/// <summary>
/// Create a simple bound but unseeded session.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmHandle boundEntity,
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs = SessionAttr.ContinueSession,
SymDef symDef = null,
int nonceCallerSize = 0)
{
byte[] nonceTpm;
var EmptySalt = new byte[0];
if (nonceCallerSize == 0)
{
nonceCallerSize = CryptoLib.DigestSize(authHash);
}
AuthSession sess = StartAuthSession(TpmRh.Null, boundEntity,
GetRandomBytes(nonceCallerSize),
EmptySalt, sessionType,
symDef ?? new SymDef(),
authHash, out nonceTpm)
+ initialialAttrs;
_InitializeSession(sess);
return(sess);
}
/// <summary>
/// Create a simple bound but unseeded session.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmHandle boundEntity,
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs = SessionAttr.ContinueSession,
SymDef symDef = null,
int nonceCallerSize = 0)
{
byte[] nonceTpm;
var EmptySalt = new byte[0];
if (nonceCallerSize == 0)
{
nonceCallerSize = CryptoLib.DigestSize(authHash);
}
AuthSession sess = StartAuthSession(TpmRh.Null, boundEntity,
GetRandomBytes(nonceCallerSize),
EmptySalt, sessionType,
symDef ?? new SymDef(),
authHash, out nonceTpm)
+ initialialAttrs;
_InitializeSession(sess);
return sess;
}
/// <summary>
/// Create a simple unbound & unseeded session.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
int nonceCallerSize = 16)
{
return(StartAuthSessionEx(sessionType, authHash,
initialialAttrs, new SymDef(), nonceCallerSize));
}
/// <summary>
/// Create a simple unbound & unseeded session.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
int nonceCallerSize = 0)
{
return StartAuthSessionEx(sessionType, authHash,
initialialAttrs, new SymDef(), nonceCallerSize);
}
/// <summary>
/// Create a simple unbound & unseeded session supporting session encryption.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
SymDef symDef,
int nonceCallerSize = 0)
{
return(StartAuthSessionEx(TpmRh.Null, sessionType, authHash,
initialialAttrs, symDef, nonceCallerSize));
}
/// <summary>
/// Create a simple unbound & unseeded session supporting session encryption.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
SymDef symDef,
int nonceCallerSize = 0)
{
return StartAuthSessionEx(TpmRh.Null, sessionType, authHash,
initialialAttrs, symDef, nonceCallerSize);
}
/// <summary>
/// Create a simple unbound & unseeded session supporting session encryption.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
SymDef symmAlg,
int nonceCallerSize = 16)
{
byte[] nonceTpm;
var EmptySalt = new byte[0];
AuthSession sess = StartAuthSession(TpmRh.Null, TpmRh.Null,
GetRandomBytes(nonceCallerSize), EmptySalt,
sessionType, symmAlg, authHash, out nonceTpm)
+ initialialAttrs;
_InitializeSession(sess);
return sess;
}
/// <summary>
/// Create a simple unbound & unseeded session supporting session encryption.
/// </summary>
public AuthSession StartAuthSessionEx(
TpmSe sessionType,
TpmAlgId authHash,
SessionAttr initialialAttrs,
SymDef symmAlg,
int nonceCallerSize = 16)
{
byte[] nonceTpm;
var EmptySalt = new byte[0];
AuthSession sess = StartAuthSession(TpmRh.Null, TpmRh.Null,
GetRandomBytes(nonceCallerSize), EmptySalt,
sessionType, symmAlg, authHash, out nonceTpm)
+ initialialAttrs;
_InitializeSession(sess);
return(sess);
}
public AuthSession(ParametrizedHandle ph)
{
if (ph.Handle != TpmRh.None && !ph.Handle.IsSession())
{
Globs.Throw <ArgumentException>("AuthSession: Attempt to construct from parametrized non-session handle");
}
Handle = ph.Handle;
foreach (object param in ph.Params)
{
if (param is SessionAttr)
{
Attrs = (SessionAttr)param;
}
else if (param is byte[])
{
Salt = (byte[])param;
}
else if (param != null)
{
Globs.Throw <ArgumentException>("AuthSession: Attempt to construct from malformed parametrized handle");
}
}
}
public AuthSession(ParametrizedHandle ph)
{
if (ph.Handle != TpmRh.None && !ph.Handle.IsSession())
{
throw new Exception("Attempt to construct AuthSession object from parametrized non-session handle");
}
Handle = ph.Handle;
foreach (object param in ph.Params)
{
if (param is SessionAttr)
{
Attrs = (SessionAttr)param;
}
else if (param is byte[])
{
Salt = (byte[])param;
}
else if (param != null)
{
throw new Exception("Attempt to construct AuthSession object from parametrized non-session handle");
}
}
}
public SessionOut()
{
nonceTpm = null;
attributes = new SessionAttr();
auth = null;
}
public static extern bool GetSessionStatus(int sid, out SessionAttr pSession);
private void CheckParamEncSessCandidate(AuthSession candidate, SessionAttr directionFlag)
{
if (!candidate.Attrs.HasFlag(directionFlag))
{
return;
}
bool decrypt = directionFlag == SessionAttr.Decrypt;
if (!_Behavior.Passthrough)
{
if (!candidate.CanEncrypt())
{
