public void CalculateDigests(GetPCRValueDelegate getPCRValue) { List <byte[]> pcrValues = new List <byte[]>(); for (uint i = 0; i < _pcrSelection.PcrSelection.BitCount; i++) { if (_pcrSelection.PcrSelection.GetBit((int)i)) { pcrValues.Add(getPCRValue(i)); } } TPMPCRCompositeCore composite = new TPMPCRCompositeCore(); composite.PCRSelection = _pcrSelection; composite.PCRValues = pcrValues.ToArray(); _digest = new HashProvider().Hash(new HashTPMBlobWritableDataProvider(composite)); }
protected override TPMCommandResponse InternalProcess() { TPMBlob requestBlob = new TPMBlob(); requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_Quote); //key handle gets inserted later, it may be not available now requestBlob.WriteUInt32(0); requestBlob.Write(_nonce, 0, 20); _pcrSelection.WriteToTpmBlob(requestBlob); _keyManager.LoadKey(_params.GetValueOf <string>("key")); AuthorizeMe(requestBlob); using (_keyManager.AcquireLock()) { requestBlob.SkipHeader(); requestBlob.WriteUInt32(_keyManager.IdentifierToHandle(_params.GetValueOf <string>("key")).Handle); _responseBlob = TransmitMe(requestBlob); } CheckResponseAuthInfo(); _responseBlob.SkipHeader(); TPMPCRCompositeCore pcrComposite = TPMPCRCompositeCore.CreateFromTPMBlob(_responseBlob); uint sigSize = _responseBlob.ReadUInt32(); byte[] signature = _responseBlob.ReadBytes((int)sigSize); // Do signature verification TPMQuoteInfoCore quoteInfo = TPMQuoteInfoCore.Create(new HashProvider().Hash(new HashTPMBlobWritableDataProvider(pcrComposite)), _nonce); byte[] signingData; using (TPMBlob blob = new TPMBlob()) { quoteInfo.WriteToTpmBlob(blob); signingData = blob.ToArray(); } Parameters pubKeyParams = new Parameters(); pubKeyParams.AddPrimitiveType("key", _params.GetValueOf <string>("key")); TPMCommandRequest pubKeyRequest = new TPMCommandRequest(TPMCommandNames.TPM_CMD_GetPubKey, pubKeyParams); TPMCommandResponse pubKeyResponse = _tpmWrapper.Process(pubKeyRequest, _commandAuthHelper, _keyManager); if (pubKeyResponse.Status == false) { _log.FatalFormat("TPM_Quote: Could not retrieve pubkey of key"); return(new TPMCommandResponse(false, TPMCommandNames.TPM_CMD_Quote, new Parameters())); } TPMKey keyInfo = TPMKeyCore.CreateFromBytes(_keyManager.GetKeyBlob(_params.GetValueOf <string>("key"))); TPMPubkey pubkey = pubKeyResponse.Parameters.GetValueOf <TPMPubkey>("pubkey"); if (SignatureVerification.VerifySignature(keyInfo, pubkey, signingData, signature) == false) { throw new ArgumentException("The TPM_Quote signature could not be verified"); } Parameters responseParams = new Parameters(); responseParams.AddValue("pcrData", pcrComposite); responseParams.AddPrimitiveType("sig", signature); return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_Quote, responseParams)); }