* [tpm2] Re: TPM2 PKCS11 intergration error for Openstack Barbican
@ 2021-08-11 10:16 parimalanitesh
0 siblings, 0 replies; 3+ messages in thread
From: parimalanitesh @ 2021-08-11 10:16 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 2993 bytes --]
Hi All,
I didn't get the rpm for 3.1.x or 3.0.x
I've got RPM for 2.4.5 version and i'm ending up with below error
()[root(a)e9ab983ac792 sles15_sp3]# barbican-manage hsm gen_hmac --library-path /usr/lib64/pkcs11/libtpm2_pkcs11.so.0 --passphrase stack --slot-id 1 --label my_hmac_label
** (process:614): CRITICAL **: 09:58:20.157: failed to allocate dbus proxy object: Could not connect: No such file or directory
WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0x7f17e82582a0 failed with a0008
WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:150:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0
WARNING:tcti:src/tss2-tcti/tcti-device.c:189:tcti_device_receive() The underlying IPC mechanism does not support asynchronous I/O. The 'timeout' parameter is set to TSS2_TCTI_TIMEOUT_BLOCK
WARNING:tcti:src/tss2-tcti/tcti-device.c:189:tcti_device_receive() The underlying IPC mechanism does not support asynchronous I/O. The 'timeout' parameter is set to TSS2_TCTI_TIMEOUT_BLOCK
WARNING:fapi:src/tss2-fapi/api/Fapi_List.c:226:Fapi_List_Finish() Profile of path not provisioned: /HS/SRK
ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List
ERROR: Listing FAPI token objects failed.
** (process:614): CRITICAL **: 09:58:20.167: failed to allocate dbus proxy object: Could not connect: No such file or directory
WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0x7f17e82582a0 failed with a0008
WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-abrmd
ERROR:tcti:src/tss2-tcti/tctildr-dl.c:150:tcti_from_file() Could not initialize TCTI file: libtss2-tcti-tabrmd.so.0
ERROR: HSM returned response code: 0x91 CKR_OPERATION_NOT_INITIALIZED
Package versions
libtss2-mu0-2.4.5-1.11.x86_64
libtss2-tctildr0-2.4.5-1.11.x86_64
libtss2-sys0-2.4.5-1.11.x86_64
libtss2-fapi1-3.1.0-lp152.116.2.x86_64
libtss2-esys0-2.4.5-1.11.x86_64
libtss2-tcti-device0-2.4.5-1.11.x86_64
libtss2-tcti-tabrmd0-2.3.3-1.12.x86_64
libtss2-rc0-2.4.5-1.11.x86_64
libtss2-tcti-mssim0-2.4.5-1.11.x86_64
libtss2-sys1-3.1.0-lp153.117.1.x86_64
libtss2-fapi0-2.4.5-1.11.x86_64
tpm2-0-tss-2.4.5-1.11.x86_64
tpm2.0-tools-4.3.0-2.3.x86_64
tpm2.0-abrmd-2.3.3-1.12.x86_64
tpm2-tss-engine-1.0.1-4.3.1.x86_64
tpm2-pkcs11-1.6.0+git20210503.c2d53cc-lp152.6.1.x86_64
tpm-tools-pkcs11-1.3.9.1-4.3.1.x86_64
I don't have the rpm for tpm2-pkcs11 so when i'm installing it with
zypper addrepo https://download.opensuse.org/repositories/home:brassh:branches:security/openSUSE_Tumbleweed/home:brassh:branches:security.repo
zypper refresh
zypper install tpm2-pkcs11
libtss2-fapi0-2.4.5-1.11.x86_64 is overridden by libtss2-fapi1-3.1.0-lp152.116.2.x86_64
Can you please tell me what configuration I'm missing
Thanks
Nitesh
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tpm2] Re: TPM2 PKCS11 intergration error for Openstack Barbican
@ 2021-08-10 13:01 parimalanitesh
0 siblings, 0 replies; 3+ messages in thread
From: parimalanitesh @ 2021-08-10 13:01 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 252 bytes --]
Hi Fuchs,
Thanks for the response. I'm trying this on Sles 15 Sp 2 container. It would be great if you can point me to a link where i can get the rpm's for tpm2-pkcs11 and other packages for version 3.1.x or 3.0.x for SLES 15 SP 2.
Thanks
Nitesh
^ permalink raw reply [flat|nested] 3+ messages in thread
* [tpm2] Re: TPM2 PKCS11 intergration error for Openstack Barbican
@ 2021-08-09 14:38 Fuchs, Andreas
0 siblings, 0 replies; 3+ messages in thread
From: Fuchs, Andreas @ 2021-08-09 14:38 UTC (permalink / raw)
To: tpm2
[-- Attachment #1: Type: text/plain, Size: 3300 bytes --]
Your versions of the tpm2-tss packages are all mixed up.
libtss2-esys is in version 2.3.0, libtss2-fapi in version 2.4.45
I recommend upgrading to 3.1.x or 3.0.x of tpm2-tss and try again.
