1 (edited by wojteksowa 2023-04-12 07:34:45)

Topic: Storing key in NV with authentication fails - create_primary example

Hi,

I tried to use one of the WolfTPM example: create_primary to create and store in NV the key. Example works for non authentication run settings but when I use aes or xor option the TPM2_EvictControl fails returning following error:

TPM2_EvictControl failed 2690: TPM_RC_ATTRIBUTES: Inconsistent attributes

arguments that I use:
create_primary -rsa -oh -aes -store=0x81000000

I use WolfSSL and WolfTPM, WolfTPM build with WOLFTPM2_USE_HW_RNG (to use TPM random number generator).

Same test but without aes works:
create_primary -rsa -oh -store=0x81000000
result:
TPM2_EvictControl Auth 0x40000001, Key 0x80000000, Persistent 0x81000000

Is it my configuration/build issue WolfSSL/WolfTPM or TPM2_EvictControl cannot be run with authentication?

Share

Re: Storing key in NV with authentication fails - create_primary example

Hey wojteksowa,

Thanks for bringing this to our attention, it turns out we were improperly setting the tpm session and it was trying to evict the key with a noauth session. I have made a fix and the PR can be found here https://github.com/wolfSSL/wolfTPM/pull/266. We will try to merge it into master as soon as possible.

Best Wishes,
John Bland

Share

Re: Storing key in NV with authentication fails - create_primary example

Can anyone tell me that it has been merged and mastered?