From: Thomas W. <tho...@ia...> - 2007-03-13 06:43:01
|
Hello, > error code: 0x24 > error message: TPM layer: Invalid key usage For sealing you have to use a key of type TPM_KEY_STORAGE (. Have a look at the command "./jtt.sh create_key". It says: "[...] -t type ... type of key (use 'legacy' for binding and 'storage' for sealing operations) (legal values: storage, legacy) (default: legacy) [...]" So - the "magic" is the "-t storage" option: ./jtt.sh create_key -t storage -k test ----------------------------------- IAIK/OpenTC Java TPM Tools - - - - - - - - - - based on IAIK/OpenTC jTSS Wrapper ----------------------------------- 07:30:11:734 [INFO] CreateKey::execute (136): parent key is SRK, key length is 2048 bits 07:30:11:758 [INFO] CreateKey::execute (137): key type is storage 07:30:11:759 [INFO] CreateKey::execute (138): key registered in persistent system storage with UUID: 1.2.3.4.5.8dd8f68218c1 07:30:11:759 [INFO] CreateKey::execute (139): CreateKey succeeded With that key, the sealing should work: ./jtt.sh seal -i somefile.txt -k test -o ./sealed.data -p 10 -u 1.2.3.4.5.8dd8f68218c1 ----------------------------------- IAIK/OpenTC Java TPM Tools - - - - - - - - - - based on IAIK/OpenTC jTSS Wrapper ----------------------------------- 07:30:44:585 [INFO] Seal::execute (205): sealing to pcr: 10 07:30:44:764 [INFO] Seal::execute (295): Sealing succeeded hth, Thomas Winkler |