intel

Bug #1936899
Comment #10

Comment 10 for bug 1936899

Revision history for this message

Ivan Hu (ivan.hu) wrote on 2021-08-11:

#10

For the tpm2_createprimary tests,

The failures are both from tpm2_createprimary whit hash-algorithm sm3_256

+ tpm2_createprimary -Q -g sm3_256 -G rsa -c context.out
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:103:iesys_cryptossl_hash_start() ErrorCode (0x00070002) Unsupported hash algorithm (18)
ERROR:esys:src/tss2-esys/esys_iutil.c:1493:iesys_get_name() crypto hash start ErrorCode (0x00070002)
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:426:Esys_CreatePrimary_Finish() ErrorCode (0x00070011) in Public name not equal name in response
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x00070011)
ERROR: Esys_CreatePrimary(0x70011) - esapi:Response is malformed
ERROR:esys:src/tss2-esys/esys_iutil.c:1134:iesys_check_sequence_async() Esys called in bad sequence.
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007)
ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order
ERROR: Unable to run tpm2_createprimary

the latest tpm2_tests will first check the platform supported hash algorithms, then do the tests with the hash algorithms.
But test with it, got
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:103:iesys_cryptossl_hash_start() ErrorCode (0x00070002) Unsupported hash algorithm (18)

Checking the tpm2-tss code, the sm3_256, so got the Unsupported hash algorithm return from tpm2-tss.
Below is the tss support hash,
get_ossl_hash_md(TPM2_ALG_ID hashAlg)
{
    switch (hashAlg) {
    case TPM2_ALG_SHA1:
        return EVP_sha1();
        break;
    case TPM2_ALG_SHA256:
        return EVP_sha256();
        break;
    case TPM2_ALG_SHA384:
        return EVP_sha384();
        break;
    case TPM2_ALG_SHA512:
        return EVP_sha512();
        break;
    default:
        return NULL;
    }
}

From the latest Spec "TCG PC Client Platform TPM Profile Specification for TPM 2.0, Version 1.05
Revision 14 September 4, 2020"
I found that "sm3_256" is optional.
So, I think this failure could be safely ignored.

For the tpm2_createprimary tests,

The failures are both from tpm2_createprimary whit hash-algorithm sm3_256

+ tpm2_createprimary -Q -g sm3_256 -G rsa -c context.out
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:103:iesys_cryptossl_hash_start() ErrorCode (0x00070002) Unsupported hash algorithm (18) 
ERROR:esys:src/tss2-esys/esys_iutil.c:1493:iesys_get_name() crypto hash start ErrorCode (0x00070002) 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:426:Esys_CreatePrimary_Finish() ErrorCode (0x00070011) in Public name not equal name in response 
ERROR:esys:src/tss2-esys/api/Esys_CreatePrimary.c:135:Esys_CreatePrimary() Esys Finish ErrorCode (0x00070011) 
ERROR: Esys_CreatePrimary(0x70011) - esapi:Response is malformed
ERROR:esys:src/tss2-esys/esys_iutil.c:1134:iesys_check_sequence_async() Esys called in bad sequence. 
ERROR:esys:src/tss2-esys/api/Esys_FlushContext.c:66:Esys_FlushContext() Error in async function ErrorCode (0x00070007) 
ERROR: Esys_FlushContext(0x70007) - esapi:Function called in the wrong order
ERROR: Unable to run tpm2_createprimary