[gnutls-devel] GnuTLS | tpmtool --outfile fails due to password handling (#1752)

Read-only notification of GnuTLS library development activities Sun, 19 Oct 2025 10:37:08 -0700


Jeremy Jackson created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1752




## Description of problem:

tpmtool -d 9999 --generate-rsa --bits 2048 --outfile /tmp/foo.tpm 
--srk-well-known

Fails is you press enter for an empty key password:

Setting log level to 9999
Enter key password: 
|<3>| ASSERT: ../../lib/tpm.c[gnutls_tpm_privkey_generate]:1434
|<2>| TPM (tpm) error: Authentication failed (1)
gnutls_tpm_privkey_generate: Error in provided SRK password for TPM.

It also fails if you type a password.

## Version of gnutls used:

3.8.9-3 (Debian) recompiled for TPM support

## Expected results:

If patched to skip code that uses a password (when there is none), it works:

in lib/tmp.c around line 1402:

       /* set the password of the actual key */
        if (key_password && strlen(key_password) > 0) {
                gnutls_datum_t pout;
                char *password = NULL;

-- 
Reply to this email directly or view it on GitLab: 
https://gitlab.com/gnutls/gnutls/-/issues/1752
You're receiving this email because of your account on gitlab.com.

_______________________________________________
Gnutls-devel mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-devel

[gnutls-devel] GnuTLS | tpmtool --outfile fails due to password handling (#1752)

Reply via email to