private string GetHeldData()
{
TpmHandle nvUriHandle = new TpmHandle(AIOTH_PERSISTED_URI_INDEX + logicalDeviceId);
Byte[] nvData;
string iotHubUri = "";
try
{
// Open the TPM
Tpm2Device tpmDevice = new TbsDevice();
tpmDevice.Connect();
var tpm = new Tpm2(tpmDevice);
// Read the URI from the TPM
Byte[] name;
NvPublic nvPublic = tpm.NvReadPublic(nvUriHandle, out name);
nvData = tpm.NvRead(nvUriHandle, nvUriHandle, nvPublic.dataSize, 0);
// Dispose of the TPM
tpm.Dispose();
}
catch
{
return(iotHubUri);
}
// Convert the data to a srting for output
iotHubUri = System.Text.Encoding.UTF8.GetString(nvData);
return(iotHubUri);
}
public static void SaveValueIntoTpm(int address, byte[] data, int length)
{
Tpm2Device tpmDevice;
if (System.Runtime.InteropServices.RuntimeInformation.IsOSPlatform(System.Runtime.InteropServices.OSPlatform.Windows))
{
tpmDevice = new TbsDevice();
}
else
{
tpmDevice = new LinuxTpmDevice();
}
tpmDevice.Connect();
var tpm = new Tpm2(tpmDevice);
var ownerAuth = new AuthValue();
TpmHandle nvHandle = TpmHandle.NV(address);
tpm[ownerAuth]._AllowErrors().NvUndefineSpace(TpmHandle.RhOwner, nvHandle);
AuthValue nvAuth = authValue;
var nvPublic = new NvPublic(nvHandle, TpmAlgId.Sha1, NvAttr.Authwrite | NvAttr.Authread, new byte[0], (ushort)length);
tpm[ownerAuth].NvDefineSpace(TpmHandle.RhOwner, nvAuth, nvPublic);
tpm[nvAuth].NvWrite(nvHandle, nvHandle, data, 0);
tpm.Dispose();
}
internal string GetPersistedUri()
{
TpmHandle nvUriHandle = new TpmHandle(PERSISTED_URI_INDEX + logicalDeviceId);
try
{
string uri;
// Open the TPM
Tpm2Device tpmDevice = new TbsDevice();
tpmDevice.Connect();
using (var tpm = new Tpm2(tpmDevice))
{
// Read the URI from the TPM
NvPublic nvPublic = tpm.NvReadPublic(nvUriHandle, out byte[] name);
var nvData = tpm.NvRead(nvUriHandle, nvUriHandle, nvPublic.dataSize, 0);
// Convert the data to a srting for output
uri = Encoding.UTF8.GetString(nvData);
}
return(uri);
}
catch { }
return(string.Empty);
}
public static List <AsaNvIndex> DumpNV(Tpm2 tpm)
{
var output = new List <AsaNvIndex>();
if (tpm == null)
{
return(output);
}
byte moreData;
do
{
uint maxHandles = ushort.MaxValue;
moreData = tpm.GetCapability(Cap.Handles, ((uint)Ht.NvIndex) << 24,
maxHandles, out ICapabilitiesUnion cap);
HandleArray handles = (HandleArray)cap;
foreach (TpmHandle hh in handles.handle)
{
NvPublic nvPub = tpm.NvReadPublic(hh, out byte[] nvName);
var index = new AsaNvIndex()
{
Index = hh.handle & 0x00FFFFFF, Attributes = nvPub.attributes
};
// We can read with just the owner auth
if (nvPub.attributes.HasFlag(NvAttr.Ownerread))
{
try
{
index.value = tpm.NvRead(TpmRh.Owner, hh, nvPub.dataSize, 0).ToList();
}
catch (TpmException e)
{
Log.Verbose("Dumping NV {0} failed ({1}:{2})", hh.handle & 0x00FFFFFF, e.GetType(), e.Message);
}
}
// TODO: Attempt with auth values if DA is disabled
output.Add(index);
}
} while (moreData == 1);
return(output);
}