Re: [Trustedjava-support] jtt on win 7 and creating an AIK programmatically

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,
Indeed the PATH variable was missing system32, now it works fine.....the previous owner of the machine must have played with the environmental variables....

Thanks,
Federico

Fra: Ronald Tögl [mailto:ron...@ia...]
Sendt: 1. oktober 2012 14:25
Til: tru...@li...
Kopi: Mancini, Federico
Emne: Re: [Trustedjava-support] jtt on win 7 and creating an AIK programmatically

Hi Federico,

I have no idea why your system cannot find the system utility reg.exe on the path. Perhaps you or some tool modified it in some incorrect way.
I suggest you check your path settings and make sure it includes the c:\windows\system32 folder.

Alternatively, you can just replace line 19 in the script with a hardcoded path to your jTSS installation.
SET jtssreg=<path>

hth,
Ronald

On 10/01/2012 01:36 PM, Fed...@ff...<mailto:Fed...@ff...> wrote:
Sorry I forgot to mention (as in written in the subject) that I had trouble running jtt from command line, because I get the following error:

C:\Users\Public\jsr321\jTSS_0.7\jTpmTools_0.7>jtt
'REG' is not recognized as an internal or external command,
operable program or batch file.
  ---------------------
   IAIK Java TPM Tools
  ---------------------
Exception in thread "main" java.lang.NoClassDefFoundError: iaik/tc/utils/cmdline
/CommandlineException
        at java.lang.Class.getDeclaredMethods0(Native Method)
        at java.lang.Class.privateGetDeclaredMethods(Class.java:2442)
        at java.lang.Class.getMethod0(Class.java:2685)
        at java.lang.Class.getMethod(Class.java:1620)
        at sun.launcher.LauncherHelper.getMainMethod(LauncherHelper.java:492)
        at sun.launcher.LauncherHelper.checkAndLoadMain(LauncherHelper.java:484)

Caused by: java.lang.ClassNotFoundException: iaik.tc.utils.cmdline.CommandlineEx
ception
        at java.net.URLClassLoader$1.run(URLClassLoader.java:366)
        at java.net.URLClassLoader$1.run(URLClassLoader.java:355)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:354)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:423)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:308)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:356)
        ... 6 more

Seems to be something with the REG command which is not supported in Windows 7?

Fra: Mancini, Federico
Sendt: 1. oktober 2012 13:29
Til: 'tru...@li...<mailto:tru...@li...>'
Emne: jtt on win 7 and creating an AIK programmatically

Hi,
I have finally managed to find some time to start playing with jTSS and I have managed to set up everything properly and started writing some java code.
Looks like I have successfully taken ownership of the TPM and can query PCRs values and extract the EK certificate programmatically.
Now, I would like to create an AIK, and I seem to have managed, using the j_tpm_tools programmatically, in the following manner:

RSAKeyPairGenerator rsa=new RSAKeyPairGenerator();
KeyPair rsaKeys=rsa.generateKeyPair();
RSAPublicKey rsaPub=(RSAPublicKey) rsaKeys.getPublic();
X509Certificate EKCert=new X509Certificate(EKcert.asByteArray());//extracted before by ReadEKCert.getEKCertAlternative(pass);
AttributeCertificate peCert=AikUtil.createPECertificate(EKCert);
X509Certificate AIKCert=AikUtil.createAIKCertificate(EKCert, peCert, RSApub, "AIK test");

This seems to be some kind of dummy AIK certificate generated by some internal privacy CA?
How would I go to get the AIK certificate signed by privacyCA.com instead?
I see that I have to generate TPM_IDENTITY_REQ blob and send it as a POST to privacyCA.com, but I don't see any Tspi_TPM_CollateIdentityRequest ()anywhere, only a TcTPMIdentityRequest() method in the jTSS, but when I call it like that I don't get anything.
Should I call it with the blob parameter? If so, how would I generate such a blob?

Sorry if the question is trivial, but it is the first time playing with the TPM, although I read the theory, and I could not find any clear documentation about this.

Thanks in advance for any help.

Federico Mancini

------------------------------------------------------------------------------

Got visibility?

Most devs has no idea what their production app looks like.

Find out how fast your code is with AppDynamics Lite.

http://ad.doubleclick.net/clk;262219671;13503038;y?

http://info.appdynamics.com/FreeJavaPerformanceDownload.html

_______________________________________________

Trustedjava-support mailing list

Tru...@li...<mailto:Tru...@li...>

https://lists.sourceforge.net/lists/listinfo/trustedjava-support

--

Dipl.-Ing. Ronald Tögl          phone +43 316/873-5502

Secure and Correct Systems      fax   +43 316/873-5520

IAIK                            ron...@ia...<mailto:ron...@ia...>

Graz University of Technology   http://www.iaik.tugraz.at