________________________________________
Von: parimalanitesh(a)gmail.com <parimalanitesh(a)gmail.com>
Gesendet: Montag, 9. August 2021 16:34
An: tpm2(a)lists.01.org
Betreff: [tpm2] TPM2 PKCS11 intergration error for Openstack Barbican
Hello Everyone,
This is Nitesh. I'm working on integrating TPM as a backend to store keys for Openstack Barbican project.
Existing PKCS11 Crytpo Plugin procedure to generate the hmac and mkek is https://docs.openstack.org/barbican/stein/install/barbican-backend.html#pkcs-11-crypto-plugin.
I'm trying to integrate TPM as backend with TPM2-PKCS11 package for Openstack Barbican. https://github.com/tpm2-software/tpm2-pkcs11
When i try to run "barbican-manage hsm gen_hmac --library-path /usr/lib64/pkcs11/libtpm2_pkcs11.so.0 --passphrase stack --slot-id 1 --label my_hmac_label"
ERROR: cannot load library '/usr/lib64/pkcs11/libtpm2_pkcs11.so.0': /usr/lib64/libtss2-fapi.so.1: undefined symbol: Esys_TRSess_GetAuthRequired. Additionally, ctypes.util.find_library() did not manage to locate a library called '/usr/lib64/pkcs11/libtpm2_pkcs11.so.0'
I don't know why i'm getting the error message.
Following are the packages which i've installed
libtss2-esys0-2.3.0-2.41.x86_64
libtss2-tctildr0-2.3.0-2.41.x86_64
libtss2-tcti-tabrmd0-2.0.2-12.18.x86_64
libtss2-fapi1-3.1.0-lp152.116.2.x86_64
libtss2-rc0-2.3.0-2.41.x86_64
tpm2-0-tss-2.3.0-2.41.x86_64
libtss2-mu0-2.3.0-2.41.x86_64
libtss2-tcti-device0-2.3.0-2.41.x86_64
tpm2-tss-engine-1.0.1-2.8.x86_64
libtss2-fapi0-2.4.5-1.11.x86_64
libtss2-sys0-2.3.0-2.41.x86_64
libtss2-tcti-mssim0-2.3.0-2.41.x86_64
libtss2-sys1-3.1.0-lp152.116.2.x86_64
tpm2-pkcs11-tool-1.6.0+git20210503.c2d53cc-lp152.6.1.noarch
tpm2.0-abrmd-2.0.2-12.18.x86_64
tpm2-pkcs11-1.6.0+git20210503.c2d53cc-lp152.6.1.x86_64
tpm2.0-tools-4.1-1.57.x86_64
tpm-tools-pkcs11-1.3.9.1-4.3.1.x86_64
tpm2-pkcs11-tool-1.6.0+git20210503.c2d53cc-lp152.6.1.noarch
openssl-ibmpkcs11-1.0.1-3.6.x86_64
libpkcs11-helper1-1.27.0+git20201117.9fa1503-lp152.38.1.x86_64
pkcs11-helper-1.27.0+git20201117.9fa1503-lp152.38.1.x86_64
Did i miss any package or any other configuration is required ?
I've debugged the error to some extent.
Actually "Esys_TRSess_SetAttributes" is a function which is giving the error at https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-fapi/fapi_util.c#L2061
But that function defination is actually present in "https://github.com/tpm2-software/tpm2-tss/blob/5c178b2b61a05e1873be30cfeb4629bba5be900d/include/tss2/tss2_esys.h" and "https://github.com/tpm2-software/tpm2-tss/blob/9288970a3e657cdee85d08d3813199ec864de3ad/src/tss2-esys/esys_tr.c"
I see "tss2_esys.h" is not included as a header file in "https://github.com/tpm2-software/tpm2-tss/blob/master/src/tss2-fapi/fapi_util.c."
Please let me know what i've to do to resolve this issue.
--
Regard's
Nitesh
_______________________________________________
tpm2 mailing list -- tpm2(a)lists.01.org
To unsubscribe send an email to tpm2-leave(a)lists.01.org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-08-11 10:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-11 10:16 [tpm2] Re: TPM2 PKCS11 intergration error for Openstack Barbican parimalanitesh
-- strict thread matches above, loose matches on Subject: below --
2021-08-10 13:01 parimalanitesh
2021-08-09 14:38 Fuchs, Andreas
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.