Fixed
Created: Jun 7, 2016
Updated: Feb 11, 2019
Resolved Date: Jun 22, 2016
Found In Version: 8.0
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace
root@128:~# create_tpm_key -w softkey.pem -s 1024 rootkey.pem
SRK Password:
create_tpm_key.c:498 set_srk_readable result: 0x1 (Authentication failed)
root@128:~#
1. build project with
wrlinux/configure --enable-board=intel-x86-64 --enable-kernel=secure --enable-rootfs=secure-core --with-template=feature/firewall,feature/ids-basic,feature/secure-backup,feature/session-manager,feature/task-scheduler,feature/selinux,feature/polyinstantiation,feature/secure-configuration,feature/package-management,feature/certification-test,feature/nfsd,feature/ima,feature/tpm1.2,feature/tpm2 --with-layer=/lpg-build/cdc/WASSP_LINUX_80/testcases/wrlinux/wr-testing/security-test/,meta-security --with-package=cryptsetup,scp-initramfs,freeradius,pam-radius-auth,libpam-ldap,libpam-krb5,libpam-tacplus,nss-pam-ldapd,bind-utils,sample-openssl-tpm-engine,openssl-tpm-engine,tss-testsuite --enable-test=yes --enable-internet-download=yes --enable-jobs=8 --enable-parallel-pkgbuilds=8 --enable-reconfig=yes --with-rcpl-version=0
make fs
2. boot target with "ip=dhcp enforcing=0"
3. on a host , generate a soft key:
$openssl genrsa -out softkey.pem 1024
4. Transfer the key from the host to the SCP target.
$ scp softkey.pem root@IP-Address-of-SCP-Target
5. on target, execute following command:
# tpm_takeownership -y -z
# tpm_changeownerauth -z -s -o
Enter new SRK password:
Confirm password:
Enter new owner password:
Confirm password:
# create_tpm_key -w softkey.pem -s 1024 rootkey.pem