tpm2_nvdefine failed with error code 0x70001

[yunyings]

With tpm2-tools v5.2 on an Intel i7-1180G7 platform(has firmware TPM), tpm2_nvdefine fails:

$ sudo tpm2_nvdefine 0x1500018 -C o -s 32
ERROR:esys_crypto:src/tss2-esys/esys_crypto_ossl.c:327:iesys_cryptossl_hmac_start() ErrorCode (0x00070001) EVP_PKEY_new_mac_key
ERROR:esys_crypto:src/tss2-esys/esys_crypto.c:185:iesys_crypto_authHmac() Error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1244:iesys_compute_hmac() HMAC error ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/esys_iutil.c:1354:iesys_gen_auths() Error while computing hmacs ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_NV_DefineSpace.c:234:Esys_NV_DefineSpace_Async() Error in computation of auth values ErrorCode (0x00070001)
ERROR:esys:src/tss2-esys/api/Esys_NV_DefineSpace.c:99:Esys_NV_DefineSpace() Error in async function ErrorCode (0x00070001)
ERROR: Failed to define NV area at index 0x1500018
ERROR: Esys_NV_DefineSpace(0x70001) - esapi:Catch all for all errors not otherwise specified
ERROR: Failed to create NV index 0x1500018.
ERROR: Unable to run tpm2_nvdefine

It seems there's similar error reported on Ubuntu 22.04:
https://bugs.launchpad.net/ubuntu/+source/tpm2-tss-engine/+bug/1961758

Is this issue known to upstream or need any attentions?

[williamcroberts]

Yeah the ubuntu 22.04 tpm2-tss package version 3.1 is broken with Open SSL 3. IIUC, @AndreasFuchsSIT has been in contact with upstream and reported it. If you build tpm2-tss version 3.2 you're good.

[yunyings]

Got it. Thank you William. Will check with Ubuntu community to see if it's possible to update tpm2-tss package to 3.2.

[bluca]

It has been uploaded a few days ago: https://launchpad.net/ubuntu/+source/tpm2-tss

[yunyings]

Thanks for the info, bluca. We just verified the issue is not seen with tpm2-tss 3.2 on Ubuntu 22.04.