Hey Ronnie,
I don't know what this means exactly, but in the code where I think this
error is getting thrown, there is special handling for ATMEL chips.:
In tspi_ek.c:
/* check validation of the entire pubkey structure */
if (memcmp(digest.digest, checkSum.digest, TPM_SHA1_160_HASH_LEN)) {
/* validation failed, unload the pubEK in order to hash
* just the pubKey portion of the pubEK. This is done on
* Atmel chips specifically.
*/
offset = 0;
__tspi_memset(&pubKey, 0, sizeof(TCPA_PUBKEY));
if ((result = Trspi_UnloadBlob_PUBKEY(&offset, pubEK, &pubKey)))
goto done;
result = Trspi_HashInit(&hashCtx, TSS_HASH_SHA1);
result |= Trspi_HashUpdate(&hashCtx, pubKey.pubKey.keyLength,
pubKey.pubKey.key);
result |= Trspi_HashUpdate(&hashCtx, TPM_SHA1_160_HASH_LEN,
antiReplay.nonce);
if ((result |= Trspi_HashFinal(&hashCtx, digest.digest)))
goto done;
if (memcmp(digest.digest, checkSum.digest, TCPA_SHA1_160_HASH_LEN)) {
result = TSPERR(TSS_E_EK_CHECKSUM);
goto done;
}
}
It looks like the trousers developers knew ATMEL would fail the first pass
validation, and they try something else, and maybe your chip isn't playing
nice there either. I'm just speculating that you are running an ATMEL.
Hope this helps:
-Tadd
On Mon, Jun 20, 2016 at 12:21 PM Thomas, Ronnie L. <[email protected]>
wrote:
> Thanks.
>
> Not sure where to go from here. The checksum should be ok for the EK.
>
>
>
> *Ronnie Thomas*
>
> *Senior Software Development Engineer-TPM/Microchip Technology, Inc.*
>
> *1150 E. Cheyenne Mountain Blvd, Colorado Springs, CO 80906*
>
> Tel:(+1)(719)-540-1604/Fax:(+1)(719)-540-1759
> <(+1)(719)(540-1604)/Fax:(+1)540-1759>
>
> [email protected]/ http://www.atmel.com/
>
>
>
> *From:* Phil Lacroute [mailto:[email protected]]
> *Sent:* Monday, June 20, 2016 11:39 AM
> *To:* Thomas, Ronnie L. <[email protected]>
> *Cc:* [email protected]
> *Subject:* Re: [TrouSerS-users] Takeownership
>
>
>
> // MessageId: TSS_E_EK_CHECKSUM
>
> //
>
> // MessageText:
>
> //
>
> // TSP is instructed to verify the EK checksum and it does not verify.
>
> //
>
> #define TSS_E_EK_CHECKSUM (UINT32)(TSS_E_BASE + 0x128L)
>
>
>
> On Jun 20, 2016, at 6:35 AM, Thomas, Ronnie L. <[email protected]>
> wrote:
>
>
>
> Does anyone know what the below error indicates when executing
> tpm_takeownership?
>
>
>
> Tspi_TPM_TakeOwnership failed: 0x00003128 - layer=tsp, code=0128 (296),
> Unknown
>
>
>
> Any insight would be appreciated.
>
>
>
> Regards,
>
>
>
> *Ronnie Thomas*
>
> *Senior Software Development Engineer-TPM/Microchip Technology, Inc.*
>
> *1150 E. Cheyenne Mountain Blvd, Colorado Springs, CO 80906*
>
> Tel:(+1)(719)-540-1604/Fax:(+1)(719)-540-1759
> <(+1)(719)(540-1604)/Fax:(+1)540-1759>
>
> [email protected]/ http://www.atmel.com/
>
>
>
>
>
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports.
> http://sdm.link/zohomanageengine_______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
>
>
> ------------------------------------------------------------------------------
> What NetFlow Analyzer can do for you? Monitors network bandwidth and
> traffic
> patterns at an interface-level. Reveals which users, apps, and protocols
> are
> consuming the most bandwidth. Provides multi-vendor support for NetFlow,
> J-Flow, sFlow and other flows. Make informed decisions using capacity
> planning
> reports. http://sdm.link/zohomanageengine
> _______________________________________________
> TrouSerS-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/trousers-users
>
------------------------------------------------------------------------------
What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic
patterns at an interface-level. Reveals which users, apps, and protocols are
consuming the most bandwidth. Provides multi-vendor support for NetFlow,
J-Flow, sFlow and other flows. Make informed decisions using capacity planning
reports. http://sdm.link/zohomanageengine
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
