Menu
▾
▴
trustedjava-support — Trusted Java General Support
You can subscribe to this list here.
| 2006 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
(4) |
Jul
(10) |
Aug
(6) |
Sep
(6) |
Oct
(5) |
Nov
(1) |
Dec
|
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2007 |
Jan
|
Feb
(14) |
Mar
(25) |
Apr
(9) |
May
(10) |
Jun
(9) |
Jul
(33) |
Aug
(52) |
Sep
(15) |
Oct
(6) |
Nov
(4) |
Dec
(6) |
| 2008 |
Jan
(27) |
Feb
(3) |
Mar
(6) |
Apr
(7) |
May
(8) |
Jun
(4) |
Jul
(21) |
Aug
(8) |
Sep
(9) |
Oct
(6) |
Nov
(1) |
Dec
(1) |
| 2009 |
Jan
(1) |
Feb
(1) |
Mar
(10) |
Apr
(7) |
May
(8) |
Jun
(10) |
Jul
(11) |
Aug
(17) |
Sep
(13) |
Oct
(13) |
Nov
(1) |
Dec
(5) |
| 2010 |
Jan
(5) |
Feb
(9) |
Mar
(12) |
Apr
(4) |
May
(5) |
Jun
(3) |
Jul
(7) |
Aug
(7) |
Sep
(3) |
Oct
(12) |
Nov
(5) |
Dec
(2) |
| 2011 |
Jan
(9) |
Feb
(3) |
Mar
(24) |
Apr
(3) |
May
(1) |
Jun
|
Jul
(3) |
Aug
(8) |
Sep
(2) |
Oct
|
Nov
|
Dec
|
| 2012 |
Jan
(4) |
Feb
|
Mar
|
Apr
(3) |
May
(12) |
Jun
(7) |
Jul
(9) |
Aug
|
Sep
(14) |
Oct
(19) |
Nov
(4) |
Dec
|
| 2013 |
Jan
(1) |
Feb
(3) |
Mar
(1) |
Apr
(5) |
May
(3) |
Jun
(7) |
Jul
(6) |
Aug
(4) |
Sep
(1) |
Oct
|
Nov
|
Dec
(2) |
| 2014 |
Jan
|
Feb
(2) |
Mar
(3) |
Apr
(1) |
May
(1) |
Jun
(6) |
Jul
(14) |
Aug
(5) |
Sep
(7) |
Oct
(3) |
Nov
|
Dec
(1) |
| 2015 |
Jan
(3) |
Feb
|
Mar
(4) |
Apr
|
May
(1) |
Jun
(9) |
Jul
|
Aug
(1) |
Sep
|
Oct
(1) |
Nov
(4) |
Dec
(4) |
| 2016 |
Jan
|
Feb
(1) |
Mar
|
Apr
(1) |
May
(2) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(2) |
Nov
(1) |
Dec
|
| 2017 |
Jan
|
Feb
|
Mar
(2) |
Apr
(1) |
May
|
Jun
(1) |
Jul
(1) |
Aug
(1) |
Sep
(1) |
Oct
(1) |
Nov
(1) |
Dec
(1) |
| 2018 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
(1) |
Dec
|
| 2020 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(4) |
Nov
|
Dec
|
| 2021 |
Jan
|
Feb
|
Mar
(11) |
Apr
(2) |
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2022 |
Jan
|
Feb
|
Mar
|
Apr
(2) |
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
| 2023 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(2) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
| 2024 |
Jan
(1) |
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
| 2025 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
(1) |
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Ronald T. <ron...@ia...> - 2009-03-19 13:20:53
|
Hello, Are you building against the very version (possible with patches) of TrouSerS which is given in the jTSS Wrapper readme? Does TrouSerS build correctly? Regards, Ronald PS: Please use your real name on this mailing list. > -----Ursprüngliche Nachricht----- > Von: root [mailto:run...@si...] > Gesendet: Donnerstag, 19. März 2009 10:05 > An: tru...@li... > Betreff: [Trustedjava-support] Error occurs when make > "libtspiwrapper.so" > > When I want to make "libtspiwrapper.so" after customizing the Makefile, > errors occur. > > The part of the message is: > " > output/lib/tspiwrapper_wrap.c:6628: error: ‘TSS_VALIDATION’ undeclared > (first use in this function) > output/lib/tspiwrapper_wrap.c:6628: error: ‘arg3’ undeclared (first use > in this function) > " > > Ask for help~! > Thanks. |
|
From: Martin P. <Mar...@ia...> - 2009-03-10 14:24:52
|
Hi... Ahmed Ramadan wrote: > 2) I have executed the Quote, the remote attestation server should verify the quote. > Verifying the quote means that the server recomputes the measurement Log, however I cannot understand how the extend operation work ie. See TSS specification, description of structure TSS_PCR_EVENT, comment of parameter rgbPcrValue. HTH, Martin |
|
From: Ronald T. <ron...@ia...> - 2009-03-10 13:46:46
|
Hello Ahmed, Ahmed Ramadan wrote: > I have 2 questions. > > 1) Is there a way to report the integrity measurement log (IMA) into > the TPM (emulator) in my case using the jTSS (or even trousers if not > available through the jTSS) ? I'll answer the first part.. Since jTSS 0.4, a simple event log implementation is provided, which stores events in a flat file fashion. Our implementation does not cover platform specific requirements such as inclusion of the log files of IBM's IMA. However, the logging class implementation can easily be configured in the tss_tcs.ini file; you could create your own implementation of TcITcsEventMgr that integrates IMA logs. You could also consider to handle ACPI-based logging informations. I don't know what kind of integration, if any, TrouSerS offers. Regards, Ronald -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Ahmed R. <ahm...@gm...> - 2009-03-10 11:50:09
|
Dear Martin, I have 2 questions. 1) Is there a way to report the integrity measurement log (IMA) into the TPM (emulator) in my case using the jTSS (or even trousers if not available through the jTSS) ? 2) I have executed the Quote, the remote attestation server should verify the quote. Verifying the quote means that the server recomputes the measurement Log, however I cannot understand how the extend operation work ie. file : version.txt sha1sum version.txt dd3fe79ca0b0d80e1b33018054239ef4628b93d1 version.txt ./jtt.sh pcr_extend -f version.txt -p 1 PCR 1: 70 b9 e1 fa 6a 69 48 27 7a 46 32 c0 11 f8 d2 f6 ec b3 ab 56 ./jtt.sh pcr_extend -f version.txt -p 2 PCR 2: a1 5f 67 be ab fe 9d b6 ba cc 4e 45 0d 4f 13 07 e9 8f 98 fc Why is the PCR hash values different than the pure hash of the file, even if the extend use the initial PCR values then PCR[1] & [2] should be equal as the initial is the same (ie the emulator has been resetted before executing these commands). Thanks for further declaration. Regards, Ahmed > Date: Tue, 3 Mar 2009 10:24:15 +0100 > From: Mar...