Infineon SLx9670 Trusted Platform Module (TPM) on Debian 11 "bullseye" - part2: Trusted Software Stack (tss)

12 Dec 2021

The latest Raspberry OS at the time of writing this post is Debian 11 "bullseye".
I'm checking how the Infineon TPM IC behaves under that version.
In this 2nd part, I handle the TSS (Trusted Software Stack) software libraries and utilities.
It's not a deep dive into the subject. I want to check if I can still build and use the stack with Debian 11.

Let's now check the installations. If they "just worked", I put a Y in the table below.
When there were issues or failures, I'll elaborate below the table.
I've tried using the latest version of any package - for Debian 11. I specify when I took a different path.

module	version	success
tpm2-tss	master, 3.1.0-86-g7fde6043, taken on 11-dec-2021	Y
tpm2-tabrmd	master, commit 41fd797112f0aa7b38a34c6e80b63d311b2ff76f, taken on 11-dec-2021	Y
tpm2-tools	master, commit 7b6600d3214dd45531bdb53d5f2510404c31fd6b, taken on 11-dec-2021	Y^*1
tpm2-tss-engine	master, commit ee470c85583d167305a9a04e73e2c3368e95530b, taken on 11-dec-2021	Y^*2
cryptsetup	same as in Infineon's document. The official releases haven't merged TPM functionality at the time of writing. https://gitlab.com/AndreasFuchsSIT/cryptsetup.git	Y^*3
tpm2-pkcs11	master, commit 11fd2532ce10e97834a57dfb25bff6c613a5a851, taken on 12-dec-2021	Y

1: pre-steps complain that package python-yaml has no install candidate. It didn't give issues.
2: at this point, everything stopped working. I'm starting again.
3: There are 3 files that need changes, because the JSON C libraries have API modifications:
lib/luks2/luks2_json_metadata.c : comment the function on line 219: uint64_t json_object_get_uint64(json_object *jobj)
make changes listed in this commit, to lib/luks2/luks2_internal.h and lib/luks2/luks2_json_metadata.c

Side stories

tpm2-tss: running the unit and hardware tests

I haven't done this in the road test. It was listed a s a stretch goal. Time to pay up.
Instructions are on Infineon's github. IO configured unit tests and integration tests, with the Infineon hardware as backend.
There are 3 types of test: mandatory, optional and destructive. The destructive option invalidates the IC forever - as per spec. Obviously I'm not executing that suite .
The test suite requires root powers to talk to the device. So I changed to root, while keeping the pi user environment settings:

Prepare and run:

sudo -E -s ./configure --enable-unit --enable-integration --with-device=/dev/tpm0 --with-devicetests="mandatory,optional"

Running the suite takes a while. I'm still root at this time.

The check-device make target takes care that only one process runs at the same time. The suite fails when multiple processes run in parallel.

make check-device

If you want to run them again, with the same configuration, just run the make command again.
If you want to use another config (software simulation instead of using the IC, skip unit tests, only run mandatory test suite, ...) you can rerun configure with the requested options. Then rerun make.

Results:

unit test, integration, mandatory and optional

Test log:

Fullscreen test-suite.log Download

===================================================
   tpm2-tss 3.1.0-86-g7fde6043: ./test-suite.log
===================================================

# TOTAL: 195
# PASS:  133
# SKIP:  12
# XFAIL: 0
# FAIL:  5
# XPASS: 0
# ERROR: 45

.. contents:: :depth: 2

SKIP: test/integration/esys-act-set-timeout
===========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_ACT_SetTimeout.c:292:Esys_ACT_SetTimeout_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_ACT_SetTimeout.c:102:Esys_ACT_SetTimeout() Esys Finish ErrorCode (0x00000143) 
ERROR:test:test/integration/esys-act-set-timeout.int.c:65:test_esys_act_set_timeout() Error: Clear ErrorCode (0x00000143) 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-act-set-timeout.int_simulator.pid
SKIP test/integration/esys-act-set-timeout.int (exit status: 77)

SKIP: test/integration/esys-certifyX509
=======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_CertifyX509.c:345:Esys_CertifyX509_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_CertifyX509.c:112:Esys_CertifyX509() Esys Finish ErrorCode (0x00000143) 
ERROR:test:test/integration/esys-certifyX509.int.c:183:test_esys_certifyx509() Error: CertifyX509 ErrorCode (0x00000143) 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-certifyX509.int_simulator.pid
SKIP test/integration/esys-certifyX509.int (exit status: 77)

