tpm2-tss
tpm2-tss copied to clipboard
tpm2-software
The TPM state and the keystore state do not match.
I had it working and then tryed to delete a persistent key, and now can't go anything. I did a > tpm2_evictcontrol -c 0x81000002 and I now get
tpm2_getcap handles-persistent
- 0x81800001
- 0x81800002
and if I try to do something as simple as:
tss2_getrandom --numBytes 4 --data - | hexdump -C ERROR:fapi:src/tss2-fapi/fapi_util.c:1097:ifapi_load_primary_finish() ErrorCode (0x00060020) The persistent handle 0x81000001 does not exist. The TPM state and the keystore state do not match. ERROR:fapi:src/tss2-fapi/fapi_util.c:1429:ifapi_get_sessions_finish() Load primary. ErrorCode (0x00060020) ERROR:fapi:src/tss2-fapi/api/Fapi_GetRandom.c:229:Fapi_GetRandom_Finish() ErrorCode (0x00060020) FAPI create session ERROR:fapi:src/tss2-fapi/api/Fapi_GetRandom.c:104:Fapi_GetRandom() ErrorCode (0x00060020) GetRandom Fapi_GetRandom(0x60020) - fapi:The key was not found tpm2_clear runs but doesn't help. Did a lot of googling, but can't find a solution Also: tss2_list /P_ECCP256SHA256/HS/SRK:/P_ECCP256SHA256/HS:/P_ECCP256SHA256/LOCKOUT:/P_ECCP256SHA256/HN:/P_ECCP256SHA256/HE/EK:/P_ECCP256SHA256/HE:/P_ECCP256SHA256/HS/SRK/mySealKey:/P_ECCP256SHA256/HS/SRK/mySigningKey> and then: tss2_delete --path HS/SRK/mySealKey ERROR:fapi:src/tss2-fapi/fapi_util.c:1097:ifapi_load_primary_finish() ErrorCode (0x00060020) The persistent handle 0x81000001 does not exist. The TPM state and the keystore state do not match. ERROR:fapi:src/tss2-fapi/fapi_util.c:1429:ifapi_get_sessions_finish() Load primary. ErrorCode (0x00060020) ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:527:Fapi_Delete_Finish() Create FAPI session. ErrorCode (0x00060020) ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:326:Fapi_Delete() ErrorCode (0x00060020) Entity_Delete Fapi_Delete(0x60020) - fapi:The key was not found
I didn't delete 0x81000001 it was 0x81000002 I also tried
tpm2_createprimary --hierarchy o -G rsa2048 -o key.ctxt This worked, and then from the documentation https://www.kernel.org/doc/html/v5.0/security/keys/trusted-encrypted.html tried tpm2_evictcontrol -c key.ctxt -p 0x81000001 tpm2_evictcontrol: invalid option -- 'p' and then tried tpm2_evictcontrol -c key.ctxt 0x81000001 ERROR:esys:src/tss2-esys/esys_mu.c:585:iesys_MU_IESYSC_RESOURCE_TYPE_Unmarshal() Bad value 43001008 ERROR:esys:src/tss2-esys/esys_mu.c:787:iesys_MU_IESYS_RESOURCE_Unmarshal() Error unmarshaling subfield rsrcType ErrorCode (0x0008000b) ERROR:esys:src/tss2-esys/esys_tr.c:96:Esys_TR_Deserialize() Unmarshal resource object ErrorCode (0x0008000b) ERROR: Esys_TR_Deserialize(0x8000B) - sys:A parameter has a bad value ERROR: Incorrect handle value, got: "key.ctxt", expected expected [o|p|e|n|l] or a handle number ERROR: Unable to read PEM from provided BIO/file ERROR: Unable to fetch public/private portions of TSS PRIVKEY ERROR: Cannot make sense of object context "key.ctxt" ERROR: Unable to run tpm2_evictcontrol
I have no idea what to try next. Any suggestions would be appreciated.
As tpm2_gecap shows 0x81000001 does not exist. If there was no tpm2_clear you can recreate the SRK:
- Show the fapi info:
tss2_getinfo -o -|head -n 15 - Delete the files in the system dir.
- execute
tss2_provision
Now it should be possible to use the keys in the user store again.
