Esempio n. 1
0
 public void WriteToTpmBlob(TPMBlob blob)
 {
     blob.WriteUInt32((uint)_algorithmId);
     blob.WriteUInt16((ushort)_encScheme);
     blob.WriteUInt16((ushort)_sigScheme);
     TPMBlobWriteableHelper.WriteITPMBlobWritableWithUIntSize(blob, (ITPMBlobWritable)_params);
 }
Esempio n. 2
0
        protected override TPMCommandResponse InternalProcess()
        {
            // Unencrypted authorization values, they need to be XOR-Encrypted with
            // XOR(auth, SHA-1(OSAP shared secret | session nonce))
            //
            // OSAP_shared_secret = HMAC(key=usage secret of key handle, nonce even osap | nonce odd osap)
            AuthHandle auth1OSAP = _commandAuthHelper.AssureOSAPSharedSecret(this, AuthSessionNum.Auth1);

            _encAuth = _params.GetValueOf <byte[]> ("data_auth");

            byte[] xorKey = new HashProvider().Hash(
                new HashByteDataProvider(auth1OSAP.SharedSecret),
                new HashByteDataProvider(auth1OSAP.NonceEven));

            ByteHelper.XORBytes(_encAuth, xorKey);

            //Load parent key if not loaded
            _keyManager.LoadKey(_params.GetValueOf <string>("key"));

            TPMBlob requestBlob = new TPMBlob();

            requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_Seal);

            //key handle gets inserted later, it may be not available now
            requestBlob.WriteUInt32(0);
            requestBlob.Write(_encAuth, 0, 20);
            TPMBlobWriteableHelper.WriteITPMBlobWritableWithUIntSize(requestBlob, _pcrInfo);
            requestBlob.WriteUInt32((uint)_inData.Length);
            requestBlob.Write(_inData, 0, _inData.Length);

            AuthorizeMe(requestBlob);

            using (_keyManager.AcquireLock())
            {
                requestBlob.SkipHeader();
                requestBlob.WriteUInt32(_keyManager.IdentifierToHandle(_params.GetValueOf <string>("key")).Handle);
                _responseBlob = TransmitMe(requestBlob);
            }

            CheckResponseAuthInfo();

            _responseBlob.SkipHeader();

            TPMStoredDataCore sealedData = TPMStoredDataCore.CreateFromTPMBlob(_responseBlob);

            Parameters responseParams = new Parameters();

            responseParams.AddPrimitiveType("data", ByteHelper.SerializeToBytes(sealedData));

            return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_Seal, responseParams));
        }
Esempio n. 3
0
        public override TPMCommandResponse Process()
        {
            TPMBlob requestBlob = new TPMBlob();

            requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_COMMAND, TPMOrdinals.TPM_ORD_GetCapability);
            requestBlob.WriteUInt32((uint)_capArea);

            switch (_capArea)
            {
            case CapabilityData.TPMCapabilityArea.TPM_CAP_VERSION_VAL:
                //Subcaps are ignored by TPM_CAP_VERSION_VAL
                requestBlob.WriteUInt32(0);
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_HANDLE:
                requestBlob.WriteUInt32(4);
                requestBlob.WriteUInt32((uint)_param.GetValueOf <TPMResourceType> ("handle_type"));
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY:
                CapabilityData.TPMSubCapProperty subCap = _param.GetValueOf <CapabilityData.TPMSubCapProperty> ("subCap");

                //Size of subcap
                requestBlob.WriteUInt32(4);
                requestBlob.WriteUInt32((uint)subCap);
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_SELECT_SIZE:

                CapabilityDataCore.TPMSelectSizeCore tpmSelectSize =
                    CapabilityDataCore.TPMSelectSizeCore.CreateVersion12(_param.GetValueOf <ushort>(CapabilityData.PARAM_PROP_SELECT_SIZE));

                TPMBlobWriteableHelper.WriteITPMBlobWritableWithUIntSize(requestBlob, tpmSelectSize);
                break;

            default:
                throw new NotSupportedException("Defined cap or subcap are not supported");
            }



//			if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_VERSION_VAL)
//			{
//				//Subcaps are ignored by TPM_CAP_VERSION_VAL
//				requestBlob.WriteUInt32 (0);
//			}
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_HANDLE)
//			{
//				requestBlob.WriteUInt32 (4);
//				requestBlob.WriteUInt32 ((uint)_param.GetValueOf<TPMResourceType> ("handle_type"));
//			}
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY)
//			{
//				CapabilityData.TPMSubCapProperty subCap = _param.GetValueOf<CapabilityData.TPMSubCapProperty> ("subCap");
//
//				//Size of subcap
//				requestBlob.WriteUInt32 (4);
//				requestBlob.WriteUInt32 ((uint)subCap);
//			}
//			else
//				throw new NotSupportedException ("Defined cap or subcap are not supported");

            requestBlob.WriteCmdSize();

