public override void Execute(string[] commandline)
{
if (commandline.Length < 2)
{
_console.Out.WriteLine("Error: [local_session_alias] not specified");
return;
}
else if (commandline.Length < 3)
{
_console.Out.WriteLine("Error: [command] not specified");
return;
}
ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null);
if (ctx == null)
{
_console.Out.WriteLine("No active connection was found");
return;
}
string localAlias = commandline[1];
IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null);
if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false)
{
_console.Out.WriteLine("Error: Specified local alias was not found");
return;
}
if (tpmSessions[localAlias].Keystore == null)
{
_console.Out.WriteLine("Error: No keystore was opened");
return;
}
IDictionary <string, string> arguments = _console.SplitArguments(commandline[2], 0);
if (arguments.ContainsKey("name") == false)
{
_console.Out.WriteLine("Error: no key name was specified");
return;
}
if (arguments.ContainsKey("data_input") == false)
{
_console.Out.WriteLine("Error: no data input source specified");
return;
}
TPMSessionSealCommand.DataInputMode dataInputMode;
try
{
dataInputMode = (TPMSessionSealCommand.DataInputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataInputMode), arguments["data_input"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data input source");
return;
}
TPMSessionSealCommand.DataOutputMode dataOutputMode;
try
{
dataOutputMode = (TPMSessionSealCommand.DataOutputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataOutputMode), arguments["data_output"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data output destination");
return;
}
TPMSessionSealCommand.DataFormat inputDataFormat = TPMSessionSealCommand.DataFormat.Raw;
if (arguments.ContainsKey("input_data_format"))
{
try
{
inputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["input_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid input data format");
return;
}
}
TPMSessionSealCommand.DataFormat outputDataFormat = TPMSessionSealCommand.DataFormat.Raw;
if (arguments.ContainsKey("output_data_format"))
{
try
{
outputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["output_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid output data format");
return;
}
}
if (dataInputMode == TPMSessionSealCommand.DataInputMode.File && arguments.ContainsKey("file") == false)
{
_console.Out.WriteLine("Error: data_input=file requires file argument!");
return;
}
if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File && arguments.ContainsKey("output_file") == false)
{
_console.Out.WriteLine("Error: data_output=file requires output_file argument!");
return;
}
ClientKeyHandle keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["name"]);
Stream inputStream = null;
if (dataInputMode == TPMSessionSealCommand.DataInputMode.Console)
{
inputStream = new TextReaderStream(_console.In);
}
else if (dataInputMode == TPMSessionSealCommand.DataInputMode.Embedded)
{
if (commandline.Length <= 3)
{
_console.Out.WriteLine("Error: no embedded data");
return;
}
StringBuilder embeddedData = new StringBuilder();
for (int i = 3; i < commandline.Length; i++)
{
embeddedData.Append(commandline[i]);
if (i + 1 < commandline.Length)
{
embeddedData.Append(" ");
}
}
inputStream = new TextReaderStream(new StringReader(embeddedData.ToString()));
}
else if (dataInputMode == TPMSessionSealCommand.DataInputMode.File)
{
inputStream = new FileStream(arguments["file"], FileMode.Open, FileAccess.Read);
}
if (inputDataFormat == TPMSessionSealCommand.DataFormat.Hex)
{
inputStream = new HexFilterStream(inputStream);
}
Stream outputStream = null;
if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.Console)
{
outputStream = new TextWriterStream(_console.Out);
}
else if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File)
{
outputStream = new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write);