Unfortunately, didn't work
tss2_getinfo -o - ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:400:ifapi_json_TPM2_ALG_ID_serialize() Undefined constant. ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1569:ifapi_json_TPMS_ALG_PROPERTY_serialize() Serialize TPM2_ALG_ID ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1802:ifapi_json_TPML_ALG_PROPERTY_serialize() Serialize TPMS_ALG_PROPERTY ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:2043:ifapi_json_TPMS_CAPABILITY_DATA_serialize() Serialize TPMU_CAPABILITIES ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:608:ifapi_json_IFAPI_CAP_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:651:ifapi_json_IFAPI_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:270:Fapi_GetInfo_Finish() Error serialize info object ErrorCode (0x0006000b) ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:123:Fapi_GetInfo() ErrorCode (0x0006000b) GetTPMInfo Fapi_GetInfo(0x6000B) - fapi:A parameter has a bad value
I can see:
ls /sys/class/tpm/tpm0/ . .. dev device pcr-sha256 power ppi subsystem tpm_version_major uevent
Is this the directory and can you tell me which files to delete? Thank you.
you will see the system_dir with the following command (don't omit the head command):
$ tss2_getinfo -o -|head -n 17
{
"version":"tpm2-tss 4.0.1-18-g192e6be32",
"fapi_config":{
"profile_dir":"/usr/local/etc/tpm2-tss/fapi-profiles/",
"user_dir":"/home/repp/.local/share/tpm2-tss/user/keystore",
"system_dir":"/usr/local/var/lib/tpm2-tss/system/keystore",
"log_dir":"/usr/local/var/run/tpm2-tss/eventlog/",
"profile_name":"P_ECCP256SHA256",
"tcti":"",
"system_pcrs":[
],
"ek_cert_file":"",
"ek_cert_less":"NO",
"web_cert_service":"",
"firmware_log_file":"/sys/kernel/security/tpm0/binary_bios_measurements",
"ima_log_file":"/sys/kernel/security/ima/binary_runtime_measurements"
},
Juergen, I should have been clearer, here is the output of copying and pasting your suggested command:
tss2_getinfo -o -|head -n 17 ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:400:ifapi_json_TPM2_ALG_ID_serialize() Undefined constant. ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1569:ifapi_json_TPMS_ALG_PROPERTY_serialize() Serialize TPM2_ALG_ID ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:1802:ifapi_json_TPML_ALG_PROPERTY_serialize() Serialize TPMS_ALG_PROPERTY ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/tpm_json_serialize.c:2043:ifapi_json_TPMS_CAPABILITY_DATA_serialize() Serialize TPMU_CAPABILITIES ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:608:ifapi_json_IFAPI_CAP_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) ERROR:fapijson:src/tss2-fapi/ifapi_json_serialize.c:651:ifapi_json_IFAPI_INFO_serialize() Serialize TPMS_CAPABILITY_DATA ErrorCode (0x0006000b) ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:270:Fapi_GetInfo_Finish() Error serialize info object ErrorCode (0x0006000b) ERROR:fapi:src/tss2-fapi/api/Fapi_GetInfo.c:123:Fapi_GetInfo() ErrorCode (0x0006000b) GetTPMInfo Fapi_GetInfo(0x6000B) - fapi:A parameter has a bad value
oh sorry I did not check exactly output and did expect that tss2_getinfo should work without provisioning.
The directory should be /usr/local/var/lib/tpm2-tss/system/keystore
if tss is installed in /usr/local
What happens if you delete the files in this directory if you execute tss2_provision?
