I am trying to encrypt and store a key in the TPM 1.2 chip and for that I am using tpm-tools package provided by TrouSerS. I can used tpm_sealdata and tpm_unsealdata when I first take ownership. But when I reboot the system, both the sealing and unsealing command no longer works giving an error: Tspi_Context_LoadKeyByUUID failed: 0x00002020 - layer=tcs, code=0020 (32), Key not found in persistent storage. From my understanding, the SRK (storage root key) is created when taking tpm ownership and is stored into TPM's non-volatile memory which makes it persistent. Then why am I getting this error?
I tried changing the authorization password for both owner and srk to TPM's well-know secret. After a reboot, I can see in the BIOS that the TPM is still owned which makes me believe that SRK should be there in the persistent storage.
The issue was that the system.data which is created by tcsd.conf at a location /var/lib/tpm/ was not staying persistent across reboot. Making that file peristent across reboot solved the issue.