FAIL: test/integration/esys-get-capability-act
==============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_GetCapability.c:303:Esys_GetCapability_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_GetCapability.c:107:Esys_GetCapability() Esys Finish ErrorCode (0x000001c4) 
ERROR:test:test/integration/esys-get-capability-act.int.c:39:test_esys_get_capability_act() Error esys get capability ErrorCode (0x000001c4) 
Script returned 1
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-get-capability-act.int_simulator.pid
FAIL test/integration/esys-get-capability-act.int (exit status: 1)

SKIP: test/integration/esys-audit
=================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_GetCommandAuditDigest.c:329:Esys_GetCommandAuditDigest_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_GetCommandAuditDigest.c:108:Esys_GetCommandAuditDigest() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-audit.int.c:196:test_esys_audit() Command TPM2_GetCommandAuditDigest not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-audit.int_simulator.pid
SKIP test/integration/esys-audit.int (exit status: 77)

SKIP: test/integration/esys-duplicate
=====================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_Rewrap.c:331:Esys_Rewrap_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_Rewrap.c:109:Esys_Rewrap() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-duplicate.int.c:410:test_esys_duplicate() Command TPM2_Rewrap not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-duplicate.int_simulator.pid
SKIP test/integration/esys-duplicate.int (exit status: 77)

SKIP: test/integration/esys-encrypt-decrypt
===========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_EncryptDecrypt.c:328:Esys_EncryptDecrypt_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_EncryptDecrypt.c:110:Esys_EncryptDecrypt() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-encrypt-decrypt.int.c:278:test_esys_encrypt_decrypt() Command TPM2_EncryptDecrypt not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-encrypt-decrypt.int_simulator.pid
SKIP test/integration/esys-encrypt-decrypt.int (exit status: 77)

SKIP: test/integration/esys-encrypt-decrypt2
============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_EncryptDecrypt2.c:322:Esys_EncryptDecrypt2_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_EncryptDecrypt2.c:107:Esys_EncryptDecrypt2() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-encrypt-decrypt.int.c:278:test_esys_encrypt_decrypt() Command TPM2_EncryptDecrypt not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-encrypt-decrypt2.int_simulator.pid
SKIP test/integration/esys-encrypt-decrypt2.int (exit status: 77)

SKIP: test/integration/esys-pcr-auth-value
==========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_PCR_SetAuthValue.c:287:Esys_PCR_SetAuthValue_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_PCR_SetAuthValue.c:98:Esys_PCR_SetAuthValue() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-pcr-auth-value.int.c:66:test_esys_pcr_auth_value() Command TPM2_PCR_SetAuthValue not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-pcr-auth-value.int_simulator.pid
SKIP test/integration/esys-pcr-auth-value.int (exit status: 77)

SKIP: test/integration/esys-policy-physical-presence-opt
========================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_PolicyPhysicalPresence.c:283:Esys_PolicyPhysicalPresence_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_PolicyPhysicalPresence.c:98:Esys_PolicyPhysicalPresence() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-policy-physical-presence-opt.int.c:117:test_esys_policy_physical_presence_opt() Command TPM2_PolicyPhysicalPresence  not supported by TPM. 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-policy-physical-presence-opt.int_simulator.pid
SKIP test/integration/esys-policy-physical-presence-opt.int (exit status: 77)

SKIP: test/integration/esys-pp-commands
=======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_PP_Commands.c:301:Esys_PP_Commands_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_PP_Commands.c:104:Esys_PP_Commands() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-pp-commands.int.c:56:test_esys_pp_commands() Command TPM2_PP_Commands not supported by TPM. 
ERROR:test:test/integration/esys-pp-commands.int.c:70:test_esys_pp_commands() Error: PP_Commands ErrorCode (0x00000143) 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-pp-commands.int_simulator.pid
SKIP test/integration/esys-pp-commands.int (exit status: 77)