@ia... > To: ahm...@gm... > CC: tru...@li... > Subject: Re: [Trustedjava-support] Load AIK problem > > Hi... > > Ahmed Ramadan wrote: > > I am using JTss and JTPM-Tools to try the Quote and validation concept. > > Look into the just released PrivacyCA 0.2 package, the PrivacyCA sources > are in apki-0.2.tar.gz. > > The module TspQuote implements the self-attestation function of the PCA server, > the functions doQuote and verifyQuote showcase how to do a quote and > verify the results afterwards. > > > > TCLinux:/home/aramadan/Desktop/Java/jTpmTools_0.3c # ./jtt.sh version > > JTSS_TSP: 0.4 20081218 10:30:08 > > JTSS_JNI: 0.3.1 20071128 9:44:59 > > You appear to be using a new jTSS with old version of jTSS wrapper/TrouSerS. > We just released an experimental upgrade of jTSS Wrapper which should work > better with TrouSerS 0.3.1cvs. > > > HTH, > Martin > > ------------------------------------------------------------------------------ > Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA > -OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise > -Strategies to boost innovation and cut costs with open source participation > -Receive a $600 discount off the registration fee with the source code: SFAD > http://p.sf.net/sfu/XcvMzF8H > _______________________________________________ > Trustedjava-support mailing list > Tru...@li... > https://lists.sourceforge.net/lists/listinfo/trustedjava-support _________________________________________________________________ Windows Live™ Groups: Create an online spot for your favorite groups to meet. http://windowslive.com/online/groups?ocid=TXT_TAGLM_WL_groups_032009 |
|
From: Martin P. <Mar...@ia...> - 2009-03-09 09:34:23
|
Hi... [please mail generic questions to the list so everybody can read the answers in the archive] > I don't know what's special for the signed .jar file and where to find it. > I didn't find it in http://jce.iaik.tugraz.at. > Could you tell me where I can get it and its special function. The .zip you download at our site contains multiple versions of the iaik_jce.jar You need a signed .jar to use a JCE provider with Java 1.4 or later, see http://jce.iaik.tugraz.at/sic/products/core_crypto_toolkits/jca_jce/features HTH, Martin |
|
From: Martin P. <Mar...@ia...> - 2009-03-03 09:27:49
|
Hi... Ahmed Ramadan wrote: > I am using JTss and JTPM-Tools to try the Quote and validation concept. Look into the just released PrivacyCA 0.2 package, the PrivacyCA sources are in apki-0.2.tar.gz. The module TspQuote implements the self-attestation function of the PCA server, the functions doQuote and verifyQuote showcase how to do a quote and verify the results afterwards. > TCLinux:/home/aramadan/Desktop/Java/jTpmTools_0.3c # ./jtt.sh version > JTSS_TSP: 0.4 20081218 10:30:08 > JTSS_JNI: 0.3.1 20071128 9:44:59 You appear to be using a new jTSS with old version of jTSS wrapper/TrouSerS. We just released an experimental upgrade of jTSS Wrapper which should work better with TrouSerS 0.3.1cvs. HTH, Martin |
|
From: Martin P. <Mar...@ia...> - 2009-03-03 09:26:30
|
Ïé×Ó wrote: > Hello, > I ran TCcert on my platform with Operating System of Federa(Core 2.6) and JDK 1.4. When I ran the command: bash tccert.sh ca ca.ini. I got the following output: > generating CA certificates... > CAroot > Exception in thread "main" iaik.utils.InternalErrorException > at iaik.PKCS.PKCS8.EncryptedPrivateKeyInfo.encrypt(Unknown Source) > I found that ca.cert was generated but ca.pkey wasn't. I don't know what's the reason. Could you help me. Thanks. Are you sure you use the _signed_ .jar file of the IAIK-JCE library? See the mailing list archive for thread "tccert fails" in Jan 2008, someone had the same problems because of this. HTH, Martin |
|
From: Martin P. <Mar...@ia...> - 2009-03-03 09:18:16
|
Here comes another pack of releases/updates.... (all software packages are available as usual from http://trustedjava.sourceforge.net/) === jTSS 0.4a === This is a bugfix release which fixes an unfortunate bits vs. bytes issue in TPM keyblob creation from Java keys. This error affects almost all applications doing an AIK cycle with a PrivacyCA. Consequently, all older releases are incompatible with other TSS implementations (e.g. TrouSerS) when doing an AIK cycle. Please upgrade all your applications to jTSS 0.4a. === jTSS Wrapper 0.4beta === This is an update to allow jTSS Wrapper to be build with current TrouSerS 0.3.1cvs. Note that this is a BETA release which has not received much testing. Be careful. === PrivacyCA 0.2 === Another Trusted Computing PKI (APKI) package to run a PrivacyCA. This is a redesigned version of the functionality provided in the 0.1 release. It was optimised to be as small as possible, thus doing away with the XKMS and XML overheard and using a much simpler protocol. This release allows to run the PrivacyCA Java server in a 17Mb Xen compartment (build instructions included). Further, commandline demonstration clients for jTSS (Java) and TrouSerS (C) are provided. Enjoy, Martin |
|
From: 祥子 <lic...@16...> - 2009-03-03 02:32:17
|
Hello,
I ran TCcert on my platform with Operating System of Federa(Core 2.6) and JDK 1.4. When I ran the command: bash tccert.sh ca ca.ini. I got the following output:
generating CA certificates...
