private byte[] GetTpmAuth(TBS_AUTH_TYPE authType)
{
#if false
return(new byte[0]);
#else
if (TbsHandle == UIntPtr.Zero)
{
throw new Exception("TBS context not created.");
}
//Console.WriteLine("GetTpmAuth: Retrieving auth value {0}", authType);
var resultBuf = new byte[256];
uint resultByteCount = (uint)resultBuf.Length;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.
Tbsi_Get_OwnerAuth(TbsHandle,
(uint)authType,
resultBuf,
ref resultByteCount);
if (result != TbsWrapper.TBS_RESULT.SUCCESS)
{
Console.WriteLine("GetTpmAuth({0}): error 0x{1:X} {2}", authType, result,
result == TbsWrapper.TBS_RESULT.OWNERAUTH_NOT_FOUND ? " (OWNERAUTH_NOT_FOUND)" :
result == TbsWrapper.TBS_RESULT.BAD_PARAMETER ? " (BAD_PARAMETER)" : "");
return(new byte[0]);
}
return(Globs.CopyData(resultBuf, 0, (int)resultByteCount));
#endif
}
public override void SetAlternativeResult(Results r)
{
switch (r)
{
case Results.RESULT_BAD_PARAMETER:
AlternativeResult = TbsWrapper.TBS_RESULT.TBS_E_BAD_PARAMETER;
break;
case Results.RESULT_COMMAND_CANCELED:
AlternativeResult = TbsWrapper.TBS_RESULT.TBS_E_COMMAND_CANCELED;
break;
case Results.RESULT_INTERNAL_ERROR:
AlternativeResult = TbsWrapper.TBS_RESULT.TBS_E_INTERNAL_ERROR;
break;
case Results.RESULT_SUCCESS:
AlternativeResult = TbsWrapper.TBS_RESULT.TBS_SUCCESS;
break;
case Results.RESULT_COMMAND_BLOCKED:
AlternativeResult = TbsWrapper.TBS_RESULT.TBS_E_BLOCKED;
break;
default:
throw new Exception("Bad Value in SetAlternativeResult: " + r.ToString());
}
}
public override void DispatchCommand(CommandModifier active, byte[] inBuf, out byte[] outBuf)
{
if (TbsHandle == UIntPtr.Zero)
{
throw new Exception("TBS context not created.");
}
var resultBuf = new byte[4096];
uint bytesReturned = (uint)resultBuf.Length;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.Tbsip_Submit_Command(TbsHandle,
(TbsWrapper.TBS_COMMAND_LOCALITY)
active.ActiveLocality,
active.ActivePriority,
inBuf,
(uint)inBuf.Length,
resultBuf,
ref bytesReturned);
if (result != AlternativeResult && result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
string errMsg = new Win32Exception((int)result).Message;
ProcessError("TBS error " + result.ToString("X") + ": " + errMsg, out outBuf);
return;
}
if (bytesReturned == 0)
{
ProcessError(Globs.GetResourceString("SubmitError2"), out outBuf);
return;
}
outBuf = new byte[bytesReturned];
Array.Copy(resultBuf, outBuf, (int)bytesReturned);
}
private byte[] GetTpmAuth(TBS_OWNERAUTH_TYPE authType)
{
#if true
return(new byte[0]);
#else
if (TbsHandle == UIntPtr.Zero)
{
throw new Exception("TBS context not created.");
}
//Console.WriteLine("GetTpmAuth: Retrieving auth value {0}", authType);
var resultBuf = new byte[256];
uint resultByteCount = (uint)resultBuf.Length;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.
