/// <summary>
/// Writes target to sink with the uint size preceding
/// </summary>
/// <param name="sink"></param>
/// <param name="target"></param>
public static void WriteITPMBlobWritableWithUIntSize(TPMBlob sink, ITPMBlobWritable target)
{
if (target == null)
{
sink.WriteUInt32 (0);
}
else
{
using (TPMBlob tempBlob = new TPMBlob ())
{
target.WriteToTpmBlob (tempBlob);
sink.WriteUInt32 ((uint)tempBlob.Length);
sink.Write (tempBlob.ToArray (), 0, (int)tempBlob.Length);
}
}
}
public override TPMCommandResponse Process()
{
if(_params.GetValueOf<string>("type", "") == "request_prefix")
{
TPMBoundDataCore boundData = TPMBoundDataCore.Encapsulate(new byte[0]);
_responseParameters = new Parameters();
using(TPMBlob blob = new TPMBlob())
{
boundData.WriteToTpmBlob(blob);
_responseParameters.AddPrimitiveType("prefix", blob.ToArray());
}
return new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_Bind, _responseParameters);
}
else
throw new ArgumentException("TPM_Bind: did not find valid type");
}
protected override TPMCommandResponse InternalProcess()
{
TPMBlob requestBlob = new TPMBlob();
requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_Quote);
//key handle gets inserted later, it may be not available now
requestBlob.WriteUInt32(0);
requestBlob.Write(_nonce, 0, 20);
_pcrSelection.WriteToTpmBlob(requestBlob);
_keyManager.LoadKey(_params.GetValueOf<string>("key"));
AuthorizeMe(requestBlob);
using(_keyManager.AcquireLock())
{
requestBlob.SkipHeader();
requestBlob.WriteUInt32(_keyManager.IdentifierToHandle(_params.GetValueOf<string>("key")).Handle);
_responseBlob = TransmitMe(requestBlob);
}
CheckResponseAuthInfo();
_responseBlob.SkipHeader();
TPMPCRCompositeCore pcrComposite = TPMPCRCompositeCore.CreateFromTPMBlob(_responseBlob);
uint sigSize = _responseBlob.ReadUInt32();
byte[] signature = _responseBlob.ReadBytes((int)sigSize);
// Do signature verification
TPMQuoteInfoCore quoteInfo = TPMQuoteInfoCore.Create(new HashProvider().Hash(new HashTPMBlobWritableDataProvider(pcrComposite)), _nonce);
byte[] signingData;
using (TPMBlob blob = new TPMBlob())
{
quoteInfo.WriteToTpmBlob(blob);
signingData = blob.ToArray();
}
Parameters pubKeyParams = new Parameters();
pubKeyParams.AddPrimitiveType("key", _params.GetValueOf<string>("key"));
TPMCommandRequest pubKeyRequest = new TPMCommandRequest(TPMCommandNames.TPM_CMD_GetPubKey, pubKeyParams);
TPMCommandResponse pubKeyResponse = _tpmWrapper.Process(pubKeyRequest,
_commandAuthHelper, _keyManager);
if (pubKeyResponse.Status == false)
{
_log.FatalFormat("TPM_Quote: Could not retrieve pubkey of key");
return new TPMCommandResponse(false, TPMCommandNames.TPM_CMD_Quote, new Parameters());
}
TPMKey keyInfo = TPMKeyCore.CreateFromBytes(_keyManager.GetKeyBlob(_params.GetValueOf<string>("key")));
TPMPubkey pubkey = pubKeyResponse.Parameters.GetValueOf<TPMPubkey>("pubkey");
if (SignatureVerification.VerifySignature(keyInfo, pubkey, signingData, signature) == false)
{
throw new ArgumentException("The TPM_Quote signature could not be verified");
}
Parameters responseParams = new Parameters();
responseParams.AddValue("pcrData", pcrComposite);
responseParams.AddPrimitiveType("sig", signature);
return new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_Quote, responseParams);
}
/// <summary>
/// Transmit support for TpmMemoryStreams.
/// </summary>
/// <param name="instm"></param>
/// <param name="writeSize"></param>
/// <returns></returns>
public TPMBlob Transmit(TPMBlob instm, bool writeSize)
{
if (writeSize)
instm.WriteCmdSize();
byte[] inblob = instm.GetBuffer();
if(_debug)
_logger.DebugFormat("send --> 0x{0}", ByteHelper.ByteArrayToHexString(instm.ToArray(), " "));
byte[] outblob = Transmit(inblob, (int)instm.Length);
if(_debug)
_logger.DebugFormat("received --> 0x{0}", ByteHelper.ByteArrayToHexString(outblob, " "));
return new TPMBlob(outblob);
}