throw new Exception(string.Format("{0} session is missing symmetric algorithm",
decrypt ? "Decryption" : "Encryption"));
}
if ((decrypt ? DecSession : EncSession) != null)
{
throw new Exception(string.Format("Multiple {0} sessions",
decrypt ? "decryption" : "encryption"));
}
}
if (decrypt)
{
DecSession = candidate;
}
else
{
EncSession = candidate;
}
}
///<param name = "the_nonce">the session nonce, may be the Empty Buffer</param>
///<param name = "the_sessionAttributes">the session attributes</param>
///<param name = "the_hmac">either an HMAC, a password, or an EmptyAuth</param>
public AuthResponse(
byte[] the_nonce,
SessionAttr the_sessionAttributes,
byte[] the_hmac
)
{
this.nonce = the_nonce;
this.sessionAttributes = the_sessionAttributes;
this.hmac = the_hmac;
}
public AuthResponse(AuthResponse the_AuthResponse)
{
if((Object) the_AuthResponse == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
nonce = the_AuthResponse.nonce;
sessionAttributes = the_AuthResponse.sessionAttributes;
hmac = the_AuthResponse.hmac;
}
public AuthResponse()
{
nonce = new byte[0];
sessionAttributes = new SessionAttr();
hmac = new byte[0];
}
public SessionIn(SessionIn the_SessionIn)
{
if((Object) the_SessionIn == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
handle = the_SessionIn.handle;
nonceCaller = the_SessionIn.nonceCaller;
attributes = the_SessionIn.attributes;
auth = the_SessionIn.auth;
}
public AuthCommand(AuthCommand the_AuthCommand)
{
if((Object) the_AuthCommand == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
sessionHandle = the_AuthCommand.sessionHandle;
nonce = the_AuthCommand.nonce;
sessionAttributes = the_AuthCommand.sessionAttributes;
hmac = the_AuthCommand.hmac;
}
public AuthCommand()
{
sessionHandle = new TpmHandle();
nonce = new byte[0];
sessionAttributes = new SessionAttr();
hmac = new byte[0];
}
public static extern bool GetSessionStatus(int sid, out SessionAttr pSession);
public AuthSession(ParametrizedHandle ph)
{
if (ph.Handle != TpmRh.None && !ph.Handle.IsSession())
{
Globs.Throw<ArgumentException>("AuthSession: Attempt to construct from parametrized non-session handle");
}
Handle = ph.Handle;
foreach(object param in ph.Params)
{
if (param is SessionAttr)
{
Attrs = (SessionAttr)param;
}
else if (param is byte[])
{
Salt = (byte[])param;
}
else if (param != null)
{
Globs.Throw<ArgumentException>("AuthSession: Attempt to construct from malformed parametrized handle");
}
}
}
public SessionOut()
{
nonceTpm = new byte[0];
attributes = new SessionAttr();
auth = new byte[0];
}
///<param name = "the_handle">Session handle</param>
///<param name = "the_nonceCaller">Caller nonce</param>
///<param name = "the_attributes">Session attributes</param>
///<param name = "the_auth">AuthValue (or HMAC)</param>
public SessionIn(
TpmHandle the_handle,
byte[] the_nonceCaller,
SessionAttr the_attributes,
byte[] the_auth
)
{
this.handle = the_handle;
this.nonceCaller = the_nonceCaller;
this.attributes = the_attributes;
this.auth = the_auth;
}
///<param name = "the_sessionHandle">the session handle</param>
///<param name = "the_nonce">the session nonce, may be the Empty Buffer</param>
///<param name = "the_sessionAttributes">the session attributes</param>
///<param name = "the_hmac">either an HMAC, a password, or an EmptyAuth</param>
public AuthCommand(
TpmHandle the_sessionHandle,
byte[] the_nonce,
SessionAttr the_sessionAttributes,
byte[] the_hmac
)
{
this.sessionHandle = the_sessionHandle;
this.nonce = the_nonce;
this.sessionAttributes = the_sessionAttributes;
this.hmac = the_hmac;
}
public SessionOut(SessionOut the_SessionOut)
{
if((Object) the_SessionOut == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
nonceTpm = the_SessionOut.nonceTpm;
attributes = the_SessionOut.attributes;
auth = the_SessionOut.auth;
}
public SessionIn()
{
handle = new TpmHandle();
nonceCaller = new byte[0];
attributes = new SessionAttr();
auth = new byte[0];
}
///<param name = "the_nonceTpm">TPM nonce</param>
///<param name = "the_attributes">Session attributes</param>
///<param name = "the_auth">HMAC value</param>
public SessionOut(
byte[] the_nonceTpm,
SessionAttr the_attributes,
byte[] the_auth
)
{
this.nonceTpm = the_nonceTpm;
this.attributes = the_attributes;
this.auth = the_auth;
}
public AuthSession(ParametrizedHandle ph)
{
if (ph.Handle != TpmRh.None && !ph.Handle.IsSession())
{
throw new Exception("Attempt to construct AuthSession object from parametrized non-session handle");
}
Handle = ph.Handle;
foreach(object param in ph.Params)
{
if (param is SessionAttr)
{
Attrs = (SessionAttr)param;
}
else if (param is byte[])
{
Salt = (byte[])param;
}
else if (param != null)
{
throw new Exception("Attempt to construct AuthSession object from parametrized non-session handle");
}
}
}
