[Tpm4java-users] Prevent TPM to flush/evict keys at system reboot
Brought to you by:
tews
Menu
▾
▴
[Tpm4java-users] Prevent TPM to flush/evict keys at system reboot
|
From: Cyril D. <cyr...@gm...> - 2008-02-16 22:09:56
|
Hello, I am facing a keystore issue: When I successfully load keys into the TPM with tpm4java, I lose all of them as soon as I reboot my computer. Is there any way to keep them from being evicted? By reading the TPM Commands spec, I found out that this was possible with the TPM_KeyControlOwner command: Start of informative comment: 3995 This command controls some attributes of keys that are stored within the TPM key cache. 3996 OwnerEvict: If this bit is set to true, this key remains in the TPM non-volatile storage 3997 through all TPM_Startup events. The only way to evict this key is for the TPM Owner to 3998 execute this command again, setting the owner control bit to false and then executing 3999 TPM_FlushSpecific. 4000 The key handle does not reference an authorized entity and is not validated. 4001 End of informative comment. -- However, this is not implemented (yet?) in tpm4java, as far as I can see. Do you have any tip on fixing this issue? Thank you. Regards, -- Cyril Dangerville |
