASent: Wednesday,=0A November 1, 2006=
 7:47:54 PM=0ASubject: Re: [opencryptoki-users] OpenCryptoki 2.2.4 Problems=
=0A=0As...@gm... wrote on 11/01/2006 10:08:06 AM:=0A=0A> Hi Burak=
,=0A=0A> Are you using trousers 0.2.8?  It looks like we haven't done an=0A=
> opencryptoki release since that release of trousers, which may be=0A> bre=
aking things here.  The compatibility code is in opencryptoki CVS,=0A> plea=
se try that out and see if it fixes this problem (if you're on=0A> trousers=
 0.2.8).=0A=0A> Kent=0A=0AIn addition to what Kent has suggested, once the =
token has been=0Ainitialized (even though you received a segfault during=0A=
tpmtoken_init), the "87654321" PIN is no longer valid. You will=0Aneed to u=
se the PIN/password that you entered when you executed=0Athe tpmtoken_init =
command.  Alternatively (since you have no data=0Ain the token yet), you ca=
n go to /var/lib/opencryptoki/tpm=0A (or=0A/usr/local/var/lib/opencryptoki/=
tpm if you built and installed to=0A/usr/local) and remove the directory th=
at has your username (this=0Aassumes that you have root access of course).=
=0A=0AThanks,=0ATom=0A=0A> On 11/1/06, Burak O=D0UZ <bur...@ya...> =
wrote:=0A> >=0A> > I have problems using cryptoki using with TPM. My TPM is=
 working fine I=0Aam=0A> > sure about it.=0A> > I have applied the method m=
entioned in trousers faq. SRK is NULL.=0A> >=0A> > [root@dungeon opencrypto=
ki]# tpmtoken_init=0A> > A new TPM security officer password is needed. The=
 password must be=0Abetween=0A> > 6 and 127 characters in length.=0A> > Ent=
er new password:=0A> > Confirm password:=0A> > Segmentation fault=0A> > [ro=
ot@dungeon opencryptoki]# tpmtoken_init=0A> > Warning: The TPM token has al=
ready been initialized. Reinitializing the=0ATPM=0A> > token will cause all=
 TPM=0A token data to be lost.=0A> > Clear the TPM token data? [y/N]: y=0A>=
 > Enter the TPM security officer password:=0A> > C_InitToken failed: 0x000=
000a0 (160)=0A> >=0A> > I have entered SO PIN as 87654321.=0A> >=0A> > [roo=
t@dungeon opencryptoki]# pkcsconf -P -c 0=0A> > Enter the SO PIN: ********=
=0A> > Enter the new SO PIN: ********=0A> > Re-enter the new SO PIN: ******=
**=0A> > Error setting PIN: 0x6=0A> >=0A> > But Cryptoki has seen my TPM.=
=0A> > [root@dungeon opencryptoki]# pkcsconf -s -t=0A> > Token #0 Info:=0A>=
 >         Label: IBM PKCS#11 TPM Token=0A> >         Manufacturer: IBM Cor=
p.=0A> >         Model: TPM v1.1 Token=0A> >         Serial Number: 123=0A>=
=0A >         Flags: 0x980445=0A> >=0A>=0A(RNG|LOGIN_REQUIRED|CLOCK_ON_TOKE=
N|TOKEN_INITIALIZED|USER_PIN_TO_BE_CHANGED|SO_PIN_COUNT_LOW|SO_PIN_TO_BE_CH=
ANGED)=0A=0A> >         Sessions: -1/-1=0A> >         R/W Sessions: -1/-1=
=0A> >         PIN Length: 6-127=0A> >         Public Memory: 0xFFFFFFFF/0x=
FFFFFFFF=0A> >         Private Memory: 0xFFFFFFFF/0xFFFFFFFF=0A> >         =
Hardware Version: 1.0=0A> >         Firmware Version: 1.0=0A> >         Tim=
e: 05:52:06 PM=0A> > Token #1 Info:=0A> >         Label:=0A IBM OS PKCS#11=
=0A> >         Manufacturer: IBM Corp.=0A> >         Model: IBM SoftTok=0A>=
