PolicyAuthorize() private method

private PolicyAuthorize ( TpmHandle policySession, byte approvedPolicy, byte policyRef, byte keySign, TkVerified checkTicket ) : void
policySession TpmHandle
approvedPolicy byte
policyRef byte
keySign byte
checkTicket TkVerified
return void
Tpm2 Class Documentation
Beispiel #1
0
        TpmRc Execute(Tpm2 tpm, AuthSession sess, PolicyTree policy)
        {
#if false
            if (Ticket == null)
            {
                // create a dummy ticket = e.g. for a trial session
                Ticket = new TkVerified(TpmRh.Owner, new byte[0]);
            }
#endif

            if (ParamsCallback != null)
            {
                ParamsCallback(tpm, sess, PolicyToReplace, PolicyRef, SigKeyName, Ticket);
            }
            if (policy.AllowErrorsInPolicyEval)
            {
                tpm._AllowErrors();
            }
            tpm.PolicyAuthorize(sess, PolicyToReplace, PolicyRef, SigKeyName, Ticket);

            return(tpm._GetLastResponseCode());
        }
Beispiel #2
0
        // ReSharper disable once InconsistentNaming
        internal override TpmRc Execute(Tpm2 tpm, AuthSession authSession, PolicyTree policy)
        {
            byte[] dataToSign = Globs.Concatenate(PolicyToReplace, PolicyRef);
            byte[] aHash = CryptoLib.HashData(SigningHash, dataToSign);

            TpmHandle verifierHandle = tpm.LoadExternal(null, SigningKey, TpmRh.Owner);
            if (policy.AllowErrorsInPolicyEval)
            {
                tpm._AllowErrors();
            }

            // todo - fix the serialization so that we can persist the interface
            ISignatureUnion theSig = null;
            if(null!= (Object) Sig1)
            {
                theSig = Sig1;
            }
            if (null != (Object)Sig2)
            {
                theSig = Sig2;
            }

            if (theSig != null)
            {
                Ticket = tpm.VerifySignature(verifierHandle, aHash, theSig);
                TpmRc intermediateError = tpm._GetLastResponseCode();
                if (intermediateError != TpmRc.Success)
                {
                    tpm.FlushContext(verifierHandle);
                    return intermediateError;
                }
            }
            else
            {
                // create a dummy ticket = e.g. for a trial session
                Ticket = new TkVerified(TpmRh.Owner, new byte[0]);
            }
            tpm.FlushContext(verifierHandle);


            byte[] keySign = SigningKey.GetName();
            TpmHandle policySession = authSession;
            if (TheParamsCallback != null)
            {
                TheParamsCallback(tpm, ref policySession, ref PolicyToReplace, ref PolicyRef, keySign, ref Ticket);
            }
            if (policy.AllowErrorsInPolicyEval)
            {
                tpm._AllowErrors();
            }
            tpm.PolicyAuthorize(policySession, PolicyToReplace, PolicyRef, keySign, Ticket);

            return tpm._GetLastResponseCode();
        }