tpm-2 create policy error and PCR input file size doesn't match

[mmkclement]

Enter existing LUKS password: Warning: Value 512 is outside of the allowed entropy range, adjusting it. ERROR: pcr-input-file filesize does not match pcr set-list ERROR: Could not build pcr policy ERROR: Unable to run tpm2_createpolicy Invalid input! Usage: jose jwe fmt -i JWE [-I CT] [-o JWE] [-O CT] [-c]

Converts a JWE between serialization formats

-i JSON --input=JSON Parse JWE from JSON -i FILE --input=FILE Read JWE from FILE -i - --input=- Read JWE from standard input

-I FILE --detached=FILE Read decoded ciphertext from FILE -I - --detached=- Read decoded ciphertext from standard input

-o JSON --output=JSON Parse JWE from JSON -o FILE --output=FILE Read JWE from FILE -o - --output=- Read JWE from standard input Default: "-"

-O JSON --detach=JSON Parse JWE from JSON -O FILE --detach=FILE Read JWE from FILE -O - --detach=- Read JWE from standard input

-c --compact Output JWE using compact serialization

Failed to import token from file. Error saving metadata to LUKS2 header in device /dev/md1 Unable to update metadata; operation cancelled Error adding new binding to /dev/md1

[electrickite]

@mmkclement What command did you run to produce these errors?

[mmkclement]

I ran thsi one. sudo clevis luks bind -d /dev/sda3 tpm2 '{"pcr_ids":"2,4"}'

[electrickite]

This is the luks-tpm2 project - I’m not sure it would be related to the clevis command you ran.