CAroot
Exception in thread "main" iaik.utils.InternalErrorException
at iaik.PKCS.PKCS8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
at iaik.PKCS.PKCS8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
at iaik.PKCS.PKCS8.EncryptedPrivateKeyInfo.encrypt(Unknown Source)
at iaik.tc.cert.Common.Common.writePrivateKeyToFile(Common.java:382)
at iaik.tc.TCcert.generatCA(TCcert.java:247)
at iaik.tc.TCcert.main(TCcert.java:118)
I found that ca.cert was generated but ca.pkey wasn't. I don't know what's the reason. Could you help me. Thanks.
Your's Li |
|
From: Ahmed R. <ahm...@gm...> - 2009-02-26 13:32:22
|
Good Day All,
I am using JTss and JTPM-Tools to try the Quote and validation concept.
My problems lies that I am not able to load any of the keys created (AIK particular).
Added below my code, and error message.
TcIContext context = CommonSettings.getTssFactory().newContextObject();
context.connect(CommonSettings.getHostname());
TcITpm tpm = context.getTpmObject();
// load Storage Root Key
TcBlobData srkSecret = TcBlobData.newByteArray(TcTssConstants.TSS_WELL_KNOWN_SECRET);
long srkSecretMode = TcTssConstants.TSS_SECRET_MODE_SHA1;
TcIRsaKey srk = context.loadKeyByUuidFromSystem(TcUuidFactory.getInstance().getUuidSRK());
TcIPolicy srkPolicy = context.createPolicyObject(TcTssConstants.TSS_POLICY_USAGE);
srkPolicy.setSecret(srkSecretMode, srkSecret);
srkPolicy.assignToObject(srk);
byte nonce[] = {0x1, 0x2, 0x3, 0x4, 0x5, 0x1, 0x2, 0x3, 0x4, 0x5, 0x1, 0x2,
0x3, 0x4, 0x5, 0x1, 0x2, 0x3, 0x4, 0x5};
// create a TCBlobData using the provided nonce
TcBlobData nonceData = TcBlobData.newByteArray(nonce);
TcTssValidation nonceVal = new TcTssValidation();
nonceVal.setExternalData(nonceData);
// the tpmQuote to receive data from tpm's quote
TcTssValidation tpmQuote = new TcTssValidation();
context.connect(null); // connect to localhost
// get the number of PCRs from TPM
TcBlobData subCap = TcBlobData.newUINT32((int) TcTssConstants.TSS_TPMCAP_PROP_PCR);
long numPCRs = tpm.getCapabilityUINT32(TcTssConstants.TSS_TPMCAP_PROPERTY, subCap);
for (int i = 0; i < numPCRs; i++) {
// create a pcr composite object
TcIPcrComposite pcrComp = context.createPcrCompositeObject(0);
pcrComp.selectPcrIndex(i);
// set pcr value to read
pcrComp.setPcrValue(i, tpm.pcrRead(i));
// create the UUID of the AIK
TcTssUuid uuid = new TcTssUuid().initString("00000001-0002-0003-0405-5fd0073c8832");
// set the key password
TcBlobData keySecret = TcBlobData.newString("keypass", false, "UTF-16LE");
// the AIK
TcIRsaKey identityKey = context.getKeyByUuid(TcTssConstants.TSS_PS_TYPE_SYSTEM, uuid);
TcIPolicy keyUsgPolicy = context.createPolicyObject(TcTssConstants.TSS_POLICY_USAGE);
keyUsgPolicy.setSecret(TcTssConstants.TSS_SECRET_MODE_NONE, keySecret);
keyUsgPolicy.assignToObject(identityKey);
=======================================================================
identityKey.loadKey(srk); // ERROR LOADING THE KEY
=======================================================================
// now get the quote
tpmQuote = tpm.quote(identityKey, pcrComp, nonceVal);
=======================================================================
Error Message:
============
iaik.tc.tss.api.exceptions.tcs.TcTpmException:
TSS Error:
error layer: 0x00 (TPM)
error code (without layer): 0x21
error code (full): 0x21
error message: The decryption process did not complete.
=++=============================================++=
Libaries
======
TPM-Emaulator 0.5
TCLinux:/home/aramadan/Desktop/Java/jTpmTools_0.3c # ./jtt.sh version
JTpmTools: 0.3c 20080605 10:56:50
JTSS_TSP: 0.4 20081218 10:30:08
JTSS_JNI: 0.3.1 20071128 9:44:59
XKMS: 0.2a-20080605-153902
TCcert: 0.2.2a-20080709-114558
Any comments are welcome.
Regards, Dan
_________________________________________________________________
Windows Live™ Hotmail®:…more than just e-mail.
