[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Petr Gotthard]

[-- Attachment #1: Type: text/plain, Size: 4557 bytes --]

Hi Chris,
 
that's great to hear. Thanks for all the testing!
 
In general I am interested in feedback (both bugs and improvement suggestions) from testing of real-life scenarios, so if you did test all you need and everything worked as you want it to work then I am happy and don't need anything else.
 
 
Thanks again,
Petr
 
______________________________________________________________
> Od: "Chris Newman" <chris(a)mode51.software>
> Komu: "Petr Gotthard" <petr.gotthard(a)centrum.cz>, tpm2(a)lists.01.org
> Datum: 06.10.2021 01:08
> Předmět: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
>
Hi Petr,
I've tried abrmd and it works fine for the ir:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2 -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
Also works with the cr:
/opt/sdk/openssl/current/bin/openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2 -cmd cr -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -key handle:0x81010002 -certout ./cl_cert2.pem -cert ./cl_cert.pem -tls_used -verbosity 8 -trusted ./capubs.pem -unprotected_errors
Is there anything you want me to test with the DigiCert CMPv2 responder?
Many thanks for the really great software.
 
On 04/10/2021 09:18, Chris Newman wrote:Thanks Petr,
I'm using in-kernel. I'll try abrmd and report back.

On 04/10/2021 08:31, Petr Gotthard wrote:Hello,
 
this sounds like a known limitation of the openssl provider: https://github.com/tpm2-software/tpm2-openssl/issues/4 <https://github.com/tpm2-software/tpm2-openssl/issues/4>
 
Some applications (like CMP) are too greedy and consume more resources than the TPM has. The resource managers (to my best knowledge) cannot swap resources from the same user.
 
Are you using the tpm2-abrmd resource manager, or the in-kernel manager? The tpm2-abrmd behaves much better.
 
 
Petr
 
______________________________________________________________
 > Od: "Chris Newman" <chris(a)mode51.software> <chris(a)mode51.software>
 > Komu: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
 > Datum: 04.10.2021 01:41
 > Předmět: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
 >
Hi,
I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
I get the following error:
DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 DIGEST FINAL
 DIGEST FREE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
 ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
 DIGEST FREE
 DIGEST FREE
 DIGEST FREE
 CMP DEBUG: disconnected from CMP server
 CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
 CMP error: not able to copy ctx
 CMP error: internal error
 CMP error: error sending
 CMP error: shutdown while in init
 CMP error: transfer error:request sent: IR, expected response: IP
 RSA FREE
 RAND FREE
 RAND FREE
 RAND FREE
 PROVIDER TEARDOWN
 
I've tried tpm2_flushcontext -t.
I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:
--disable-op-digest
Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
 
-- 
 
 Chris Newman 
 https://mode51.software <https://mode51.software> 
 @mode51software <https://twitter.com/mode51software> 

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 7421 bytes --]

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 5970 bytes --]



> -----Original Message-----
> From: Petr Gotthard <petr.gotthard(a)centrum.cz>
> Sent: Thursday, October 14, 2021 11:49 AM
> To: Roberts, William C <william.c.roberts(a)intel.com>; tpm2(a)lists.01.org
> Subject: Re: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0):
> out of memory for object contexts
> 
> Hi Bill,
> 
> >> Example 1: OpenSSL often duplicates hash sequences: To hash sequences
> A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash
> sequence and then complete the hash first for C1 and then for C2. This is a great
> performance optimization, but when too many dup (forks) are made, the TPM
> runs out of objects.
> 
> > Why are we doing hashing with the TPM? If we're in an OpenSSL provider cant
> we just use software provided hashing routines? I see hashing is configurable,
> but I would imagine off be default is what you want. Do we use validation tickets
> or anything like that or just the resulting digest? If all we use are the digests, I
> would make TPM not hash and make that option a nop.
> 
> Signing by a restricted signing key requires validation tickets, so the hash must be
> done by the TPM. The OpenSSL has a combined operation "EVP_DigestSign",
> which enables the tpm2 provider to hash, obtain the validation ticket and then
> immediately sign the hash using this ticket. This is beautiful, but it needs the TPM
> hashing.
> 

Oh cool I didn't know it supported restricted keys.

