Menu
▾
▴
trustedjava-support
|
From: Mudassar A. <mud...@ho...> - 2011-03-23 10:28:30
|
Hi
I tried to initialize it as well but did not work.
TcTssValidation val = new TcTssValidation();
val.setData(TcBlobData.newString("ddd"));
TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
Regards.
Mudassar.
|
|
From: Mudassar A. <mud...@ho...> - 2011-03-23 15:56:58
|
Hi
Well, I tried to step in and find out that just before generating NULL POINTER exception, following exception occured:
java.lang.ClassCastException: iaik.tc.tss.api.structs.tpm.TcTpmCertifyInfo2 cannot be cast to iaik.tc.tss.api.structs.tpm.TcTpmCertifyInfo
Give me some reason to think that my key attributes are causing TcTpmCertifyInfo2 structure to be returned (see TSS note below). If I specify OTHER key attributes so that TcTpmCertifyInfo structure is returned then I might not get exception. Currently I am using following key attributes:
public static final long BIND_KEY_ATTRIBUTES = TcTssConstants.TSS_KEY_TYPE_BIND
| TcTssConstants.TSS_KEY_SIZE_2048
| TcTssConstants.TSS_KEY_VOLATILE
| TcTssConstants.TSS_KEY_NOT_MIGRATABLE;
Any suggestion on the possible key attributes combination?
***********************************************
TCG SOFTWARE STACK (TSS) SPECIFICATION : PAGE 320
***********************************************
pValidationData
Pointer addresses a TSS_VALIDATION structure. After successful
completion of the call the member rgbValidationData of this structure
contains the signature data of the command. The member prgbData of the
structure points to a buffer containing a TCPA_CERTIFY_INFO2 data
stream as specified within the TCG TPM 1.2 Main Specification or a
TCPA_CERTIFY_INFO data stream as specified within the TCG 1.1b Main
Specification.
TCPA_CERTIFY_INFO2: On TPM v1.2 with usage of CMK keys and keys
with locality restrictions (TPM_KEY12 key complex).
TCPA_CERTIFY_INFO: Is returned if the TSS is connected to a TPM v1.1 or
the key which is used on a TPM v1.2 is a legacy one (PCR’s without locality
-> TPM_KEY key complex).
Regards.
Mudassar Aslam |
|
From: Ronald T. <ron...@ia...> - 2011-03-24 09:46:28
|
Hi, I noted you're using Infineon FW 3.16. They have an issue with key certification: IFX TPM's prior to revision 3.17 calculate the signature over the entire TPM_STORE_PUBKEY structure instead of just the modulus, therefore it can't be validated. You could try an firmware update (available for some HP desktops (Windows), dc7900 afair). TcRsaKey.certifyKey() should accommodate for the different structs. TpmCertifyKey2 seems only to be called if TPM_MIGRATEAUTHORITY is set as key flag... Overall, it seem to be a tricky problem. ;) I'd suggest careful debugging across all the stack layers. There might be a small corner case hidden somewhere that we did not think of. Ronald On 03/23/2011 04:56 PM, Mudassar Aslam wrote: > Hi > Well, I tried to step in and find out that just before generating NULL > POINTER exception, following exception occured: > java.lang.ClassCastException: > iaik.tc.tss.api.structs.tpm.TcTpmCertifyInfo2 cannot be cast to > iaik.tc.tss.api.structs.tpm.TcTpmCertifyInfo > Give me some reason to think that my key attributes are causing > TcTpmCertifyInfo2 structure to be returned (see TSS note below). If I > specify OTHER key attributes so that TcTpmCertifyInfo structure is > returned then I might not get exception. Currently I am using > following key attributes: > public static final long BIND_KEY_ATTRIBUTES = > TcTssConstants.TSS_KEY_TYPE_BIND > | > TcTssConstants.TSS_KEY_SIZE_2048 > | > TcTssConstants.TSS_KEY_VOLATILE > | > TcTssConstants.TSS_KEY_NOT_MIGRATABLE; > Any suggestion on the possible key attributes