http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t2_hm_justgotbetter_explore_022009 |
|
From: Ronald T. <ron...@ia...> - 2009-01-07 09:23:11
|
Dear trustedJava users, Here are a few remarks on Windows Vista support. * Only Vista 32-bit is supported for now. This is a restriction of the setup/install scripts and the system service loader module. * The setup.exe provides only runtime support for TCS. For developers it is recommended to (also) use the complete .tar.bz2 version. Among others it provides more documentation. * The native library accessing the TBS (Trusted Bases Services) requires MS Visual C+ 2005 SP1 runtime libraries. On some machines, you need to install http://www.microsoft.com/downloads/details.aspx?familyid=200B2FD9-AE1A-4A14-984D-389C36F85647&displaylang=en before using jTSS. This will be included in the next release. Without these libraries, you might experience an error like ERROR] TcTddlVista::<clinit> (39): Unable to load native Vista DLL (neither from library path nor from jar file). * If you receive a TPM-Exception like: iaik.tc.tss.api.exceptions.tcs.TcTpmException: TSS Error: error layer: 0x00 (TPM) error code (without layer): 0x00 error code (full): 0xac040000 error message: Success. with an error code where the first 2 bytes are not 0x0000, this is not a TPM issue but a TBS error code. Perhaps the TPM is not enabled or some commands might be blocked. * You will need to unblock some commands of the TPM for some TPM applications (including jTSS test cases). To learn hopw to do this (and about Vista TPM support in general), have a look at http://www.windowsitlibrary.com/Content/2257/04/1.html Regards, Ronald -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Ronald T. <ron...@ia...> - 2008-12-18 10:38:03
|
Dear trustedJava users, We are happy to present you a shiny new and inspiring Christmas gift! Several new features have been incorporate in jTSS 0.4, the TCG Software Stack for Java, which is now available for download at http://trustedjava.sf.net Changes include support for NV access, key migration, CMK, a new event log, an alternative SQL-Database for Persistent Storage, support for monotonic counters, more tests, a TrouSerS key import tool,.. There is even a new Windows installer that eases deployment of your trustedJava applications! Merry Christmas, Ronald -- Ronald Toegl, IAIK |
|
From: John L. <joh...@ke...> - 2008-11-03 14:30:57
|
Hi, I'm interested in using the TCPVM project. However, I'm aware that there haven't been any new versions since November last year, and I was wondering what the current status of the project is? Is it still being developed? I'm also struggling to find the right OpenJDK version to download from their website. This obviously isn't anything to do with your software, but I was wondering if anyone has experience of applying the TCPVM patches to a more recent OpenJDK version? Thanks for your help, John |
|
From: Ronald T. <ron...@ia...> - 2008-10-01 13:16:56
|
Hi John,
Thanks for the detailed report. Also thank you for debugging it up into
the decoding step, which usually is not fun. :-)
We did not encounter this specific problem before (checking this out
took some time as I was out of office and had issues with remote access).
The behaviour you describe indicated that the authenticated command
session is not properly continued by the TPM Emulator (i.e. outdata=0).
Our experience with the TPM Emulator is that the commands associated
with key certification are rather incomplete and buggy. Also, based on
experience, the Infineon implementations usually get things right (with
exceptions of course).
Perhaps the best idea is to report this to the Emulator developers.
Ronald
John Lyle wrote:
> Hi,
>
> I'm having some problems using the Java TSS and the CertifyKey
> operation. I'm not entirely sure where the problem lies (it may be with
> the JTSS or TPM Emulator) but I hoping you can help me to narrow it down.
>
> I'm creating a key bound to certain PCR values. My code (largely copied
> from the examples) is included at the end. This works very well on a
> Infineon 1.2 TPM on a HP nc6320 laptop. However, when using the exact
> same code with a tpm emulator, running on a vmware linux image on an
> iMac, it fails with a null pointer.
>
> The error is normally about line 3252 in
> TcTspInternal.TspCertifyKey_Internal:
>
> ...
> TcBlobData[] blob1Hout = { // 1H
> blobUINT32(resultCode), // 1S
> blobUINT32(ordinal), // 2S
> certifyInfoBlob, // 3S
> blobUINT32(outData.getLengthAsLong()), // 4S
> outData }; // 5S
> ...
>
> Having debugged the code for a while and comparing with the working
> version, I've found the problem to be that the outData object is null.
> This seems to be because of the following lines:
>
> TcTpmCmdCrypto.TpmCertifyKey(TcIStreamDest, long, long, TcTpmNonce,
> TcTcsAuth, TcTcsAuth) line: 422
> ...
> long outDataSize = outBlob.decodeUINT32();
> TcBlobData outData = outBlob.decodeBytes(outDataSize);
> ...
>
> In the above method the return from decodeUINT32() is an extremely large
> number, and so decodeBytes fails. This isn't a problem with the laptop,
> where the return is always 256. Going deeper, this seems to be a
> problem with:
>
> TcBasicTypeDecoder.decodeUINT32() line 111:
> ...
> short[] elements = blob_.getRangeAsShortArray(offset_, len);
> ...
>
> Which is using the wrong offset. On the laptop, where this works, the
> offset is always 134 and the elements returned tend to be [0, 0, 1, 0].
> This makes the decoding behave as expected. Using the TPM Emulator on
> the Mac, the offset is 149, which returns an array filled with much
> larger elements. The rest of the decodeUINT32 method then obviously
> calculates the wrong value. Interestingly, the outData blob data
> lengths are also slightly different.
>
> If you have any suggestions as to how this problem could be solved, that
> would be greatly appreciated. Is this more likely to be a problem with
> the TPM emulator?
>
> Many thanks,
>
> John
>
>
>
>
>
> My code:
> ----------------------------
>
> // create a key
> TcIRsaKey key1 = getContext().createRsaKeyObject(
> TcTssConstants.TSS_KEY_TYPE_LEGACY);
>
> key1.setAttribUint32(TcTssConstants.TSS_TSPATTRIB_KEY_INFO,
> TcTssConstants.TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
> TcTssConstants.TSS_ES_RSAESPKCSV15);
>
> // assign key usage policies
> keyUsgPolicy.assignToObject(key1);
> keyMigPolicy.assignToObject(key1);
>
> // create a PcrComposite, connecting with all the PCR values.
> TcIPcrComposite pcrComp = getContext().createPcrCompositeObject(0);
> for (int pcr : pcrs) {
> pcrComp.setPcrValue(pcr, getContext().getTpmObject().pcrRead(pcr));
> }
>
> key1.createKey(srk, pcrComp);
>
> key1.loadKey(srk);
>
> TcTssValidation validation = key1.certifyKey(aik, null);
>
> ---------------------------
>
>
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Trusted Computing Labs fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: John L. <joh...@ke...> - 2008-09-26 10:11:07
|
Hi,
I'm having some problems using the Java TSS and the CertifyKey
operation. I'm not entirely sure where the problem lies (it may be with
the JTSS or TPM Emulator) but I hoping you can help me to narrow it down.
