Menu
▾
▴
Re: [Trustedjava-support] Sudden errors with TPM and JTSS
|
From: Ronald T. <ron...@ia...> - 2012-09-04 09:08:19
|
Hello Arshad, We have not encountered this before, but I'd guess that something in your ecosystem must have changed. Is it an issue with a specific piece of (old) hardware? Perhaps the TPM you use has aged and now encounters problems with its NV-storage memory. Or is it an issue that occurs in several devices? A not so obvious thing to check is the JCE library you use. Could there be a license issue? Some OS hotfix might also influence the setup, for instance a new TPM driver. Of course, you should also test if the newest jTSS version happens to fix for your issues. Ronald On 09/04/2012 06:14 AM, Arshad Noor wrote: > Hello, > > We've been using JTSS 0.5 for two years and it has been fairly > stable. However, suddenly without explanation, it has started > failing on almost all decryptions. Some of the error messages > are: > > ----------------------- > iaik.tc.tss.api.exceptions.tcs.TcTcsException: > TSS Error: > error layer: 0x3000 (TSP) > error code (without layer): 0x04 > error code (full): 0x3004 > error message: unknown > additional info: Unable to determine LRU key handle > > at > iaik.tc.tss.impl.java.tcs.kcmgr.TcTcsKeyHandleMgr.getTpmKhLruNotParent(TcTcsKeyHandleMgr.java:196) > at > iaik.tc.tss.impl.java.tcs.kcmgr.TcTcsKeyCacheTpm12.swapOutKeyNotParent(TcTcsKeyCacheTpm12.java:43) > at > iaik.tc.tss.impl.java.tcs.kcmgr.TcTcsKeyCache.ensureCanLoadKey(TcTcsKeyCache.java:205) > at > iaik.tc.tss.impl.java.tcs.kcmgr.TcTcsKeyManager.LoadKey2ByBlob(TcTcsKeyManager.java:100) > at > iaik.tc.tss.impl.java.tcs.tcsi.TcTcsi.TcsipLoadKey2ByBlob(TcTcsi.java:626) > at > iaik.tc.tss.impl.java.tsp.tcsbinding.local.TcTcsBindingLocal.TcsipLoadKey2ByBlob(TcTcsBindingLocal.java:121) > at > iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspLoadKey2ByBlob_Internal(TcTspInternal.java:140) > at iaik.tc.tss.impl.java.tsp.TcRsaKey.loadKey(TcRsaKey.java:633) > ----------------------- > > Later on, similar attempts at the operation result in: > > ----------------------- > iaik.tc.tss.api.exceptions.tcs.TcTpmException: > > TSS Error: > error layer: 0x00 (TPM) > error code (without layer): 0x15 > error code (full): 0x15 > error message: The TPM has insufficient internal resources to perform > the requested action. > > at > iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon.handleRetCode(TcTpmCmdCommon.java:73) > at > iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdAuthorization.TpmOIAP(TcTpmCmdAuthorization.java:52) > at > iaik.tc.tss.impl.java.tcs.authmgr.TcTcsAuthManager.startOIAP(TcTcsAuthManager.java:27) > at > iaik.tc.tss.impl.java.tcs.tcsi.TcTcsi.TcsipOIAP(TcTcsi.java:2720) > at > iaik.tc.tss.impl.java.tsp.tcsbinding.local.TcTcsBindingLocal.TcsipOIAP(TcTcsBindingLocal.java:739) > at > iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspOIAP_Internal(TcTspInternal.java:4064) > at iaik.tc.tss.impl.java.tsp.TcRsaKey.loadKey(TcRsaKey.java:629) > ----------------------- > > The details of our configuration: > > TPM: STM v1.2 > OS: CentOS 5.3 (64-bit) > JDK: 6 Update 16 (64-bit) > JTSS: 0.5 > > > Any suggestions on what might be causing these problems suddenly on > something that has been behaving well for nearly two years? Thanks. > > Arshad Noor > StrongAuth, Inc. > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Trustedjava-support mailing list > Tru...@li... > https://lists.sourceforge.net/lists/listinfo/trustedjava-support -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Secure and Correct Systems fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
