XMLCipher and PKCS#5Padding

Similar Messages

• X.509 and PKCS#11 provider

  Sorry if I'm asking the stupid question, but there is something in JCE PKCS#11 provider architecture that I'm missing.
  Let's say I have some hardware crypto module (e.g. SUN SCA-6000) and want to be sure that all crypto work is done in it. So I would configure PKCS#11 provider as the 1st (highest priority) entry in java.security file (and configure PKCS#11 to use my hardware crypto module).
  Now, let's say I need to work with some X.509 certificate. When I check the supported algorithms of PKCS#11 and SUN providers, it looks like CertificateFactory.X509 algorithm is supported only by SUN provider, and not by PKCS#11 provider.
  http://java.sun.com/javase/6/docs/technotes/guides/security/p11guide.html#ALG
  http://java.sun.com/javase/6/docs/technotes/guides/security/SunProviders.html#SUNProvider
  So I wonder what does this essentially mean? Does it mean that even though I configured my HCM PKCS#11 provider, some crypto work is still done in other software modules (e.g. SUN provider)? Or may be SUN provider just "decomposes" these "high-level" algorithms to more "primitive" ones (e.g. Signature.SHA1withRSA) and essentially "proxies" all work to whatever provider supports these "primitive" algorithms - i.e. essentially to my HCM PKCS#11 provider?
  Regards,
  Alex

  This is not a stupid question. Any question involving cryptography isn't stupid IMO, and one that includes hardware security modules (HSM) is even less stupid. :-)
  That said, sabre150 has provided some information, and I'll try to add a little more from my experience.
  HSM's are used primarily to perform "raw" cryptographic operations in highly constrained environments for security reasons - the goal is to ensure that symmetric keys (DES, 3DES, AES) or the private-keys of asymmetric key-pairs (RSA, DSA, EC) do not come out of the HSM into the main memory of the computer. This ensure that attackers cannot snoop the secrets from main memory.
  So, the CertificateFactory in JCE is primarily used to do cryptographic operations with the digital certificate; however any operation involving just the digital certificate - and not its corresponding private-key - involves just the public-key in the certificate, the certificate attributes or certificate extensions. Since ALL information in a digital certificate is public information, there is no reason to waste HSM resources to perform X509 operations inside the security module. Not only is there nothing to protect in those operations, but as sabre150 pointed out, some old HSM's may not be able to handle them very well.
  However, some HSM's are not just for security, but they also perform crypto-acceleration. This means that they can speed up raw cryptographic processing, and there is a benefit from having them perform even the public-key operations inside the HSM. However, the PKCS11 libraries will typically send in only the "raw" crypto operation into the HSM, leaving all the certificate-parsing work outside.
  One final point: in order to make sure that you are definitely performing all secret operations inside an HSM, make sure you explicitly name the specific HSM provider for your crypto operations, otherwise the JVM may silently use a software module to perform the operation (if possible) and expose your secret in main memory.
  Hope that helps.

• Java Card and PKCS#11 or MS CSP

  Does anybody have any idea how Java Card could be integrated in an standard e-mail signing application, i.e. with Outlook, S/Mime, MS CSP and PC/SC or Netscape with PKCS#11 and PC/SC?
  My understanding is that with standard ISO Cards the connection e-mail client and smart card looks like this:
  | e-mail client | <-> | PKCS#11/MS CSP | <-> | ICC Service Providers | <-> | ICC Resource Manager | <-> | Interface Device Handler | <-> | Interface Device (SC reader) | <-> | Smart Card |
  How does this scenario look like with java cards?

  Hello,
  Thank you for the replay. I'm sorry for the delay, but I wasn't in my office a long time.
  Do you have any further informations about that scenario? It would help me a lot.
  I wand to know for example, how exactly the interface between MS CPS and the JAVA card app (the javacardx.crypto(Enc) packages) is implemented. Thank's in advance
  kay.

• Java.security.Signature and PKCS #7

  I've got a raw signature returned from the sign() method in the java.security.Signature class. It looks like it is simply the encrypted hash of the data with no padding or encoding. Can anyone confirm this?
  Additionally, I need to be able to package this raw signature in a PKCS #7 signed data structure. I know that it needs to be ASN1 encoded and then packaged in an ASN1 structure. I just am not completely sure how to go about doing this.
  I was wondering if anyone could help point me in the right direction. Thanks!