Tbsi_Get_OwnerAuth(TbsHandle,
(uint)authType,
resultBuf,
ref resultByteCount);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
//Console.WriteLine("GetTpmAuth({0}): error 0x{1:X8}", authType, (uint)result);
return(new byte[0]);
}
//Console.WriteLine("GetTpmAuth({0}): size {1}", authType, resultByteCount);
return(Globs.CopyData(resultBuf, 0, (int)resultByteCount));
#endif // false
}
public override void CancelContext()
{
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.Tbsip_Cancel_Commands(TbsHandle);
if (result != TbsWrapper.TBS_RESULT.SUCCESS)
{
Debug.WriteLine("TbsStubs.Tbsip_Cancel_Command error 0x{0:x}", result);
throw new Exception("Tbsip_Cancel_Command() failed. Error {" + result + "}");
}
}
public override void CancelContext()
{
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.Tbsip_Cancel_Commands(TbsHandle);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
Console.Error.WriteLine("TbsStubs.Tbsip_Cancel_Command error 0x{0:x}", result);
throw new Exception("Tbsip_Cancel_Command() failed -- 0x" + Convert.ToString((uint)result, 16));
}
}
static bool GetOwnerAuthFromOS(out byte[] ownerAuth)
{
ownerAuth = new byte[0];
// open context
TbsWrapper.TBS_CONTEXT_PARAMS contextParams;
UIntPtr tbsContext = UIntPtr.Zero;
contextParams.Version = TbsWrapper.TBS_CONTEXT_VERSION.TWO;
contextParams.Flags = TbsWrapper.TBS_CONTEXT_CREATE_FLAGS.IncludeTpm20;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.Tbsi_Context_Create(ref contextParams, ref tbsContext);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
return(false);
}
if (tbsContext == UIntPtr.Zero)
{
return(false);
}
// get owner auth size
uint ownerAuthSize = 0;
TbsWrapper.TBS_OWNERAUTH_TYPE ownerType = TbsWrapper.TBS_OWNERAUTH_TYPE.TBS_OWNERAUTH_TYPE_STORAGE_20;
result = TbsWrapper.NativeMethods.Tbsi_Get_OwnerAuth(tbsContext, ownerType, ownerAuth, ref ownerAuthSize);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS &&
result != TbsWrapper.TBS_RESULT.TBS_E_INSUFFICIENT_BUFFER)
{
ownerType = TbsWrapper.TBS_OWNERAUTH_TYPE.TBS_OWNERAUTH_TYPE_FULL;
result = TbsWrapper.NativeMethods.Tbsi_Get_OwnerAuth(tbsContext, ownerType, ownerAuth, ref ownerAuthSize);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS &&
result != TbsWrapper.TBS_RESULT.TBS_E_INSUFFICIENT_BUFFER)
{
Console.WriteLine(Globs.GetResourceString("Failed to get ownerAuth."));
return(false);
}
}
// get owner auth itself
ownerAuth = new byte[ownerAuthSize];
result = TbsWrapper.NativeMethods.Tbsi_Get_OwnerAuth(tbsContext, ownerType, ownerAuth, ref ownerAuthSize);
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
Console.WriteLine(Globs.GetResourceString("Failed to get ownerAuth."));
return(false);
}
TbsWrapper.NativeMethods.Tbsip_Context_Close(tbsContext);
return(true);
}
private byte[] GetTpmAuth(TBS_AUTH_TYPE authType)
{
#if false
return(new byte[0]);
#else
if (TbsHandle == UIntPtr.Zero)
{
throw new Exception("TBS context not created.");
}
//Console.WriteLine("GetTpmAuth: Retrieving auth value {0}", authType);
var resultBuf = new byte[256];
uint resultByteCount = (uint)resultBuf.Length;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.
