Manualshelf

HP-UX Trusted Computing Services A.03.00 Release Notes (May 2010, B3921-90026)

ManualsBrandsHP ManualsSoftwareHP-UX Trusted Computing Services (TCS) Software
12345678910
3 Known Problems and Limitations
This section provides a list of problems and limitations known to HP at the time of publication.
If workarounds are available, they are included.
If a TCS application key is created without a password (passphrase), you cannot add a
password later
Issue: If a TCS application key is created without a password and you attempt to add a
password using the tpmadm changepwd command, the command prompts you for the
existing password and the new password, then fails with the message tpmadm changepwd
error: Failed to change authorization.
To verify that this problem is causing the tpmadm changepwd command to fail, use the
tpmlist keyinfo command. If the key was created without a password, the output will
show AuthUsage: 0x00 (Never).
Severity: Low
Workaround: If you want to use a password with a key, specify a passphrase at creation
time.
tpmencrypt Of A Non-Existent File Does Not Emit An Error
Issue: When the target of a tpmencrypt command does not exist, no explicit error is emitted
by tpmencrypt. The resulting encrypted output does not cause the nonexistent file to be
created.
Severity: Low
Workaround: Immediately after encrypting a file or set of files, HP recommends running
tpmdecrypt on the resulting output to verify the that data is successfully recreated.
TPM Not Virtualized By IntegrityVM
Issue: HP-UX TCS software will not work within an IntegrityVM guest, even if the host
server is TPM-enabled.
Workaround: None.
Existing EVFS Volumes Are Not Usable After EVFS/HP-UX TCS Integration
Issue: EVFS/HP-UX TCS integrated volumes and EVFS standalone volumes cannot coexist
on the same system. The integrated EVFS/HP-UX TCS products use a different method for
encrypting and decrypting EVFS keys - existing EVFS standalone keys cannot be retrieved
with the new method.
Severity: Low
Workaround: Backup any existing EVFS file systems before the EVFS/HP-UX TCS integration.
Once the EVFS/HP-UX TCS integration is complete, restore these file systems to the newly
created EVFS volumes.
HP-UX TCS Does Not Support All Open Source APIs
HP-UX TCS supports a limited subset of the open source TrouSerS APIs. For further
information refer to the HP-UX Trusted Computing Services A.02.00 Administrator's Guide,
available in the HP-UX Trusted Computing Services (TCS) Software section at http://
www.hp.com/go/hpux-security-docs. (The A.02.00 version of the administrator's guide
supports version A.03.00 of TCS.)
6 Known Problems and Limitations