> 
> >> Example 2: The CMP key update needs 4 objects to operate (old client key,
> new client key, server key and hash sequence), but the kernel RM
> (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
> 
>  > It does seem that way, but TPM commands only ever need 3 objects alive at
> once, so that's likely why that was chosen.
> 
> Yeah, I thought this is so.
> 
> > Does CMP key really need all 4 of those things in the TPM at once, because
> currently today that's not actually happening as abrmd is just swapping them in
> and out.
> 
> Currently, the tpm2 provider does not do any internal resource management. If
> someone loads a public / private key, the provider creates a TPM object for this.
> This key may be used for some later TPM operation or even not used at all, for
> example when a pubkey is being validated against a privkey. Unfortunately, the
> provider cannot know in advance if and how the key being loaded will be used.
> (The user is free not to use the TPM provider for loading a pubkey, but if it does a
> TPM object is created.)
> 
> Typical OpenSSL based implementations are not optimized to reduce the number
> of concurrently loaded keys. The code often pre-loads all keys and then uses the
> keys in various operations. Even though a single operation never needs more
> than 3 objects, the code may prepare more than 3 objects because it is going to
> invoke more than one operation later.
> 
> > Also, doesn't CMP use public objects (x509 certs) for some of it?
> 
> Yes, it does. X.509 certs also include pubkeys and CMP sometimes wants to
> extract a pubkey from a certificate to match it against a privkey it has. This also
> consumes two objects (one for the pubkey and one for the privkey) although no
> TPM operation can be invoked. (But it might be and we don't know, as said
> above.)
> 
> > Are public key operations implemented in software? In tpm2-pkcs11 we
> implement them in software and hash in software and I have yet to have
> someone hit a limit but perhaps they are all using abrmd but I thought some were
> using in-kernel RM.
> 
> Yes. Some public key operations are implemented. Applications can use only one
> RSA/ECC key management-- if a TPM based RSA (or ECC) key management is
> loaded in OpenSSL, it will be used for both sign and validate operations-- a typical
> OpenSSL application cannot say "do privkey in the TPM and pubkey in the default
> provider"; it can choose only one for both (or create two contexts, but nobody
> does that). This is OK because TPM can do public key operations too, but it needs
> more resources if the app pre-loads everything as said above.
> 
> 
> I can see 3 possible solutions how to solve the resource problem:
> 1) Optimize the code for resource consumption. But then the OpenSSL
> applications must be TPM aware, which is what I wanted to avoid.
> 2) Implement some more intelligent resource (less greedy) usage in the tpm2
> provider itself. But this feels like re-implementing the RM elsewhere.

If you tune your application to consume less resources or change your usage patterns,
That's not an RM, if the code starts contextsave/contextload on error and issuing virtual
Handles, yeah that’s an RM. So I don't see these being the same.

> 3) Rely on the RM (abrmd?) to swap the objects as needed and create the illusion
> of a much larger object space.
> 
> Can the abrmd swap resources from a single user? I thought the purpose is to
> swap resources from multiple connections (users), but in this case there is just
> one greedy user.

Yes it swaps objects for a single user as well.

> 
> The https://github.com/tpm2-software/tpm2-abrmd README.md says: The
> current implementations are mostly equivalent with a few differences. But if
> abrmd can swap resources much better than the in-kernel RM, then I wouldn't
> call them "mostly equivalent".
> 

I would agree with your conclusion, not only does it not handle session ungapping
But its support as an RM is very limited due to its limited swap space.

I wonder if there is a feature we could add to the in-kernel RM to send the driver some pages from
the calling process's memory space to increase the per-process map space or if the driver could
carve out some more space on behalf of the calling process. Anything to bump the swap, make
it opt in, and add any needed syscalls into the device driver.

> 
> Petr

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Petr Gotthard]

[-- Attachment #1: Type: text/plain, Size: 4575 bytes --]

Hi Bill,
 
>> Example 1: OpenSSL often duplicates hash sequences: To hash sequences A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash sequence and then complete the hash first for C1 and then for C2. This is a great performance optimization, but when too many dup (forks) are made, the TPM runs out of objects.
  