SKIP: test/integration/esys-zgen-2phase
=======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:host=,port=
Execute the test script
WARNING:esys:src/tss2-esys/api/Esys_EC_Ephemeral.c:283:Esys_EC_Ephemeral_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_EC_Ephemeral.c:98:Esys_EC_Ephemeral() Esys Finish ErrorCode (0x00000143) 
WARNING:test:test/integration/esys-zgen-2phase.int.c:166:test_esys_zgen_2phase() Command TPM2_Ephemeral not supported by TPM. 
ERROR:test:test/integration/esys-zgen-2phase.int.c:219:test_esys_zgen_2phase() 
Error Code: 143
 
Script returned 77
failed to stop daemon, no pid file: /home/pi/tssSetup/tpm2-tss/test/integration/esys-zgen-2phase.int_simulator.pid
SKIP test/integration/esys-zgen-2phase.int (exit status: 77)

SKIP: test/integration/fapi-data-crypt
======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_ECC",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.jT3DD0/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.jT3DD0/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.jT3DD0",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.jT3DD0/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.jT3DD0/system_dir/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/api/Fapi_Encrypt.c:332:Fapi_Encrypt_Finish() ErrorCode (0x00060002) ECC Encryption not yet supported 
ERROR:fapi:src/tss2-fapi/api/Fapi_Encrypt.c:126:Fapi_Encrypt() ErrorCode (0x00060002) Data_Encrypt 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
info:test:test/integration/main-fapi.c:432:main() Test returned 77 
Script returned 77
SKIP test/integration/fapi-data-crypt.fint (exit status: 77)

SKIP: test/integration/fapi-data-crypt-persistent
=================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_ECC",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.Dsny2F/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.Dsny2F/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.Dsny2F",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.Dsny2F/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.Dsny2F/system_dir/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/api/Fapi_Encrypt.c:332:Fapi_Encrypt_Finish() ErrorCode (0x00060002) ECC Encryption not yet supported 
WARNING:esys:src/tss2-esys/api/Esys_FlushContext.c:234:Esys_FlushContext_Finish() Received TPM Error 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:89:Esys_FlushContext() Esys Finish ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/api/Fapi_Encrypt.c:126:Fapi_Encrypt() ErrorCode (0x00060002) Data_Encrypt 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
info:test:test/integration/main-fapi.c:432:main() Test returned 77 
Script returned 77
SKIP test/integration/fapi-data-crypt-persistent.fint (exit status: 77)

FAIL: test/integration/fapi-data-crypt-rsa
==========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_RSA",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.PWfnpm/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.PWfnpm/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.PWfnpm",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.PWfnpm/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.PWfnpm/system_dir/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:999:Fapi_Provision_Finish() ErrorCode (0x0006000b) SRK persistent handle already defined 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:428:ifapi_io_remove_directories() Removing: /tmp/fapi_tmpdir.PWfnpm/system_dir/P_RSA/HE/EK/object.json 
ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:168:Fapi_Provision() ErrorCode (0x0006000b) Provision 
ERROR:test:test/integration/fapi-data-crypt.int.c:212:test_fapi_data_crypt() Error Fapi_Provision ErrorCode (0x0006000b) 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
info:test:test/integration/main-fapi.c:432:main() Test returned 1 
Script returned 1
FAIL test/integration/fapi-data-crypt-rsa.fint (exit status: 1)

FAIL: test/integration/fapi-data-crypt-rsa-persistent
=====================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_RSA",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.mJoI4w/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.mJoI4w/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.mJoI4w",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.mJoI4w/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.mJoI4w/system_dir/policy does not exist, creating 
ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:999:Fapi_Provision_Finish() ErrorCode (0x0006000b) SRK persistent handle already defined 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:428:ifapi_io_remove_directories() Removing: /tmp/fapi_tmpdir.mJoI4w/system_dir/P_RSA/HE/EK/object.json 
ERROR:fapi:src/tss2-fapi/api/Fapi_Provision.c:168:Fapi_Provision() ErrorCode (0x0006000b) Provision 
ERROR:test:test/integration/fapi-data-crypt.int.c:212:test_fapi_data_crypt() Error Fapi_Provision ErrorCode (0x0006000b) 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:405:Fapi_Delete_Async() ErrorCode (0x00060034) FAPI not provisioned. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Delete.c:313:Fapi_Delete() ErrorCode (0x00060034) Entity_Delete 
info:test:test/integration/main-fapi.c:432:main() Test returned 1 
Script returned 1
FAIL test/integration/fapi-data-crypt-rsa-persistent.fint (exit status: 1)