I'm creating a key bound to certain PCR values. My code (largely copied
from the examples) is included at the end. This works very well on a
Infineon 1.2 TPM on a HP nc6320 laptop. However, when using the exact
same code with a tpm emulator, running on a vmware linux image on an
iMac, it fails with a null pointer.
The error is normally about line 3252 in
TcTspInternal.TspCertifyKey_Internal:
...
TcBlobData[] blob1Hout = { // 1H
blobUINT32(resultCode), // 1S
blobUINT32(ordinal), // 2S
certifyInfoBlob, // 3S
blobUINT32(outData.getLengthAsLong()), // 4S
outData }; // 5S
...
Having debugged the code for a while and comparing with the working
version, I've found the problem to be that the outData object is null.
This seems to be because of the following lines:
TcTpmCmdCrypto.TpmCertifyKey(TcIStreamDest, long, long, TcTpmNonce,
TcTcsAuth, TcTcsAuth) line: 422
...
long outDataSize = outBlob.decodeUINT32();
TcBlobData outData = outBlob.decodeBytes(outDataSize);
...
In the above method the return from decodeUINT32() is an extremely large
number, and so decodeBytes fails. This isn't a problem with the laptop,
where the return is always 256. Going deeper, this seems to be a
problem with:
TcBasicTypeDecoder.decodeUINT32() line 111:
...
short[] elements = blob_.getRangeAsShortArray(offset_, len);
...
Which is using the wrong offset. On the laptop, where this works, the
offset is always 134 and the elements returned tend to be [0, 0, 1, 0].
This makes the decoding behave as expected. Using the TPM Emulator on
the Mac, the offset is 149, which returns an array filled with much
larger elements. The rest of the decodeUINT32 method then obviously
calculates the wrong value. Interestingly, the outData blob data
lengths are also slightly different.
If you have any suggestions as to how this problem could be solved, that
would be greatly appreciated. Is this more likely to be a problem with
the TPM emulator?
Many thanks,
John
My code:
----------------------------
// create a key
TcIRsaKey key1 = getContext().createRsaKeyObject(
TcTssConstants.TSS_KEY_TYPE_LEGACY);
key1.setAttribUint32(TcTssConstants.TSS_TSPATTRIB_KEY_INFO,
TcTssConstants.TSS_TSPATTRIB_KEYINFO_ENCSCHEME,
TcTssConstants.TSS_ES_RSAESPKCSV15);
// assign key usage policies
keyUsgPolicy.assignToObject(key1);
keyMigPolicy.assignToObject(key1);
// create a PcrComposite, connecting with all the PCR values.
TcIPcrComposite pcrComp = getContext().createPcrCompositeObject(0);
for (int pcr : pcrs) {
pcrComp.setPcrValue(pcr, getContext().getTpmObject().pcrRead(pcr));
}
key1.createKey(srk, pcrComp);
key1.loadKey(srk);
TcTssValidation validation = key1.certifyKey(aik, null);
---------------------------
|
|
From: Ronald T. <ron...@ia...> - 2008-08-22 07:41:24
|
Hi Stella, Stella Brooks wrote: > All tpm commands (including pcr related ones) can be used under vista > too, but I just kept getting 3 Failures: > "CreateKeyWithPcr" and "SealAndUnsealWithPcrBoundKey" failed because > "PCR information could not be interpreted". > "Quote2" failed because "Data must start with zero". > Could you help me around? All command info are below. A while ago I wrote: >> In addition we are aware of a problem with Atmel TPM 1.2 on some Lenovo >> machines regarding PCR accesses. Actually, we are waiting for delivery >> of a notebook with such a configuration that will allow us to analyse >> this issue.. Finally we were able to analyse this issue: There is no problem with our software stack, but apparently the Atmel TPMs behave a little bit different in terms of error codes. The first 2 errors are actually just one. It shows up wenn trying to use a key which is bound to on or more PCR values. When the PCR values are correct everything is ok and the testcase succeeds. When the values are wrong the testcase expects TPM_E_WRONGPCRVAL to be returned by the TPM. The Atmel TPM returns TPM_E_INVALID_PCR_INFO. The Quote2 testcase also returnes an error when trying to validate the signature returned by the TPM. The same error appears using TrouSerS as TSS. Therefore and because of some detailed investigation we consider this as a bug in Atmel TPMv1.2 chips. The next release of jTSS and jTSS Wrapper will have workarounds so that the test suites complete without failure reports also on Atmel TPMs. Regards, Ronald -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Martin P. <Mar...@ia...> - 2008-08-18 07:57:20
|
Hi... Timo Päkkilä wrote: > We are trying to use jTSS with a Privacy CA at www.privacyca.com. I tried this already, I have some sample code here which implements the AIK create using privacyca.com as command for jTpmTools. However, this code still needs a cleanup. This works since about the first week of August. Hal kindly helped to debug this and adapt the server. Now both jTSS and TrouSerS style AIK requests should get the correct responses from privacyca.com. HTH, Martin |
|
From: Timo P. <tim...@tk...> - 2008-08-15 08:00:57
|
