Menu
▾
▴
Re: [Trustedjava-support] DAA implementation using jTSS
|
From: Ronald T. <ron...@ia...> - 2011-08-29 09:14:43
|
Hi Jan,
DAA is not supported or tested in jTSS. Sorry.
Best regards,
Ronald
PS: I will get you in touch with our DAA expert.
On 08/25/2011 09:53 AM, Jan Vossaert wrote:
> Dear All,
>
> I am working on a project which involves making a Java implementation of
> DAA.
> I am using the jTSS framework to access the TPM functionality.
> However, when I send the first command for the DAA Join (stage 0) I
> receive an 'INVALID_AUTHHANDLE' error code.
> Does anyone have an idea what I am doing wrong (code sample below)?
>
> Thanks,
> Jan
>
> public void test(){
> try{
> tcs_ = new TcTcsBindingLocal();
>
> Object[] ret = tcs_.TcsiOpenContext();
> if(!new Long(TcTcsErrors.TCS_SUCCESS).equals((Long)ret[0]))
> System.out.println("Unable to open context");
>
> hContext_ = (Long) ret[1];
>
> TcTcsAuth auth = TspOIAP();
> auth.setNonceOdd(TcCrypto.createTcgNonce());
> auth.setContAuthSession(true);
> TcTpmSecret oiapSecret = new
> TcTpmSecret(TcBlobData.newByteArray(Base64.decode("G9HrogY4LoZC6RIxR8YqMCj3ZgM=")));
>
> Long handle = 0L;
> short stage = 0;
> TcBlobData input0 = TcBlobData.newUINT32(1L);
> TcBlobData input1 = TcBlobData.newByteArray(new byte[]{});
>
> TcBlobData[] blob1H = { // 1H
>
> TcBlobData.newUINT32(TcTpmOrdinals.TPM_ORD_DAA_Join), // 1S
> TcBlobData.newBYTE(stage), // 2S
> TcBlobData.newUINT32(input0.getLengthAsLong()), // 3S
> input0, // 4S
> TcBlobData.newUINT32(input1.getLengthAsLong()), // 5S
> input1 // 6S
> };
>
> TcBlobData authDataH1 = computeAuthData( //
> blob1H, // 1H1
> auth.getNonceEven().getEncoded(), // 2H1
> auth.getNonceOdd().getEncoded(), // 3H1
> TcBlobData.newBOOL(auth.getContAuthSession()),// 4H1
> oiapSecret.getEncoded()); // HMAC key
>
> auth.setHmac(new TcTpmAuthdata(authDataH1));
>
> //Stage 1 DAA Join
> tcs_.TcsipDaaJoin(hContext_, handle, stage, input0, input1,
> auth);
> }catch(Exception e){
> e.printStackTrace();
> }
> }
>
> private TcBlobData computeAuthData(final TcBlobData[] blob1H, final
> TcBlobData blob2H,
> final TcBlobData blob3H, final TcBlobData blob4H, final
> TcBlobData authHash)
> {
> TcBlobData combinedBlob1H = TcBlobData.newBlobData(blob1H[0]);
> for (int i = 1; i< blob1H.length; i++) {
> combinedBlob1H.append(blob1H[i]);
> }
>
> TcBlobData authData = combinedBlob1H.sha1();
> authData.append(blob2H);
> authData.append(blob3H);
> authData.append(blob4H);
> TcBlobData retVal = authData.hmacSha1(authHash);
> return retVal;
> }
>
> private TcTcsAuth TspOIAP() throws TcTddlException, TcTpmException,
> TcTcsException
> {
> Object[] outDataTpm = tcs_.TcsipOIAP(hContext_);
>
> // get return values
> Long authHandle = (Long) outDataTpm[1];
> TcTpmNonce nonceEven = (TcTpmNonce) outDataTpm[2];
>
> TcTcsAuth auth = new TcTcsAuth();
> auth.setAuthHandle(authHandle.longValue());
> auth.setNonceEven(nonceEven);
>
> return auth;
> }
>
> ------------------------------------------------------------------------------
> EMC VNX: the world's simplest storage, starting under $10K
> The only unified storage solution that offers unified management
> Up to 160% more powerful than alternatives and 25% more efficient.
> Guaranteed. http://p.sf.net/sfu/emc-vnx-dev2dev
> _______________________________________________
> Trustedjava-support mailing list
> Tru...@li...
> https://lists.sourceforge.net/lists/listinfo/trustedjava-support
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
