I am trying to use opencryptoki with TPM, but after configuring and buildling opencryptoki on system with trousers running and TPM ownership is setup and SRK is created I am not able to have my TPM token recognized?
Here is what I did
1- I configured and make opencryoki on my centos7 machine using
>> sh bootstrap.sh
>> ./configure --enable-debug --enable-testcases
--enable-tpmtok --disable-ccatok
:
:
Enabled features:
Debug build: yes
Testcases: yes
Daemon build: yes
Library build: yes
Systemd service: no
Enabled token types:
ICA token: no
CCA token: no
Software token: yes
EP11 token: no
TPM token: yes
ICSF token: no
Token-specific features:
pkcsep11migrate build: no
CFLAGS=-g -O2 -gdwarf-2 -g3 -O0 -DDEBUG -DPKCS64 -D_XOPEN_SOURCE=600
-Wall -Wno-pointer-sign
-DCONFIG_PATH=\"$(localstatedir)/lib/opencryptoki\"
-DSBIN_PATH=\"$(sbindir)\" -DLIB_PATH=\"$(libdir)\"
-DLOCKDIR_PATH=\"$(lockdir)\" -DOCK_CONFDIR=\"$(sysconfdir)/opencryptoki\"
-DOCK_LOGDIR=\"$(logdir)\"
First I verified trousers is running
>> ps -A | grep tcsd
13582 ? 00:00:00 tcsd
I also ran
tpm_version
TPM 1.2 Version Info:
Chip Version: 1.2.5.81
Spec Level: 2
Errata Revision: 3
TPM Vendor ID: WEC
Vendor Specific data: 0000
TPM Version: 01010000
Manufacturer Info: 57454300
I have successfully taken ownership of TPM and SRK is already setup in the
TPM hardware
I checked the contents of the openCryptoKi configuration file;
vi /etc/opencryptoki/opencryptoki.conf
slot 0
{
stdll = libpkcs11_tpm.so
}
slot 1
{
stdll = libpkcs11_ica.so
}
slot 2
{
stdll = libpkcs11_cca.so
}
slot 3
{
stdll = libpkcs11_sw.so
}
slot 4
{
stdll = libpkcs11_ep11.so
confname = ep11tok.conf
}
But when I used pkcsconf -s to verify that TPM token is present
sudo pkcsconf -s
Š
Slot #3 Info
Description: Linux
Manufacturer: IBM
Flags: 0x1 (TOKEN_PRESENT)
Hardware Version: 0.0
Firmware Version: 0.0
Only libpkcs11_sw is present?
What is missing: does the package default build does not include the TPM?
Or is the configuration file is not correct?
default[3].xml
Description: default[3].xml
default[4].xml
Description: default[4].xml
------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! https://ad.doubleclick.net/ddm/clk/302982198;130105516;z
_______________________________________________ opencryptoki-users mailing list opencryptoki-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/opencryptoki-users
