CPC

For first time I can use load and push my data 48 bytes inside the TPM, later I will delete the handles deliberately , then i want to recover my data after my hardware reboot. 1)./createprimary -hi o -ecc nistp256 -pwdp test1 .2)/create -hp <primary_handle> -opu sealed_data.pub -opr sealed_data.priv -pwdp test1 .3)/load -hp <primary_handle> -ipu sealed_data.pub -ipr sealed_data.priv -pwdp test1 -c sealed_data.ctx 4)./evictcontrol -hi o -ho <handle_from_load> -hp 0x81010001 5)rm sealed_data.pub sealed_data.priv...

For first time I can use load and push my data 48 bytes inside the TPM, later I will delete the handles deliberately , then i want to recover my data after my hardware reboot. 1)./createprimary -hi o -ecc nistp256 -pwdp test1 .2)/create -hp <primary_handle> -opu sealed_data.pub -opr sealed_data.priv -pwdp test1 .3)/load -hp <primary_handle> -ipu sealed_data.pub -ipr sealed_data.priv -pwdp test1 -c sealed_data.ctx 4)./evictcontrol -hi o -ho <handle_from_load> -hp 0x81010001 5)rm sealed_data.pub sealed_data.priv...

Thanks Ken, any way to check how may slots remining using getcapability and push the sealed data using evcitcontrol command example , If I am not wrong I have clean the data back using same evcitcontrol.

How to persist the sealed data?

Hello Ken, I have these below commands , I want to understand how we can get back the sea.bin if , I delete my tpmpub.bin and tpmpriv.bin. 1) ./createprimary -hi o -pwdp test1 -ecc nistp256 2) ./evictcontrol -hi o -ho 80000000 -hp 81200000 3) ./create -hp 81200000 -bl -if sea.bin -opr tpmpriv.bin -opu tpmpub.bin 4) ./load -hp 81200000 -ipu tpmpub.bin -ipr tpmpriv.bin 5) ./unseal -ha 80000002 -of sec_out.bin Please let me know, I accidently delete my tpmpriv.bin and tpmpriv.bin, is there way to get...

sorry Ken the issue was i was not doing TSS_Delete() after failure of load.

yes Ken I am running as root ,/dev/tpm0 exists , on each function I am invoking this func() these variables func() { some... if ((rc = TSS_Create(pOpenTpm))) return rc; if ((rc = TSS_SetProperty(pOpenTpm, TPM_INTERFACE_TYPE, "dev"))) return rc; if ((rc = TSS_SetProperty(pOpenTpm, TPM_DEVICE, "/dev/tpm0"))) return rc; if ((rc = TSS_SetProperty(pOpenTpm, TPM_ENCRYPT_SESSIONS, "1"))) return rc; if ((rc = TSS_SetProperty(pOpenTpm,TPM_DATA_DIR,sztpmDir.c_str()))) return rc; } after Intergity check fails...

Hello Ken, we are using HW TPM device driver.