> Why are we doing hashing with the TPM? If we're in an OpenSSL provider cant we just use software provided hashing routines? I see hashing is configurable, but I would imagine off be default is what you want. Do we use validation tickets or anything like that or just the resulting digest? If all we use are the digests, I would make TPM not hash and make that option a nop.
 
Signing by a restricted signing key requires validation tickets, so the hash must be done by the TPM. The OpenSSL has a combined operation "EVP_DigestSign", which enables the tpm2 provider to hash, obtain the validation ticket and then immediately sign the hash using this ticket. This is beautiful, but it needs the TPM hashing.
 
 
>> Example 2: The CMP key update needs 4 objects to operate (old client key, new client key, server key and hash sequence), but the kernel RM (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
  
 > It does seem that way, but TPM commands only ever need 3 objects alive at once, so that's likely why that was chosen.
 
Yeah, I thought this is so.
 
> Does CMP key really need all 4 of those things in the TPM at once, because currently today that's not actually happening as abrmd is just swapping them in and out.
 
Currently, the tpm2 provider does not do any internal resource management. If someone loads a public / private key, the provider creates a TPM object for this. This key may be used for some later TPM operation or even not used at all, for example when a pubkey is being validated against a privkey. Unfortunately, the provider cannot know in advance if and how the key being loaded will be used.
(The user is free not to use the TPM provider for loading a pubkey, but if it does a TPM object is created.)
 
Typical OpenSSL based implementations are not optimized to reduce the number of concurrently loaded keys. The code often pre-loads all keys and then uses the keys in various operations. Even though a single operation never needs more than 3 objects, the code may prepare more than 3 objects because it is going to invoke more than one operation later.
 
> Also, doesn't CMP use public objects (x509 certs) for some of it?
 
Yes, it does. X.509 certs also include pubkeys and CMP sometimes wants to extract a pubkey from a certificate to match it against a privkey it has. This also consumes two objects (one for the pubkey and one for the privkey) although no TPM operation can be invoked. (But it might be and we don't know, as said above.)
 
> Are public key operations implemented in software? In tpm2-pkcs11 we implement them in software and hash in software and I have yet to have someone hit a limit but perhaps they are all using abrmd but I thought some were using in-kernel RM.
 
Yes. Some public key operations are implemented. Applications can use only one RSA/ECC key management-- if a TPM based RSA (or ECC) key management is loaded in OpenSSL, it will be used for both sign and validate operations-- a typical OpenSSL application cannot say "do privkey in the TPM and pubkey in the default provider"; it can choose only one for both (or create two contexts, but nobody does that). This is OK because TPM can do public key operations too, but it needs more resources if the app pre-loads everything as said above.
 
 
I can see 3 possible solutions how to solve the resource problem:
1) Optimize the code for resource consumption. But then the OpenSSL applications must be TPM aware, which is what I wanted to avoid.
2) Implement some more intelligent resource (less greedy) usage in the tpm2 provider itself. But this feels like re-implementing the RM elsewhere.
3) Rely on the RM (abrmd?) to swap the objects as needed and create the illusion of a much larger object space.
 
Can the abrmd swap resources from a single user? I thought the purpose is to swap resources from multiple connections (users), but in this case there is just one greedy user.
 
The https://github.com/tpm2-software/tpm2-abrmd README.md says: The current implementations are mostly equivalent with a few differences. But if abrmd can swap resources much better than the in-kernel RM, then I wouldn't call them "mostly equivalent".
 
 
Petr

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 5840 bytes --]

> From: Petr Gotthard <petr.gotthard(a)centrum.cz>
> Sent: Friday, October 8, 2021 11:44 AM
> To: Roberts, William C <william.c.roberts(a)intel.com>; Chris Newman <chris(a)mode51.software>; tpm2(a)lists.01.org <tpm2(a)lists.01.org>
> Subject: Re: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts 
 
> Bill,
> we solved this particular issue, but I expect more resource-related troubles are yet to come.

Oh, how exciting :-p
 
> Example 1: OpenSSL often duplicates hash sequences: To hash sequences A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash sequence and then complete the hash first for C1 and then for C2. This is a great performance optimization, but when too many dup (forks) are made, the TPM runs out of objects.
 