ls /usr/local/var/lib/tpm2-tss/system/keystore/ . .. tss2_provision ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:246:Fapi_Provision_Async() ErrorCode (0x00060035) Profile P_ECCP256SHA256 was already provisioned. ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:157:Fapi_Provision() ErrorCode (0x00060035) Provision Fapi_Provision(0x60035) - fapi:Already provisioned
Juergen, is the state stored inside the TPM? Would you recommend: cd /sys/class/tpm/tpm0/ppi sudo -E su printf 5 > request and reboot? I'm wary of blindly trying something so drastic with no idea of what it does
@kwmartin your system directory was empty, so this error message should not occur. Could you please check what directories are used with:
$ TSS2_LOG=fapi+debug tss2_provision
debug:fapi:src/tss2-fapi/ifapi_config.c:203:expand_home() Expanding path ~/.local/share/tpm2-tss/user/keystore to user's home
debug:fapi:src/tss2-fapi/ifapi_config.c:290:ifapi_config_initialize_finish() Configuration profile directory: /usr/local/etc/tpm2-tss/fapi-profiles/
debug:fapi:src/tss2-fapi/ifapi_config.c:291:ifapi_config_initialize_finish() Configuration user directory: /home/repp/.local/share/tpm2-tss/user/keystore
debug:fapi:src/tss2-fapi/ifapi_config.c:292:ifapi_config_initialize_finish() Configuration key storage directory: /usr/local/var/lib/tpm2-tss/system/keystore
debug:fapi:src/tss2-fapi/ifapi_config.c:293:ifapi_config_initialize_finish() Configuration profile name: P_ECCP256SHA256
TSS2_LOG=fapi+debug tss2_provision debug:fapi:src/tss2-fapi/ifapi_config.c:200:expand_home() Expanding path ~/.local/share/tpm2-tss/user/keystore to user's home debug:fapi:src/tss2-fapi/ifapi_config.c:287:ifapi_config_initialize_finish() Configuration profile directory: /etc/tpm2-tss/fapi-profiles/ debug:fapi:src/tss2-fapi/ifapi_config.c:288:ifapi_config_initialize_finish() Configuration user directory: /home/martin/.local/share/tpm2-tss/user/keystore debug:fapi:src/tss2-fapi/ifapi_config.c:289:ifapi_config_initialize_finish() Configuration key storage directory: /var/lib/tpm2-tss/system/keystore debug:fapi:src/tss2-fapi/ifapi_config.c:290:ifapi_config_initialize_finish() Configuration profile name: P_ECCP256SHA256 debug:fapi:src/tss2-fapi/ifapi_config.c:291:ifapi_config_initialize_finish() Configuration TCTI:
debug:fapi:src/tss2-fapi/ifapi_config.c:292:ifapi_config_initialize_finish() Configuration log directory: /run/tpm2-tss/eventlog/ ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:246:Fapi_Provision_Async() ErrorCode (0x00060035) Profile P_ECCP256SHA256 was already provisioned. ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:157:Fapi_Provision() ErrorCode (0x00060035) Provision Fapi_Provision(0x60035) - fapi:Already provisioned debug:fapi:src/tss2-fapi/api/Fapi_Finalize.c:46:Fapi_Finalize() called: context: 0x7ffcd3367148, *context: 0x55d51e888f20 debug:fapi:src/tss2-fapi/api/Fapi_Finalize.c:97:Fapi_Finalize() finished
tss was installed to / not to /usr/local. So you should delete the files in: /var/lib//tpm2-tss/system/keystore
I'm guessing Rocket Science is not my thing? After deleting /var/lib//tpm2-tss/system/keystore
TSS2_LOG=fapi+debug tss2_provision debug:fapi:src/tss2-fapi/ifapi_config.c:200:expand_home() Expanding path ~/.local/share/tpm2-tss/user/keystore to user's home debug:fapi:src/tss2-fapi/ifapi_config.c:287:ifapi_config_initialize_finish() Configuration profile directory: /etc/tpm2-tss/fapi-profiles/ debug:fapi:src/tss2-fapi/ifapi_config.c:288:ifapi_config_initialize_finish() Configuration user directory: /home/martin/.local/share/tpm2-tss/user/keystore debug:fapi:src/tss2-fapi/ifapi_config.c:289:ifapi_config_initialize_finish() Configuration key storage directory: /var/lib/tpm2-tss/system/keystore debug:fapi:src/tss2-fapi/ifapi_config.c:290:ifapi_config_initialize_finish() Configuration profile name: P_ECCP256SHA256 debug:fapi:src/tss2-fapi/ifapi_config.c:291:ifapi_config_initialize_finish() Configuration TCTI:
debug:fapi:src/tss2-fapi/ifapi_config.c:292:ifapi_config_initialize_finish() Configuration log directory: /run/tpm2-tss/eventlog/ WARNING:fapi:src/tss2-fapi/ifapi_io.c:339:ifapi_io_check_create_dir() Directory /var/lib/tpm2-tss/system/keystore/policy does not exist, creating ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:1055:create_dirs() mkdir not possible: -1 /var/lib/tpm2-tss/system/keystore/policy ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:1082:ifapi_create_dirs() ErrorCode (0x0006000b) Create directories for /var/lib/tpm2-tss/system/keystore/policy ERROR:fapi:src/tss2-fapi/ifapi_io.c:342:ifapi_io_check_create_dir() ErrorCode (0x0006000b) Directory /var/lib/tpm2-tss/system/keystore/policy can't be created. ERROR:fapi:src/tss2-fapi/ifapi_policy_store.c:115:ifapi_policy_store_initialize() ErrorCode (0x0006000b) Policy directory /var/lib/tpm2-tss/system/keystore/policy can't be created. ERROR:fapi:src/tss2-fapi/api/Fapi_Initialize.c:218:Fapi_Initialize_Finish() ErrorCode (0x0006000b) Keystore could not be initialized. Fapi_Initialize(0x6000B) - fapi:A parameter has a bad value
you should check the access rights of this directory. On my pc e.g.*
$ ls -l /usr/local/var/lib/tpm2-tss/system/
drwxrwsr-x+ 4 tss tss 4096 Mär 5 20:19 keystore
I'm member of the group tss. So I have write access to this directory. Does the directory /var/lib/tpm2-tss/system/ with owner tss exist and are you member of the group tss?
