Hi guys, Perhaps any further insight to this issue?
Thanks Alex -----Original Message----- From: Kent Yoder [mailto:shpedoi...@gmail.com] Sent: Tuesday, July 20, 2010 9:46 AM To: Alexander Loukissas (aloukiss) Cc: Klaus Heinrich Kiwi; opencryptoki-users@lists.sourceforge.net Subject: Re: [opencryptoki-users] error initializing token The TPM token code shows: Tspi_Policy_SetSecret(hPolicy, TSS_SECRET_MODE_PLAIN, 0, NULL) So this would be NULL... I assume this was done for convenience -- I don't think the well-known secret options existed in tpm-tools at that time... On Tue, Jul 20, 2010 at 11:43 AM, Alexander Loukissas (aloukiss) <alouk...@cisco.com> wrote: > I'm also confused. Should the secret be set to well-known or null? > > Alex > > -----Original Message----- > From: Klaus Heinrich Kiwi [mailto:kla...@linux.vnet.ibm.com] > Sent: Tuesday, July 20, 2010 9:34 AM > To: Kent Yoder > Cc: Alexander Loukissas (aloukiss); opencryptoki-users@lists.sourceforge.net > Subject: Re: [opencryptoki-users] error initializing token > > On Tue, 2010-07-20 at 11:23 -0500, Kent Yoder wrote: >> This is likely the TPM's SRK failing to load. The TPM Token will try >> to load the SRK using a NULL password. IIRC this can be set by just >> hitting enter when prompted for the password in tpm_changeownerauth >> -s. > > I'm confused now. What is the tpm token really expecting? > - null owner secret? > - 'well known' owner secret? i.e., tpm_takeownership -y > - 'well known' srk secret? i.e., tpm_takeownership -z > > I'm assuming that 'null password' is different than '20 bytes of > zero' (the 'well-known-secret'). > > Thanks, > > -Klaus > -- > Klaus Heinrich Kiwi | kla...@br.ibm.com > IBM LTC Security Development | http://blog.klauskiwi.com > http://www.ibm.com/linux/ltc | http://www.ratliff.net/blog > > > > ------------------------------------------------------------------------------ This SF.net email is sponsored by Sprint What will you do first with EVO, the first 4G phone? Visit sprint.com/first -- http://p.sf.net/sfu/sprint-com-first _______________________________________________ opencryptoki-users mailing list opencryptoki-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opencryptoki-users