combination? > *********************************************** > TCG SOFTWARE STACK (TSS) SPECIFICATION : PAGE 320 > *********************************************** > pValidationData > Pointer addresses a TSS_VALIDATION structure. After successful > completion of the call the member rgbValidationData of this structure > contains the signature data of the command. The member prgbData of the > structure points to a buffer containing a TCPA_CERTIFY_INFO2 data > stream as specified within the TCG TPM 1.2 Main Specification or a > TCPA_CERTIFY_INFO data stream as specified within the TCG 1.1b Main > Specification. > TCPA_CERTIFY_INFO2: On TPM v1.2 with usage of CMK keys and keys > with locality restrictions (TPM_KEY12 key complex). > TCPA_CERTIFY_INFO: Is returned if the TSS is connected to a TPM v1.1 or > the key which is used on a TPM v1.2 is a legacy one (PCR’s without > locality > -> TPM_KEY key complex). > Regards. > > Mudassar Aslam -- Dipl.-Ing. Ronald Tögl phone +43 316/873-5502 Secure and Correct Systems fax +43 316/873-5520 IAIK ron...@ia... Graz University of Technology http://www.iaik.tugraz.at |
|
From: Ronald T. <ron...@ia...> - 2011-03-23 10:32:45
|
Hi!
Try to place the nonce in the External Data.
hth,
Ronald
On 03/23/2011 11:28 AM, Mudassar Aslam wrote:
> Hi
>
> I tried to initialize it as well but did not work.
>
> TcTssValidation val = new TcTssValidation();
> val.setData(TcBlobData.newString("ddd"));
> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>
> Regards.
>
> Mudassar.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: Mudassar A. <mud...@ho...> - 2011-03-23 11:23:36
|
Tried this as well with no success:
TcTssValidation val = new TcTssValidation();
TcTpmNonce N = TcCrypto.createTcgNonce();
val.setData(N.getNonce());
TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
Regards.
Mudassar.
P.S whom should I send these emails for better archive-ability? To
tru...@li... or Person responding (e.g Ronald)?
-----Original Message-----
From: Ronald Tögl
Sent: Wednesday, March 23, 2011 11:32 AM
To: tru...@li...
Cc: Mudassar Aslam
Subject: Re: [Trustedjava-support] NullPointerException in
TcIRsaKey.certifiyKey()
Hi!
Try to place the nonce in the External Data.
hth,
Ronald
On 03/23/2011 11:28 AM, Mudassar Aslam wrote:
> Hi
>
> I tried to initialize it as well but did not work.
>
> TcTssValidation val = new TcTssValidation();
> val.setData(TcBlobData.newString("ddd"));
> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>
> Regards.
>
> Mudassar.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: Ronald T. <ron...@ia...> - 2011-03-23 11:52:49
|
Hi,
Please respond to the mailing list, unless there is something you would
not like to share with the other readers.
Regarding your issue, use setExternalData(TcBlobData externalData) not
setData() to set the external Data.
Ronald
On 03/23/2011 12:23 PM, Mudassar Aslam wrote:
> Tried this as well with no success:
>
> TcTssValidation val = new TcTssValidation();
> TcTpmNonce N = TcCrypto.createTcgNonce();
> val.setData(N.getNonce());
> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>
> Regards.
>
> Mudassar.
>
> P.S whom should I send these emails for better archive-ability? To
> tru...@li... or Person responding (e.g
> Ronald)?
>
> -----Original Message----- From: Ronald Tögl
> Sent: Wednesday, March 23, 2011 11:32 AM
> To: tru...@li...
> Cc: Mudassar Aslam
> Subject: Re: [Trustedjava-support] NullPointerException in
> TcIRsaKey.certifiyKey()
>
> Hi!
>
> Try to place the nonce in the External Data.
>
> hth,
> Ronald
>
>
>
> On 03/23/2011 11:28 AM, Mudassar Aslam wrote:
>> Hi
>>
>> I tried to initialize it as well but did not work.