This is helping. Also, the first few lines from >TSS2_LOG=fapi+debug tss2_provision are helping, and then going back and reading section section 4.2.4 from Infineon's OPTIGA TPM Application Note is helping. I am a member of the tss group which I think is necessary in order to use /dev/tmp0 without sudo. However, /usr/local/var/lib/tpm2-tss/system/ has ownership root:root, not tss:tss and from the line "user_dir": "~/.local/share/tpm2-tss/user/keystore", in /etc/tpm2-tss/fapi-config.json I see that my keys are being stored under my home directory. I deleted everything under ~/.local/share/tpm2-tss/user/keystore and also did a:
sudo chown tss: /var/lib/tpm2-tss/system/keystore still didn't work, but the TSS2_LOG=fapi+debug is worth it's weight in gold as I now see ... WARNING:fapi:src/tss2-fapi/ifapi_io.c:339:ifapi_io_check_create_dir() Directory /var/lib/tpm2-tss/system/keystore/policy does not exist, creating ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:1055:create_dirs() mkdir not possible: -1 /var/lib/tpm2-tss/system/keystore/policy ERROR:fapi:src/tss2-fapi/ifapi_helpers.c:1082:ifapi_create_dirs() ErrorCode (0x0006000b) Create directories for /var/lib/tpm2-tss/system/keystore/policy ERROR:fapi:src/tss2-fapi/ifapi_io.c:342:ifapi_io_check_create_dir() ErrorCode (0x0006000b) Directory /var/lib/tpm2-tss/system/keystore/policy can't be created. ... Ah ha, so I did a: sudo chmod g+w /var/lib/tpm2-tss/system/keystore/ an lo and behold, I can now do a tss2_provision and I think I will be able to start over in creating locked keys. There a few steps in the "getting started" that are critical to get right and need emphasizing in a Getting Started Ho To.; once I get things going, if I was to write a "Getting Started Ho To", can you recommend where to post it?
Jurgen, your help has been invaluable, without it, I wouldn't have a chance of using theTPM. It is much appreciated. One last question, do you anywhere that shows even a simple example of setting up keys using tpm2-pytss? The documentation doesn't have any and so far I can't find any. I could use C and do a shared library, but I hate to reinvent the wheel.
One last question, do you anywhere that shows even a simple example of setting up keys using tpm2-pytss? The documentation doesn't have any and so far I can't find any. I could use C and do a shared library, but I hate to reinvent the wheel.
The pytss API is documentd on: https://tpm2-pytss.readthedocs.io/en/latest/api.html. When I started using pytss I always found good exmaples in the pytss integration tests.
Getting Started Ho To.; once I get things going, if I was to write a "Getting Started Ho To", can you recommend where to post it?
Perhaps https://tpm2-software.github.io/tutorials/ would be a place for this.
