public override void Execute(string[] commandline) { if (commandline.Length < 2) { _console.Out.WriteLine("Error: [local_session_alias] not specified"); return; } else if (commandline.Length < 3) { _console.Out.WriteLine("Error: [command] not specified"); return; } ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null); if (ctx == null) { _console.Out.WriteLine("No active connection was found"); return; } string localAlias = commandline[1]; IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null); if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false) { _console.Out.WriteLine("Error: Specified local alias was not found"); return; } if (tpmSessions[localAlias].Keystore == null) { _console.Out.WriteLine("Error: No keystore was opened"); return; } IDictionary <string, string> arguments = _console.SplitArguments(commandline[2], 0); if (arguments.ContainsKey("name") == false) { _console.Out.WriteLine("Error: no key name was specified"); return; } if (arguments.ContainsKey("data_input") == false) { _console.Out.WriteLine("Error: no data input source specified"); return; } TPMSessionSealCommand.DataInputMode dataInputMode; try { dataInputMode = (TPMSessionSealCommand.DataInputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataInputMode), arguments["data_input"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid data input source"); return; } TPMSessionSealCommand.DataOutputMode dataOutputMode; try { dataOutputMode = (TPMSessionSealCommand.DataOutputMode)Enum.Parse(typeof(TPMSessionSealCommand.DataOutputMode), arguments["data_output"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid data output destination"); return; } TPMSessionSealCommand.DataFormat inputDataFormat = TPMSessionSealCommand.DataFormat.Raw; if (arguments.ContainsKey("input_data_format")) { try { inputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["input_data_format"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid input data format"); return; } } TPMSessionSealCommand.DataFormat outputDataFormat = TPMSessionSealCommand.DataFormat.Raw; if (arguments.ContainsKey("output_data_format")) { try { outputDataFormat = (TPMSessionSealCommand.DataFormat)Enum.Parse(typeof(TPMSessionSealCommand.DataFormat), arguments["output_data_format"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid output data format"); return; } } if (dataInputMode == TPMSessionSealCommand.DataInputMode.File && arguments.ContainsKey("file") == false) { _console.Out.WriteLine("Error: data_input=file requires file argument!"); return; } if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File && arguments.ContainsKey("output_file") == false) { _console.Out.WriteLine("Error: data_output=file requires output_file argument!"); return; } ClientKeyHandle keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["name"]); Stream inputStream = null; if (dataInputMode == TPMSessionSealCommand.DataInputMode.Console) { inputStream = new TextReaderStream(_console.In); } else if (dataInputMode == TPMSessionSealCommand.DataInputMode.Embedded) { if (commandline.Length <= 3) { _console.Out.WriteLine("Error: no embedded data"); return; } StringBuilder embeddedData = new StringBuilder(); for (int i = 3; i < commandline.Length; i++) { embeddedData.Append(commandline[i]); if (i + 1 < commandline.Length) { embeddedData.Append(" "); } } inputStream = new TextReaderStream(new StringReader(embeddedData.ToString())); } else if (dataInputMode == TPMSessionSealCommand.DataInputMode.File) { inputStream = new FileStream(arguments["file"], FileMode.Open, FileAccess.Read); } if (inputDataFormat == TPMSessionSealCommand.DataFormat.Hex) { inputStream = new HexFilterStream(inputStream); } Stream outputStream = null; if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.Console) { outputStream = new TextWriterStream(_console.Out); } else if (dataOutputMode == TPMSessionSealCommand.DataOutputMode.File) { outputStream = new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write); } if (outputDataFormat == TPMSessionSealCommand.DataFormat.Hex) { outputStream = new HexFilterStream(outputStream); } IAsymmetricBlockCipher sealCipher = keyHandle.CreateSealBlockCipher(null); sealCipher.Init(false, null); while (inputStream.Position + 1 < inputStream.Length) { byte[] encryptedBlock = keyHandle.ReadEncryptedBlock(inputStream); byte[] decrypted = sealCipher.ProcessBlock(encryptedBlock, 0, encryptedBlock.Length); outputStream.Write(decrypted, 0, decrypted.Length); } _console.Out.WriteLine(); outputStream.Dispose(); inputStream.Dispose(); }
public static void Main(string[] args) { string[] sealMe = { "Hallo", "IAIK!" }; // Establish Connections IDictionary <string, TPMSession> sessions = XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml"); // Create one keystore per opened session foreach (TPMSession tpmSes in sessions.Values) { tpmSes.Keystore = new InMemoryKeystore(); } TPMSession sessionToUse = sessions["local0"]; sessionToUse.SetRequestSecretCallback(RequestSecret); Console.WriteLine("Create Cipher Key"); ClientKeyHandle myFirstSealKey = sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_seal_key", TPMKeyUsage.TPM_KEY_STORAGE); Console.WriteLine("Key: {0}\n{1}", myFirstSealKey.FriendlyName, myFirstSealKey.PublicKey); Console.WriteLine("---------------------------------\n"); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); TPMPCRSelection pcrselect = sessionToUse.CreateEmptyPCRSelection(); pcrselect.PcrSelection[0] = true; pcrselect.PcrSelection[1] = true; pcrselect.PcrSelection[2] = true; Console.WriteLine("Create Cipher, init and cipher"); IAsymmetricBlockCipher cipher = myFirstSealKey.CreateSealBlockCipher(pcrselect); cipher.Init(true, null); byte[][] cipherText = new byte[sealMe.Length][]; int i = 0; foreach (string msg in sealMe) { byte[] block = System.Text.ASCIIEncoding.ASCII.GetBytes(msg); cipherText[i] = cipher.ProcessBlock(block, 0, block.Length); i++; } Console.WriteLine("Original vs. CiperText:"); for (i = 0; i < sealMe.Length; i++) { Console.WriteLine("{0} --> {1}", sealMe[i], ByteHelper.ByteArrayToHexString(cipherText[i])); } Console.WriteLine("---------------------------------\n"); Console.WriteLine("Init and decode"); cipher.Init(false, null); byte[][] decode = new byte[sealMe.Length][]; i = 0; foreach (byte[] msg in cipherText) { decode[i] = cipher.ProcessBlock(msg, 0, msg.Length); i++; } Console.WriteLine("Does it work?:"); for (i = 0; i < sealMe.Length; i++) { Console.WriteLine("{0}: {1}", sealMe[i] == System.Text.ASCIIEncoding.ASCII.GetString(decode[i])?"Y":"N", System.Text.ASCIIEncoding.ASCII.GetString(decode[i])); } Console.WriteLine("---------------------------------\n"); Console.WriteLine("Changing PCR Values"); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); Console.WriteLine("Decode, now an TPMRequest Exception should be thrown, with Error Code (0x18): TPM_WRONGPCRVAL"); decode = new byte[sealMe.Length][]; i = 0; foreach (byte[] msg in cipherText) { try { decode[i] = cipher.ProcessBlock(msg, 0, msg.Length); Console.WriteLine("UUUUUPPPPSSSS, something went wrong!"); } catch (TPMRequestException e) { Console.WriteLine(e.ToString()); } i++; } }
public override void Execute(string[] commandline) { if (commandline.Length < 2) { _console.Out.WriteLine("Error: [local_session_alias] not specified"); return; } else if (commandline.Length < 3) { _console.Out.WriteLine("Error: [command] not specified"); return; } ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null); if (ctx == null) { _console.Out.WriteLine("No active connection was found"); return; } string localAlias = commandline[1]; IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null); if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false) { _console.Out.WriteLine("Error: Specified local alias was not found"); return; } if (tpmSessions[localAlias].Keystore == null) { _console.Out.WriteLine("Error: No keystore was opened"); return; } IDictionary <string, string> arguments = _console.SplitArguments(commandline[2], 0); if (arguments.ContainsKey("name") == false) { _console.Out.WriteLine("Error: no key name was specified"); return; } // if(arguments.ContainsKey("pcr") == false) // { // _console.Out.WriteLine("Error: no pcr values where specified"); // return; // } if (arguments.ContainsKey("data_input") == false) { _console.Out.WriteLine("Error: no data input source specified"); return; } DataInputMode dataInputMode; try { dataInputMode = (DataInputMode)Enum.Parse(typeof(DataInputMode), arguments["data_input"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid data input source"); return; } DataOutputMode dataOutputMode; try { dataOutputMode = (DataOutputMode)Enum.Parse(typeof(DataOutputMode), arguments["data_output"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid data output destination"); return; } DataFormat inputDataFormat = DataFormat.Raw; if (arguments.ContainsKey("input_data_format")) { try { inputDataFormat = (DataFormat)Enum.Parse(typeof(DataFormat), arguments["input_data_format"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid input data format"); return; } } DataFormat outputDataFormat = DataFormat.Raw; if (arguments.ContainsKey("output_data_format")) { try { outputDataFormat = (DataFormat)Enum.Parse(typeof(DataFormat), arguments["output_data_format"], true); } catch (Exception) { _console.Out.WriteLine("Error: Invalid output data format"); return; } } if (dataInputMode == DataInputMode.File && arguments.ContainsKey("file") == false) { _console.Out.WriteLine("Error: data_input=file requires file argument!"); return; } if (dataOutputMode == DataOutputMode.File && arguments.ContainsKey("output_file") == false) { _console.Out.WriteLine("Error: data_output=file requires output_file argument!"); return; } TPMPCRSelection pcrSelection = tpmSessions[localAlias].CreateEmptyPCRSelection(); if (arguments.ContainsKey("pcr")) { foreach (string pcr in arguments["pcr"].Split('|')) { int pcrValue = int.Parse(pcr); pcrSelection.PcrSelection.SetBit(pcrValue - 1, true); } } ClientKeyHandle keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["name"]); Stream inputStream = null; if (dataInputMode == DataInputMode.Console) { inputStream = new TextReaderStream(_console.In); } else if (dataInputMode == DataInputMode.Embedded) { if (commandline.Length <= 3) { _console.Out.WriteLine("Error: no embedded data"); return; } StringBuilder embeddedData = new StringBuilder(); for (int i = 3; i < commandline.Length; i++) { embeddedData.Append(commandline[i]); if (i + 1 < commandline.Length) { embeddedData.Append(" "); } } inputStream = new TextReaderStream(new StringReader(embeddedData.ToString())); } else if (dataInputMode == DataInputMode.File) { inputStream = new FileStream(arguments["file"], FileMode.Open, FileAccess.Read); } if (inputDataFormat == DataFormat.Hex) { inputStream = new HexFilterStream(inputStream); } Stream outputStream = null; if (dataOutputMode == DataOutputMode.Console) { outputStream = new HexFilterStream(new TextWriterStream(_console.Out)); } else if (dataOutputMode == DataOutputMode.File) { if (outputDataFormat == DataFormat.Hex) { outputStream = new HexFilterStream(new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write)); } else { outputStream = new FileStream(arguments["output_file"], FileMode.OpenOrCreate, FileAccess.Write); } } IAsymmetricBlockCipher sealCipher = keyHandle.CreateSealBlockCipher(pcrSelection); sealCipher.Init(true, null); int read; byte[] buffer = new byte[sealCipher.GetInputBlockSize()]; do { read = inputStream.Read(buffer, 0, buffer.Length); if (read > 0) { byte[] encrypted = sealCipher.ProcessBlock(buffer, 0, read); outputStream.Write(encrypted, 0, encrypted.Length); } }while(read > 0); _console.Out.WriteLine(); outputStream.Dispose(); inputStream.Dispose(); }