Re: [Tpm4java-users] TPM_LoadKey failed on Infineon 1.2 TPM

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Markus,

the following actions should allow you to use tpm4java with you Infineon
TPM:

In TPM_LoadKey(), change "final int cmdCode = 32" from 32
(TPM_ORD_LoadKey) to 65 (TPM_ORD_LoadKey2). If you turn off the reply
HMAC verification (setCheckReply(false)), this should be enough to
support this TPM. It should suffice to remove the keyhandle from
authdataReply to make the verification work again, but I tested this
with the TPM emulator, and as mentioned on the trusted java site, the
emulator does not implement LoadKey correctly.
TPM_FlushSpecific is already implemented and should work out of the box.

HTH,
Martin

Markus schrieb:
> On my Infineon 1.2 TPM TPM_LoadKey always fails with "Bad return code
> 10 The ordinal was unknown or inconsistent".
>
> I believe the reason for the error could be TPM 1.1 / 1.2 -
> incompatibility issues.
>
> For TrouSerS [1] there is a patch [2] for the Infineon 1.2 TPM. The
> creator of the patch also state a reason:
> "TPM Spec. 1.2 deprecates numerous commands which therefore are no
> longer implemented in Infineon 1.2 TPMs. To make TrouSerS work on such
> TPMs, some functions have to be modified."
>
> Is there a similar patch for tpm4java?
>
>
> Markus
>
> [1] - http://trousers.sourceforge.net/
> [2] - http://trustedjava.sourceforge.net/index.php?item=tpm1.2/readme
>   

-- 
Martin Hermanowski
http://martin.hermanowski.name
https://www.xing.com/profile/Martin_Hermanowski/