Issues with TPM2

[udf2457]

(I originally opened this over in smallstep/docs/issues/466, but I'm leaning to this being an issue with step-kms-create instead as I have tried the other constructs suggested by step-kms-plugin create -h and they all return the same error).

Smallstep CLI/0.28.7 (linux/amd64)
step-kms-plugin/0.15.1 (linux/amd64)

according to [step-ca/cryptographic-protection.mdx]

step kms create --json 'tpmkms:name=my-intermediate-ca' is supposed to be sufficient.

The reality appears to be somewhat different:

$ step kms create --json 'tpmkms:name=foobar.example.com'
Error: failed to create key: failed creating key: failed creating key "foobar.example.com": failed to get SRK handle: EvictControl failed: error code 0x4c : NV Index or persistent object already defined

The user executing the command is a member of the tss group and /dev/tpmrm0 is present with the correct permissions:

$ ls -la /dev/tpmrm0
crw-rw---- 1 tss tss 254, 65536

[hslatman]

The error originates from here: https://github.com/google/go-attestation/blob/713b503e5945e30c4238337e4f24742793d0f947/attest/wrapped_tpm20.go#L155-L186. Have you used the TPM before with other software? Do you have more details on the TPM model / type?

[udf2457]

Thanks for the reply @hslatman

I was thinking perhaps it is because the "choose a different slot because this one is occupied" logic is broken.....

There are a small number of other keys, but no shortage of slots left if my understanding of available range is correct:

$ tpm2_getcap handles-persistent

• 0x81000000
• 0x81000001
• 0x81000002
• 0x81000003

Its a vTPM provided by a cloud provider. From the guest OS boot logs:

kernel: ACPI: TPM2 0x000000003FFD1BAF 00004C (v04 BOCHS  BXPC     00000001 BXPC 00000001)
kernel: ACPI: Reserving TPM2 table memory at [mem 0x3ffd1baf-0x3ffd1bfa]
kernel: tpm_tis MSFT0101:00: 2.0 TPM (device-id 0x1, rev-id 1)
systemd[1]: systemd 257.9-1~deb13u1 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +IPE +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +BTF -XKBCOMMON -UTMP +SYSVINIT +LIBARCHIVE)

$ tpm2_getcap properties-fixed
TPM2_PT_FAMILY_INDICATOR:
  raw: 0x322E3000
  value: "2.0"
TPM2_PT_LEVEL:
  raw: 0
TPM2_PT_REVISION:
  raw: 0xB7
  value: 1.83
TPM2_PT_DAY_OF_YEAR:
  raw: 0x19
TPM2_PT_YEAR:
  raw: 0x7E8
TPM2_PT_MANUFACTURER:
  raw: 0x49424D00
  value: "IBM"
TPM2_PT_VENDOR_STRING_1:
  raw: 0x53572020
  value: "SW"
TPM2_PT_VENDOR_STRING_2:
  raw: 0x2054504D
  value: "TPM"
TPM2_PT_VENDOR_STRING_3:
  raw: 0x0                                                                                                                                 value: ""                                                                                                                              TPM2_PT_VENDOR_STRING_4:
  raw: 0x0                                                                                                                                 value: ""
TPM2_PT_VENDOR_TPM_TYPE:                                                                                                                   raw: 0x1
TPM2_PT_FIRMWARE_VERSION_1:                                                                                                                raw: 0x20240125
TPM2_PT_FIRMWARE_VERSION_2:                                                                                                                raw: 0x120000
TPM2_PT_INPUT_BUFFER:                                                                                                                      raw: 0x400
TPM2_PT_HR_TRANSIENT_MIN:
  raw: 0x3
TPM2_PT_HR_PERSISTENT_MIN:                                                                                                                 raw: 0x7
TPM2_PT_HR_LOADED_MIN:                                                                                                                     raw: 0x3
TPM2_PT_ACTIVE_SESSIONS_MAX:                                                                                                               raw: 0x40
TPM2_PT_PCR_COUNT:                                                                                                                         raw: 0x18
TPM2_PT_PCR_SELECT_MIN:                                                                                                                    raw: 0x3
TPM2_PT_CONTEXT_GAP_MAX:                                                                                                                   raw: 0xFFFF                                                                                                                            TPM2_PT_NV_COUNTERS_MAX:                                                                                                                   raw: 0x0                                                                                                                               TPM2_PT_NV_INDEX_MAX:
  raw: 0x800
TPM2_PT_MEMORY:
  raw: 0x6
TPM2_PT_CLOCK_UPDATE:
  raw: 0x1000                                                                                                                            TPM2_PT_CONTEXT_HASH:
  raw: 0xD
TPM2_PT_CONTEXT_SYM:
  raw: 0x6
TPM2_PT_CONTEXT_SYM_SIZE:
  raw: 0x100
TPM2_PT_ORDERLY_COUNT:
  raw: 0xFF
TPM2_PT_MAX_COMMAND_SIZE:
  raw: 0x1000
TPM2_PT_MAX_RESPONSE_SIZE:
  raw: 0x1000
TPM2_PT_MAX_DIGEST:
  raw: 0x40
TPM2_PT_MAX_OBJECT_CONTEXT:
  raw: 0xA8C
TPM2_PT_MAX_SESSION_CONTEXT:
  raw: 0x194
TPM2_PT_PS_FAMILY_INDICATOR:
  raw: 0x1
TPM2_PT_PS_LEVEL:
  raw: 0x0
TPM2_PT_PS_REVISION:
  raw: 0x106
TPM2_PT_PS_DAY_OF_YEAR:
  raw: 0x19
TPM2_PT_PS_YEAR:
  raw: 0x7E8
TPM2_PT_SPLIT_MAX:
  raw: 0x80
TPM2_PT_TOTAL_COMMANDS:
  raw: 0x6E
TPM2_PT_LIBRARY_COMMANDS:
  raw: 0x6E
TPM2_PT_VENDOR_COMMANDS:
  raw: 0x0
TPM2_PT_NV_BUFFER_MAX:
  raw: 0x400
TPM2_PT_MODES:
  raw: 0x0

[hslatman]

With TPMs it's not so much a matter of "choose a different slot because this one is occupied". They're not like PKCS#11 tokens where a (new) key should be stored in a token that's not used yet (or overwrite it). With TPMs there's a defined hierarchy of keys. The storage root key (SRK) is one of those keys, and the one from which many other keys anchor off of.

It looks like it's attempted to being created after if having failed to be located, but then turns out to exist during creation. Haven't found how that can happen yet.