Re: [opencryptoki-users] help on pkcs11 talking to tpm chip
Brought to you by:
ebarretto
Menu
▾
▴
Re: [opencryptoki-users] help on pkcs11 talking to tpm chip
|
From: Sanjay S. <san...@gm...> - 2007-11-19 12:43:09
|
Hi Kent, Not a problem, I am good with email support also :) I have installed the latest CVS package of opencryptoki and the upstream tpm-tools, and trousers but I am still hitting the same problem, even after setting the SRK to NULL. I am currently trying all different possibilities. I will get back to you if I need your help. Thank you, Sanjay On Nov 16, 2007 2:53 AM, Kent Yoder <shp...@gm...> wrote: > Hi Sanjay, > > The message about packet element not matching is a harmless error, > but it looks like the password for the SRK is still bad. Did you > reset your SRK password to be a zero-length string with > tpm_changeownerauth? > > Kent > > On Nov 15, 2007 5:45 AM, Sanjay Sha <san...@gm...> wrote: > > Hi Kent, > > > > Thanks very much for patiently replying to my email and explaining the > DEBUG > > information :) > > > > I have basically, tried resetting the SRK to NULL and ran tpmtoken_init > but > > it doesn't help. > > I have done some more debugging and found out that, the code is failing > with > > this specific error message.. > > "TCSD TCS rpc/tcstp/rpc.c:400 Data type of TCS packet element 2 doesn't > > match." > > I found the above by running tcsd in the foreground mode and enabling > debug > > option. > > > > I have been debugging quite a bit and my debug quota for today is over, > time > > to get some sleep :) > > I am pretty sure, you are familiar with this message. So, please help.. > > > > Also, I am quite new to this technology, so can you suggest some good > > references, to understand how the structure of the TPM > > is and so on. I am not able to get any useful resources to understand > the > > PUBLIC ROOT KEY, and how pkcs11 relates to it > > and stuff like that. So any guidance in this area is greatly helpful > > > > Appreciate your time and help ! > > > > > > FYI.. > > > > root@java:~# tpmtoken_init -k "IBM PKCS#11 TPM Token" > > LOG_DEBUG TSPI rpc/tcstp/rpc.c:358 Sending TSP packet to host localhost. > > LOG_DEBUG TSPI rpc/tcstp/rpc.c:373 Connecting to 127.0.0.1 > > LOG_DEBUG TSPI rpc/tcstp/rpc_context.c:44 RPC_OpenContext_TP: Received > TCS > > Context: 0xa028b002 > > > > Warning: The TPM token has already been initialized. Reinitializing the > TPM > > token will cause all TPM token data to be lost. > > Clear the TPM token data? [y/N]: y > > Enter the TPM security officer password: > > LOG_ERR TPM_STDLL tpm_specific.c:207 ERROR: key with ID="PUBLIC ROOT > KEY" > > not found in the store! > > LOG_DEBUG TSPI rpc/tcstp/rpc_ps.c:318 RPC_LoadKeyByUUID_TP: TCS Context: > > 0xa028b002 > > LOG_DEBUG TSPI rpc/tcstp/rpc_ps.c:339 RPC_LoadKeyByUUID_TP: TCS key > handle: > > 0x40000000 > > LOG_DEBUG TSPI rpc/tcstp/rpc_ps.c:274 RPC_GetRegisteredKeyBlob_TP: TCS > > Context: 0xa028b002 > > > > LOG_ERR TPM_STDLL tpm_specific.c:207 ERROR: key with ID="PUBLIC ROOT > KEY" > > not found in the store! > > A new TPM security officer password is needed. The password must be > between > > 6 and 127 characters in length. > > Enter new password: > > Confirm password: > > LOG_DEBUG TSPI rpc/tcstp/rpc_random.c:37 RPC_GetRandom_TP: TCS Context: > > 0xa028b002 > > LOG_DEBUG TSPI rpc/tcstp/rpc_key.c:184 RPC_GetPubKey_TP: TCS Context: > > 0xa028b002 > > > > LOG_ERR TPM_STDLL tpm_specific.c:309 ERROR: Tspi_Key_GetPubKey failed: > > rc=0x1 > > LOG_ERR TPM_STDLL tpm_specific.c:1183 ERROR: token_wrap_sw_key failed. > > rc=0x1 > > LOG_ERR TPM_STDLL tpm_specific.c:1839 ERROR: FAILED creating SO tree. > > ST MSG TPM_STDLL new_host.c:1231 whammy > > C_SetPIN failed: 0x00000006 (6) > > LOG_DEBUG TSPI rpc/tcstp/rpc_context.c:60 RPC_CloseContext_TP: TCS > Context: > > 0xa028b002 > > > > > > TCSD DEBUG information of the above command: > > TCSD svrside.c:283 accepted socket 7 > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 1 > > TCSD TCS rpc/tcstp/rpc_context.c:37 tcs_wrap_OpenContext: thread > -1212236912 > > TCSD tcsd_threads.c:385 Sending 0x26 bytes back > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 12 > > TCSD TCS rpc/tcstp/rpc_ps.c:169 tcs_wrap_LoadKeyByUUID: thread > -1212236912 > > context a028b703 > > TCSD TCS tcsi_ps.c:512 TCSP_LoadKeyByUUID_Internal: Enter: uuid: > 0xb7beb278 > > auth? 0x0 *********** > > TCSD TCS tcs_key_mem_cache.c:629 key_mgr_inc_ref_count: TCSD mem_cached > > handle: 0x40000000 > > TCSD TCS tcs_ps.c:170 Key successfully loaded by UUID w/ TCS handle: > > 0x40000000 > > TCSD tcsd_threads.c:385 Sending 0x97 bytes back > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 9 > > TCSD TCS rpc/tcstp/rpc_ps.c:131 tcs_wrap_GetRegisteredKeyBlob: thread > > -1212236912 context a028b703 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: Version: 1.1.0.6 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: keyUsage: 0x11 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: keyFlags: 0x0 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: authDatausage: 0 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: pcrInfosize: 0 > > TCSD TCS ps/tcsps.c:170 psfile_get_key_by_uuid: encDataSize: 0 > > TCSD tcsd_threads.c:385 Sending 0x151 bytes back > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 44 > > TCSD TCS rpc/tcstp/rpc_random.c:41 tcs_wrap_GetRandom: thread > -1212236912 > > context a028b703 > > TCSD TCS tcsi_random.c:48 TCSP_GetRandom_Internal: 32 bytes > > To TPM: 00 C1 00 00 00 0E 00 00 00 46 00 00 00 20 > > TCSD TDDL tddl.c:105 Calling write to driver > > From TPM: 00 C4 00 00 00 2E 00 00 00 00 00 00 00 20 F6 7A > > From TPM: D9 9E 13 06 43 93 9D C3 FA 9C B0 1A AE 0A 90 5A > > From TPM: EB 84 B0 2B B0 AE 5C 4E AD A1 0D EE EC 27 > > TCSD tcsd_threads.c:385 Sending 0x42 bytes back > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 15 > > TCSD TCS rpc/tcstp/rpc_key.c:72 tcs_wrap_GetPubkey: thread -1212236912 > > context a028b703 > > TCSD TCS rpc/tcstp/rpc.c:400 Data type of TCS packet element 2 doesn't > > match. > > TCSD TCS tcsi_key.c:237 Entering Get pub key > > TCSD TCS tcsi_key.c:246 No Auth > > TCSD TCS tcs_key_mem_cache.c:159 ensureKeyIsLoaded: 0x40000000 > > TCSD TCS tcs_key_mem_cache.c:708 mc_get_slot_by_handle: TCSD mem_cached > > handle: 0x40000000 > > TCSD TCS tcs_key_mem_cache.c:167 keySlot is 40000000 > > TCSD TCS tcs_key_mem_cache.c:865 mc_update_time_stamp: TCSD mem_cached > > handle: 0x40000000 > > TCSD TCS tcs_key_mem_cache.c:192 ensureKeyIsLoaded: Exit > > TCSD TCS tcsi_key.c:254 GetPubKey: handle: 0x40000000, slot: 0x40000000 > > To TPM: 00 C1 00 00 00 0E 00 00 00 21 40 00 00 00 > > TCSD TDDL tddl.c:105 Calling write to driver > > From TPM: 00 C4 00 00 00 0A 00 00 00 01 > > TCSD tcsd_threads.c:385 Sending 0x1C bytes back > > TCSD tcsd_threads.c:358 Rx'd packet > > TCSD TCS rpc/tcstp/rpc.c:659 Dispatching ordinal 2 > > TCSD TCS rpc/tcstp/rpc_context.c:69 tcs_wrap_CloseContext: thread > > -1212236912 context a028b703 > > TCSD TCS tcsi_context.c:39 Closing context A028B703 > > TCSD TCS tcs_key_mem_cache.c:653 key_mgr_dec_ref_count: decrementing ref > cnt > > for key 0x40000000 > > TCSD TCS tcsi_context.c:51 Context A028B703 closed > > TCSD tcsd_threads.c:385 Sending 0x1C bytes back > > TCSD TCS rpc/tcstp/rpc.c:64 Socket connection closed. > > TCSD tcsd_threads.c:397 Thread exiting. > > > > Thank you, > > Sanjay Sha > > -- > > > > > > 49:02:1f:d9:d5:10:98:58:12:af:56:e4:f1:34:cf:7e -Sunj > > www.sanjaysha.com > > > > -- > Kent Yoder > IBM LTC Security Dev. > -- 49:02:1f:d9:d5:10:98:58:12:af:56:e4:f1:34:cf:7e -Sunj www.sanjaysha.com |