            TPMBlob responseBlob = TransmitMe(requestBlob);

            responseBlob.SkipHeader();

            Parameters parameters = new Parameters();


            switch (_capArea)
            {
            case CapabilityData.TPMCapabilityArea.TPM_CAP_VERSION_VAL:
                CapabilityDataCore.TPMCapVersionInfoCore tpmVersionInfo = new CapabilityDataCore.TPMCapVersionInfoCore(responseBlob);
                parameters.AddValue(CapabilityData.PARAM_TPM_VERSION_INFO, tpmVersionInfo);
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_HANDLE:
                responseBlob.SkipHeader();

                //Reads the response size, which is ignored
                responseBlob.ReadUInt32();

                HandleListCore handleList = new HandleListCore(responseBlob, _param.GetValueOf <TPMResourceType> ("handle_type"));
                parameters.AddValue("handles", handleList);
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY:
                responseBlob.SkipHeader();
                switch (_param.GetValueOf <CapabilityData.TPMSubCapProperty> ("subCap"))
                {
                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_PCR:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_PCR, ReadUInt32Response(responseBlob));
                    break;

                //case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_DIR:
                //    parameters.AddPrimitiveType (CapabilityData.PARAM_PROP_DIR, ReadUInt32Response (responseBlob));
                //    break;
                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MANUFACTURER:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_MANUFACTURER, ReadUInt32Response(responseBlob));
                    break;

                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_KEYS:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_KEYS, ReadUInt32Response(responseBlob));
                    break;

                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_AUTHSESS:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_MAX_AUTHSESS, ReadUInt32Response(responseBlob));
                    break;

                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_TRANSESS:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_MAX_TRANSESS, ReadUInt32Response(responseBlob));
                    break;

                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_KEYS:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_MAX_KEYS, ReadUInt32Response(responseBlob));
                    break;

                case CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_SESSIONS:
                    parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_MAX_SESSIONS, ReadUInt32Response(responseBlob));
                    break;

                default:
                    throw new NotSupportedException("Defined cap or subcap are not supported");
                }
                break;

            case CapabilityData.TPMCapabilityArea.TPM_CAP_SELECT_SIZE:
                parameters.AddPrimitiveType(CapabilityData.PARAM_PROP_SELECT_SIZE, ReadBoolResponse(responseBlob));
                break;
            }



//			if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_VERSION_VAL)
//			{
//				CapabilityDataCore.TPMCapVersionInfoCore tpmVersionInfo = new CapabilityDataCore.TPMCapVersionInfoCore (responseBlob);
//				parameters.AddValue (CapabilityData.PARAM_TPM_VERSION_INFO, tpmVersionInfo);
//			}
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_HANDLE)
//			{
//				responseBlob.SkipHeader ();
//
//				//Reads the response size, which is ignored
//				responseBlob.ReadUInt32 ();
//
//				HandleListCore handleList = new HandleListCore (responseBlob, _param.GetValueOf<TPMResourceType> ("handle_type"));
//				parameters.AddValue ("handles", handleList);
//			}
//
//
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY &&
//				    _param.GetValueOf<CapabilityData.TPMSubCapProperty> ("subCap") == CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_PCR)
//			{
//				responseBlob.SkipHeader ();
//				parameters.AddPrimitiveType (CapabilityData.PARAM_PROP_PCR, ReadUInt32Response (responseBlob));
//			}
//
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY &&
//				_param.GetValueOf<CapabilityData.TPMSubCapProperty> ("subCap") == CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_AUTHSESS)
//			{
//				responseBlob.SkipHeader ();
//				parameters.AddPrimitiveType (CapabilityData.PARAM_PROP_MAX_AUTHSESS, ReadUInt32Response (responseBlob));
//			}
//
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY &&
//				_param.GetValueOf<CapabilityData.TPMSubCapProperty> ("subCap") == CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_TRANSESS)
//			{
//				responseBlob.SkipHeader ();
//				parameters.AddPrimitiveType (CapabilityData.PARAM_PROP_MAX_TRANSESS, ReadUInt32Response (responseBlob));
//			}
//
//			else if (_capArea == CapabilityData.TPMCapabilityArea.TPM_CAP_PROPERTY &&
//				_param.GetValueOf<CapabilityData.TPMSubCapProperty> ("subCap") == CapabilityData.TPMSubCapProperty.TPM_CAP_PROP_MAX_SESSIONS)
//			{
//				responseBlob.SkipHeader ();
//				parameters.AddPrimitiveType (CapabilityData.PARAM_PROP_MAX_SESSIONS, ReadUInt32Response (responseBlob));
//			}
//			else
//				throw new NotSupportedException("Defined cap or subcap are not supported");

            return(new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_GetCapability, parameters));
        }