On Fri, 21 Jan 2011 03:03:16 +0100 Andreas Piesk <[email protected]> wrote:
> Hello, > > $ pkcsconf -I -c 0 > Enter the SO PIN: > Enter a unique token label: IBM PKCS#11 TPM Token > > $ pkcsconf -t -c 0 > Token #0 Info: > Label: IBM PKCS#11 TPM Token > Manufacturer: IBM Corp. > Model: TPM v1.1 Token > Serial Number: 123 > Flags: 0x880445 > (RNG|LOGIN_REQUIRED|CLOCK_ON_TOKEN|TOKEN_INITIALIZED|USER_PIN_TO_BE_CHANGED|SO_PIN_TO_BE_CHANGED) > Sessions: -1/-1 > R/W Sessions: -1/-1 > PIN Length: 6-127 > Public Memory: 0xFFFFFFFF/0xFFFFFFFF > Private Memory: 0xFFFFFFFF/0xFFFFFFFF > Hardware Version: 1.0 > Firmware Version: 1.0 > Time: 02:25:09 > > $ pkcsconf -P -c 0 > Enter the SO PIN: > Enter the new SO PIN: > Re-enter the new SO PIN: > Error logging in: 0x6 (CKR_FUNCTION_FAILED) > > > Initializing the token succeeded, but setting SO PIN failed. afterwards i > initialized the token > again to make sure the SO PIN (default 87654321) is correct, it is. > > Is it a known problem? i patched pkcsconf to call C_GetSessionInfo() after > C_Login() and this is > what it returned: > > $ ./pkcsconf -P -c 0 > Enter the SO PIN: > Enter the new SO PIN: > Re-enter the new SO PIN: > sessioninfo: slotID = 0 > sessioninfo: state = 2 > sessioninfo: flags = 6 > sessioninfo: ulDeviceError = 0 > > No DeviceError. What could be the problem? Shouldn't you be using tpmtoken_init (from the tpm-tools project)? -Klaus -- Klaus Heinrich Kiwi | [email protected] | http://blog.klauskiwi.com Open Source Security blog : http://www.ratliff.net/blog IBM Linux Technology Center : http://www.ibm.com/linux/ltc ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ Opencryptoki-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/opencryptoki-tech
