Exemple #1
0
 public void WriteToTpmBlob(TPMBlob blob)
 {
     blob.WriteUInt32((uint)_algorithmId);
     blob.WriteUInt16((ushort)_encScheme);
     blob.WriteUInt16((ushort)_sigScheme);
     TPMBlobWriteableHelper.WriteITPMBlobWritableWithUIntSize(blob, (ITPMBlobWritable)_params);
 }
Exemple #2
0
        protected override TPMCommandResponse InternalProcess()
        {
            byte[] ownerAuth = _params.GetValueOf <byte[]> (PARAM_OWNERAUTH);
            byte[] srkAuth   = _params.GetValueOf <byte[]> (PARAM_SRKAUTH);


            TPMBlob requestBlob = new TPMBlob();

            requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_TakeOwnership);

            requestBlob.WriteUInt16((ushort)TPMProtocolId.TPM_PID_OWNER);

            requestBlob.WriteUInt32((uint)ownerAuth.Length);
            requestBlob.Write(ownerAuth, 0, ownerAuth.Length);

            requestBlob.WriteUInt32((uint)srkAuth.Length);
            requestBlob.Write(srkAuth, 0, srkAuth.Length);

            _tpmKey.WriteToTpmBlob(requestBlob);

            _responseBlob = AuthorizeMeAndTransmit(requestBlob);

            CheckResponseAuthInfo();

            return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_TakeOwnership, new Parameters()));
        }
Exemple #3
0
        public void WriteToTpmBlob(TPMBlob blob)
        {
            ((ITPMBlobWritable)_version).WriteToTpmBlob(blob);
            blob.WriteUInt16((ushort)_keyUsage);
            blob.WriteUInt32((uint)_keyFlags);
            blob.WriteByte((byte)_authDataUsage);
            ((ITPMBlobWritable)_algorithmParams).WriteToTpmBlob(blob);

            //TODO: PCR info size
            blob.WriteUInt32(0);

            ((ITPMBlobWritable)_pubKey).WriteToTpmBlob(blob);

            blob.WriteUInt32((uint)_encData.Length);
            blob.Write(_encData, 0, _encData.Length);
        }
Exemple #4
0
 public void WriteToTpmBlob(TPMBlob blob)
 {
     blob.WriteUInt16((ushort)_pcrSelection.Data.Length);
     blob.Write(_pcrSelection.Data, 0, _pcrSelection.Data.Length);
 }
Exemple #5
0
 public void WriteToTpmBlob(TPMBlob blob)
 {
     blob.WriteByte(_major);
     blob.WriteByte(_minor);
     blob.WriteUInt16(_reqSize);
 }
Exemple #6
0
        public override TPMCommandResponse Process()
        {
            TPMEntityTypeLSB entityLSB  = _params.GetValueOf <TPMEntityTypeLSB>("entity_lsb");
            TPMEntityTypeMSB entityMSB  = _params.GetValueOf <TPMEntityTypeMSB>("entity_msb");
            string           identifier = _params.GetValueOf <string>("entity_value");


            if (entityLSB != TPMEntityTypeLSB.TPM_ET_KEYHANDLE &&
                entityLSB != TPMEntityTypeLSB.TPM_ET_SRK &&
                entityLSB != TPMEntityTypeLSB.TPM_ET_OWNER)
            {
                throw new ArgumentException("TPM_OSAP does currently not support entityType: " + entityLSB.ToString());
            }

            if (entityMSB != TPMEntityTypeMSB.TPM_ET_XOR)
            {
                throw new ArgumentException(string.Format("TPM_OSAP does currently not support '{0}' EncAuth encryption", entityMSB));
            }


            if (entityLSB == TPMEntityTypeLSB.TPM_ET_KEYHANDLE ||
                entityLSB == TPMEntityTypeLSB.TPM_ET_SRK)
            {
                //We now know that the current identifier is a key identifier (maybe srk, but then the value is ignored by TPM_OSAP).
                //So we invoke the key manager to load the key with the specified identifier and establish an OSAP session
                _keyManager.LoadKey(identifier);
            }

            //handle is not known yet
            AuthHandle authHandle = new AuthHandle(AuthHandle.AuthType.OSAP, 0);

            authHandle.EntityType = entityLSB;
            authHandle.NewNonceOddOSAP();


            using (_keyManager.AcquireLock())
            {
                TPMBlob requestBlob = new TPMBlob();
                requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_COMMAND, TPMOrdinals.TPM_ORD_OSAP);
                requestBlob.WriteUInt16((ushort)(((ushort)entityMSB << 8) | (ushort)entityLSB));

                if (entityLSB == TPMEntityTypeLSB.TPM_ET_KEYHANDLE ||
                    entityLSB == TPMEntityTypeLSB.TPM_ET_SRK)
                {
                    if (identifier == KeyHandle.KEY_SRK)
                    {
                        requestBlob.WriteUInt32((uint)TPMKeyHandles.TPM_KH_SRK);
                        authHandle.EntityValue = (uint)TPMKeyHandles.TPM_KH_SRK;
                    }
                    else
                    {
                        KeyHandle keyHandle = _keyManager.IdentifierToHandle(identifier);
                        requestBlob.WriteUInt32(keyHandle.Handle);
                        authHandle.EntityValue = keyHandle.Handle;
                    }
                }
                else if (entityLSB == TPMEntityTypeLSB.TPM_ET_OWNER)
                {
                    requestBlob.WriteUInt32((uint)TPMKeyHandles.TPM_KH_OWNER);
                    authHandle.EntityValue = (uint)TPMKeyHandles.TPM_KH_OWNER;
                }

                requestBlob.Write(authHandle.NonceOddOSAP, 0, authHandle.NonceOddOSAP.Length);
                requestBlob.WriteCmdSize();

                _commandAuthHelper.EnsureFreeSlot();
                _responseBlob = TransmitMe(requestBlob);
            }

            _responseBlob.SkipHeader();
            AuthHandleCore receivedAuthHandle = new AuthHandleCore(AuthHandle.AuthType.OSAP, _responseBlob);

            authHandle.UpdateFromOtherAuthHandle(receivedAuthHandle);


            _responseParameters = new Parameters();
            _responseParameters.AddValue("auth_handle", authHandle);
            return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_OSAP, _responseParameters));
        }