Tbsi_Get_OwnerAuth(TbsHandle,
(uint)authType,
resultBuf,
ref resultByteCount);
if (result != TbsWrapper.TBS_RESULT.SUCCESS)
{
#if !__NETCOREAPP2__ && false
Console.WriteLine($"Trying to read LockoutAuth from the registry...");
try
{
string lockoutAuthBase64 = (string)Registry.GetValue(@"HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TPM\WMI\Admin", "LockoutHash", null);
if (lockoutAuthBase64 != null)
{
resultBuf = Convert.FromBase64String(lockoutAuthBase64);
Console.WriteLine($"LockoutAuth: {lockoutAuthBase64} | len {resultBuf.Length} bytes | {Globs.HexFromByteArray(resultBuf)}");
return(resultBuf);
}
}
catch (Exception e) {
Console.WriteLine($"Exception: {e}");
}
#endif
#if !WINDOWS_UWP
Console.WriteLine("GetTpmAuth({0}): Windows TBS returned 0x{1:X} {2}", authType, result,
result == TbsWrapper.TBS_RESULT.OWNERAUTH_NOT_FOUND ? " (OWNERAUTH_NOT_FOUND)" :
result == TbsWrapper.TBS_RESULT.BAD_PARAMETER ? " (BAD_PARAMETER)" : "");
#endif
return(new byte[0]);
}
return(Globs.CopyData(resultBuf, 0, (int)resultByteCount));
#endif
}
public override void Connect()
{
TbsWrapper.TBS_CONTEXT_PARAMS contextParams;
UIntPtr tbsContext = UIntPtr.Zero;
contextParams.Version = TbsWrapper.TBS_CONTEXT_VERSION.TWO;
contextParams.Flags = TbsWrapper.TBS_CONTEXT_CREATE_FLAGS.IncludeTpm20;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods
.Tbsi_Context_Create(ref contextParams, ref tbsContext);
Debug.WriteLine(Globs.GetResourceString("TbsHandle:") + tbsContext.ToUInt32());
if (result != TbsWrapper.TBS_RESULT.SUCCESS)
{
throw new Exception("Failed to create TBS context: Error {" + result + "}");
}
TbsHandle = tbsContext;
OriginalHandle = tbsContext;
}
public override void DispatchCommand(CommandModifier active, byte[] inBuf, out byte[] outBuf)
{
if (TbsHandle == UIntPtr.Zero)
{
throw new Exception("TBS context not created.");
}
var resultBuf = new byte[4096];
uint resultByteCount = (uint)resultBuf.Length;
TpmRc result = TpmRc.Success;
TbsWrapper.TBS_RESULT tbsRes = TbsWrapper.NativeMethods.
Tbsip_Submit_Command(TbsHandle,
(TbsWrapper.TBS_COMMAND_LOCALITY)active.ActiveLocality,
active.ActivePriority,
inBuf,
(uint)inBuf.Length,
resultBuf,
ref resultByteCount);
string errMsg;
if (tbsRes == TbsWrapper.TBS_RESULT.SUCCESS)
{
if (resultByteCount != 0)
{
outBuf = new byte[resultByteCount];
Array.Copy(resultBuf, outBuf, (int)resultByteCount);
return;
}
result = TpmRc.TbsUnknownError;
errMsg = Globs.GetResourceString("SubmitError2");
}
else
{
errMsg = new Win32Exception((int)result).Message;
}
outBuf = TpmErrorHelpers.BuildErrorResponseBuffer(result);
} // TbsDevice.DispatchCommand
public override void Connect()
{
TbsWrapper.TBS_CONTEXT_PARAMS contextParams;
UIntPtr tbsContext = UIntPtr.Zero;
contextParams.Version = TbsWrapper.TBS_CONTEXT_VERSION.TWO;
contextParams.Flags = TbsWrapper.TBS_CONTEXT_CREATE_FLAGS.IncludeTpm20;
TbsWrapper.TBS_RESULT result = TbsWrapper.NativeMethods.Tbsi_Context_Create(ref contextParams, ref tbsContext);
#if !NETFX_CORE
Console.WriteLine(Globs.GetResourceString("TbsHandle:") + tbsContext.ToUInt32());
#endif
if (result != TbsWrapper.TBS_RESULT.TBS_SUCCESS)
{
throw new Exception("Can't create TBS context: Error=0x" + Convert.ToString((uint)result, 16));
}
TbsHandle = tbsContext;
OriginalHandle = tbsContext;
}