Why are we doing hashing with the TPM? If we're in an OpenSSL provider cant we just use software provided hashing routines? I see hashing is configurable, but I would imagine off be default is what you want. Do we use validation tickets or anything like that or just the resulting digest? If all we use are the digests, I would make TPM not hash and make that option a nop.

> Example 2: The CMP key update needs 4 objects to operate (old client key, new client key, server key and hash sequence), but the kernel RM (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
 
It does seem that way, but TPM commands only ever need 3 objects alive at once, so that's likely why that was chosen.

https://github.com/torvalds/linux/commit/6c4e79d99e6f42b79040f1a33cd4018f5425030b#diff-7c47a49cbd705c6edb19c967c22c296f00d2391a3483ba849097e908c6513585

Does CMP key really need all 4 of those things in the TPM at once, because currently today that's not actually happening as abrmd is just swapping them in and out.
Also, doesn't CMP use public objects (x509 certs) for some of it?

Looking at the code here:
  - https://github.com/tpm2-software/tpm2-openssl/blob/34c62521a359455b6c4c2bdf6b4e5e149b1a39ba/test/rsa_genpkey_x509_cmp.sh#L41

Are public key operations implemented in software? In tpm2-pkcs11 we implement them in software and hash in software and I have yet to have someone hit a limit but perhaps they are all using abrmd but I thought some were using in-kernel RM.

> In general, the OpenSSL code often pre-loads or caches objects, which will be used later, which causes troubles with the space-constrained TPM. I was not sure whether the tpm2-openssl provider should act as another level of a resource manager and swap the objects to simulate more space than available on the TPM hardware, or whether this is something the resource manager could/should do.

It's something the RM should do, but the in-kernel RM will always be tightly constrained by the amount of kernel memory space it can swap to. I wonder if we could give it a real swap space :-p

> It's definitely a nice problem to think about and most likely something which will need to be addressed in the tpm2-openssl 2.0
 
 
Petr

______________________________________________________________
> Od: "Roberts, William C" <william.c.roberts(a)intel.com>
> Komu: "Chris Newman" <chris(a)mode51.software>, "tpm2(a)lists.01.org" <tpm2(a)lists.01.org>, "Petr Gotthard" <petr.gotthard(a)centrum.cz>
> Datum: 08.10.2021 17:46
> Předmět: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
>
Thats:
tpm2_rc_decode 0x00000902
tpm:warn(2.0): out of memory for object contexts
Are you running against a resource manager? You should probably either use /dev/tpmrm0 or tpm2-abrmd.
You can set the TCTI via the TPM2OPENSSL_TCTI which AFAICT takes strings like tpm2-tools, so something like:
"device:/dev/tpmrm0" or "abrmd".

This also might be a bug, the provider is pretty new. Petr any other ideas I am missing?

Bill


From: Chris Newman <chris(a)mode51.software>
Sent: Sunday, October 3, 2021 6:40 PM
To: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
Subject: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts 
 
Hi,
I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
I get the following error:
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
DIGEST FINAL
DIGEST FREE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
DIGEST FREE
DIGEST FREE
DIGEST FREE
CMP DEBUG: disconnected from CMP server
CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
CMP error: not able to copy ctx
CMP error: internal error
CMP error: error sending
CMP error: shutdown while in init
CMP error: transfer error:request sent: IR, expected response: IP
RSA FREE
RAND FREE
RAND FREE
RAND FREE
PROVIDER TEARDOWN
 
I've tried tpm2_flushcontext -t.
I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:
--disable-op-digest
Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
 
-- 

Chris Newman 
https://mode51.software 
@mode51software

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Petr Gotthard]

[-- Attachment #1: Type: text/plain, Size: 4108 bytes --]

Bill,
we solved this particular issue, but I expect more resource-related troubles are yet to come.
 
Example 1: OpenSSL often duplicates hash sequences: To hash sequences A,B,C1 and then A,B,C2 they first hash A,B, then duplicate/fork the hash sequence and then complete the hash first for C1 and then for C2. This is a great performance optimization, but when too many dup (forks) are made, the TPM runs out of objects.
 
Example 2: The CMP key update needs 4 objects to operate (old client key, new client key, server key and hash sequence), but the kernel RM (tpm_space.context_tbl) allows only 3 objects. (If I am right.)
 