}
if (outputDataFormat == TPMSessionSealCommand.DataFormat.Hex)
{
outputStream = new HexFilterStream(outputStream);
}
IAsymmetricBlockCipher sealCipher = keyHandle.CreateSealBlockCipher(null);
sealCipher.Init(false, null);
while (inputStream.Position + 1 < inputStream.Length)
{
byte[] encryptedBlock = keyHandle.ReadEncryptedBlock(inputStream);
byte[] decrypted = sealCipher.ProcessBlock(encryptedBlock, 0, encryptedBlock.Length);
outputStream.Write(decrypted, 0, decrypted.Length);
}
_console.Out.WriteLine();
outputStream.Dispose();
inputStream.Dispose();
}
public static void Main(string[] args)
{
string[] sealMe = { "Hallo", "IAIK!" };
// Establish Connections
IDictionary <string, TPMSession> sessions =
XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml");
// Create one keystore per opened session
foreach (TPMSession tpmSes in sessions.Values)
{
tpmSes.Keystore = new InMemoryKeystore();
}
TPMSession sessionToUse = sessions["local0"];
sessionToUse.SetRequestSecretCallback(RequestSecret);
Console.WriteLine("Create Cipher Key");
ClientKeyHandle myFirstSealKey =
sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_seal_key", TPMKeyUsage.TPM_KEY_STORAGE);
Console.WriteLine("Key: {0}\n{1}", myFirstSealKey.FriendlyName, myFirstSealKey.PublicKey);
Console.WriteLine("---------------------------------\n");
sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
TPMPCRSelection pcrselect = sessionToUse.CreateEmptyPCRSelection();
pcrselect.PcrSelection[0] = true;
pcrselect.PcrSelection[1] = true;
pcrselect.PcrSelection[2] = true;
Console.WriteLine("Create Cipher, init and cipher");
IAsymmetricBlockCipher cipher = myFirstSealKey.CreateSealBlockCipher(pcrselect);
cipher.Init(true, null);
byte[][] cipherText = new byte[sealMe.Length][];
int i = 0;
foreach (string msg in sealMe)
{
byte[] block = System.Text.ASCIIEncoding.ASCII.GetBytes(msg);
cipherText[i] = cipher.ProcessBlock(block, 0, block.Length);
i++;
}
Console.WriteLine("Original vs. CiperText:");
for (i = 0; i < sealMe.Length; i++)
{
Console.WriteLine("{0} --> {1}", sealMe[i], ByteHelper.ByteArrayToHexString(cipherText[i]));
}
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Init and decode");
cipher.Init(false, null);
byte[][] decode = new byte[sealMe.Length][];
i = 0;
foreach (byte[] msg in cipherText)
{
decode[i] = cipher.ProcessBlock(msg, 0, msg.Length);
i++;
}
Console.WriteLine("Does it work?:");
for (i = 0; i < sealMe.Length; i++)
{
Console.WriteLine("{0}: {1}", sealMe[i] == System.Text.ASCIIEncoding.ASCII.GetString(decode[i])?"Y":"N", System.Text.ASCIIEncoding.ASCII.GetString(decode[i]));
}
Console.WriteLine("---------------------------------\n");
Console.WriteLine("Changing PCR Values");
sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 });
Console.WriteLine("Decode, now an TPMRequest Exception should be thrown, with Error Code (0x18): TPM_WRONGPCRVAL");
decode = new byte[sealMe.Length][];
i = 0;
foreach (byte[] msg in cipherText)
{
try
{
decode[i] = cipher.ProcessBlock(msg, 0, msg.Length);
Console.WriteLine("UUUUUPPPPSSSS, something went wrong!");
}
catch (TPMRequestException e)
{
Console.WriteLine(e.ToString());
}
i++;
}
}
public override void Execute(string[] commandline)
{
if (commandline.Length < 2)
{
_console.Out.WriteLine("Error: [local_session_alias] not specified");
return;
}
else if (commandline.Length < 3)
{
_console.Out.WriteLine("Error: [command] not specified");
return;
}
ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null);
if (ctx == null)
{
_console.Out.WriteLine("No active connection was found");
return;
}
string localAlias = commandline[1];
IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null);
if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false)
{
_console.Out.WriteLine("Error: Specified local alias was not found");
return;
}
if (tpmSessions[localAlias].Keystore == null)
{
