Menu
▾
▴
Re: [Trustedjava-support] Where does jTSS gets the PubEKCert from in CollateIdentityRequest?
|
From: Thomas W. <tc...@to...> - 2007-08-01 05:32:43
|
Hello, > I like to know where jTSS gets the Public Endorsement Key Certificate > (EKCert) from during the CollateIdentityRequest operation? If you have a IFX TPM (1.1b or 1.2), the EK Cert is read from the chip. > I know that if I use the TrouSers wrappers, TrouSers supply this from its > configuration file. No - you can not specify it in a configuration file. But jTSS is a 1.2 compliant TSS and therefore you can supply the certificates via the setAttribData method of the TPM object and one of the following subflags (see TSS spec): TcTssConstants.TSS_TPMATTRIB_EKCERT TcTssConstants.TSS_TPMATTRIB_PLATFORM_CC TcTssConstants.TSS_TPMATTRIB_PLATFORMCERT TcTssConstants.TSS_TPMATTRIB_PLATFORM_CC hth, -- Thomas Winkler e-mail: tc...@to... |