Uh, not there yet. tss2_provision works when the keystore directory is empty, but I still have a left-over problem. Without debug:
tpm2_getcap handles-persistent
- 0x81000001
- 0x81800001
- 0x81800002
tpm2_evictcontrol -c 0x81800002 WARNING:esys:src/tss2-esys/api/Esys_EvictControl.c:330:Esys_EvictControl_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x00000285) ERROR: Esys_EvictControl(0x285) - tpm:handle(2):hierarchy is not enabled or is not correct for the use ERROR: Unable to run tpm2_evictcontrol
Still, I can now do some things, for example:
tss2_getrandom --numBytes 32 --data - | hexdump -C 00000000 61 fc c1 d2 cd b4 6d 00 d3 6b 2e 0f a9 82 05 87 |a.....m..k......| 00000010 55 a0 a8 c9 d7 6e 3e 4f b9 dc 81 ef 79 e1 e3 80 |U....n>O....y...| 00000020
More importantly: tss2_createseal --path=HS/SRK/mySealKey --type="noDa,0x81000002" --authValue="" --data=lib/myKey.bin tss2_unseal --path HS/SRK/mySealKey --data lib/newKey.bin diff lib/myKey.bin lib/newKey.bin returned nothing.
lib/myKey is a 44 byte base64 encoded random number. So as long as I delete lib/newKey.bin and lib/myKey.bin it will only be saved in the tpm, can only retrieved by a user that is in the tss group (i.e. only me unless someone gets root access on this computer). So I can use the unecoded key as a salt for generating new keys, possibly with a password.
If in addition, I edit /etc/ssh/sshd_config and use: AllowUsers martin AllowGroups tss and restart ssh, I should be fairly safe.
If you have any ideas on how to fix tpm2_evictcontrol -c 0x81800002, but I think having a single key that is not stored in a file should suffice. Thanks again for all your help.
The address range 0x81800000 to 0x81800000 is reserved for keys in the platform hierarchy (p). The default hierarchy used by tpm2_evictcontrol is the owner hierarchy (o). The hierarchy can be specified with the -C parameter. But you must be able to authorize the hierarchy.
@JuergenReppSIT Is there a way in FAPI to explicitly check if TPM state and a key store state matches, so that I can detect this state and try to recover from it? I noticed that my application fails to CreateSeal with "The TPM state and the keystore state do not match" because user called tpm2_clear but i would like to detect it earlier in initialization stage so i can recover from it.
After a tpm2_clear, FAPI provisioning must be re-executed. Other keys than the SRK and the EK can't be recovered. It's not possible to cleanup the keystore with tpm2_delete -p /. You would get an error. So you should delete the keystore files with rm. You find the location with: tss2_getinfo -o-| head -n 10.
You can delete the files in the user and system keystore directory. Afterwards tss2_provision should work again.
@JuergenReppSIT the thing is my application is unaware if user have executed the tpm2_clear command. I want to make sure my application can recover from this state. It only uses Unseal() and CreateSeal() for securing the symmetric encryptor. so the best i can do is...
if (Fapi_CreateSeal() == TSS2_FAPI_RC_KEY_NOT_FOUND) {
rm user_dir
rm system_key_store_dir
Fapi_Provision()
retry CreateSeal()
}
or is there a better way to detect this state?
@nikolkam Currently it's not possible to check whether the state is ok without producing an error log with FAPI. You could check whether the persistent SRK exists by using the Tss2_Sys functions as in the following example:
#include <stdio.h>
#include <stdlib.h>
#include <tss2/tss2_sys.h>
#include <tss2/tss2_tctildr.h>
// Compile with:
// gcc sys-checksrk.c -o sys-checksrk -g -ltss2-sys -ltss2-tctildr
int main() {
TSS2_RC rc;
TSS2_TCTI_CONTEXT *tcti_ctx;
TSS2_SYS_CONTEXT *sys_ctx;
uint32_t contextSize;
TPM2_HANDLE srk_handle = 0x81000001;
// tcti could be computed by Fapi_GetTcti(fapi_context, &tcti_ctx);
// instead of using Tss2_TctiLdr_Initialize
rc = Tss2_TctiLdr_Initialize("device:/dev/tpmrm0", &tcti_ctx);
if (rc != TSS2_RC_SUCCESS) {
printf("\nFailed to get tcti\n");
return 1;
}
contextSize = Tss2_Sys_GetContextSize( 0 );
sys_ctx = calloc(contextSize,1);
rc = Tss2_Sys_Initialize(sys_ctx, contextSize, tcti_ctx, NULL);
if (rc != TSS2_RC_SUCCESS) {
printf("\nFailed to initialize sys ctx\n");
return 1;
}
rc = Tss2_Sys_ReadPublic(sys_ctx, srk_handle,
NULL, NULL, NULL, NULL, NULL);
if (rc != TSS2_RC_SUCCESS){
printf("\nNo SRK\n");
return 1;
}
return 0;
}