 >         Serial Number: 123=0A> >         Flags: 0x880045=0A> >=0A>=0A(RN=
G|LOGIN_REQUIRED|CLOCK_ON_TOKEN|USER_PIN_TO_BE_CHANGED|SO_PIN_TO_BE_CHANGED=
)=0A=0A> >         Sessions: -1/-1=0A> >         R/W Sessions: -1/-1=0A> > =
        PIN Length: 4-8=0A> >         Public Memory: 0xFFFFFFFF/0xFFFFFFFF=
=0A> >         Private Memory: 0xFFFFFFFF/0xFFFFFFFF=0A> >         Hardware=
 Version: 1.0=0A>=0A >         Firmware Version: 1.0=0A> >         Time: 05=
:52:06 PM=0A> > Slot #0 Info=0A> >         Description: Linux 2.6.18 Linux =
(TPM)=0A> >         Manufacturer: Linux 2.6.18=0A> >         Flags: 0x5 (TO=
KEN_PRESENT|HW_SLOT)=0A> >         Hardware Version: 0.0=0A> >         Firm=
ware Version: 1.1=0A> > Slot #1 Info=0A> >         Description: Linux 2.6.1=
8 Linux (Soft)=0A> >         Manufacturer: Linux 2.6.18=0A> >         Flags=
: 0x1 (TOKEN_PRESENT)=0A>=0A >         Hardware Version: 0.0=0A> >         =
Firmware Version: 1.1=0A> >=0A> > Do you have any idea what is going on? Wh=
at should I do?=0A> >=0A> > Thanx in advance.=0A> >  -- burak()=0A> > (ps: =
bf)=0A> > METU CENG '06=0A> >=0A> >=0A> >=0A> >=0A-------------------------=
------------------------------------------------=0A> > Using Tomcat but nee=
d to do more? Need to support web services,=0Asecurity?=0A> > Get stuff don=
e quickly with pre-integrated technology to make your job=0A> > easier=0A> =
> Download IBM WebSphere Application Server v.1.0.1 based on Apache=0AGeron=
imo=0A> >=0Ahttp://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D26=
3057&dat=3D121642=0A> >=0A> > _____________________________________________=
__=0A> > opencryptoki-users mailing list=0A> > ope...@li...u=
rceforge.net=0A> > https://lists.sourceforge.net/lists/listinfo/opencryptok=
i-users=0A> >=0A> >=0A> >=0A=0A>=0A> --=0A> Kent Yoder=0A> IBM LTC Security=
 Dev.=0A=0A> --------------------------------------------------------------=
-----------=0A> Using Tomcat but need to do more? Need to support web servi=
ces, security?=0A> Get stuff done quickly with pre-integrated technology to=
 make your job=0Aeasier=0A> Download IBM WebSphere Application Server v.1.0=
.1 based on Apache=0AGeronimo=0A>=0A http://sel.as-us.falkag.net/sel?cmd=3D=
lnk&kid=3D120709&bid=3D263057&dat=3D121642=0A> ____________________________=
___________________=0A> opencryptoki-users mailing list=0A> opencryptoki-us=
er...@li...=0A> https://lists.sourceforge.net/lists/listinfo/=
opencryptoki-users=0A=0A=0A=0A=0A=0A=0A=0A---------------------------------=
----------------------------------------=0AUsing Tomcat but need to do more=
? Need to support web services, security?=0AGet stuff done quickly with pre=
-integrated technology to make your job easier=0ADownload IBM WebSphere App=
lication Server v.1.0.1 based on Apache Geronimo=0Ahttp://sel.as-us.falkag.=
net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat=3D121642=0A________________=
_______________________________=0Aopencryptoki-users mailing list=0Aopencry=
pto...@li...=0Ahttps://lists.sourceforge.net/lists/lis=
tinfo/opencryptoki-users=0A=0A=0A=0A=0A=0A=0A