FAIL: test/integration/fapi-get-esys-blobs
==========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_ECC",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.SuDsrZ/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.SuDsrZ/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.SuDsrZ",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.SuDsrZ/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.SuDsrZ/system_dir/policy does not exist, creating 
ERROR:test:test/integration/fapi-get-esys-blobs.int.c:198:test_fapi_get_esys_blobs() Invalid type 
info:test:test/integration/main-fapi.c:432:main() Test returned 1 
Script returned 1
FAIL test/integration/fapi-get-esys-blobs.fint (exit status: 1)

FAIL: test/integration/fapi-key-create2-sign
============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
Execute the test script
info:test:test/integration/main-fapi.c:341:init_fapi() Using config:
{
     "profile_name": "P_ECC",
     "profile_dir": "./test/data/fapi/",
     "user_dir": "/tmp/fapi_tmpdir.mmPoh0/user/dir",
     "system_dir": "/tmp/fapi_tmpdir.mmPoh0/system_dir",
     "system_pcrs" : [],
     "log_dir" : "/tmp/fapi_tmpdir.mmPoh0",
     "tcti": "device:/dev/tpm0",
}
 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.mmPoh0/user/dir does not exist, creating 
WARNING:fapi:src/tss2-fapi/ifapi_io.c:340:ifapi_io_check_create_dir() Directory /tmp/fapi_tmpdir.mmPoh0/system_dir/policy does not exist, creating 
WARNING:esys:src/tss2-esys/api/Esys_Create.c:398:Esys_Create_Finish() Received TPM Error 
ERROR:fapi:src/tss2-fapi/fapi_util.c:3437:ifapi_key_create() ErrorCode (0x0000018a) Key create finish 
ERROR:fapi:src/tss2-fapi/api/Fapi_CreateKey.c:283:Fapi_CreateKey_Finish() Key create ErrorCode (0x0000018a) 
ERROR:fapi:src/tss2-fapi/api/Fapi_CreateKey.c:116:Fapi_CreateKey() ErrorCode (0x0000018a) Key_Create 
WARNING:esys:src/tss2-esys/api/Esys_PolicyPCR.c:288:Esys_PolicyPCR_Finish() Received TPM Error 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:221:execute_policy_pcr() ErrorCode (0x000001c4) Execute PolicyPCR_Finish. 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:1490:execute_policy_element() ErrorCode (0x000001c4) Execute policy pcr 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:1722:ifapi_policyeval_execute() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/ifapi_policyutil_execute.c:296:ifapi_policyutil_execute() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/ifapi_policy_callbacks.c:1273:ifapi_exec_auth_policy() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:614:execute_policy_authorize() Execute authorized policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:1514:execute_policy_element() ErrorCode (0x000001c4) Execute policy authorize 
ERROR:esys:src/tss2-esys/esys_iutil.c:1096:esys_GetResourceObject() Error: Esys handle does not exist (70018). 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:138:Esys_FlushContext_Async() flushHandle unknown. ErrorCode (0x00070018) 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070018) 
ERROR:fapi:src/tss2-fapi/ifapi_policy_execute.c:1722:ifapi_policyeval_execute() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/ifapi_policyutil_execute.c:296:ifapi_policyutil_execute() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/fapi_util.c:2115:ifapi_authorize_object() Execute policy. ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/fapi_util.c:1909:ifapi_load_key_finish() ErrorCode (0x000001c4) Authorize key. 
ERROR:fapi:src/tss2-fapi/fapi_util.c:1717:ifapi_load_keys_finish() Load keys ErrorCode (0x000001c4) 
ERROR:fapi:src/tss2-fapi/fapi_util.c:2730:ifapi_load_key() ErrorCode (0x000001c4)  Load key. 
ERROR:fapi:src/tss2-fapi/api/Fapi_Sign.c:288:Fapi_Sign_Finish() Fapi load key. ErrorCode (0x000001c4) 
ERROR:esys:src/tss2-esys/esys_iutil.c:1096:esys_GetResourceObject() Error: Esys handle does not exist (70018). 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:138:Esys_FlushContext_Async() flushHandle unknown. ErrorCode (0x00070018) 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070018) 
ERROR:fapi:src/tss2-fapi/api/Fapi_Sign.c:130:Fapi_Sign() ErrorCode (0x000001c4) Key_Sign 
info:test:test/integration/main-fapi.c:432:main() Test returned 0 
Script returned 0
TPM changed state during test
State before (/home/pi/tssSetup/tpm2-tss/test/integration/fapi-key-create2-sign.fint_state1):
cap0: 0000000500000002000403ffffff000b03ffffff00
cap1: 0000000100000018000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f000000100000001100000012000000130000001400000015000000160000001700
cap2: 000000010000000000
cap3: 000000010000000000
cap4: 000000010000000000
cap5: 000000010000000381000001810001008101000100
cap6: 000000010000000201c0000201c0000a00
State after (/home/pi/tssSetup/tpm2-tss/test/integration/fapi-key-create2-sign.fint_state2):
cap0: 0000000500000002000403ffffff000b03ffffff00
cap1: 0000000100000018000000000000000100000002000000030000000400000005000000060000000700000008000000090000000a0000000b0000000c0000000d0000000e0000000f000000100000001100000012000000130000001400000015000000160000001700
cap2: 000000010000000000
cap3: 000000010000000000
cap4: 00000001000000018000000200
cap5: 000000010000000381000001810001008101000100
cap6: 000000010000000201c0000201c0000a00
FAIL test/integration/fapi-key-create2-sign.fint (exit status: 1)