 
In general, the OpenSSL code often pre-loads or caches objects, which will be used later, which causes troubles with the space-constrained TPM. I was not sure whether the tpm2-openssl provider should act as another level of a resource manager and swap the objects to simulate more space than available on the TPM hardware, or whether this is something the resource manager could/should do.
 
It's definitely a nice problem to think about and most likely something which will need to be addressed in the tpm2-openssl 2.0
 
 
Petr

______________________________________________________________
> Od: "Roberts, William C" <william.c.roberts(a)intel.com>
> Komu: "Chris Newman" <chris(a)mode51.software>, "tpm2(a)lists.01.org" <tpm2(a)lists.01.org>, "Petr Gotthard" <petr.gotthard(a)centrum.cz>
> Datum: 08.10.2021 17:46
> Předmět: [tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
>
Thats:tpm2_rc_decode 0x00000902
 tpm:warn(2.0): out of memory for object contextsAre you running against a resource manager? You should probably either use /dev/tpmrm0 or tpm2-abrmd.You can set the TCTI via the TPM2OPENSSL_TCTI which AFAICT takes strings like tpm2-tools, so something like:"device:/dev/tpmrm0" or "abrmd".
 This also might be a bug, the provider is pretty new. Petr any other ideas I am missing?
 Bill
 From: Chris Newman <chris(a)mode51.software>
 Sent: Sunday, October 3, 2021 6:40 PM
 To: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
 Subject: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts Hi,
I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server  https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
I get the following error:
DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 DIGEST FINAL
 DIGEST FREE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
 ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
 DIGEST FREE
 DIGEST FREE
 DIGEST FREE
 CMP DEBUG: disconnected from CMP server
 CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
 CMP error: not able to copy ctx
 CMP error: internal error
 CMP error: error sending
 CMP error: shutdown while in init
 CMP error: transfer error:request sent: IR, expected response: IP
 RSA FREE
 RAND FREE
 RAND FREE
 RAND FREE
 PROVIDER TEARDOWN
 
I've tried tpm2_flushcontext -t.
I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:
--disable-op-digest
Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
 
-- 
 
 Chris Newman 
 https://mode51.software <https://mode51.software> 
 @mode51software <https://twitter.com/mode51software>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 7694 bytes --]

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Roberts, William C]

[-- Attachment #1: Type: text/plain, Size: 2736 bytes --]

Thats:
tpm2_rc_decode 0x00000902
tpm:warn(2.0): out of memory for object contexts

Are you running against a resource manager? You should probably either use /dev/tpmrm0 or tpm2-abrmd.

You can set the TCTI via the TPM2OPENSSL_TCTI which AFAICT takes strings like tpm2-tools, so something like:
"device:/dev/tpmrm0" or "abrmd".

This also might be a bug, the provider is pretty new. Petr any other ideas I am missing?

Bill



________________________________
From: Chris Newman <chris(a)mode51.software>
Sent: Sunday, October 3, 2021 6:40 PM
To: tpm2(a)lists.01.org <tpm2(a)lists.01.org>
Subject: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts


Hi,

I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:

openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8

I get the following error:

DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
DIGEST FINAL
DIGEST FREE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST NEW
DIGEST INIT
DIGEST UPDATE
DIGEST DUP
WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
DIGEST FREE
DIGEST FREE
DIGEST FREE
CMP DEBUG: disconnected from CMP server
CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
CMP error: not able to copy ctx
CMP error: internal error
CMP error: error sending
CMP error: shutdown while in init
CMP error: transfer error:request sent: IR, expected response: IP
RSA FREE
RAND FREE
RAND FREE
RAND FREE
PROVIDER TEARDOWN


I've tried tpm2_flushcontext -t.

I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:

--disable-op-digest

Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?


