Jürgen Repp

@nikolkam the access to the tcti interface seems to be working. The error occurs when the following command is executed: `tpm2_createprimary -c /tmp/tmpa_fs1793/context.out -g sha256 -G rsa` where tmpa_fs1793 is...

@nikolkam Normally this command should work. Does the error also occur if the hierarchy is used: `tpm2_createprimary -C o -c /tmp/tmpa_fs1793/context.out -g sha256 -G rsa` If the error still occurs...

The test files for IMA and system events did contain little endian integers which were assigned to the big endian integers with memcpy. The conversion has to be fixed.

You can try to use the tpm2 tool command `tpm2_getekcertificate` https://github.com/tpm2-software/tpm2-tools/blob/master/man/tpm2_getekcertificate.1.md

For INTC certificates I would expect that `tpm2_getekcertificate` downloads the certificate for your pubek from the web and the certficate is not stored in the TPM? What is displayed if...

@velopt I can't reproduce these things without an Intel TPM. In other cases starting from the EK cert several intermediate certificates are downloaded. For FAPI the downloaded certificate chain will...

As tpm2_gecap shows 0x81000001 does not exist. If there was no tpm2_clear you can recreate the SRK: - Show the fapi info: `tss2_getinfo -o -|head -n 15` - Delete the...

you will see the system_dir with the following command (don't omit the head command): ``` $ tss2_getinfo -o -|head -n 17 { "version":"tpm2-tss 4.0.1-18-g192e6be32", "fapi_config":{ "profile_dir":"/usr/local/etc/tpm2-tss/fapi-profiles/", "user_dir":"/home/repp/.local/share/tpm2-tss/user/keystore", "system_dir":"/usr/local/var/lib/tpm2-tss/system/keystore", "log_dir":"/usr/local/var/run/tpm2-tss/eventlog/", "profile_name":"P_ECCP256SHA256",...

oh sorry I did not check exactly output and did expect that `tss2_getinfo` should work without provisioning. The directory should be `/usr/local/var/lib/tpm2-tss/system/keystore` if tss is installed in /usr/local What happens...

@kwmartin your system directory was empty, so this error message should not occur. Could you please check what directories are used with: ``` $ TSS2_LOG=fapi+debug tss2_provision debug:fapi:src/tss2-fapi/ifapi_config.c:203:expand_home() Expanding path ~/.local/share/tpm2-tss/user/keystore...