CreateSensitiveComposite(TpmPublic pub,
ref byte[] keyData,
out IPublicIdUnion publicId)
{
ISensitiveCompositeUnion newSens = null;
publicId = null;
if (pub.type == TpmAlgId.Rsa)
{
if (keyData != null)
{
Globs.Throw <ArgumentException>("Cannot specify key data for an RSA key");
return(null);
}
var newKeyPair = new RawRsa((pub.parameters as RsaParms).keyBits);
// Put the key bits into the required structure envelopes
newSens = new Tpm2bPrivateKeyRsa(newKeyPair.Private);
publicId = new Tpm2bPublicKeyRsa(newKeyPair.Public);
}
else if (pub.type == TpmAlgId.Symcipher)
{
var symDef = (SymDefObject)pub.parameters;
if (symDef.Algorithm != TpmAlgId.Aes)
{
Globs.Throw <ArgumentException>("Unsupported symmetric algorithm");
return(null);
}
int keySize = (symDef.KeyBits + 7) / 8;
if (keyData == null)
{
keyData = Globs.GetRandomBytes(keySize);
}
else if (keyData.Length != keySize)
{
keyData = Globs.CopyData(keyData);
}
else
{
Globs.Throw <ArgumentException>("Wrong symmetric key length");
return(null);
}
newSens = new Tpm2bSymKey(keyData);
}
else if (pub.type == TpmAlgId.Keyedhash)
{
var scheme = (pub.parameters as KeyedhashParms).scheme;
TpmAlgId hashAlg = scheme is SchemeHash ? (scheme as SchemeHash).hashAlg
: scheme is SchemeXor ? (scheme as SchemeXor).hashAlg
: pub.nameAlg;
var digestSize = CryptoLib.DigestSize(hashAlg);
if (keyData == null)
{
keyData = Globs.GetRandomBytes(digestSize);
}
else if (keyData.Length <= CryptoLib.BlockSize(hashAlg))
{
keyData = Globs.CopyData(keyData);
}
else
{
Globs.Throw <ArgumentException>("HMAC key is too big");
return(null);
}
newSens = new Tpm2bSensitiveData(keyData);
}
else
{
Globs.Throw <ArgumentException>("Unsupported key type");
}
return(newSens);
}
/// <summary>
/// Create a new asymmetric key based on the parameters in keyParms. The resulting key data is returned in structures
/// suitable for incorporation in a TPMT_PUBLIC and TPMS_SENSITIVE
/// </summary>
/// <param name="keyParms"></param>
/// <param name="publicParms"></param>
/// <returns></returns>
internal static ISensitiveCompositeUnion CreateSensitiveComposite(TpmPublic keyParms, out IPublicIdUnion publicParms)
{
TpmAlgId keyAlgId = keyParms.type;
ISensitiveCompositeUnion newSens;
// Create the asymmetric key
if (keyAlgId != TpmAlgId.Rsa)
{
throw new Exception("Algorithm not supported");
}
var newKeyPair = new RawRsa((keyParms.parameters as RsaParms).keyBits);
// Put the key bits into the required structure envelopes
newSens = new Tpm2bPrivateKeyRsa(newKeyPair.Private);
publicParms = new Tpm2bPublicKeyRsa(newKeyPair.Public);
return newSens;
}
/// <summary>
/// Create a new asymmetric key based on the parameters in keyParms. The resulting key data is returned in structures
/// suitable for incorporation in a TPMT_PUBLIC and TPMS_SENSITIVE
/// </summary>
/// <param name="keyParms"></param>
/// <param name="publicParms"></param>
/// <returns></returns>
internal static ISensitiveCompositeUnion CreateSensitiveComposite(TpmPublic keyParms, out IPublicIdUnion publicParms)
{
TpmAlgId keyAlgId = keyParms.type;
ISensitiveCompositeUnion newSens;
// Create the asymmetric key
if (keyAlgId != TpmAlgId.Rsa)
{
Globs.Throw <ArgumentException>("Algorithm not supported");
}
var newKeyPair = new RawRsa((keyParms.parameters as RsaParms).keyBits);
// Put the key bits into the required structure envelopes
newSens = new Tpm2bPrivateKeyRsa(newKeyPair.Private);
publicParms = new Tpm2bPublicKeyRsa(newKeyPair.Public);
return(newSens);
}
///<param name = "the_nameAlg">algorithm used for computing the Name of the object NOTE The "+" indicates that the instance of a TPMT_PUBLIC may have a "+" to indicate that the nameAlg may be TPM_ALG_NULL.</param>
///<param name = "the_objectAttributes">attributes that, along with type, determine the manipulations of this object</param>
///<param name = "the_authPolicy">optional policy for using this key The policy is computed using the nameAlg of the object. NOTE Shall be the Empty Policy if no authorization policy is present.</param>
///<param name = "the_parameters">the algorithm or structure details(One of KeyedhashParms, SymcipherParms, RsaParms, EccParms, AsymParms)</param>
///<param name = "the_unique">the unique identifier of the structure For an asymmetric key, this would be the public key.(One of Tpm2bDigestKeyedhash, Tpm2bDigestSymcipher, Tpm2bPublicKeyRsa, EccPoint)</param>
public TpmPublic(
TpmAlgId the_nameAlg,
ObjectAttr the_objectAttributes,
byte[] the_authPolicy,
IPublicParmsUnion the_parameters,
IPublicIdUnion the_unique
)
{
this.nameAlg = the_nameAlg;
this.objectAttributes = the_objectAttributes;
this.authPolicy = the_authPolicy;
this.parameters = the_parameters;
this.unique = the_unique;
}
