From: Fischer, A. <ann...@hp...> - 2006-06-08 12:56:55
|
Hi, I'm trying to use the AIK capabilities of the Trusted Java Stack, but I've got some problems and I hope you can help me with that. When using the AIK creation methods in the example test I have problems to decrypt the IdentityReqBlob. During the method I get the following error: java.security.InvalidKeyException: Illegal key size or default parameters at (24464082) javax.crypto.Cipher.a(DashoA12275) at (24464082) javax.crypto.Cipher.a(DashoA12275) at (24464082) javax.crypto.Cipher.a(DashoA12275) at (24464082) javax.crypto.Cipher.init(DashoA12275) at (24464082) javax.crypto.Cipher.init(DashoA12275) I'm using the method of the junit test package (I printed it below). The error appears during the execution of the=20 aesDec.init(Cipher.DECRYPT_MODE, skeySpec); command. Do you have any idea why the decryption here fails? The decryption of the symmetric key seems to work. I'm using the complete AIK creation process that is available in the junit test package. I create the public CA key in the same way and the TPM_MakeIdentity command is also successful on the TPM. The TPM doesn't give me error messages, so the keys should be alright. Thanks for your help, Anna My decryption method: public TcTcpaIdentityProof caDecryptIdentityReqBlob( TcBlobData collateIdentityReqBlob) throws TcException { // step 1: decode the collate identity request blob TcTcpaIdentityReq collateIdentityReq =3D new TcTcpaIdentityReq( collateIdentityReqBlob); TcBlobData symBlobDecrypted =3D null; try { // step 2: decrypt the symmetric key (encrypted by the client with // the public CA key) //Cipher rsaDec =3D Cipher.getInstance("RSA/ECB/PKCS1Padding"); Cipher rsaDec =3D =09 Cipher.getInstance("RSA/ECB/OAEPWithSHA1AndMGF1Padding"); =09 rsaDec.init(Cipher.DECRYPT_MODE, caKeyPair_.getPrivate()); TcTcpaSymmetricKey symmetricKey =3D new TcTcpaSymmetricKey(=20 =09 TcTssStructFactory.newBlobData().initByteArray( =09 rsaDec.doFinal(collateIdentityReq.getAsymBlob() =09 .asByteArray()))); =09 // step 3: decrypt the symmetrically encrypted data Cipher aesDec =3D Cipher.getInstance("AES/ECB/PKCS5Padding"); SecretKeySpec skeySpec =3D new SecretKeySpec(symmetricKey.getData() .asByteArray(), "AES"); =09 =09 aesDec.init(Cipher.DECRYPT_MODE, skeySpec); =09 symBlobDecrypted =3D TcTssStructFactory.newBlobData().initByteArray( //=20 =09 aesDec.doFinal(collateIdentityReq.getSymBlob() =09 .asByteArray())); } catch (GeneralSecurityException e) { Log.err(this,e); return null; } // the decrypted data is of type TCPA_IDENTITY_PROOF TcTcpaIdentityProof identityProof =3D new TcTcpaIdentityProof( symBlobDecrypted); =09 return identityProof; } |