Public bug reported: Release: 22.04 with fips-updates
Symptom: Use of TPM2 tools fails with error code 0x70001 (e.g., `tpm2_clear`, `tpm2_nvdefine 0x1500018 -C o -s 32`). I assume this is an incompatibility between tpm2-tools (5.2-1build1) and the fips OpenSSL package (3.0.5-0ubuntu0.1+Fips2.1). Example: ``` tpm2_clear ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:412:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) DigestSignInit ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001) ERROR:esys:src/tss2-esys/esys_iutil.c:1244:iesys_compute_hmac() HMAC error ErrorCode (0x00070001) ERROR:esys:src/tss2-esys/esys_iutil.c:1354:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001) ERROR:esys:src/tss2-esys/api/Esys_Clear.c:188:Esys_Clear_Async() Error in computation of auth values ErrorCode (0x00070001) ERROR:esys:src/tss2-esys/api/Esys_Clear.c:74:Esys_Clear() Error in async function ErrorCode (0x00070001) ERROR: Esys_Clear(0x70001) - esapi:Catch all for all errors not otherwise specified ERROR: Unable to run tpm2_clear ``` Steps to reproduce: 1. Install new Ubuntu Server 22.04 2. Apply all updates 3. Attach pro license and enable fips-updates service 4. Install tpm2-tools 5. Reboot 6. Run `sudo tpm2_clear` This looks similar to: https://github.com/tpm2-software/tpm2-tools/issues/2957 TPM2 management seems to be broken in out-of-box 22.04 FIPS. ** Affects: tpm2-tools (Ubuntu) Importance: Undecided Status: New ** Tags: fips tpm2 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2074270 Title: tpm2_tools error 0x70001 with fips-updates on 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tpm2-tools/+bug/2074270/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