  I found that the java.security.Signature class that I need is on JSR 219.
  This JSR doesn't come with the CDCL toolkit for Netbeans, but in the CDC toolkit. Is it because the JSR 219 is only intended for CDC and not CDCL?
  And the question of the post above is still open:
  Is there any way to sign documents easily in Java Mobile? Not having to implement it from scratch, I mean.

• RFC 1867 and PKCS#7 signature

  Does anyone know if it should be possible in PI to generate a RFC (Request For Comments) 1867 document (http://www.faqs.org/rfcs/rfc1867.html)? I've been searching on SDN and Google, but haven't been able to find anything about RFC 1867 in combination with PI.
  Next to this I'm also trying to find out if PI can generate PKCS#7 based digital signatures? Reason for this is the RFC 1867 message should include such a sginature.
  Regards,
  Mac

  Hi,
  Could you be more clear about where do you need this ?What should be your sender / receiver?
  As per my understanding of this RFC you want to create (send ) data in the below format
  Content-type: multipart/form-data, boundary=AaB03x --AaB03x content-disposition: form-data; name="field1" Joe Blow --AaB03x content-disposition: form-data; name="pics"; filename="file1.txt" Content-Type: text/plain ... contents of file1.txt ... --AaB03x--
  Well XI can have files in attachments.

• Java JCE and PKCS standards

  I'd like to know if the Sun JDK supports PKCS standards. In particulary, I am interested in PKCS#7 standard.
  1) Is it possible with java to sign a document and store the signature in a pkcs#7 file format.
  For example, I have signed data, the public key, the signature itself, etc.
  2) Is there in java a possibility to generate a PKCS#7 file format given these parameters ?
  Until here, I use bouncy castle but I would prefer to use JDK of course (better portability) .... at least for question 1. But for question 2, does BC still afford to do that point ?
  Thanks

  I don't believe JDK supports any instance of PKCS#7. At least for JDK1.5 and below -- I'm not familiar with 1.6. Actually, it might support the PKCS#7 format for storing certificate chains somewhere. CMS and S/MIME are essentially based on PKCS#7. See RFC3852. One of the formats includes the message, the message signature, and the certificate containing the public key, all bundled together in one message. All these are provided by the bouncycastle mail package.