_console.Out.WriteLine("Error: No keystore was opened");
return;
}
IDictionary <string, string> arguments = _console.SplitArguments(commandline[2], 0);
if (arguments.ContainsKey("name") == false)
{
_console.Out.WriteLine("Error: no key name was specified");
return;
}
// if(arguments.ContainsKey("pcr") == false)
// {
// _console.Out.WriteLine("Error: no pcr values where specified");
// return;
// }
if (arguments.ContainsKey("data_input") == false)
{
_console.Out.WriteLine("Error: no data input source specified");
return;
}
DataInputMode dataInputMode;
try
{
dataInputMode = (DataInputMode)Enum.Parse(typeof(DataInputMode), arguments["data_input"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data input source");
return;
}
DataOutputMode dataOutputMode;
try
{
dataOutputMode = (DataOutputMode)Enum.Parse(typeof(DataOutputMode), arguments["data_output"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid data output destination");
return;
}
DataFormat inputDataFormat = DataFormat.Raw;
if (arguments.ContainsKey("input_data_format"))
{
try
{
inputDataFormat = (DataFormat)Enum.Parse(typeof(DataFormat), arguments["input_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid input data format");
return;
}
}
DataFormat outputDataFormat = DataFormat.Raw;
if (arguments.ContainsKey("output_data_format"))
{
try
{
outputDataFormat = (DataFormat)Enum.Parse(typeof(DataFormat), arguments["output_data_format"], true);
}
catch (Exception)
{
_console.Out.WriteLine("Error: Invalid output data format");
return;
}
}
if (dataInputMode == DataInputMode.File && arguments.ContainsKey("file") == false)
{
_console.Out.WriteLine("Error: data_input=file requires file argument!");
return;
}
if (dataOutputMode == DataOutputMode.File && arguments.ContainsKey("output_file") == false)
{
_console.Out.WriteLine("Error: data_output=file requires output_file argument!");
return;
}
TPMPCRSelection pcrSelection = tpmSessions[localAlias].CreateEmptyPCRSelection();
if (arguments.ContainsKey("pcr"))
{
foreach (string pcr in arguments["pcr"].Split('|'))
{
int pcrValue = int.Parse(pcr);
pcrSelection.PcrSelection.SetBit(pcrValue - 1, true);
}
}
ClientKeyHandle keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["name"]);
Stream inputStream = null;
if (dataInputMode == DataInputMode.Console)
{
inputStream = new TextReaderStream(_console.In);
}
else if (dataInputMode == DataInputMode.Embedded)
{
if (commandline.Length <= 3)
{
_console.Out.WriteLine("Error: no embedded data");
return;
}
StringBuilder embeddedData = new StringBuilder();
for (int i = 3; i < commandline.Length; i++)
{
embeddedData.Append(commandline[i]);
if (i + 1 < commandline.Length)
{
embeddedData.Append(" ");
}
}
inputStream = new TextReaderStream(new StringReader(embeddedData.ToString()));
}
else if (dataInputMode == DataInputMode.File)
{
inputStream = new FileStream(arguments["file"], FileMode.Open, FileAccess.Read);
}
if (inputDataFormat == DataFormat.Hex)
{
inputStream = new HexFilterStream(inputStream);
}
Stream outputStream = null;
if (dataOutputMode == DataOutputMode.Console)
{
outputStream = new HexFilterStream(new TextWriterStream(_console.Out));
}
else if (dataOutputMode == DataOutputMode.File)
{
if (outputDataFormat == DataFormat.Hex)
{
outputStream = new HexFilterStream(new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write));
}
else
{
outputStream = new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write);
}
}
IAsymmetricBlockCipher sealCipher = keyHandle.CreateSealBlockCipher(pcrSelection);
sealCipher.Init(true, null);
int read;
byte[] buffer = new byte[sealCipher.GetInputBlockSize()];
do
{
read = inputStream.Read(buffer, 0, buffer.Length);
if (read > 0)
{
byte[] encrypted = sealCipher.ProcessBlock(buffer, 0, read);
outputStream.Write(encrypted, 0, encrypted.Length);
}
}while(read > 0);
_console.Out.WriteLine();
outputStream.Dispose();
inputStream.Dispose();
}