--

Chris Newman
https://mode51.software
@mode51software<https://twitter.com/mode51software>

[cid:part3.B665FF1A.CFE6FA19(a)mode51.software]


mode51 Software Ltd is registered in England and Wales
Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK

GPG Encryption key<https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 6044 bytes --]

[-- Attachment #3: hbofnihajndifnfn.png --]
[-- Type: image/png, Size: 7041 bytes --]

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Chris Newman]

[-- Attachment #1: Type: text/plain, Size: 5231 bytes --]

Hi Petr,

I've tried abrmd and it works fine for the ir:

openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider 
tpm2 -provider default -propquery ?provider=tpm2 -cmd ir -server 
https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 -ref 1234 -secret 
pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 
-subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem 
-tls_used -verbosity 8

Also works with the cr:

/opt/sdk/openssl/current/bin/openssl cmp -config 
/opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider 
default -propquery ?provider=tpm2 -cmd cr -server 
https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 -ref 1234 -key 
handle:0x81010002 -certout ./cl_cert2.pem -cert ./cl_cert.pem -tls_used 
-verbosity 8 -trusted ./capubs.pem -unprotected_errors

Is there anything you want me to test with the DigiCert CMPv2 responder?

Many thanks for the really great software.


On 04/10/2021 09:18, Chris Newman wrote:
>
> Thanks Petr,
>
> I'm using in-kernel. I'll try abrmd and report back.
>
>
> On 04/10/2021 08:31, Petr Gotthard wrote:
>>
>> Hello,
>>
>> this sounds like a known limitation of the openssl provider: 
>> https://github.com/tpm2-software/tpm2-openssl/issues/4
>>
>> Some applications (like CMP) are too greedy and consume more 
>> resources than the TPM has. The resource managers (to my best 
>> knowledge) cannot swap resources from the same user.
>>
>> Are you using the tpm2-abrmd resource manager, or the in-kernel 
>> manager? The tpm2-abrmd behaves much better.
>>
>> Petr
>>
>> ______________________________________________________________
>> > Od: "Chris Newman" <chris(a)mode51.software>
>> > Komu: tpm2(a)lists.01.org
>> > Datum: 04.10.2021 01:41
>> > Předmět: [tpm2] CMP error: cannot duplicate context:2306 
>> tpm:warn(2.0): out of memory for object contexts
>> >
>>
>> Hi,
>>
>> I create an EK and AK using tpm2_createek, tpm2_createak and 
>> tpm2_evictcontrol to persist the AK in 0x81010002. The I use the 
>> following command with DigiCert's CMPv2 server:
>>
>> openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf 
>> -provider tpm2 -provider default -propquery 
>> ?provider=tpm2,tpm2.digest!=yes -cmd ir -server 
>> https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 
>> <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 
>> -secret pass:1234 -recipient "/CN=mode51.software" -key 
>> handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem 
>> -certout ./cl_cert.pem -tls_used -verbosity 8
>>
>> I get the following error:
>>
>> DIGEST NEW
>> DIGEST INIT
>> DIGEST UPDATE
>> DIGEST DUP
>> DIGEST FINAL
>> DIGEST FREE
>> DIGEST NEW
>> DIGEST INIT
>> DIGEST UPDATE
>> DIGEST NEW
>> DIGEST INIT
>> DIGEST UPDATE
>> DIGEST DUP
>> WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() 
>> Received TPM Error
>> ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() 
>> Esys Finish ErrorCode (0x00000902)
>> DIGEST FREE
>> DIGEST FREE
>> DIGEST FREE
>> CMP DEBUG: disconnected from CMP server
>> *CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of 
>> memory for object contexts*
>> CMP error: not able to copy ctx
>> CMP error: internal error
>> CMP error: error sending
>> CMP error: shutdown while in init
>> CMP error: transfer error:request sent: IR, expected response: IP
>> RSA FREE
>> RAND FREE
>> RAND FREE
>> RAND FREE
>> PROVIDER TEARDOWN
>>
>> I've tried tpm2_flushcontext -t.
>>
>> I recompiled tpm2-openssl with the following option and that appears 
>> to have worked around the issue:
>>
>> --disable-op-digest
>>
>> Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
>>
>> -- 
>>
>> Chris Newman
>> https://mode51.software <https://mode51.software>
>> @mode51software <https://twitter.com/mode51software>
>>
>>
>>
>>
>> mode51 Software Ltd is registered in England and Wales
>> Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK
>>
>> GPG Encryption key 
>> <https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>
>>
>>
>> ----------
>>
>> _______________________________________________
>> tpm2 mailing list -- tpm2(a)lists.01.org
>> To unsubscribe send an email to tpm2-leave(a)lists.01.org
>> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s 
> -- 
>
> Chris Newman
> +44 7958 745368
> https://mode51.software <https://mode51.software>
> @mode51software <https://twitter.com/mode51software>
>
>
>
>
> mode51 Software Ltd is registered in England and Wales
> Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK
>
> GPG Encryption key 
> <https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>
-- 

