Re: [TrouSerS-users] Sealing data fails (on Xen and not-Xen)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Does the SRK have a password?  The tpm_sealdata command expects the SRK
not to have a password associated with it.

Also did you use trousers to takeownership of the TPM which is how the
SRK gets into the persistent store.

Thanks,
Kylie

On Thu, 2006-07-27 at 17:17 -0400, Osborn, Justin D. wrote:
> Hi all,
>       For my project I'm setting up a small Xen installation and
> trying to get trousers and the tpm-tools working inside of it.  For a
> simple test, I tried to run tpm_sealdata, however I get the following
> error:
>  
> Tspi_Context_LoadKeyByUUID failed: 0x00002020 - layer=tcs, code=0020
> (32), Key not found in persistent storage
>  
> I understand this to mean that tcsd didn't load the SRK into
> persistent storage.  However, I'm not sure why this is happening.  The
> tpm is owned, I can run other commands just fine.
>  
> When I boot the machine with a non-Xen kernel and run tpm_sealdata, I
> get this error:
>  
> Tspi_Key_CreateKey failed: 0x00000001 - layer=tpm, code=0001 (1),
> Authentication Failed
>  
> This one is more baffling to me, what authentication is failing?  I
> looked at the TPM spec and I can see that TPM_CreateWrapKey is
> supposed to return TPM_AUTHFAIL if any of the authentication data is
> invalid but it looks like there's a lot of authentication data and I
> don't know where that comes from.  One interesting thing is that when
> I run tpm_getpublicek, it prompts me for the owner password every
> time.  I'm not sure if that matters.
>  
> So the question is a) why isn't tcsd loading the SRK on the Xen system
> and b) why is authentication failing on the non-Xen system?  (Keep in
> mind I tried to configure these as similar as possible but the Xen
> system is pretty stripped down).
>  
> Thanks,
> Justin
>  
> P.S. I can provide the full outputs of the commands if that would
> help.
>  
>  
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys -- and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________ TrouSerS-users mailing list Tro...@li... https://lists.sourceforge.net/lists/listinfo/trousers-users