ERROR: test/integration/fapi-key-create-null-key-sign
=====================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-null-key-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-persistent-key
===========================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-persistent-key.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-password-provision
===============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-password-provision.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-rsa
================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-rsa.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-authorize-sign
=============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-authorize-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-authorize-rsa-pem-sign
=====================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-authorize-rsa-pem-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-authorize-ecc-pem-sign
=====================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-authorize-ecc-pem-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-authorize-sign-rsa
=================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-authorize-sign-rsa.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-authorize-nv-sign
================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-authorize-nv-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-secret-nv-sign
=============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-secret-nv-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-pcr-sign
=======================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-pcr-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-signed
=====================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-signed.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-signed-ecc
=========================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-signed-ecc.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-nv-sign
======================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-nv-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-nv-counter-sign
==============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-nv-counter-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-or-sign
======================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-or-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-password-sign
============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-password-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-countertimer-sign
================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-countertimer-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-physical-presence-sign
=====================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-physical-presence-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-locality-sign
============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-locality-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-command-code-sign
================================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-command-code-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-policy-auth-value-sign
==============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-policy-auth-value-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-ckda-sign
=================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-ckda-sign.fint (exit status: 99)

ERROR: test/integration/fapi-key-change-auth
============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-change-auth.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-persistent
=======================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-persistent.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-password
=====================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-password.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-ckda-sign-password
==========================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-ckda-sign-password.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-sign-password-da
========================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-sign-password-da.fint (exit status: 99)

ERROR: test/integration/fapi-key-create-ckda-sign-password-da
=============================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-key-create-ckda-sign-password-da.fint (exit status: 99)

ERROR: test/integration/fapi-nv-authorizenv-cphash
==================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-authorizenv-cphash.fint (exit status: 99)

ERROR: test/integration/fapi-nv-ordinary
========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-ordinary.fint (exit status: 99)

ERROR: test/integration/fapi-nv-written-policy
==============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-written-policy.fint (exit status: 99)

ERROR: test/integration/fapi-nv-extend
======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-extend.fint (exit status: 99)

ERROR: test/integration/fapi-nv-increment
=========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-increment.fint (exit status: 99)

ERROR: test/integration/fapi-nv-set-bits
========================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-nv-set-bits.fint (exit status: 99)

ERROR: test/integration/fapi-pcr-test
=====================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-pcr-test.fint (exit status: 99)

ERROR: test/integration/fapi-quote
==================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-quote.fint (exit status: 99)

ERROR: test/integration/fapi-quote-with-primary
===============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-quote-with-primary.fint (exit status: 99)

ERROR: test/integration/fapi-quote-rsa
======================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-quote-rsa.fint (exit status: 99)

ERROR: test/integration/fapi-policy-or-nv-read-write
====================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-policy-or-nv-read-write.fint (exit status: 99)