Chris Newman
+44 7958 745368
https://mode51.software <https://mode51.software>
@mode51software <https://twitter.com/mode51software>




mode51 Software Ltd is registered in England and Wales
Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK

GPG Encryption key 
<https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 9804 bytes --]

[-- Attachment #3: hbofnihajndifnfn.png --]
[-- Type: image/png, Size: 7041 bytes --]

[-- Attachment #4: cgkpholajahjbjni.png --]
[-- Type: image/png, Size: 7041 bytes --]

[-- Attachment #5: chokpedmodmgejcd.png --]
[-- Type: image/png, Size: 7041 bytes --]

[-- Attachment #6: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4007 bytes --]

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Chris Newman]

[-- Attachment #1: Type: text/plain, Size: 3701 bytes --]

Thanks Petr,

I'm using in-kernel. I'll try abrmd and report back.


On 04/10/2021 08:31, Petr Gotthard wrote:
>
> Hello,
>
> this sounds like a known limitation of the openssl provider: 
> https://github.com/tpm2-software/tpm2-openssl/issues/4
>
> Some applications (like CMP) are too greedy and consume more resources 
> than the TPM has. The resource managers (to my best knowledge) cannot 
> swap resources from the same user.
>
> Are you using the tpm2-abrmd resource manager, or the in-kernel 
> manager? The tpm2-abrmd behaves much better.
>
> Petr
>
> ______________________________________________________________
> > Od: "Chris Newman" <chris(a)mode51.software>
> > Komu: tpm2(a)lists.01.org
> > Datum: 04.10.2021 01:41
> > Předmět: [tpm2] CMP error: cannot duplicate context:2306 
> tpm:warn(2.0): out of memory for object contexts
> >
>
> Hi,
>
> I create an EK and AK using tpm2_createek, tpm2_createak and 
> tpm2_evictcontrol to persist the AK in 0x81010002. The I use the 
> following command with DigiCert's CMPv2 server:
>
> openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider 
> tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd 
> ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 
> <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 
> -secret pass:1234 -recipient "/CN=mode51.software" -key 
> handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem 
> -certout ./cl_cert.pem -tls_used -verbosity 8
>
> I get the following error:
>
> DIGEST NEW
> DIGEST INIT
> DIGEST UPDATE
> DIGEST DUP
> DIGEST FINAL
> DIGEST FREE
> DIGEST NEW
> DIGEST INIT
> DIGEST UPDATE
> DIGEST NEW
> DIGEST INIT
> DIGEST UPDATE
> DIGEST DUP
> WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() 
> Received TPM Error
> ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() 
> Esys Finish ErrorCode (0x00000902)
> DIGEST FREE
> DIGEST FREE
> DIGEST FREE
> CMP DEBUG: disconnected from CMP server
> *CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory 
> for object contexts*
> CMP error: not able to copy ctx
> CMP error: internal error
> CMP error: error sending
> CMP error: shutdown while in init
> CMP error: transfer error:request sent: IR, expected response: IP
> RSA FREE
> RAND FREE
> RAND FREE
> RAND FREE
> PROVIDER TEARDOWN
>
> I've tried tpm2_flushcontext -t.
>
> I recompiled tpm2-openssl with the following option and that appears 
> to have worked around the issue:
>
> --disable-op-digest
>
> Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
>
> -- 
>
> Chris Newman
> https://mode51.software <https://mode51.software>
> @mode51software <https://twitter.com/mode51software>
>
>
>
>
> mode51 Software Ltd is registered in England and Wales
> Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK
>
> GPG Encryption key 
> <https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>
>
>
> ----------
>
> _______________________________________________
> tpm2 mailing list -- tpm2(a)lists.01.org
> To unsubscribe send an email to tpm2-leave(a)lists.01.org
> %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s 
-- 