• Some questions about javacard 2.1.1 and smartcardio

  Hello i have some question about java card 2.1.1 and the smartcardio package.
  1.) I want to sign a message with the Signature.ALG_RSA_SHA_PKCS1 algorithm. I use the following code in the applet to sign the message:
  final static byte P1_CREATION_MODE = (byte) 0x01;
  final static byte INS_SIGN_MODE = (byte) 0x60;
  final static byte SmartCard_CLA = (byte) 0xB0;
  private void signMessage(APDU apdu) {
          byte[] buffer = apdu.getBuffer();
          byte byteRead = (byte) (apdu.setIncomingAndReceive());
          signature.init(privateKey, Signature.MODE_SIGN);
          short length = signature.sign(buffer, ISO7816.OFFSET_CDATA, byteRead, buffer, (short) 0);
          apdu.setOutgoingLength((short) length);
          apdu.sendBytesLong(buffer, (short) ISO7816.OFFSET_CDATA, (short) length);
          apdu.setOutgoing();
      }On the host side I use the following code to connect to the card and to send the sign apdu:
  if (TerminalFactory.getDefault().terminals().list().size() == 0) {
              LOGGER.log(Level.SEVERE, "No reader present");
              throw new NoSuchCardReader();
          /* Select the first terminal*/
          CardTerminal terminal = TerminalFactory.getDefault().terminals().list().get(0);
          /* Is a card present? */
          if (!terminal.isCardPresent()) {
              LOGGER.log(Level.SEVERE, "No Card present!");
              throw new NoSuchCard();
          /* Set the card protocol */
       Card card = terminal.connect("*");
          ATR atr = card.getATR();
          LOGGER.fine(getHexString(atr.getBytes()));
          LOGGER.fine(getHexString(atr.getHistoricalBytes()));
          CardChannel channel = card.getBasicChannel();
          CommandAPDU cmd = new CommandAPDU((byte) 0xb0, (byte) 0x60, (byte) 0x01, (byte) 0x00, new String("datadatdatadata").getBytes(), (byte) 0x40);
       ResponseAPDU response = channel.transmit(cmd);
          card.disconnect(false);But this does not work and i got the following error
  javax.smartcardio.CardException: sun.security.smartcardio.PCSCException: Unknown error 0x8010002f
          at sun.security.smartcardio.ChannelImpl.doTransmit(ChannelImpl.java:202)
          at sun.security.smartcardio.ChannelImpl.transmit(ChannelImpl.java:73)
          at de.upb.client.smartmeter.SmartMeter.initSmartCardApplet(SmartMeter.java:114)
          at de.upb.client.smartmeter.SmartMeterApplikation.main(SmartMeterApplikation.java:39)
  Caused by: sun.security.smartcardio.PCSCException: Unknown error 0x8010002f
          at sun.security.smartcardio.PCSC.SCardTransmit(Native Method)
          at sun.security.smartcardio.ChannelImpl.doTransmit(ChannelImpl.java:171)
          ... 3 more2.) 3Des encryption
  I want to use the 3Des algorithm to encrypt my data. I use
  keyDES = (DESKey) KeyBuilder.buildKey(KeyBuilder.TYPE_DES,
                      KeyBuilder.LENGTH_DES3_2KEY, false);
  cipherDES = Cipher.getInstance(Cipher.ALG_DES_CBC_ISO9797_M2, false);But i do not know what is the aquivalent on the host side??
  3.) Another problem is that i am not able to send the modulus of a public key from the host applikation to the smard card
  new CommandAPDU((byte) 0xb0, (byte) 0x20, (byte) 0x01, (byte) 0x00, modulus.toByteArray()); // create the apdu
  // the method in the applet
  private void setServerKeyMod(APDU apdu) {
          byte[] buffer = apdu.getBuffer();
          try {
              byte byteRead = (byte) (apdu.setIncomingAndReceive());
              short off = ISO7816.OFFSET_CDATA;
              // strip of any integer padding
              if (buffer[off] == 0) {
                  off++;
                  byteRead--;
              publicKeyServer.setModulus(buffer, off, byteRead);
          } catch (APDUException ex) {
              ISOException.throwIt((short) (SW_APDU_EXCEPTION + ex.getReason()));
      }The error code is 6700
  4.) My last problem ist, that i am not able to use a value bigger than 0x7F as the ne field in the apducommand, because i get the following error
  CommandAPDU((byte) 0xb0, (byte) 0x60, (byte) 0x01, (byte) 0x00, data, (byte) 0xff);
  java.lang.IllegalArgumentException: ne must not be negative
          at javax.smartcardio.CommandAPDU.<init>(CommandAPDU.java:371)
          at javax.smartcardio.CommandAPDU.<init>(CommandAPDU.java:252)I thought that it this should be possible in order to use all the bytes of the response apdu.
  If you need more code to help please let me know.
  Cheers
  Edited by: 858145 on 06.07.2011 08:23

  2) What is PKCS? what is the difference between
  PKCS#11 and PKCS#15??PKCS is the abbreviation of "Public-Key Cryptography Standards"
  PKCS #11: Cryptographic Token Interface Standard
  See http://www.rsasecurity.com/rsalabs/node.asp?id=2133
  PKCS #15: Cryptographic Token Information Format Standard
  http://www.rsasecurity.com/rsalabs/node.asp?id=2141
  If you want to use yor smartcard as secure token it doesn't have to be a JavaCard.
  BTW: I don't remember a way to access PKCS#15 tokens on a JavaCard from within an oncard JavaCard program. If you want to use keys in your oncard program, you have to transfer it onto the card or generate it oncard and export the public key by your own oncard/offcard code.
  Jan

• How do I unload Encryption/Security device/PKCS#11 module?

  When installing BankID security application, the old version was supposed to be uninstalled and PKCS"11 module to be unloaded.
  I have found the module but can neither diactivate or unload it
  from the preference tab in Firefox 3.6.15.

  Thank You!!

• About PKCS#11

  Hi,
  I have two questions re. the SDK and PKCS#11 that I hope someone will be able to help me with.
  Firstly is it possible to register PKCS#11 drivers with Acrobat via the SDK and secondly, can I register CA certificates as trusted roots via the SDK?
  Ideally, I am looking for a Windows/Mac solution as my application needs to be cross platform.
  If the SDK isn't an option, can anyone suggest another way of doing this?
  Thanks in Advance,
  mal

  Thanks - I appreciate such a quick reply.
  It seems odd that these are both actions that can be performed from within the reader, but there is no way of automating this. Is this a deliberate design decision or is the Acrobat API not really designed as an automation interface?
  Not complaining, just curious.
  Thanks Again,
  mal