Hi! We are trying to use jTSS with a Privacy CA at www.privacyca.com. We have taken the fakeEKCert (which should work for testing) from the privacy.c example file and been able to get the certificate from that site, extracted the public key, and created the AIK request by calling collateIdentityRequest. We sent the request and get the response in xml-format. We have parsed the response and called activateIdentity when the following stacktrace is printed: iaik.tc.tss.api.exceptions.tcs.TcTpmException: TSS Error: error layer: 0x00 (TPM) error code (without layer): 0x21 error code (full): 0x21 error message: The decryption process did not complete. at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon.handleRetCode(TcTpmCmdCommon.java:73) at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdIdentity.TpmActivateIdentity(TcTpmCmdIdentity.java:176) at iaik.tc.tss.impl.java.tcs.tcsi.TcTcsi.TcsipActivateTpmIdentity(TcTcsi.java:2294) at iaik.tc.tss.impl.java.tsp.tcsbinding.local.TcTcsBindingLocal.TcsipActivateIdentity(TcTcsBindingLocal.java:680) at iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspActivateIdentity_Internal(TcTspInternal.java:3627) at iaik.tc.tss.impl.java.tsp.TcTpm.activateIdentity(TcTpm.java:141) The error message doesn't really tell why the decryption process fails. We believe that we get correct responses from the Privacy CA and have created the asymmetric and symmetric blobs correctly. We also did took a look at the test source files e.g. Client.java, and copied some of our code from there. Any idea where the problem might be? Best regards, Timo Päkkilä Helsinki University of Technology Finland |
|
From: Martin P. <Mar...@ia...> - 2008-08-08 12:04:22
|
Hi... Christoph Eunicke wrote: > is there a way to get the certificates issued by the TPM into some > format that can be read be applications which don't rely on the TSS? So > export a TcTssValidation to something like X.509 or.... ? The TPM does not issue certificates. However, Infineon TPMs provide an on-chip TPM EK X.509 certificate and the AIK cycle also results in an AIK X.509 certificate. Both are exported as byte arrays (wrapped as TcBlobData). If you want to create an X509Certificate Java object from an array of bytes, you can for example use the IAIK-JCE library and pass the byte array as constructor argument of the X509Certificate class. > And is there a "nicer" way to convert the public part of a TcIRsaKey > into a "Java" Public-Key than this: jTSS currently closely follows the C TSS, Java specific helper methods are lacking. Some stack internal helper methods are available in e.g. TcCrypto: RSAPublicKey pubTpmKeyToJava(TcTpmPubkey pubKey) Please see the jTSS unit tests and the jTpmTools sources for examples. HTH, Martin -- ------------------------------------------------------------------------ Dipl.-Ing. Martin Pirker <Mar...@ia...> Institute for Applied Information Processing and Communications, Graz University of Technology, Austria. http://www.iaik.tugraz.at/ ------------------------------------------------------------------------ |
|
From: Christoph E. <jt...@eu...> - 2008-08-08 08:44:29
|
Hy,
is there a way to get the certificates issued by the TPM into some
format that can be read be applications which don't rely on the TSS? So
export a TcTssValidation to something like X.509 or.... ?
And is there a "nicer" way to convert the public part of a TcIRsaKey
into a "Java" Public-Key than this:
TcBlobData b = key.getAttribData(
TcTssConstants.TSS_TSPATTRIB_RSAKEY_INFO,
TcTssConstants.TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT);
BigInteger EXPONENT = new BigInteger(b.asByteArray());
b = key.getAttribData(
TcTssConstants.TSS_TSPATTRIB_RSAKEY_INFO,
TcTssConstants.TSS_TSPATTRIB_KEYINFO_RSA_MODULUS);
BigInteger MODULUS = new BigInteger(b.asByteArray());
RSAPublicKeySpec pubSpec = new RSAPublicKeySpec(MODULUS,EXPONENT);
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey pub = keyFactory.generatePublic(pubSpec);
|
|
From: Martin P. <Mar...@ia...> - 2008-08-07 07:21:11
|
Hi... Massimiliano Masi wrote: > I'm interested on using the xkms library on java5. > The library that I downloaded needs java6. > How can I proceed? XKMS 0.2 only works with Java 5 due to a library initialization issue. XKMS 0.2a = 0.2 + patch for Java 6 (previously posted in this list) Unfortunately, 0.2a was compiled with a Java 6 class target. This is a lapse on my side. You can use 0.2 on Java 5, they are otherwise identical. Currently there's no version working on both, Java 5 and 6. In a spare minute I'll have to spin it once more.... sorry for this inconvenience, Martin |
|
From: Massimiliano M. <ma...@fi...> - 2008-08-06 19:09:03
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I'm interested on using the xkms library on java5. The library that I downloaded needs java6. How can I proceed? Thank you and sorry if it dummy question ... :-) max@massimac ~/Downloads/xkms-0.2a/examples $ ./client-iaik.sh Exception in thread "main" java.lang.UnsupportedClassVersionError: Bad version number in .class file max@massimac ~/Downloads/xkms-0.2a/examples $ java -version java version "1.5.0_13" Ciao, Massimiliano -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) iEYEARECAAYFAkiZ9soACgkQaCwPO3A6yMZQkgCeOOewDUECE6o0BCAqebk1SRSp YREAmwfhZ5VT2uZrsZjhkeGQuAqlEqit =ruZs -----END PGP SIGNATURE----- |
|
From: Stella B. <ste...@ya...> - 2008-07-31 07:50:40
|
Hi, Ronald, Thank you for your reminder, I've configured the ps ini files and take ownership with jtss tools, errors are gone now. All tpm commands (including pcr related ones) can be used under vista too, but I just kept getting 3 Failures: "CreateKeyWithPcr" and "SealAndUnsealWithPcrBoundKey" failed because "PCR information could not be interpreted". "Quote2" failed because "Data must start with zero". Could you help me around? All command info are below. Thank you, Stella 08:35:25:550 [DEBUG] TestMain::allTests (40): testsuite starting up .08:35:26:813 [INFO] TcTddlVista::<clinit> (32): Windows Vista detected. Using TBS based TPM access. 08:35:26:846 [INFO] TcTddlVista::<clinit> (37): Native Vista DLL loaded from jar file. .....08:35:31:353 [INFO] TestTpm::testGetEndorsementKeyNoOwner (90): Reading public EK without owner authorization is disabled. .08:35:31:458 [INFO] TestTpm::testGetEndorsementKeyNoOwnerSelfValidate (130): Reading public EK without owner authorization is disabled. ....08:35:32:328 [INFO] TcTcsEventMgrMem::<init> (43): Using "in memory" event log. ...08:35:36:224 [DEBUG] TestKeys::testCreateKeyWithPcr (151): HERE F......F.08:37:35:704 [INFO] TestEkCerts::testGetCredentials (40): Unable to obtain EK certificate for this TPM. .08:37:49:107 [INFO] TestIdentityCreation::testCreateIdentity (230): AIK credential successfully received and activated at the client ....F.08:39:41:527 [INFO] TestPersistentStorage::testGetKeyByPublicInfoFromSystemPersistentStorage (85): key2 registered in persistent user storage with UUID: d8b63ed9-4dc2-42ff-adcb-86347cf714f9 08:39:41:582 [INFO] TestPersistentStorage::testGetKeyByPublicInfoFromSystemPersistentStorage (90): key registered in persistent system storage with UUID: c5436f5a-6c82-4744-a82d-02eede7feb36 .08:41:17:102 [INFO] TestPersistentStorage::testKeyHierarchyInitializationAndKeyLoading (234): key1 registered in persistent system storage with UUID: 7ba4a81b-f656-4ea6-b435-51b746b7b621 08:41:17:105 [INFO] TestPersistentStorage::testKeyHierarchyInitializationAndKeyLoading (238): key2 registered in persistent system storage with UUID: 00000000-0000-0000-0000-000000000002 08:41:17:107 [INFO] TestPersistentStorage::testKeyHierarchyInitializationAndKeyLoading (242): user key1 registered in persistent user storage with UUID: 00000000-0000-0000-0000-000000000004 08:41:17:109 [INFO] TestPersistentStorage::testKeyHierarchyInitializationAndKeyLoading (246): user key2 registered in persistent user storage with UUID: 9bea2977-ef97-4967-b465-3e77f22109d7 .08:41:49:461 [INFO] TestPersistentStorage::testGetRegisterKeysInSystemPersistentStorageSimpleTest (498): key1 registered in persistent system storage with UUID: c18ecd7f-cb8d-4364-b39e-bdebcf9f6ebb 08:41:49:463 [INFO] TestPersistentStorage::testGetRegisterKeysInSystemPersistentStorageSimpleTest (502): key2 registered in persistent system storage with UUID: 7aa37960-8a21-44b5-a67c-0041fb771ee5 .08:43:08:898 [INFO] TestPersistentStorage::testGetRegisterKeysInUserPersistentStorageSimpleTest (599): key1 registered in persistent user storage with UUID: aac5db20-e2e3-450a-a78d-fb0ff45a9704 08:43:08:899 [INFO] TestPersistentStorage::testGetRegisterKeysInUserPersistentStorageSimpleTest (603): key2 registered in persistent user storage with UUID: c95dfb75-676f-4cd2-8e29-06b422044867 .08:43:09:066 [INFO] TestPersistentStorage::testOwnerGetSRKPubKeyAndStore (662): SRK registered in persistent system storage with UUID: 82c4d170-ff8e-4232-8a93-7511bb3a33d5 .08:43:31:996 [INFO] TestPersistentStorage::testRegisterKeyInSystemPersistentStorage (708): key registered in persistent system storage with UUID: 1e368546-1ab6-49df-93c1-f9bf60bf3f94 .08:43:45:907 [INFO] TestPersistentStorage::testRegisterKeyInUserPersistentStorage (763): key registered in persistent user storage with UUID: 96d76d22-1443-4437-a0a7-2677a868b545 .08:43:54:695 [INFO] TestPersistentStorage::testSimpleKeyHierarchyTest (842): key1 registered in persistent system storage with UUID: b0ede414-f7f5-42eb-be6c-6d490129228a 08:44:07:879 [INFO] TestPersistentStorage::testSimpleKeyHierarchyTest (853): key2 registered in persistent system storage with UUID: c0bb7b77-134b-4679-8cdd-ae2a9399ef25 .. Time: 547.8 There were 3 failures: 1) testCreateKeyWithPcr(iaik.tc.tss.test.tsp.java.keys.TestKeys)junit.framework.AssertionFailedError: testCreateKeyWithPcr failed at iaik.tc.tss.test.tsp.java.keys.TestKeys.testCreateKeyWithPcr(TestKeys..java:159) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) 2) testQuote2(iaik..tc.tss.test.tsp.java.tpm.TestQuote)junit.framework.AssertionFailedError: testQuote2 at iaik.tc.tss.test.tsp.java.tpm.TestQuote.testQuote2(TestQuote.java:119) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) 3) testSealAndUnsealWithPcrBoundKey(iaik.tc.tss.test.tsp.java.data.TestEncData)junit.framework.AssertionFailedError: sealing and unsealing failed at iaik.tc.tss..test.tsp.java.data.TestEncData.testSealAndUnsealWithPcrBoundKey(TestEncData.java:211) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) FAILURES!!! Tests run: 35, Failures: 3, Errors: 0 D:\TC\jTSS_0.3>tests\run_tests.cmd >> test.txt iaik.tc.tss.api.exceptions.tcs.TcTpmException: TSS Error: error layer: 0x00 (TPM) error code (without layer): 0x10 error code (full): 0x10 error message: PCR information could not be interpreted at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon.handleRetCode(TcTpmCmdCo mmon.java:73) at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdStorage.TpmCreateWrapKey(TcTpmC mdStorage.java:316) at iaik.tc.tss.impl.java.tcs.tcsi.TcTcsi.TcsipCreateWrapKey(TcTcsi.java: 663) at iaik.tc.tss.impl.java.tsp.tcsbinding.local.TcTcsBindingLocal.TcsipCre ateWrapKey(TcTcsBindingLocal.java:450) at iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspCreateWrapKey_Int ernal(TcTspInternal.java:1842) at iaik.tc.tss.impl.java.tsp.TcRsaKey.createKey(TcRsaKey.java:390) at iaik.tc.tss.test.tsp.java.keys.TestKeys.testCreateKeyWithPcr(TestKeys .java:142) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at junit.framework.TestCase.runTest(TestCase.java:168) at junit.framework.TestCase.runBare(TestCase.java:134) at junit.framework.TestResult$1.protect(TestResult.java:110) at junit.framework.TestResult.runProtected(TestResult.java:128) at junit.framework.TestResult.run(TestResult.java:113) at junit.framework.TestCase.run(TestCase.java:124) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.textui.TestRunner.doRun(TestRunner.java:116) at junit.textui.TestRunner.doRun(TestRunner.java:109) at