Re: [Trustedjava-support] Creating AIK within a Java program

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Bryan Smith wrote:
> Thank you for your response. My code now compiles, but it is unable  
> to create client or server side certificates. I called createAIK with  
> an owner password and a aik password. Here is log information.
> 
> [INFO] CACertificate::<init> (49): generating RSA Key Pair for CA  certificate...
> [INFO] CACertificate::<init> (74): root CA cert ---> issuerDN =  subjectDN
> iaik.utils.InternalErrorException
> 	at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
> 	at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
> 	at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
> 	at iaik.tc.common.Common.writePrivateKeyToFile(Common.java:289)
> 	at iaik.tc.apps.jtt.createaik.PrivacyCa.createCaKeypairs (PrivacyCa.java:182)
> 	at iaik.tc.apps.jtt.createaik.CreateAik.execute()
> [WARN] CreateAik: Unable to create client or server side certificate!

Common.writePrivateKeyToFile is just a convience function
for test code for exporting a PrivateKey to a PKCS8 file.

A guess: As you can see in the first line of execute() in
CreateAik.java there is the need to register IAIK JCE once in the
system with
  IAIK.addAsProvider();
before using functions of it.

Does your modified version of CreateAik still do that, too?

HTH,
Martin Pirker
IAIK, TU Graz