• Firefox Displays "Peer's certificate has an invalid signature." SubCA shows "Could not trust this certificate for unknown reasons"

  Using a 2-tier on-premise PKI. Offline Root CA (Standalone Windows 2008 R2 Enterprise) and online SubCA for issuing certificates (Domain-Joined Issuing CA)
  ROOTCA certificate installed in the store and showing trusted (Uses a SHA2 signature and PKCS #1 SHA-256 With RSA Encryption algorithm)
  ISSUINGCA certificate installed in the store and showing "Could not trust for unknown reasons" also has SHA2 signature with RSASSA-PSS algorithm
  Issued certificate is for a Lync Front-End Web Server and when attempts are made to load the secure web connection. I receive the error "Peer's certificate has an invalid signature"
  I've completely de-installed and re-installed Firefox. Removed and re-added the ROOT and SUBCA certs. Note: No issues when using same certs in Internet Explorer 8, 9 or 10 on the same system. Lync client also using same certificates, no issues. Only when accessing the Lync Web Services from Firefox.
  Question: Does Firefox NSS Internal PCKS#11 Module support RSASSA-PSS SHA-256 with different hashes? How can I troubleshoot this further?

  HI khetheri,
  In order to better test the certificate may we request the certificate without the private keys? I have some backup from the security team if this is possible.
  There is a temporary work around as well but I don't recommend turning on all certificates to make sure it is not a compatibility error(ish)
  It is possible to check if it is being detected as a bad certificate in Firefox itself to eliminate compatibility issues.
  # In the [[Location bar autocomplete|Location bar]], type '''about:config''' and press '''Enter'''. The about:config "''This might void your warranty!''" warning page may appear.
  # Click '''I'll be careful, I promise!''', to continue to the about:config page.
  # Search for '''browser.xul.error_pages.expert_bad_cert ''' and set it to true to try the certificate normally.
  Looking forward to your reply!

• CCKM vs Mobility Groups - Roaming for Voice Clients

  Hi there,
  I am looking at deploying wireless at our site for voice, I have a couple of questions regarding Roaming between APs and best way to acheive fast roaming for latency senstive voice and other applications.
  According to Cisco SRND for Voice over Wireless (
  http://www.cisco.com/en/US/docs/solutions/Enterprise/Mobility/vowlan/41dg/vowlan_ch5.html), it is recommended:
  "Fast roaming algorithms include Cisco Centralized Key Management (CCKM)  and Proactive Key Caching (PKC). CCKM and PKC allow a WLAN client to  roam to a new AP and re-establish a new session key—known as the  Pairwise Transient Key (PTK)—between the client and AP without requiring  a full IEEE 802.1X/EAP reauthentication to a AAA/RADIUS server."
  But let's say I used WPA/PSK for my WLAN and just rely on mobility information in the controller to perform the handover, would this still be best practice.
  I have actually tested both and they work quite well, neither drops a call or experiences any degragation in voice quality. I suppose I am asking for a real world perspective and if I should adhere to the SRND on this one?
  Many thanks

  Hi Tony,
  Great question BTW.
  CCKM/OKC/PKC only comes into play when EAP is used. During the EAP process the PMK is seeded from the MSK. From the PMK, it is seeding the PTK. With no advance romaing in use as a client roams from AP to AP you would have to redo that process all over.
  When you use PSK.. Your MSK is your PMK and there is no need to go back to the radius server for a new PMK. So your client and ap exchange this info.. no need for a radius server ..
  Does this make sense?

• Dbms_crypto encrypt date number datatype

  I am using oracle 11g. I am very new to dbms_crypto. I went through documentation but have following doubts:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?
  How can I encrypt data of datatype date and number using dbms_crypto?
  Thanks a lot for your time to clarify my quries?