junit.textui.TestRunner.run(TestRunner.java:77) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) iaik.tc.tss.api.exceptions.tsp.TcTspException: TSS Error: error layer: 0x3000 (TSP) error code (without layer): 0x04 error code (full): 0x3004 error message: An internal SW error has been detected. additional info: TSS Error: error layer: 0x3000 (TSP) error code (without layer): 0x04 error code (full): 0x3004 error message: unknown additional info: GeneralSecurityException: Data must start with zero at iaik.tc.tss.impl.java.tsp.TcHash.verifySignature(TcHash.java:369) at iaik.tc.tss.impl.java.tsp.TcTpm.quote2(TcTpm.java:1364) at iaik.tc.tss.test.tsp.java.tpm.TestQuote.testQuote2(TestQuote.java:91) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at junit.framework.TestCase.runTest(TestCase.java:168) at junit.framework.TestCase.runBare(TestCase.java:134) at junit.framework.TestResult$1.protect(TestResult.java:110) at junit.framework.TestResult.runProtected(TestResult.java:128) at junit.framework.TestResult.run(TestResult.java:113) at junit.framework.TestCase.run(TestCase.java:124) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.textui.TestRunner.doRun(TestRunner.java:116) at junit.textui.TestRunner.doRun(TestRunner.java:109) at junit.textui.TestRunner.run(TestRunner.java:77) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) iaik.tc.tss.api.exceptions.tcs.TcTpmException: TSS Error: error layer: 0x00 (TPM) error code (without layer): 0x10 error code (full): 0x10 error message: PCR information could not be interpreted at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdCommon..handleRetCode(TcTpmCmdCo mmon.java:73) at iaik.tc.tss.impl.java.tcs.pbg.TcTpmCmdStorage.TpmUnseal(TcTpmCmdStora ge.java:167) at iaik.tc.tss.impl.java.tcs.tcsi.TcTcsi.TcsipUnseal(TcTcsi.java:1478) at iaik.tc.tss.impl.java.tsp.tcsbinding.local.TcTcsBindingLocal.TcsipUns eal(TcTcsBindingLocal.java:435) at iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspUnseal_Internal(T cTspInternal.java:1699) at iaik.tc.tss.impl.java.tsp.TcEncData.unseal(TcEncData.java:263) at iaik.tc.tss.test.tsp.java.data.TestEncData.testSealAndUnsealWithPcrBo undKey(TestEncData.java:190) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at junit.framework.TestCase.runTest(TestCase.java:168) at junit.framework.TestCase.runBare(TestCase.java:134) at junit.framework.TestResult$1.protect(TestResult.java:110) at junit.framework.TestResult.runProtected(TestResult.java:128) at junit.framework.TestResult.run(TestResult.java:113) at junit.framework.TestCase.run(TestCase.java:124) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.framework.TestSuite.runTest(TestSuite.java:232) at junit.framework.TestSuite.run(TestSuite.java:227) at junit.textui.TestRunner.doRun(TestRunner.java:116) at junit.textui.TestRunner.doRun(TestRunner.java:109) at junit.textui.TestRunner.run(TestRunner.java:77) at iaik.tc.tss.test.tsp.java.TestMain.allTests(TestMain.java:66) at iaik.tc.tss.test.tsp.java.TestMain.run(TestMain.java:30) ----- Original Message ---- From: Ronald Tögl <ron...@ia...> To: Stella Brooks <ste...@ya...>; tru...@li... Sent: Tuesday, July 29, 2008 10:31:31 PM Subject: Re: [Trustedjava-support] PS and other problems in testsuits Hi Stella, You need to configure the PS in the jTSS .ini files. You also need to unlock the commands with PCR access (quote, pcr_read and pcr_extend) in the Vista system policy. Please refer to the jTSS documentation for details. Also try to set you SRK password to TSS_WELL_KNOWN_SECRET (=20 bytes of 0). Windows should do so upon taking ownership. In addition we are aware of a problem with Atmel TPM 1.2 on some Lenovo machines regarding PCR accesses. Actually, we are waiting for delivery of a notebook with such a configuration that will allow us to analyse this issue.. Regards, Ronald Stella Brooks wrote: > hi, I use atmel TPM 1.2, enabled, activated, and take ownship with > vista. SRK pwd is null. > > when I tried the demo with command prompt as Admin, but both sys and > user's PS won't work (3 ERRORS), and I got 9 other failures, seems > createkeywithpcr and many other functions can't work either: > > I also tried to clearownership and use the testsuit, still got this > problem. Could you help me out here? The log is below. > > Thank you. -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Ronald T. <ron...@ia...> - 2008-07-30 14:18:55
|
Hi Timo, Currently we have no plans for DAA support. However, some low-level commands were auto-generated and thus show in the doc. Kind regards, Ronald Timo Päkkilä wrote: > Hi, > > I can see that it is said in the jTSS documentation that DAA is not > implemented in version 0.3. However, there are some DAA-related classes > in Javadocs and source file folders. > > I would like to know is some part of DAA implemented already and/or is > it going to be fully implemented in the next release of jTSS. > > > Best regards, > > Timo Päkkilä > Helsinki University of Technology > Finland -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Trusted Computing Labs fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Timo P. <tim...@tk...> - 2008-07-30 13:39:27
|
Hi, I can see that it is said in the jTSS documentation that DAA is not implemented in version 0.3. However, there are some DAA-related classes in Javadocs and source file folders. I would like to know is some part of DAA implemented already and/or is it going to be fully implemented in the next release of jTSS. Best regards, Timo Päkkilä Helsinki University of Technology Finland |
87 messages has been excluded from this view by a project administrator.