>>
>> TcTssValidation val = new TcTssValidation();
>> val.setData(TcBlobData.newString("ddd"));
>> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>>
>> Regards.
>>
>> Mudassar.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: Mudassar A. <mud...@ho...> - 2011-03-23 13:46:03
|
Hi,
Thanks for your help and I appreciate your prompt support. Now with nonce in
External Data, It worked for my Lenovo X200 laptop which has TPM version
1.2.4.1. But when I run the same code on actual target platform which has
Infinion TPM 1.2.3.16, I get following exception:
Exception in thread "main" java.lang.NullPointerException
at
iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspCertifyKey_Internal(TcTspInternal.java:3247)
at iaik.tc.tss.impl.java.tsp.TcRsaKey.certifyKey(TcRsaKey.java:294)
at tests.TestCertifyKey.main(TestCertifyKey.java:130)
Regards.
Mudassar
-----Original Message-----
From: Ronald Tögl
Sent: Wednesday, March 23, 2011 11:32 AM
To: tru...@li...
Cc: Mudassar Aslam
Subject: Re: [Trustedjava-support] NullPointerException in
TcIRsaKey.certifiyKey()
Hi!
Try to place the nonce in the External Data.
hth,
Ronald
On 03/23/2011 11:28 AM, Mudassar Aslam wrote:
> Hi
>
> I tried to initialize it as well but did not work.
>
> TcTssValidation val = new TcTssValidation();
> val.setData(TcBlobData.newString("ddd"));
> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>
> Regards.
>
> Mudassar.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
|
From: Ronald T. <ron...@ia...> - 2011-03-23 15:35:34
|
Hi,
Hmmm, the line that throws the Exception
is as simple as
long resultCode = ((Long) outDataTpm[0]).longValue();
and there should always be some return value..
Also, the HW TPMs should be fine. Perhaps there are different software
setups on the two machines?
Please try LocalTCSBindings and do some more detailed debugging /
perhaps stepping through the code to narrow the problem down.
Ronald
On 03/23/2011 02:45 PM, Mudassar Aslam wrote:
> Hi,
>
> Thanks for your help and I appreciate your prompt support. Now with
> nonce in External Data, It worked for my Lenovo X200 laptop which has
> TPM version 1.2.4.1. But when I run the same code on actual target
> platform which has Infinion TPM 1.2.3.16, I get following exception:
>
> Exception in thread "main" java.lang.NullPointerException
> at
> iaik.tc.tss.impl.java.tsp.internal.TcTspInternal.TspCertifyKey_Internal(TcTspInternal.java:3247)
> at
> iaik.tc.tss.impl.java.tsp.TcRsaKey.certifyKey(TcRsaKey.java:294)
> at tests.TestCertifyKey.main(TestCertifyKey.java:130)
>
> Regards.
>
> Mudassar
>
>
> -----Original Message----- From: Ronald Tögl
> Sent: Wednesday, March 23, 2011 11:32 AM
> To: tru...@li...
> Cc: Mudassar Aslam
> Subject: Re: [Trustedjava-support] NullPointerException in
> TcIRsaKey.certifiyKey()
>
> Hi!
>
> Try to place the nonce in the External Data.
>
> hth,
> Ronald
>
>
>
> On 03/23/2011 11:28 AM, Mudassar Aslam wrote:
>> Hi
>>
>> I tried to initialize it as well but did not work.
>>
>> TcTssValidation val = new TcTssValidation();
>> val.setData(TcBlobData.newString("ddd"));
>> TcTssValidation validationResult = bindKey.certifyKey(aikKey, val);
>>
>> Regards.
>>
>> Mudassar.
--
Dipl.-Ing. Ronald Tögl phone +43 316/873-5502
Secure and Correct Systems fax +43 316/873-5520
IAIK ron...@ia...
Graz University of Technology http://www.iaik.tugraz.at
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X