解决kptEncryptSWKs():110 Get I Pu failed with status: 6,kptStatus: 5 - liutao932/c GitHub Wiki
这些case都是如下问题 s> /root/QAT20.L.0.8.3-00028/sample_code/CentOS_8.4_64_hosty+kpt/sample_code/system_test_benchmarks/./KPT20/key_protection_technology_tests.c, kptEncryptSWKs():110 Get I-Pu failed with status: -6,kptStatus: 5 通过函数kptEncryptSWKs()找到输出 if (CPA_STATUS_SUCCESS == status) { status = cpaCyKptQueryDeviceCredentials( instanceHandle, pPerPartPublicKeyData, &kptStatus); if (CPA_STATUS_SUCCESS != status || CPA_CY_KPT_SUCCESS != kptStatus) { PRINT_ERR("Get I-Pu failed with status: %d,kptStatus: %d\n", status, kptStatus); status = CPA_STATUS_FAIL; } } #define CPA_STATUS_UNSUPPORTED (-6)
/**<
- @ingroup cpa_BaseDataTypes
- The function is not supported, at least not with the specific
- parameters supplied. This may be because a particular
- capability is not supported by the current implementation. */
pPerPartPublicKeyData这个参数不支持该函数 CpaStatus cpaCyKptQueryDeviceCredentials( const CpaInstanceHandle instanceHandle, CpaCyKptValidationKey *pDevCredential, CpaCyKptKeyManagementStatus *pKptStatus) { sal_crypto_service_t *pCryptoService = (sal_crypto_service_t *)instanceHandle; CpaStatus status = CPA_STATUS_SUCCESS; #ifdef ICP_PARAM_CHECK status = LacQueryKptDeviceCredentialParamCheck( instanceHandle, pDevCredential, pKptStatus); if (CPA_STATUS_SUCCESS != status) return status; #endif
*pKptStatus = CPA_CY_KPT_FAILED;
if (!(pCryptoService->generic_service_info.capabilitiesMask &
ICP_ACCEL_CAPABILITIES_KPT2))
{
return CPA_STATUS_UNSUPPORTED; // -6
}
pDevCredential这个参数传进去结果为假,说明这个设备证书不可用 解决方案: 第一步:先确定当前使用的证书是debug还是production,默认是production #ifdef KPT_USE_DEBUG_KEY #define ROOT_CERT "DEBUG_KPT_RootCA_RSA3K.pem" #else #define ROOT_CERT "KPT_RootCA_RSA3K.pem" //默认 #endif 第二步:修改证书为debug版本 在sample_code.tar.bz解压,修改build.sh,在build.sh中加入export KPT_USE_DEBUG_KEY=1 第三步: 测试