Menu
▾
▴
Re: [Trustedjava-support] Error in perfoming "Seal" command [Error code: 0x24 - Invalid Key Usage]
|
From: Thomas W. <tho...@ia...> - 2007-03-13 06:43:01
|
Hello,
> error code: 0x24
> error message: TPM layer: Invalid key usage
For sealing you have to use a key of type TPM_KEY_STORAGE (.
Have a look at the command "./jtt.sh create_key". It says:
"[...]
-t type ... type of key (use 'legacy' for binding and 'storage' for
sealing operations) (legal values: storage, legacy) (default: legacy)
[...]"
So - the "magic" is the "-t storage" option:
./jtt.sh create_key -t storage -k test
-----------------------------------
IAIK/OpenTC Java TPM Tools
- - - - - - - - - -
based on IAIK/OpenTC jTSS Wrapper
-----------------------------------
07:30:11:734 [INFO] CreateKey::execute (136): parent key is SRK, key
length is 2048 bits
07:30:11:758 [INFO] CreateKey::execute (137): key type is storage
07:30:11:759 [INFO] CreateKey::execute (138): key registered in
persistent system storage with UUID: 1.2.3.4.5.8dd8f68218c1
07:30:11:759 [INFO] CreateKey::execute (139): CreateKey succeeded
With that key, the sealing should work:
./jtt.sh seal -i somefile.txt -k test -o ./sealed.data -p 10 -u
1.2.3.4.5.8dd8f68218c1
-----------------------------------
IAIK/OpenTC Java TPM Tools
- - - - - - - - - -
based on IAIK/OpenTC jTSS Wrapper
-----------------------------------
07:30:44:585 [INFO] Seal::execute (205): sealing to pcr: 10
07:30:44:764 [INFO] Seal::execute (295): Sealing succeeded
hth,
Thomas Winkler
|
