On 11/29/2010 07:24 PM, Wyllys Ingersoll wrote: > I have a TPM that apparently has a bunch of keys loaded that I need to evict. > Is it possible to do so without knowing their handle's or without doing > a complete reset? > > TSS_TPMCAP_PROP_MAXKEYS = 21 and TSS_TPMCAP_PROP_KEYS = 10. > Where is the rest of the space for the other 11 keys? I know that no one else > is using this machine or TPM. EvictKey or UnloadKey only work if you know > the handle, but I dont see how to get the handles. > > thanks, > Wyllys
Hi Wyllys, You must probe the list of handles first, and then flush one by one IIRC. However, the next TSS Errata will contain a command to perform such job, and this very command should be incorporated in TrouSerS shortly. For meanwhile reference, TrouSerS cleans the TPM out of keys that are in the TCS cache, and the code that does so is inside clearUnknownKeys() function. Additionally, TrouSerS should also handle loaded keys that aren't in such cache for some reason (do you know how yours specifically were left there?), probably by cleaning it at every tcsd restart, since they are backed up in /var/lib/tpm/system.data? Thanks, Rajiv Andrade Security Development IBM Linux Technology Center > ------------------------------------------------------------------------------ > Increase Visibility of Your 3D Game App& Earn a Chance To Win $500! > Tap into the largest installed PC base& get more eyes on your game by > optimizing for Intel(R) Graphics Technology. Get started today with the > Intel(R) Software Partner Program. Five $500 cash prizes are up for grabs. > http://p.sf.net/sfu/intelisp-dev2dev > _______________________________________________ > TrouSerS-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/trousers-users ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
