From mboxrd@z Thu Jan  1 00:00:00 1970
From: Luke <secureboot@gmail.com>
Subject: vtpm_managerd and default passwords
Date: Thu, 26 Jul 2007 10:56:30 -0400
Message-ID: <46A8B61E.2000001@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xensource.com>
List-Unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: xen-devel@lists.xensource.com
List-Id: xen-devel@lists.xenproject.org

Looking through the code in tools/vtpm_manager/manager/vtpm_manager.c, I
see that when you start the vtpm_manager for the first time, that it
takes ownership of the TPM and sets the password to be 20 unprintable
ascii characters (0xff 20 times).

This seems to work fine, but later, I want to create a key with the TPM.
 I've made a file using python, using:

a = ""
for i in range(20):
	a = a + "\xff"
open("ascii_file","w").write(a)

when I use that as the password, I still get TPM_AUTHFAIL.
This is using the createkey utility found at:
http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html/$FILE/tpm-3.2.0.tar.gz

It's pretty straightforward, so I'm wondering if I'm not understanding
how the SRK password gets set in actuality.

Any ideas on what I might be doing wrong/how to fix this?

Specifically, should vtpm_managerd take an SRK password as a parameter?
 This seems much more sane.  Does this exist already, and I've just
missed it?

Apologies if this is more xen-user than xen-devel.