Chris Newman
+44 7958 745368
https://mode51.software <https://mode51.software>
@mode51software <https://twitter.com/mode51software>




mode51 Software Ltd is registered in England and Wales
Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK

GPG Encryption key 
<https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc>

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 6964 bytes --]

[-- Attachment #3: hbofnihajndifnfn.png --]
[-- Type: image/png, Size: 7041 bytes --]

[-- Attachment #4: cgkpholajahjbjni.png --]
[-- Type: image/png, Size: 7041 bytes --]

[-- Attachment #5: smime.p7s --]
[-- Type: application/pkcs7-signature, Size: 4007 bytes --]

[tpm2] Re: CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts

[Petr Gotthard]

[-- Attachment #1: Type: text/plain, Size: 3042 bytes --]

Hello,
 
this sounds like a known limitation of the openssl provider: https://github.com/tpm2-software/tpm2-openssl/issues/4
 
Some applications (like CMP) are too greedy and consume more resources than the TPM has. The resource managers (to my best knowledge) cannot swap resources from the same user.
 
Are you using the tpm2-abrmd resource manager, or the in-kernel manager? The tpm2-abrmd behaves much better.
 
 
Petr
 
______________________________________________________________
> Od: "Chris Newman" <chris(a)mode51.software>
> Komu: tpm2(a)lists.01.org
> Datum: 04.10.2021 01:41
> Předmět: [tpm2] CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
>
Hi,
I create an EK and AK using tpm2_createek, tpm2_createak and tpm2_evictcontrol to persist the AK in 0x81010002. The I use the following command with DigiCert's CMPv2 server:
openssl cmp -config /opt/sdk/openssl/current/ssl/openssl.cnf -provider tpm2 -provider default -propquery ?provider=tpm2,tpm2.digest!=yes -cmd ir -server https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234 <https://demo.one.digicert.com/iot/api/v1/cmp/IOT_1234> -ref 1234 -secret pass:1234 -recipient "/CN=mode51.software" -key handle:0x81010002 -subject "/CN=TestTest" -cacertsout ./capubs.pem -certout ./cl_cert.pem -tls_used -verbosity 8
I get the following error:
DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 DIGEST FINAL
 DIGEST FREE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST NEW
 DIGEST INIT
 DIGEST UPDATE
 DIGEST DUP
 WARNING:esys:src/tss2-esys/api/Esys_ContextLoad.c:279:Esys_ContextLoad_Finish() Received TPM Error
 ERROR:esys:src/tss2-esys/api/Esys_ContextLoad.c:93:Esys_ContextLoad() Esys Finish ErrorCode (0x00000902)
 DIGEST FREE
 DIGEST FREE
 DIGEST FREE
 CMP DEBUG: disconnected from CMP server
 CMP error: cannot duplicate context:2306 tpm:warn(2.0): out of memory for object contexts
 CMP error: not able to copy ctx
 CMP error: internal error
 CMP error: error sending
 CMP error: shutdown while in init
 CMP error: transfer error:request sent: IR, expected response: IP
 RSA FREE
 RAND FREE
 RAND FREE
 RAND FREE
 PROVIDER TEARDOWN
 
I've tried tpm2_flushcontext -t.
I recompiled tpm2-openssl with the following option and that appears to have worked around the issue:
--disable-op-digest
Is this what "?provider=tpm2,tpm2.digest!=yes" should effectively do?
 
-- 
 
 Chris Newman 
 https://mode51.software <https://mode51.software> 
 @mode51software <https://twitter.com/mode51software> 
 
  
 
  
 mode51 Software Ltd is registered in England and Wales 
 Company Number 13007792 Registered Office 3 Orchard Way, CB24 1AG, UK 
 
 GPG Encryption key <https://mode51.software/downloads/chrisnewman-mode51-pub-20201111.asc> 
 
 ----------
 
 _______________________________________________
 tpm2 mailing list -- tpm2(a)lists.01.org
 To unsubscribe send an email to tpm2-leave(a)lists.01.org
 %(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s

[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 4615 bytes --]

[-- Attachment #3: attachment.htm --]
[-- Type: text/html, Size: 4615 bytes --]

[-- Attachment #4: hbofnihajndifnfn.png --]
[-- Type: image/png, Size: 7041 bytes --]