Exemple #1
0
        private string GetHeldData()
        {
            TpmHandle nvUriHandle = new TpmHandle(AIOTH_PERSISTED_URI_INDEX + logicalDeviceId);

            Byte[] nvData;
            string iotHubUri = "";

            try
            {
                // Open the TPM
                Tpm2Device tpmDevice = new TbsDevice();
                tpmDevice.Connect();
                var tpm = new Tpm2(tpmDevice);

                // Read the URI from the TPM
                Byte[]   name;
                NvPublic nvPublic = tpm.NvReadPublic(nvUriHandle, out name);
                nvData = tpm.NvRead(nvUriHandle, nvUriHandle, nvPublic.dataSize, 0);

                // Dispose of the TPM
                tpm.Dispose();
            }
            catch
            {
                return(iotHubUri);
            }

            // Convert the data to a srting for output
            iotHubUri = System.Text.Encoding.UTF8.GetString(nvData);
            return(iotHubUri);
        }
Exemple #2
0
        public static void SaveValueIntoTpm(int address, byte[] data, int length)
        {
            Tpm2Device tpmDevice;

            if (System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows))
            {
                tpmDevice = new TbsDevice();
            }
            else
            {
                tpmDevice = new LinuxTpmDevice();
            }
            tpmDevice.Connect();

            var tpm = new Tpm2(tpmDevice);

            var       ownerAuth = new AuthValue();
            TpmHandle nvHandle  = TpmHandle.NV(address);

            tpm[ownerAuth]._AllowErrors().NvUndefineSpace(TpmHandle.RhOwner, nvHandle);

            AuthValue nvAuth   = authValue;
            var       nvPublic = new NvPublic(nvHandle, TpmAlgId.Sha1, NvAttr.Authwrite | NvAttr.Authread, new byte[0], (ushort)length);

            tpm[ownerAuth].NvDefineSpace(TpmHandle.RhOwner, nvAuth, nvPublic);

            tpm[nvAuth].NvWrite(nvHandle, nvHandle, data, 0);
            tpm.Dispose();
        }
Exemple #3
0
    internal string GetPersistedUri()
    {
        TpmHandle nvUriHandle = new TpmHandle(PERSISTED_URI_INDEX + logicalDeviceId);

        try
        {
            string uri;

            // Open the TPM
            Tpm2Device tpmDevice = new TbsDevice();
            tpmDevice.Connect();
            using (var tpm = new Tpm2(tpmDevice))
            {
                // Read the URI from the TPM
                NvPublic nvPublic = tpm.NvReadPublic(nvUriHandle, out byte[] name);
                var      nvData   = tpm.NvRead(nvUriHandle, nvUriHandle, nvPublic.dataSize, 0);

                // Convert the data to a srting for output
                uri = Encoding.UTF8.GetString(nvData);
            }

            return(uri);
        }
        catch { }

        return(string.Empty);
    }
Exemple #4
0
        public static List <AsaNvIndex> DumpNV(Tpm2 tpm)
        {
            var output = new List <AsaNvIndex>();

            if (tpm == null)
            {
                return(output);
            }

            byte moreData;

            do
            {
                uint maxHandles = ushort.MaxValue;
                moreData = tpm.GetCapability(Cap.Handles, ((uint)Ht.NvIndex) << 24,
                                             maxHandles, out ICapabilitiesUnion cap);
                HandleArray handles = (HandleArray)cap;
                foreach (TpmHandle hh in handles.handle)
                {
                    NvPublic nvPub = tpm.NvReadPublic(hh, out byte[] nvName);

                    var index = new AsaNvIndex()
                    {
                        Index = hh.handle & 0x00FFFFFF, Attributes = nvPub.attributes
                    };

                    // We can read with just the owner auth
                    if (nvPub.attributes.HasFlag(NvAttr.Ownerread))
                    {
                        try
                        {
                            index.value = tpm.NvRead(TpmRh.Owner, hh, nvPub.dataSize, 0).ToList();
                        }
                        catch (TpmException e)
                        {
                            Log.Verbose("Dumping NV {0} failed ({1}:{2})", hh.handle & 0x00FFFFFF, e.GetType(), e.Message);
                        }
                    }

                    // TODO: Attempt with auth values if DA is disabled

                    output.Add(index);
                }
            } while (moreData == 1);

            return(output);
        }