public void Init(
bool forEncryption,
ICipherParameters parameters)
{
AsymmetricKeyParameter kParam;
if (parameters is ParametersWithRandom)
{
ParametersWithRandom rParam = (ParametersWithRandom)parameters;
this.random = rParam.Random;
kParam = (AsymmetricKeyParameter)rParam.Parameters;
}
else
{
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter)parameters;
}
engine.Init(forEncryption, parameters);
this.forPrivateKey = kParam.IsPrivate;
this.forEncryption = forEncryption;
}
public virtual void Init(
bool forSigning,
ICipherParameters parameters)
{
if (parameters is ParametersWithRandom)
{
ParametersWithRandom p = (ParametersWithRandom)parameters;
parameters = p.Parameters;
random = p.Random;
}
else
{
if (forSigning)
{
random = new SecureRandom();
}
}
cipher.Init(forSigning, parameters);
RsaKeyParameters kParam;
if (parameters is RsaBlindingParameters)
{
kParam = ((RsaBlindingParameters)parameters).PublicKey;
}
else
{
kParam = (RsaKeyParameters)parameters;
}
emBits = kParam.Modulus.BitLength - 1;
block = new byte[(emBits + 7) / 8];
}
/// <summary>Initialise the signer.</summary>
/// <param name="forSigning">true if for signing, false if for verification.</param>
/// <param name="parameters">parameters for signature generation/verification. If the
/// parameters are for generation they should be a ParametersWithRandom,
/// a ParametersWithSalt, or just an RsaKeyParameters object. If RsaKeyParameters
/// are passed in a SecureRandom will be created.
/// </param>
/// <exception cref="ArgumentException">if wrong parameter type or a fixed
/// salt is passed in which is the wrong length.
/// </exception>
public virtual void Init(
bool forSigning,
ICipherParameters parameters)
{
RsaKeyParameters kParam;
if (parameters is ParametersWithRandom)
{
ParametersWithRandom p = (ParametersWithRandom)parameters;
kParam = (RsaKeyParameters)p.Parameters;
if (forSigning)
{
random = p.Random;
}
}
else if (parameters is ParametersWithSalt)
{
if (!forSigning)
{
throw new ArgumentException("ParametersWithSalt only valid for signing", "parameters");
}
ParametersWithSalt p = (ParametersWithSalt)parameters;
kParam = (RsaKeyParameters)p.Parameters;
standardSalt = p.GetSalt();
if (standardSalt.Length != saltLength)
{
throw new ArgumentException("Fixed salt is of wrong length");
}
}
else
{
kParam = (RsaKeyParameters)parameters;
if (forSigning)
{
random = new SecureRandom();
}
}
cipher.Init(forSigning, kParam);
keyBits = kParam.Modulus.BitLength;
block = new byte[(keyBits + 7) / 8];
if (trailer == IsoTrailers.TRAILER_IMPLICIT)
{
mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 1];
}
else
{
mBuf = new byte[block.Length - digest.GetDigestSize() - saltLength - 1 - 2];
}
Reset();
}
public static void Main(string[] args)
{
string[] sealMe = { "Hallo", "IAIK!" };
// Establish Connections
IDictionary <string, TPMSession> sessions =
XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml");
// Create one keystore per opened session
foreach (TPMSession tpmSes in sessions.Values)
{
tpmSes.Keystore = new InMemoryKeystore();
}
TPMSession sessionToUse = sessions["local0"];
sessionToUse.SetRequestSecretCallback(RequestSecret);
Console.WriteLine("Create Cipher Key");
ClientKeyHandle myFirstSealKey =
sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_seal_key", TPMKeyUsage.TPM_KEY_STORAGE);
Console.WriteLine("Key: {0}\n{1}", myFirstSealKey.FriendlyName, myFirstSealKey.PublicKey);
Console.WriteLine("---------------------------------\n");
sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
TPMPCRSelection pcrselect = sessionToUse.CreateEmptyPCRSelection();
pcrselect.PcrSelection[0] = true;
pcrselect.PcrSelection[1] = true;
pcrselect.PcrSelection[2] = true;
Console.WriteLine("Create Cipher, init and cipher");
IAsymmetricBlockCipher cipher = myFirstSealKey.CreateSealBlockCipher(pcrselect);
cipher.Init(true, null);
