Menu
▾
▴
Re: [Trustedjava-support] Problems with AIK creation
|
From: Till B. <ti...@on...> - 2007-07-19 09:45:11
|
Hello, Thanks for your quick reply! On 7/19/07, Martin Pirker <Mar...@ia...> wrote: > > Good morning... > > Till Bentz wrote: > > I try to create an AIK. For this process I need an EK credential. > > Unfortunately my manufacturer did not deliver one. Can someone give me a > > hint on how I can create one myself? > > Use TCcert, or use JTpmTools to get one from our demo PrivacyCA setup > (mail me for authentication password) > > > > I set up my own little Privacy CA using > > openssl and I think I have therefore the necessary Keys and certificates > to > > create an EK cred. > > You implemented the additional Trusted Computing certificate > structures for OpenSSL? I was not aware of the fact, that I need to implement additional Trusted Computing structures. I just set up a normal CA and use it to sign my client and server certificates. Can I use that CA to sign EKcredentials as well? In other words is it possible to adjust the ini files in tccert so that I can use my own CA or are there any special requirements? > I tried to use tccert with my CA but the process failed, even with the > > included examples: > [...] > > generating CA certificates... > > CAroot > > iaik.utils.InternalErrorException > > at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown > Source) > > at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown > Source) > > at iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo.encrypt(Unknown > Source) > > at iaik.tc.cert.common.Common.writePrivateKeyToFile(Common.java > :363) > > at iaik.tc.TCcert.generateCA(TCcert.java:247) > > at iaik.tc.TCcert.main(TCcert.java:118) > > Last time some had this problem... > > https://sourceforge.net/mailarchive/forum.php?thread_name=01D30BAC-8036-4A59-9BCC-2101B48ADBA3%40cs.rice.edu&forum_name=trustedjava-support > > ...he didn't used the signed version of IAIK-JCE. > > > Are you sure you are using the _signed_ .jar version and not the > _unsigned_ one? It seems that I did not use the signed version. I downloaded a new version and now it works. HTH > > -- > Martin Pirker > IAIK, TU Graz > > -- MfG Till ********************************************** Der Benutzer ist eine nicht zu tolerierende Quelle der Unsicherheit ********************************************** |
