void TestCertifyX509(Tpm2 tpm, TestContext testCtx)
{
if (!TpmCfg.IsImplemented(TpmCc.CertifyX509))
{
Substrate.WriteToLog("TestCertifyX509 skipped", ConsoleColor.DarkCyan);
return;
}
ObjectAttr attr = ObjectAttr.Restricted | ObjectAttr.Sign
| ObjectAttr.FixedParent | ObjectAttr.FixedTPM
| ObjectAttr.UserWithAuth | ObjectAttr.AdminWithPolicy
| ObjectAttr.SensitiveDataOrigin;
var policy = new PolicyTree(TpmAlgId.Sha256);
policy.SetPolicyRoot(new TpmPolicyCommand(TpmCc.CertifyX509));
var keyTemplateRsa = new TpmPublic(TpmAlgId.Sha256, attr, policy.GetPolicyDigest(),
new RsaParms(new SymDefObject(), new SchemeRsassa(TpmAlgId.Sha256), 2048, 0),
new Tpm2bPublicKeyRsa()
);
var keyTemplateEcc = new TpmPublic(TpmAlgId.Sha256, attr, policy.GetPolicyDigest(),
new EccParms(new SymDefObject(), new SchemeEcdsa(TpmAlgId.Sha256),
EccCurve.NistP256, new NullKdfScheme()),
new EccPoint()
);
var keyTemplatePss = new TpmPublic(TpmAlgId.Sha256, attr, policy.GetPolicyDigest(),
new RsaParms(new SymDefObject(), new SchemeRsapss(TpmAlgId.Sha256), 2048, 0),
new Tpm2bPublicKeyRsa()
);
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplateRsa, policy, "RsaWithRsa.1");
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplateEcc, policy, "RsaWithEcc.1");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplateEcc, policy, "EccWithEcc.1");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplateRsa, policy, "EccWithRsa.1");
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplatePss, policy, "RsaWithPss.1");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplatePss, policy, "EccWithPss.1");
attr &= ~(ObjectAttr.Restricted | ObjectAttr.FixedParent | ObjectAttr.FixedTPM);
keyTemplateRsa.objectAttributes = attr;
keyTemplateEcc.objectAttributes = attr;
keyTemplatePss.objectAttributes = attr;
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplateRsa, policy, "RsaWithRsa.2");
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplateEcc, policy, "RsaWithEcc.2");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplateEcc, policy, "EccWithEcc.2");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplateRsa, policy, "EccWithRsa.2");
TestCertifyX509Impl(tpm, testCtx, keyTemplateRsa, keyTemplatePss, policy, "RsaWithPss.2");
TestCertifyX509Impl(tpm, testCtx, keyTemplateEcc, keyTemplatePss, policy, "EccWithPss.2");
} // TestCertifyX509
void TestVendorSpecific(Tpm2 tpm, TestContext testCtx)
{
if (!TpmCfg.IsImplemented(TpmCc.VendorTcgTest))
{
Substrate.WriteToLog("TestVendorSpecific skipped", ConsoleColor.DarkCyan);
return;
}
TpmHandle h = Substrate.CreateDataObject(tpm);
byte[] inData = Substrate.RandomBytes(24);
testCtx.ReportParams("Input data size: " + inData.Length);
byte[] outData = tpm.VendorTcgTest(inData);
testCtx.Assert("CertDataReceived", outData.Length > 0, outData.Length);
tpm.FlushContext(h);
} // TestVendorSpecific