Closed jszanto closed 4 years ago
so error code 0x1df is:
tpm2_rc_decode 0x1df
tpm:parameter(1):integrity check failed
It's coming from Esys_ContextLoad, which means that the context file cannot be loaded. How did you end up with primary.ctx?
Usually this happens when you try and use a context file after a reboot/tpm reboot occurs, or tpm2_clear command is invoked. You can just recreate the primary key with tpm2_createprimary and then call tpm2_create.
Either you need to persist the primary key, as showcased in that demo, or you need to run tpm2_createprimary.
I created primary.ctx using tpm2_createprimary -Q -C o -c primary.ctx
, but I did do a reboot in the meanwhile which caused the issue I guess.
@jszanto how did you fix your problem?
Weird, I suspected the "primary" key had some sort of significance, it's weird that you can create a primary key, create a child keypair, reboot.
Recreate the primary key and everything still works?
What exactly is the "primary" key for?
Weird, I suspected the "primary" key had some sort of significance, it's weird that you can create a primary key, create a child keypair, reboot.
Recreate the primary key and everything still works?
What exactly is the "primary" key for?
It depends on key attributes.
I'm running tpm2-tools 4.2 on Ubuntu 20.04, when attempting attempting to use
tmp2_create
to create a PCR sealed object I encounter the following error:I've followed the instructions on https://tpm2-software.github.io/2020/04/13/Disk-Encryption.html, which suggest using this command.