Welcome to the wolfSSL Forums!

wojteksowa · 2023-04-12 07:30:12

wojteksowa
Member
Offline

Registered: 2023-04-11
Posts: 1

Topic: Storing key in NV with authentication fails - create_primary example

Hi,

I tried to use one of the WolfTPM example: create_primary to create and store in NV the key. Example works for non authentication run settings but when I use aes or xor option the TPM2_EvictControl fails returning following error:

TPM2_EvictControl failed 2690: TPM_RC_ATTRIBUTES: Inconsistent attributes

arguments that I use:
create_primary -rsa -oh -aes -store=0x81000000

I use WolfSSL and WolfTPM, WolfTPM build with WOLFTPM2_USE_HW_RNG (to use TPM random number generator).

Same test but without aes works:
create_primary -rsa -oh -store=0x81000000
result:
TPM2_EvictControl Auth 0x40000001, Key 0x80000000, Persistent 0x81000000

Is it my configuration/build issue WolfSSL/WolfTPM or TPM2_EvictControl cannot be run with authentication?

john.bland · 2023-04-12 22:21:27

john.bland
Member
Offline

Registered: 2022-12-14
Posts: 2

Re: Storing key in NV with authentication fails - create_primary example

Hey wojteksowa,

Thanks for bringing this to our attention, it turns out we were improperly setting the tpm session and it was trying to evict the key with a noauth session. I have made a fix and the PR can be found here https://github.com/wolfSSL/wolfTPM/pull/266. We will try to merge it into master as soon as possible.

Best Wishes,
John Bland

teeartichoke · 2024-01-29 00:56:57

teeartichoke
Member
Offline

Registered: 2024-01-29
Posts: 1

Re: Storing key in NV with authentication fails - create_primary example

Can anyone tell me that it has been merged and mastered?

kundewayne · 2024-05-30 00:40:35

kundewayne
Member
Offline

Registered: 2024-05-30
Posts: 1

Re: Storing key in NV with authentication fails - create_primary example

Is there anyone who has heard from someone who has successfully integrated and mastered it?

lourdeskuhic · 2024-09-12 00:58:07

lourdeskuhic
Member
Offline

Registered: 2024-09-12
Posts: 1

Re: Storing key in NV with authentication fails - create_primary example

wojteksowa wrote:

Hi,
I tried to use one of the WolfTPM example: create_primary to create and store in NV the key. Example works for non authentication run settings but when I use aes or xor option the TPM2_EvictControl fails returning following error:
TPM2_EvictControl failed 2690: TPM_RC_ATTRIBUTES: Inconsistent attributes
arguments that I use:
create_primary -rsa -oh -aes -store=0x81000000
I use WolfSSL and WolfTPM, WolfTPM build with WOLFTPM2_USE_HW_RNG (to use TPM random number generator).
Same test but without aes works:
create_primary -rsa -oh -store=0x81000000
result:
TPM2_EvictControl Auth 0x40000001, Key 0x80000000, Persistent 0x81000000
Is it my configuration/build issue WolfSSL/WolfTPM or TPM2_EvictControl cannot be run with authentication?

looking at your image you got an error because of missing period and maxim. You might have missed it so it will be an error. you can reduce 1 view to understand better

Welcome to the wolfSSL Forums!

Storing key in NV with authentication fails - create_primary example

Posts: 5

1 Topic by wojteksowa 2023-04-12 07:30:12 (edited by wojteksowa 2023-04-12 07:34:45)

Topic: Storing key in NV with authentication fails - create_primary example

2 Reply by john.bland 2023-04-12 22:21:27

Re: Storing key in NV with authentication fails - create_primary example

3 Reply by teeartichoke 2024-01-29 00:56:57

Re: Storing key in NV with authentication fails - create_primary example

4 Reply by kundewayne 2024-05-30 00:40:35

Re: Storing key in NV with authentication fails - create_primary example

5 Reply by lourdeskuhic 2024-09-12 00:58:07

Re: Storing key in NV with authentication fails - create_primary example

Posts: 5