This is now a different error code. It's an authorization error. Did you set the owner authorization (aka storage hierarchy) ? That needs to be passed using -P ________________________________ From: Alexander Lieb [alexander.lieb(a)online.de] Sent: Friday, January 10, 2020 14:28 To: Fuchs, Andreas Cc: tpm2(a)lists.01.org Subject: Aw: RE: [tpm2] Some Errors Still not working :( # tpm2_evictcontrol -c ak.ctx 0x81010002 WARNING:esys:src/tss2-esys/api/Esys_EvictControl.c:326:Esys_EvictControl_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x000009a2) ERROR: Esys_EvictControl(0x9A2) - tpm:session(1):authorization failure without DA implications ERROR:esys:src/tss2-esys/esys_tr.c:357:Esys_TR_Close() Error: Esys handle does not exist (70018). ERROR: Esys_TR_Close(0x70018) - esapi:0x18 ERROR: Unable to run tpm2_evictcontrol # tpm2_evictcontrol -C o -c ak.ctx 0x81010002 WARNING:esys:src/tss2-esys/api/Esys_EvictControl.c:326:Esys_EvictControl_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_EvictControl.c:114:Esys_EvictControl() Esys Finish ErrorCode (0x000009a2) ERROR: Esys_EvictControl(0x9A2) - tpm:session(1):authorization failure without DA implications ERROR:esys:src/tss2-esys/esys_tr.c:357:Esys_TR_Close() Error: Esys handle does not exist (70018). ERROR: Esys_TR_Close(0x70018) - esapi:0x18 ERROR: Unable to run tpm2_evictcontrol # Gesendet: Freitag, 10. Januar 2020 um 13:47 Uhr Von: "Fuchs, Andreas" An: "Alexander Lieb" , "tpm2(a)lists.01.org" Betreff: RE: [tpm2] Some Errors That seems to not have been updated correctly. Should probably be: tpm2_evictcontrol -c ak.ctx 0x81010002 or tpm2_evictcontrol -C o -c ak.ctx 0x81010002 Maybe you could try this and if it works, make a PR with the update to the tools project. Thanks, Andreas ________________________________ From: Alexander Lieb [alexander.lieb(a)online.de] Sent: Friday, January 10, 2020 13:36 To: tpm2(a)lists.01.org Subject: [tpm2] Some Errors Hi, I tried to make my ak persistent, usign the following readme: https://github.com/tpm2-software/tpm2-tools/blob/master/man/tpm2_createak.1.md The first two commands work fine, the last one results into: tpm2_evictcontrol -c 0x81010002 -o ak.ctx WARNING:esys:src/tss2-esys/api/Esys_ReadPublic.c:320:Esys_ReadPublic_Finish() Received TPM Error ERROR:esys:src/tss2-esys/esys_tr.c:231:Esys_TR_FromTPMPublic_Finish() Error ReadPublic ErrorCode (0x0000018b) ERROR:esys:src/tss2-esys/esys_tr.c:321:Esys_TR_FromTPMPublic() Error TR FromTPMPublic ErrorCode (0x0000018b) ERROR: Esys_TR_FromTPMPublic(0x18B) - tpm:handle(1):the handle is not correct for the use ERROR:esys:src/tss2-esys/esys_tr.c:357:Esys_TR_Close() Error: Esys handle does not exist (70018). ERROR: Esys_TR_Close(0x70018) - esapi:0x18 ERROR: Unable to run tpm2_evictcontrol I am not sure, whether I need to run any cmd to allocate the handle, or if it is necessary to be in a special mode or sth. Can you help me with this issue? Thanks a lot. Best regards