byte[][] cipherText = new byte[sealMe.Length][];
int i = 0;
foreach (string msg in sealMe)
{
byte[] block = System.Text.ASCIIEncoding.ASCII.GetBytes(msg);
cipherText[i] = cipher.ProcessBlock(block, 0, block.Length);
i++;
}
Console.WriteLine("Original vs. CiperText:");
for (i = 0; i < sealMe.Length; i++)
{
Console.WriteLine("{0} --> {1}", sealMe[i], ByteHelper.ByteArrayToHexString(cipherText[i]));
}
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Init and decode");
cipher.Init(false, null);
byte[][] decode = new byte[sealMe.Length][];
i = 0;
foreach (byte[] msg in cipherText)
{
decode[i] = cipher.ProcessBlock(msg, 0, msg.Length);
i++;
}
Console.WriteLine("Does it work?:");
for (i = 0; i < sealMe.Length; i++)
{
Console.WriteLine("{0}: {1}", sealMe[i] == System.Text.ASCIIEncoding.ASCII.GetString(decode[i])?"Y":"N", System.Text.ASCIIEncoding.ASCII.GetString(decode[i]));
}
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Changing PCR Values");
sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
Console.WriteLine("Decode, now an TPMRequest Exception should be thrown, with Error Code (0x18): TPM_WRONGPCRVAL");
decode = new byte[sealMe.Length][];
i = 0;
foreach (byte[] msg in cipherText)
{
try
{
decode[i] = cipher.ProcessBlock(msg, 0, msg.Length);
Console.WriteLine("UUUUUPPPPSSSS, something went wrong!");
}
catch (TPMRequestException e)
{
Console.WriteLine(e.ToString());
}
i++;
}
}
public override void Execute(string[] commandline)
{
if (commandline.Length < 2)
{
_console.Out.WriteLine("Error: [local_session_alias] not specified");
return;
}
else if (commandline.Length < 3)
{
_console.Out.WriteLine("Error: [command] not specified");
return;
}
ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null);
if (ctx == null)
{
_console.Out.WriteLine("No active connection was found");
return;
}
string localAlias = commandline[1];
IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null);
if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false)
{
_console.Out.WriteLine("Error: Specified local alias was not found");
return;
}
if (tpmSessions[localAlias].Keystore == null)
{
_console.Out.WriteLine("Error: No keystore was opened");
return;
}
IDictionary <string, string> arguments = _console.SplitArguments(commandline[2], 0);
if (arguments.ContainsKey("name") == false)
{
_console.Out.WriteLine("Error: no key name was specified");
return;
}
if (arguments.ContainsKey("data_input") == false)
{
_console.Out.WriteLine("Error: no data input source specified");
return;
}
TPMSessionSealCommand.DataInputMode dataInputMode;
try
{
dataInputMode = (TPMSessionSealCommand.DataInputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataInputMode), arguments["data_input"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data input source");
return;
}
TPMSessionSealCommand.DataOutputMode dataOutputMode;
try
{
dataOutputMode = (TPMSessionSealCommand.DataOutputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataOutputMode), arguments["data_output"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data output destination");
return;
}
TPMSessionSealCommand.DataFormat inputDataFormat = TPMSessionSealCommand.DataFormat.Raw;
if (arguments.ContainsKey("input_data_format"))
{
try
{
inputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["input_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid input data format");
return;
}
}
TPMSessionSealCommand.DataFormat outputDataFormat = TPMSessionSealCommand.DataFormat.Raw;
if (arguments.ContainsKey("output_data_format"))
{
try
{
outputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["output_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid output data format");
return;
}
}
if (dataInputMode == TPMSessionSealCommand.DataInputMode.File && arguments.ContainsKey("file") == false)
{
_console.Out.WriteLine("Error: data_input=file requires file argument!");
