[Bug 1958439] Re: tpm2-tss: builds against OpenSSL 3.0, but fails on execution
Launchpad Bug Tracker
1958439 at bugs.launchpad.net
Tue Mar 1 20:04:52 UTC 2022
This bug was fixed in the package tpm2-tss - 3.2.0-0ubuntu2
---------------
tpm2-tss (3.2.0-0ubuntu2) jammy; urgency=medium
* d/p/0002-fix-version.patch: Fix the version detection code to work
with tarballs (LP: #1962583)
-- Simon Chopin <simon.chopin at canonical.com> Tue, 01 Mar 2022 15:25:56
+0100
** Changed in: tpm2-tss (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to tpm2-tss in Ubuntu.
https://bugs.launchpad.net/bugs/1958439
Title:
tpm2-tss: builds against OpenSSL 3.0, but fails on execution
Status in tpm2-tools package in Ubuntu:
New
Status in tpm2-tss package in Ubuntu:
Fix Released
Bug description:
In Ubuntu 22.04 the current tpm2-tools are not working correctly
because of an OpenSSL HMAC error (in Ubuntu 20.04 and 21.10 the
problem does not exist):
rire at rire-ThinkPad-T14-Gen-2a:~$ sudo tpm2_createprimary -C o -c prim.ctx
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:327:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) EVP_PKEY_new_mac_key
ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1244:iesys_compute_hmac() HMAC error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1354:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:244:Esys_CreatePrimary_Async() Error in computation of auth values ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:110:Esys_CreatePrimary() Error in async function ErrorCode (0x00070001)
ERROR: Esys_CreatePrimary(0x70001) - esapi:Catch all for all errors not otherwise specified
ERROR: Unable to run tpm2_createprimary
rire at rire-ThinkPad-T14-Gen-2a:~$ sudo tpm2_clear
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:327:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) EVP_PKEY_new_mac_key
ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1244:iesys_compute_hmac() HMAC error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1354:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_Clear.c:188:Esys_Clear_Async() Error in computation of auth values ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_Clear.c:74:Esys_Clear() Error in async function ErrorCode (0x00070001)
ERROR: Esys_Clear(0x70001) - esapi:Catch all for all errors not otherwise specified
ERROR: Unable to run tpm2_clear
There is a bugreport in Red Hat which seems related:
https://bugzilla.redhat.com/show_bug.cgi?id=1989321
A workaround is possible by compiling tpm2-tss, the dependency of tpm2-tools, with mbedTLS instead of OpenSSL and without FAPI (which I don't need actually):
~/dev/tpm2-tss-3.1.0$ ./configure --with-crypto=mbed --disable-fapi --prefix=/usr
It seems also to be fixed in current master branch of tpm2-tss
already.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tpm2-tools/+bug/1958439/+subscriptions
More information about the foundations-bugs
mailing list