ERROR: test/integration/fapi-second-provisioning
================================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-second-provisioning.fint (exit status: 99)

ERROR: test/integration/fapi-provisioning-error
===============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-provisioning-error.fint (exit status: 99)

ERROR: test/integration/fapi-info
=================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-info.fint (exit status: 99)

ERROR: test/integration/fapi-unseal
===================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-unseal.fint (exit status: 99)

ERROR: test/integration/fapi-unseal-persistent
==============================================

TPM20TEST_TCTI_NAME=device
TPM20TEST_DEVICE_FILE=/dev/tpm0
TPM20TEST_SOCKET_ADDRESS=
TPM20TEST_SOCKET_PORT=
TPM20TEST_TCTI=device:/dev/tpm0
ERROR:test:test/helper/tpm_transientempty.c:54:main() TPM contains transient entries 
ERROR:test:test/helper/tpm_transientempty.c:56:main() Handle 80000002 
TPM transient area not empty => skipping
ERROR test/integration/fapi-unseal-persistent.fint (exit status: 99)

Analysis:

All unit tests pass.
I think, by reading up, that the failures I get in the esys integration tests are normal.
I raised an issue on github, to check with the experts. (update in the comments)
There are a 4 failures in the fapi integration tests.
Then, there are a number of errors. But those are because the last failing test leaves the TPM in a status that's not ok for the next tests.

this image is edited, I removed passing tests inbetween

For reference, this is how a test looks like when I force the TPM to be unavailable by pressing the reset on the EVM (I skipped optional tests here, that's why the total count is lower):

results when the TPM IC is deliberately disabled, unit test, integration, mandatory

Then, after restarting the device, everything is back operational.

results when the TPM IC is re-enabled, unit test, integration, mandatory

tpm2-abrmd: running integration test

As with the tpm2-tss package, I'm running the tests on the real hardware TPM chip.

Configure and execute

sudo ./configure --with-dbuspolicydir=/etc/dbus-1/system.d --with-systemdsystemunitdir=/lib/systemd/system --with-systemdpresetdir=/lib/systemd/system-preset --datarootdir=/usr/share --enable-unit --enable-integration --enable-test-hwtpm sudo make check

Test log:

Fullscreen test-suite_tss_abrmd_202112112344.log Download

====================================================
   tpm2-abrmd 2.4.0-20-g41fd797: ./test-suite.log
====================================================

# TOTAL: 47
# PASS:  26
# SKIP:  0
# XFAIL: 1
# FAIL:  20
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: test/integration/auth-session-max
=======================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/auth-session-max.int (exit status: 1)

FAIL: test/integration/auth-session-start-flush
===============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/auth-session-start-flush.int (exit status: 1)

FAIL: test/integration/auth-session-start-save
==============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/auth-session-start-save.int (exit status: 1)

FAIL: test/integration/auth-session-start-save-load
===================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/auth-session-start-save-load.int (exit status: 1)

FAIL: test/integration/max-transient-upperbound
===============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/max-transient-upperbound.int (exit status: 1)

FAIL: test/integration/get-capability-handles-transient
=======================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/get-capability-handles-transient.int (exit status: 1)

FAIL: test/integration/manage-transient-keys
============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/manage-transient-keys.int (exit status: 1)

FAIL: test/integration/session-gap
==================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/session-gap.int (exit status: 1)

FAIL: test/integration/session-load-from-closed-connection
==========================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/session-load-from-closed-connection.int (exit status: 1)

FAIL: test/integration/session-load-from-closed-connections-lru
===============================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/session-load-from-closed-connections-lru.int (exit status: 1)

FAIL: test/integration/session-load-from-open-connection
========================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/session-load-from-open-connection.int (exit status: 1)

XFAIL: test/integration/start-auth-session
==========================================

Invalid TABRMD_TCTI, got: "" see --help.
XFAIL test/integration/start-auth-session.int (exit status: 1)

FAIL: test/integration/tcti-cancel
==================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/tcti-cancel.int (exit status: 1)

FAIL: test/integration/tcti-connections-max
===========================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/tcti-connections-max.int (exit status: 1)

FAIL: test/integration/tcti-double-finalize
===========================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/tcti-double-finalize.int (exit status: 1)

FAIL: test/integration/tcti-set-locality
========================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/tcti-set-locality.int (exit status: 1)