return;
}
if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File && arguments.ContainsKey("output_file") == false)
{
_console.Out.WriteLine("Error: data_output=file requires output_file argument!");
return;
}
ClientKeyHandle keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["name"]);
Stream inputStream = null;
if (dataInputMode == TPMSessionSealCommand.DataInputMode.Console)
{
inputStream = new TextReaderStream(_console.In);
}
else if (dataInputMode == TPMSessionSealCommand.DataInputMode.Embedded)
{
if (commandline.Length <= 3)
{
_console.Out.WriteLine("Error: no embedded data");
return;
}
StringBuilder embeddedData = new StringBuilder();
for (int i = 3; i < commandline.Length; i++)
{
embeddedData.Append(commandline[i]);
if (i + 1 < commandline.Length)
{
embeddedData.Append(" ");
}
}
inputStream = new TextReaderStream(new StringReader(embeddedData.ToString()));
}
else if (dataInputMode == TPMSessionSealCommand.DataInputMode.File)
{
inputStream = new FileStream(arguments["file"], FileMode.Open, FileAccess.Read);
}
if (inputDataFormat == TPMSessionSealCommand.DataFormat.Hex)
{
inputStream = new HexFilterStream(inputStream);
}
Stream outputStream = null;
if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.Console)
{
outputStream = new TextWriterStream(_console.Out);
}
else if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File)
{
outputStream = new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write);
}
if (outputDataFormat == TPMSessionSealCommand.DataFormat.Hex)
{
outputStream = new HexFilterStream(outputStream);
}
IAsymmetricBlockCipher bindCipher = keyHandle.CreateBindBlockCipher();
bindCipher.Init(false, null);
int read;
byte[] buffer = new byte[bindCipher.GetInputBlockSize()];
do
{
read = inputStream.Read(buffer, 0, buffer.Length);
if (read > 0)
{
byte[] encrypted = bindCipher.ProcessBlock(buffer, 0, read);
outputStream.Write(encrypted, 0, encrypted.Length);
}
}while(read > 0);
_console.Out.WriteLine();
outputStream.Dispose();
inputStream.Dispose();
}
public static void Main(string[] args)
{
string[] bindMe = { "Hallo", "IAIK!" };
// Establish Connections
IDictionary <string, TPMSession> sessions =
XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml");
// Create one keystore per opened session
foreach (TPMSession tpmSes in sessions.Values)
{
tpmSes.Keystore = new InMemoryKeystore();
}
TPMSession sessionToUse = sessions["local0"];
sessionToUse.SetRequestSecretCallback(RequestSecret);
Console.WriteLine("Create Cipher Key");
ClientKeyHandle myFirstBindKey =
sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_bind_key", TPMKeyUsage.TPM_KEY_BIND);
Console.WriteLine("Key: {0}\n{1}", myFirstBindKey.FriendlyName, myFirstBindKey.PublicKey);
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Create Cipher, init and cipher");
IAsymmetricBlockCipher cipher = myFirstBindKey.CreateBindBlockCipher();
cipher.Init(true, null);
byte[][] cipherText = new byte[bindMe.Length][];
int i = 0;
foreach (string msg in bindMe)
{
byte[] block = System.Text.ASCIIEncoding.ASCII.GetBytes(msg);
cipherText[i] = cipher.ProcessBlock(block, 0, block.Length);
i++;
}
Console.WriteLine("Original vs. CiperText:");
for (i = 0; i < bindMe.Length; i++)
{
Console.WriteLine("{0} --> {1}", bindMe[i], ByteHelper.ByteArrayToHexString(cipherText[i]));
}
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Init and decode");
cipher.Init(false, null);
byte[][] decode = new byte[bindMe.Length][];
i = 0;
foreach (byte[] msg in cipherText)
{
decode[i] = cipher.ProcessBlock(msg, 0, msg.Length);
i++;
}
Console.WriteLine("Does it work?:");
for (i = 0; i < bindMe.Length; i++)
{
Console.WriteLine("{0}: {1}", bindMe[i] == System.Text.ASCIIEncoding.ASCII.GetString(decode[i])?"Y":"N", System.Text.ASCIIEncoding.ASCII.GetString(decode[i]));
}
Console.WriteLine("---------------------------------\n");
}
