ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2)

[Anupyalsangikar]

Hi I have configured and make install everything as per the link tpm2-tss-engine, tpm2-tss, tpm2-tools for tpm2-tss when i make install i am getting warning messages warning: relinking 'src/tss2-tcti/libtss2-tcti-swtpm.la' ...etc

I have configured tpm2-tss-engine openssl.conf.sample

openssl_conf = openssl_init

[openssl_init] engines = engine_section

[engine_section] tpm2tss = tpm2tss_section

[tpm2tss_section] engine_id = tpm2tss

dynamic_path = /usr/lib/x86_64-linux-gnu/engines-1.1/libtpm2tss.so

default_algorithms = RSA

,ECDSA

init = 1 SET_TCTI = device:/dev/tpmrm0 SET_OWNERAUTH = 123

SET_PARENTAUTH =

[req] distinguished_name = subject

[subject]

prompts and defaults here

Next: When i issue the command openssl engine -t -c tpm2tss i works And i can create rsa key using command tpm2tss-genkey -a rsa rsa.tss But when i issue command

Without sudo openssl req -new -x509 -engine tpm2tss -key rsa.tss -keyform engine -out rsa.crt It prompts some question i entered the next is below error i am getting but crt file not created

WARNING:tcti:src/tss2-tcti/tcti-device.c:429:Tss2_Tcti_Device_Init() Failed to open default TCTI device file /dev/tpmrm0: Permission denied WARNING:tcti:src/tss2-tcti/tcti-device.c:429:Tss2_Tcti_Device_Init() Failed to open default TCTI device file /dev/tpm0: Permission denied ERROR:tcti:src/tss2-tcti/tcti-device.c:433:Tss2_Tcti_Device_Init() Could not open any default TCTI device file WARNING:tcti:src/tss2-tcti/tctildr.c:79:tcti_from_init() TCTI init for function 0x7f151cd626c9 failed with a000a WARNING:tcti:src/tss2-tcti/tctildr.c:109:tcti_from_info() Could not initialize TCTI named: tcti-device ERROR:tcti:src/tss2-tcti/tctildr-dl.c:154:tcti_from_file() Could not initialize TCTI file: device ERROR:tcti:src/tss2-tcti/tctildr.c:416:Tss2_TctiLdr_Initialize_Ex() Failed to instantiate TCTI 139728687178176:error:8007306F:tpm2-tss-engine:esys_ctx_init:Some unknown error occured:src/tpm2-tss-engine-common.c:81: 139728687178176:error:8008206D:tpm2-tss-engine:rand_bytes:Unknown TPM error occured. Please check tpm2tss logs:src/tpm2-tss-engine-rand.c:58:

With sudo sudo openssl req -new -x509 -engine tpm2tss -key rsa.tss -keyform engine -out rsa.crt It prompts some question i entered the next is below error i am getting but crt file not created

WARNING:esys:src/tss2-esys/api/Esys_CreatePrimary.c:393:Esys_CreatePrimary_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x000009a2) 139987063673280:error:80071097:tpm2-tss-engine:init_tpm_parent:Owner authorization failed:src/tpm2-tss-engine-common.c:508: 139987063673280:error:80072096:tpm2-tss-engine:init_tpm_key:Authorization failed:src/tpm2-tss-engine-common.c:564: 139987063673280:error:8007406F:tpm2-tss-engine:esys_ctx_free:Some unknown error occured:src/tpm2-tss-engine-common.c:106: 139987063673280:error:8008C096:tpm2-tss-engine:rsa_priv_enc:Authorization failed:src/tpm2-tss-engine-rsa.c:160: 139987063673280:error:8007406F:tpm2-tss-engine:esys_ctx_free:Some unknown error occured:src/tpm2-tss-engine-common.c:106: 139987063673280:error:0D0DC006:asn1 encoding routines:ASN1_item_sign_ctx:EVP lib:../crypto/asn1/a_sign.c:212:

My system configuration: No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 18.04.5 LTS Release: 18.04 Codename: bionic

What should i do, is there any idea for this how can i overcome from this

[AndreasFuchsTPM]

The reason for sudo is probably because you don't have read/write permissions for /dev/tpmrm0.

The owner-auth problem is interesting. Have you tried version 1.1.0 yet ? https://github.com/tpm2-software/tpm2-tss-engine/releases/tag/v1.1.0