  spur230 wrote:
  Is it mandatory to convert varchar2(32) to RAW to use dbms_crypto.encrypt?It's not mandatory, but it's certainly a good idea. If you store encrypted data in a VARCHAR2 column, that means that it is subject to character set conversion if it's moved from one database to another or sent from a database to a client machine. But if character set conversion happens, your encrypted data is corrupted.
  If I change varchar2(32) to RAW, Can I make it RAW(32) or does it needs to be bigger?
  Does the RAW size must be in multiple of 16?It would be helpful to specify exactly what algorithm and parameters you intend to use because it may vary. If, for example, we encrypt using AES-256 with Cipher Block Chaining and PKCS#5 compliant padding (which happens to be the example in the DBMS_CRYPTO manual), the output RAW will always be a multiple of 16 and as large or larger than the input RAW.
  A VARCHAR2(32) will either allocate 32 characters of storage or 32 bytes of storage depending on your NLS_LENGTH_SEMANTICS parameter. If you're using the default, it will allocate 32 bytes. But 32 bytes in the database character set may require more than 32 bytes of storage once you convert it to a UTF-8 encoded RAW (which, technically, also isn't required but is a good practice) and, thus, the encrypted string might require more than 32 bytes of storage. Your database character set and the actual data you store/ want to be able to store will influence how likely it is that you'll need a larger RAW than your VARCHAR2.
  How can I encrypt data of datatype date and number using dbms_crypto?dbms_crypto only operates on RAW data. Just like you convert strings to RAW before encrypting them, you'd need to convert your dates and numbers to RAW. For numbers, you should be able to use UTL_RAW.CAST_FROM_NUMBER. I don't know of a method of casting dates to a RAW other than converting them to a known string representation and then encrypting that (and, of course, doing the reverse when you decrypt the string and convert it back to a date using that same format).
  Justin

• Access Point support 802.11a/g/b/r

  can you suggest me the access point which support 802.11a/g/b/r ?
  My problem is with 802.11 r. i am not getting clear idea about the wireless access point which will support 802.11r
  kindly suggest me the product

  There are no APs that support 802.11r yet. 802.11r is a standards extension to support fast secure roaming that was only ratified a month or so ago. It requires client device support and there are no clients that support it yet.
  If you want fast secure roaming, Cisco offers CCKM on all our APs and CCKM and PKC on all our controllers.
  I suspect though, that you may have meant, 802.11n, which is a higher data rate PHY/MAC standards extension. That is supported in the AP1250 series.

• NextUpdate, embedding OCSP response

  Hi,
  I am trying to understand revocation info and relevant processes in the PDF signature...
  "If nextUpdate is not set, the responder is indicating that newer revocation information is available all the time".
  I have a situation where my OCSP response doesn't have nextUpdate set. This means that Reader should always
  check whether certificate is revoked or not, right ?
  Here is what I do right now:
  1) include signing certificate and PKCS#12 cert chain(my digital id for OCSP) in PDF signature appearance
  2) sign PDF byterange on SmartCard and set external digest on PKCS7
  3) include OCSP response in PKCS7
  QUESTION 1:
  But for some reason I don't see that OCSP is embedded in PDF any way. Although I see it exists in Byterange content.
  Any explanation ?
  I have 2 signing certificates which I can use in step #1. Their intended usage:
  1) Sign transaction, Encrypt keys, Encrypt document, Client Authentication, Email Protection
  2) Sign document
  Here is the revocation info that is shown on Revocation Info Tab:
  1) ... The selected certificate is considered valid because it does not appear in a Certificate Revocation List (CRL).
  2) ... No revocation checks are done for such certificates, they are inherently considered trustworthy.
  QUESTION 2:
  Can't I use certificate #2 for embedding OCSP in PDF ?

  I am currently reading "Long-Term Digital Signatures" that states: "Revocation responses from an OCSP server are usually time stamped by the server that creates them". What does time stamped mean in the thisUpdate/nextUpdate context?
  p.s. The topic I raised is based on custom solution that signs PDF using iTextSharp. I am embedding OCSP response myself, how does Reader behaves when there is no nextUpdate entry ?
  Regards,
  M.

• EAP personal certificate 5800

  Hi i have been trying to use the wireless at my college with my nokia 5800 but it seems that the certificates that the college provides are not working with my phone. I have been able to load the .cer file into the authority certificate but im failing with the personal certificate (.pem extension). Whenever i try to save it to my phone it only attaches it to the notes and according to the IT department the personale certificates are required to use the 802.x that the college provides.
  Any ideas how can i get the .pem file to work in the phone? 
  Thanks for the help! 

