'Re: [TrouSerS-users] Sample Quote verification code'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       trousers-users
Subject:    Re: [TrouSerS-users] Sample Quote verification code
From:       Hal Finney <hal.finney () gmail ! com>
Date:       2009-12-21 1:07:09
Message-ID: da7b3ce30912201707l56a9ab9cy11a299e073df571 () mail ! gmail ! com
[Download RAW message or body]

I've made some minor tweaks to the code samples available at
http://privacyca.com/code.html so they will work better together.

The identity.c program now outputs the AIK blob as a file rather than
storing it in the TSS database. This is a more general approach and
allows it to work with the other programs there. It also takes an
optional "-p password" so the AIK can either be created with a
password or be no-auth.

To use the aikquote and aikqverify programs (which create quotes and
verify them) you need to extract the AIK public key in OpenSSL format.
This can be done with the following command, using the AIK cert file
output by the identity.c program:

openssl x509 -in certfile -noout -pubkey > rsakeyfile

So here is a sample command sequence to:

 # generate an AIK (attestation identity key) and receive a AIK
certificate on it from privacyca.com:

./identity "test key 1" aik1.blob aik1.cert

# extract the AIK public key from the AIK certificate:

openssl x509 -in aik1.cert -noout -pubkey > aik1.rsa

# Generate a Quote on PCRs 1,2,3:

./aikquote aik1.blob 1 2 3 aik1.quote

# Verify the Quote output:

./aikqverify aik1.rsa aik1.quote


Hal Finney

------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev 
_______________________________________________
TrouSerS-users mailing list
TrouSerS-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/trousers-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic