You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
dgarske wrote:Hi Bijak Dawid,
Perhaps you can share your code, so I can attempt to reproduce with wolfTPM? Does the tpm2-tools sequence work correctly? If you'd like to keep your code private you can email support at wolfssl dot com.
The most similar examples are probably:
* examples/nvram/policy_nv.c
* examples/boot/secret_seal.c
Thanks,
David Garske, wolfSSL
Hi David,
Thank you for the quick answer! Ok, I would rather send the code per email.
anthony wrote:Hello Bijak Dawid,
My name is Anthony and I am a member of the wolfSSL team. Please have a look at https://github.com/wolfSSL/wolfTPM/blob … ive_test.c for examples of how to use TPM2_EncryptDecrypt2(). You can search for that function name in there.
Hi Anthony, thanks for the quick reply. Regarding the native_test.c example - I was kinda hoping that I could use the higher level WolfTPM API instead of having to use the native API.
anthony wrote:- what are your goals?
- where you are located?
- is this out of personal, academic or professional interest?
I am looking into the WolfTPM Library in order to determine if it's fit for our project.
Thanks, Dawid
Hello,
I'm trying to authenticate the use of a child key using a PolicyPCR.
In essence what im trying to achieve is the following
tpm2_startauthsession -S session.ctx
tpm2_policypcr -S session.ctx -l sha256:16 -L pcr_policy.digest
tpm2_createprimary -c primary.ctx
tpm2_create -C primary.ctx -G aes256 -u key.pub -r key.priv -L pcr_policy.digest
tpm2_load -C primary.ctx -u key.pub -r key.priv -c key.ctx
tpm2_startauthsession --policy-session -S session.ctx
tpm2_policypcr -S session.ctx -l sha256:16
tpm2_encryptdecrypt -c key.ctx -o encrypted.dat -p session:session.ctx plaintext.dat
Using WolfTPM, I managed to compute the policyDigest using wolfTPM2_PCRGetDigest and wolfTPM2_PolicyPCRMake.
I could confirm that the digest is correct.
Next I created a new key using wolfTPM2_CreateKey, and set the digest in the .authPolicy field.
I also made sure that the TPMA_OBJECT_userWithAuth is not set.
Next after loading the key I create a new session using wolfTPM2_StartSession with TPM_SE_POLICY.
Then I called wolfTPM2_PolicyPCR, and passed the PCR index.
But everytime when calliing wolftTPM2_EncryptDecrypt im getting the error "TPM2_EncryptDecrypt2 failed 0x12f: TPM_RC_AUTH_UNAVAILABLE: The authValue or authPolicy is not available for selected entity"
I believe I am still missing some core TPM concepts. Could you please point out what am I missing.
Thanks!
Posts found: 3
Generated in 0.015 seconds (95% PHP - 5% DB) with 4 queries