How do I know if  RM is being used?
When I do ESys_Initialize, I see these WARNINGs, wondering if it's okay for multi-thread 
WARNING:esys:src/tss2-esys/esys_tcti_default.c:137:tcti_from_file() Could not load TCTI file: libtss2-tcti-default.so
libtss2-tcti-default.so
WARNING:esys:src/tss2-esys/esys_tcti_default.c:137:tcti_from_file() Could not load TCTI file: libtss2-tcti-tabrmd.so

In my single threaded process, everything works so smoothly
[root]# ./tpm
WARNING:esys:src/tss2-esys/esys_tcti_default.c:137:tcti_from_file() Could not load TCTI file: libtss2-tcti-default.so
WARNING:esys:src/tss2-esys/esys_tcti_default.c:137:tcti_from_file() Could not load TCTI file: libtss2-tcti-tabrmd.so
ESYS Initialization: Pass

Read TPM EK Certificate: Pass

TPM EK Certificate Root-CA Verification: Pass

Clear TPM State: Pass

Created EK Primary object: Pass
#####Handle 0x418368

Create Attestation Key: Pass
#####Ak_Handle 0x41836b

Original Credential="deadbeefdeadbeefdead"

Make Credential: Pass
#####Encrypted Credential Blob="0020508e439bc6512d044bb8739e8d61c8ce3664d25f3572389b46c8797e562a45c412864f020a7f1bbcab7a34f0"

#####Encrypted Secret="b70689bb0ed9fa8324cfa03d727e6c6795069b4f0943108409b89009b9cc76c76bddb31a5ccf34cfebc5d3fe715899bb725a8a3c8fe4a6046233869123f3e978051aece0d7af0ad6f85164a32fd2c5ad756e8c3b72f6311126de79a30c0d72aa0a6f3f437f6bc077c41d3cc6450c71e803ca6074d34ce3debf5114f4bac2fd7ee6a87ef9f07d830794775dda4f77e4620cbaf9aeb302040ee2a66a352b9fffaa5447c09a249bb22d9d989b7f1406612a90b8d8bce6bb940fbfd1d50f31398403a2643c73bec336e6fcca46f29f9b6aa87fd11d53ec6f145d61b2a61dffc783ae2b2c66184435d633d0b5a420efa01748e39d687e1eb9fcc1759c184972779bfc"

Activating Credential: Pass
#####Recovered Credential="deadbeefdeadbeefdead"

[root]#


On Wed, Apr 8, 2020 at 7:02 PM Rahul Hardikar <rahulhardikar@gmail.com> wrote:
Thanks guys, I'll try this but  i also wanted to know if there is a way to know if the TPM still has the EK and AK keys loaded? I have the EK handle and AK handle (not made it persistent) but I want to make sure it's present as these are necessary for ActivateCredential to succeed 
ESys_ActivateCredential complaining about secret parameter doesn't make sense to me, I tested on server side, ak_name is same as that sent and so is EK_PUB object as well as  EK_Cert in nvram, I call the same external_makecredential call that's in the GitHub to create secret and made sure secret,credblob matches on the client side when received from server.

Thanks,
Rahul

On Tue, Mar 17, 2020 at 6:19 AM Imran Desai <imran.desai@intel.com> wrote:
Set this up with all handles in use made persistent. If you still see issues, gdb-break or turn on debug logging at the Esys call and compare the function arguments.
_______________________________________________
tpm2 mailing list -- tpm2@lists.01.org
To unsubscribe send an email to tpm2-leave@lists.01.org
%(web_page_url)slistinfo%(cgiext)s/%(_internal_name)s