FAIL: test/integration/hash-sequence
====================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/hash-sequence.int (exit status: 1)

FAIL: test/integration/not-enough-handles-for-command
=====================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/not-enough-handles-for-command.int (exit status: 1)

FAIL: test/integration/password-authorization
=============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/password-authorization.int (exit status: 1)

FAIL: test/integration/tpm2-command-flush-no-handle
===================================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/tpm2-command-flush-no-handle.int (exit status: 1)

FAIL: test/integration/util-buf-max-upper-bound
===============================================

Invalid TABRMD_TCTI, got: "" see --help.
FAIL test/integration/util-buf-max-upper-bound.int (exit status: 1)

Results:

Analyse:

I don't know what's the cause of the failures. I tested with and without the tpm2-abrmd.service running.

tpm2-tss-engine: running unit and integration tests

This one has unit tests similar to tpm2-tss.
When the Access Broker and Resource Manager service is running, there's no access to the raw device. It's in use.
The tests accec the raw character device, so service needs to be stopped before the integration tests.

Build and run test suite

sudo ./configure --enable-debug --enable-integration --enable-unit --with-device=/dev/tpm0 sudo systemctl stop tpm2-abrmd.service
sudo make check sudo systemctl start tpm2-abrmd.service

Results:

Analysis

All good for this test. No errors

The Python SDK with On Semiconductor RSL10 BLE article series	Industry
part 1: overview and goal
part 2: WiFi Provisioning
part 3: Adding a Module (RSL10)
part 4: Talk BLE to the On Semi RSL10 Sensor Kit
part 5: A Cloud User Experience Example
part 6: Register as a Gateway Device
part 7: Register a Gateway and Client Devices
part 8: Get BLE Image from Camera and Send to Cloud
The NODE-Red SDK article series	Industry
part 1: overview and goal
register a Thing and connect to IoTConnect.io cloud
part 2: create an account and log on to the portal
part 3: set up the thing and its interface in the cloud
part 4: set up Node-RED and first exchange
interact with IoTConnect.io cloud
part 5: online dashboard
part 6: rules and alerts
part 7: messages and commands from the cloud
safer connections with certificates
part 8a: safer connect with Self Signed Certificates
part 8b: safer connect with CA certificates	Y
commercial and industrial scale: outsource certificate generation and programming to subcontractors and suppliers
part 9a: Outsource Certificate Signing in IIoT Supply Chain	Y
part 9b: IIoT supply chain and Certificates - Create Ca Root certificate, Load to IoTConnect Cloud and Validate	Y
part 9c: IIoT supply chain and Certificates - Create an Intermediate CA Certificate for your Subcontractor	Y
part 9d: IIoT supply chain and Certificates - Subcontractor Generates a Thing Certificate for Your Device	Y
part 9e: IIoT supply chain and Certificates - Test!	Y
commercial and industrial scale: Trusted Platform Module (TPM) Authentication
part 10: Trusted Platform Module (TPM) Security	Y
Infineon SLx9670 Trusted Platform Module (TPM) for IoT Security	Y
Infineon Trust Platform Module + Raspberry Pi 3 B - Review (road test)	Y
Infineon SLx9670 Trusted Platform Module (TPM) on Debian 11 "bullseye" - part1: OS and Azure Cloud validation	Y
Infineon SLx9670 Trusted Platform Module (TPM) on Debian 11 "bullseye" - part2: Trusted Software Stack (tss)	Y
Infineon SLx9670 Trusted Platform Module (TPM): TSS Programming in C, with cross-compile and remote debug in Eclipse	Y
part 11: Act as Gateway with Clients	Y
The Automate Device Provisioning and Cloud Configuration article series	Industry
Automatic Provisioning with REST API	Y

Jan Cumps over 3 years ago

Update on the TSS self tests:

I raised an issue on github, because a particular test was failing, for an optional capability not implemented in the TPM hardware.
Changes were pushed into github to first check if the capability is implemented. If not, the test is skipped.

Still not a perfect run, but the failures are in the FAPI.
The FAPI is fully based on the ESYS library, and all its tests are OK. So as far as the Infineon SLB9670 TPM IC is concerned, I call this a pass.
- Cancel
- Vote Up 0 Vote Down
- Sign in to reply
- More
- Cancel