static ProtectedPasswordStorage RequestSecret(HMACKeyInfo keyInfo)
{
if(keyInfo.KeyType == HMACKeyInfo.HMACKeyType.SrkSecret)
{
ProtectedPasswordStorage secret = new ProtectedPasswordStorage();
secret.WellKnown();
return secret;
}
return ConsoleUtils.ReadPassword(String.Format("Please enter Passwd for key {0}: ",
keyInfo.Parameters.GetValueOf<string>("identifier")));
}
static ProtectedPasswordStorage RequestSecret(HMACKeyInfo keyInfo)
{
if(keyInfo.KeyType == HMACKeyInfo.HMACKeyType.SrkSecret)
{
ProtectedPasswordStorage secret = new ProtectedPasswordStorage();
secret.WellKnown();
return secret;
}
ProtectedPasswordStorage pws = new ProtectedPasswordStorage();
pws.AppendPasswordChar('I');
pws.AppendPasswordChar('A');
pws.AppendPasswordChar('I');
pws.AppendPasswordChar('K');
return pws;
}
public override void Execute(string[] commandline)
{
if (commandline.Length < 2)
{
_console.Out.WriteLine ("Error: [local_session_alias] not specified");
return;
}
else if (commandline.Length < 3)
{
_console.Out.WriteLine ("Error: [command] not specified");
return;
}
ClientContext ctx = _console.GetValue<ClientContext> ("client_context", null);
if (ctx == null)
{
_console.Out.WriteLine ("No active connection was found");
return;
}
string localAlias = commandline[1];
string keyCommand = commandline[2];
IDictionary<string, TPMSession> tpmSessions = _console.GetValue<IDictionary<string, TPMSession>> ("tpm_sessions", null);
if (tpmSessions == null || tpmSessions.ContainsKey (localAlias) == false)
{
_console.Out.WriteLine ("Error: Specified local alias was not found");
return;
}
if (keyCommand == "clear")
{
List<string> toRemove = new List<string>();
foreach(string key in tpmSessions[localAlias].ListValueKeys())
{
if(key.StartsWith("secret_"))
toRemove.Add(key);
}
foreach(string key in toRemove)
{
tpmSessions[localAlias].ClearValue(key);
}
}
else if (keyCommand == "remove")
{
IDictionary<string, string> arguments = null;
if(commandline.Length >= 4)
arguments = _console.SplitArguments(commandline[3], 0);
if(commandline.Length < 4 || arguments.ContainsKey("type") == false)
{
_console.Out.WriteLine("Error: No type to remove specified");
return;
}
tpmSessions[localAlias].ClearValue("secret_" + arguments["type"]);
}
else if(keyCommand == "add")
{
if(commandline.Length < 4)
{
_console.Out.WriteLine("Error: No arguments specified");
return;
}
IDictionary<string, string> arguments = _console.SplitArguments(commandline[3], 0);
if(arguments.ContainsKey("type") == false)
{
_console.Out.WriteLine("Error: No type specified");
return;
}
string dictKey = arguments["type"];
HMACKeyInfo keyInfo;
Parameters hmacKeyInfoParams = new Parameters();
if(dictKey == "owner")
{
dictKey = TPMSession.PARAM_AUTH_OWNER;
keyInfo = new HMACKeyInfo(HMACKeyInfo.HMACKeyType.OwnerSecret, hmacKeyInfoParams);
}
else if(dictKey == "srk")
{
dictKey = TPMSession.PARAM_AUTH_SRK;
keyInfo = new HMACKeyInfo(HMACKeyInfo.HMACKeyType.SrkSecret, hmacKeyInfoParams);
}
else if(dictKey == "key_usage")
{
if(arguments.ContainsKey("name") == false)
{
_console.Out.WriteLine("Error: key_usage requires name of key");
return;
}
dictKey = "usage_" + arguments["name"];
hmacKeyInfoParams.AddPrimitiveType("identifier", arguments["name"]);
keyInfo = new HMACKeyInfo(HMACKeyInfo.HMACKeyType.KeyUsageSecret, hmacKeyInfoParams);
}
else if(dictKey == "seal")
{
if(arguments.ContainsKey("name") == false)
{
_console.Out.WriteLine("Error: seal requires name of key");
return;
}
dictKey = "seal_" + arguments["name"];
hmacKeyInfoParams.AddPrimitiveType("identifier", arguments["name"]);
keyInfo = new HMACKeyInfo(HMACKeyInfo.HMACKeyType.SealAuth, hmacKeyInfoParams);
}
else if(dictKey == "counter")
{
dictKey = "counter";
keyInfo = new HMACKeyInfo(HMACKeyInfo.HMACKeyType.CounterSecret, new Parameters());
}
else
{
_console.Out.WriteLine("Error: Unknown secret type");
return;
}
ProtectedPasswordStorage pw;
if(arguments.ContainsKey("secret"))
{
pw = new ProtectedPasswordStorage();
foreach(char c in arguments["secret"])
pw.AppendPasswordChar(c);
}
else
{
tpmSessions[localAlias].ClearValue("secret_" + dictKey);
pw = tpmSessions[localAlias].RequestSecret(keyInfo);
}
pw.Hash();
tpmSessions[localAlias].SetValue("secret_" + dictKey, pw);
}
else
_console.Out.WriteLine ("Error, unknown command '{0}'", commandline[2]);
}
public SecretRequest(string customHintText)
{
_keyInfo = null;
_customHintText = customHintText;
}
public SecretRequest(HMACKeyInfo keyInfo)
{
_keyInfo = keyInfo;
_customHintText = null;
}
public static ProtectedPasswordStorage mycallback(HMACKeyInfo keyInfo)
{
// We use the empty string as password ...
ProtectedPasswordStorage pws = new ProtectedPasswordStorage();
pws.AppendPasswordChar('i');
pws.AppendPasswordChar('a');
pws.AppendPasswordChar('i');
pws.AppendPasswordChar('k');
return pws;
}