  fmartell wrote:
  Hi i have been trying to use the wireless at my college with my nokia 5800 but it seems that the certificates that the college provides are not working with my phone. I have been able to load the .cer file into the authority certificate but im failing with the personal certificate (.pem extension). Whenever i try to save it to my phone it only attaches it to the notes and according to the IT department the personale certificates are required to use the 802.x that the college provides.
  Any ideas how can i get the .pem file to work in the phone? 
  Thanks for the help! 
  You would need to convert your personal certificate from it's current PEM format to PKCS#12 (.pfx) format. PKCS#12 format should be installable on the phone assuming that content and capabilities of the certificate and the private key itself are compatible with the phone. PKCS#12 file will be single password protected .pfx file (a container) including both the private key and personal certificate. Sometimes PKCS#12 .pfx file may also include the CA certificate(s) so that CA certificate don't need to be installed separately from the personal certificate.
  Conversions between different certificate file formats can be done with OpenSSL. OpenSSL is a open source command line tool for handling various certificate related operations. It is rather complex and powerful set of tools but e.g. a conversion between PEM and PKCS#12 format is typically not too difficult to do once you have a PC with OpenSSL available. Of course using command line based tools like OpenSSL will require certain amount geekiness but nothing too extreme.
  If you feel comfortable to give OpenSSL conversion a try you can find OpenSSL installation package for Windows e.g. by googling "Win32 OpenSSL" and installing it on a Windows PC. I think that the "light" Win32 version of the OpenSSL installation packages provided by the Shining Light Productions web page should be sufficient enough for a simple conversion task like this. Once you have the OpenSSL installed and functional on a PC you can proceed to the actual conversion. In case you have access to a Linux PC it might already have the OpenSSL installed if your locky. Point is that you don't necessarily need to have a Windows version of the OpenSSL to do this conversion but basically any PC with OpenSSL should be good for the task.
  First you should propably take a look at your PEM file with text editor (e.g. open with Wordpad on a Windows PC) and see if the PEM file contains both "BEGIN / END PRIVATE KEY" and "BEGIN / END CERTIFICATE" tags with some code between the BEGIN and END tags since this indicates that both private key and the actual certificate are included in this single PEM file you have received.
  If your PEM file does not contain the "PRIVATE KEY" section then you should also have received a separate private key file (named .key .pvk .pem or something else) in addition to the "certificate only" PEM file from the people who provided the certificate.
  Copy your PEM formatted certificate file(s) to your PC with the OpenSSL, start the command line and go to the folder where your certificate files are located. Assuming that your PEM file includes both the certificate and the private key then these can be converted to PKCS#12 format using following OpenSSL command:
  openssl pcks12 -export -in yourcertificate.pem -out yournewcertificate.pfx
  After entering this command OpenSSL will prompt you to provide a password that will be used for protecting the new PKCS#12 (.pfx) file. Select and enter a password (twice) and note that you will need to remember this later when installing the resulting .pfx file on your phone.
  In case you have a separate private key file in addition to personal certificate PEM file then format of the OpenSSL command that creates a single PKCS#12 pfx file (containing both private key and personal certificate) would be something like this:
  openssl pkcs12 -export -in yourcertificate.pem -inkey yourprivatekey.pvk -out yournewcertificate.pfx
  Naturally you need to replace the filenames in above example following the "-in" and "-inkey" options with the actual names of your files and you should define a filename for the resulting .pfx file after the "-out" option (ensure that you won't end up overwriting the existing PEM file and keep a copy of it in some other folder in any case).
  It's important to note that you must have both the personal certificate and it's private key installed on the phone in order to be able to use your personal certificate for EAP-TLS authentication (these are both most likely included in your PEM file). Naturally you will also need to have the Certificate Authority certificate installed on the phone but it sounds that you had already managed to install that one. The PEM file (like PFX file) might also contain the both the CA certificate and personal certificate so don't worry if you get "certificate already installed" type of warning when installing the PKCS#12 (.pfx) file on the phone later since it means that your original PEM file also contained the CA certificate which got automatically included to .pfx file during the conversion and since you had already previosly installed the same CA certificate phone just notes that this CA is already installed.
  Once you have successfully converted your personal certificate and private key in to the PKCS#12 (.pfx) file format then you should be able to copy the resulting .pfx file (created by OpenSSL) to your phone and hopefully install it on the phone.
  Note that your phone will ask you to define a "phone key store" password (select a password you wish and enter it twice) when you are installing first "personal certificate" on your phone. Once you have created the phone key store password you will be prompted for the password of the PKCS#12 (.pfx) file so this is the password that you entered during the OpenSSL conversion.
  Ensure that you will also remember your newly created private key store password since it will be prompted by the phone later when this particular personal certificate is being used for the EAP-TLS authentication.
  If you managed to install your personal certificate (and the private properly) then you should be able to go to your access point's EAP-TLS settings and select your certificateas a personal certificate and select the previously installed CA certificate as a Certificate Authority for the EAP-TLS authentication.