public static void Main(string[] args) { string quoteMe = "Hallo IAIK!"; byte[] quoteMeBytes = System.Text.Encoding.ASCII.GetBytes(quoteMe); // Establish Connections IDictionary <string, TPMSession> sessions = XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml"); // Create one keystore per opened session foreach (TPMSession tpmSes in sessions.Values) { tpmSes.Keystore = new InMemoryKeystore(); } TPMSession sessionToUse = sessions["local0"]; sessionToUse.SetRequestSecretCallback(RequestSecret); ClientKeyHandle myFirstQuoteKey = sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_quote_key", TPMKeyUsage.TPM_KEY_SIGNING); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); TPMPCRSelection pcrselect = sessionToUse.CreateEmptyPCRSelection(); pcrselect.PcrSelection[0] = true; pcrselect.PcrSelection[1] = true; pcrselect.PcrSelection[2] = true; ISigner signer = myFirstQuoteKey.CreateQuoter(pcrselect); signer.Init(true, null); signer.BlockUpdate(quoteMeBytes, 0, quoteMeBytes.Length); byte[] quote = signer.GenerateSignature(); Console.WriteLine("Quote of \"Hallo IAIK\" is:\n" + ByteHelper.ByteArrayToHexString(quote)); Console.WriteLine(); Console.WriteLine("Now we would verify this quote."); signer.Reset(); signer.Init(false, null); signer.BlockUpdate(quoteMeBytes, 0, quoteMeBytes.Length); if (signer.VerifySignature(quote) == true) { Console.WriteLine("Quote is OK!"); } else { Console.WriteLine("UUUUPPPPSSS something went wrong!"); } Console.WriteLine("Extending PCRs, Quote should fail now!"); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); if (signer.VerifySignature(quote) == true) { Console.WriteLine("UUUUPPPPSSS something went wrong!"); } else { Console.WriteLine("Quote is NOT OK, that's the way it should be."); } }
public static void Main(String[] args) { using (EzQuoteMain main = new EzQuoteMain()) { /*foreach (String tpm_name in main.ctx_.TPMClient.TPMDevices) * { * Console.WriteLine("TPM DEVICE {0}", tpm_name); * * }*/ TPMSession tpm0 = main.ctx_.TPMClient.SelectTPMDevice("ibm0"); IDictionary <string, string> opts = new Dictionary <string, string>(); opts.Add("file", "/tmp/mystore"); tpm0.Keystore = TPMKeystoreProviders.Create("SQLiteKeystore", opts); tpm0.SetRequestSecretCallback(mycallback); /* * ProtectedPasswordStorage pws = new ProtectedPasswordStorage(); * pws.AppendPasswordChar('i'); * pws.AppendPasswordChar('a'); * pws.AppendPasswordChar('i'); * pws.AppendPasswordChar('k'); * * tpm0.AdministrationClient.TakeOwnership(pws, pws); */ ClientKeyHandle kh_srk = tpm0.KeyClient.GetSrkKeyHandle(); ClientKeyHandle kh_sig1 = kh_srk.CreateKey("sigkey5" + tpm0.CreateRNG().Next(), 2048, TPMKeyUsage.TPM_KEY_SIGNING, TPMKeyFlags.None); TPMPCRSelection pcrs = tpm0.CreateEmptyPCRSelection(); pcrs.PcrSelection.SetBit(0, true); pcrs.PcrSelection.SetBit(1, true); pcrs.PcrSelection.SetBit(16, true); foreach (int pcr in pcrs.SelectedPCRs) { Console.Write(" PCR {0:D2}: 0x"); foreach (byte b in tpm0.IntegrityClient.PCRValue((uint)pcr)) { Console.Write("{0:X2}", b); } Console.WriteLine(); } ISigner signer = kh_sig1.CreateQuoter(pcrs); signer.Init(true, null); signer.Update((byte)'i'); signer.Update((byte)'a'); signer.Update((byte)'i'); signer.Update((byte)'k'); byte[] signature = signer.GenerateSignature(); Console.Write("QUOTE: "); foreach (byte b in signature) { Console.Write(" {0:X2}", b); } Console.WriteLine(); ISigner verifier = kh_sig1.CreateQuoter(pcrs); verifier.Init(false, null); verifier.Update((byte)'i'); verifier.Update((byte)'a'); verifier.Update((byte)'i'); verifier.Update((byte)'k'); if (verifier.VerifySignature(signature)) { Console.WriteLine("JO IT WORKED"); } else { Console.WriteLine("NA IT FAILED"); } } }
public static void Main(string[] args) { string[] sealMe = { "Hallo", "IAIK!" }; // Establish Connections IDictionary <string, TPMSession> sessions = XMLConfiguration.EstablischConnection(base_path + "ClientConfigXml/UnixSocketDeviceLin.xml"); // Create one keystore per opened session foreach (TPMSession tpmSes in sessions.Values) { tpmSes.Keystore = new InMemoryKeystore(); } TPMSession sessionToUse = sessions["local0"]; sessionToUse.SetRequestSecretCallback(RequestSecret); Console.WriteLine("Create Cipher Key"); ClientKeyHandle myFirstSealKey = sessionToUse.KeyClient.GetSrkKeyHandle().CreateKey("my_first_seal_key", TPMKeyUsage.TPM_KEY_STORAGE); Console.WriteLine("Key: {0}\n{1}", myFirstSealKey.FriendlyName, myFirstSealKey.PublicKey); Console.WriteLine("---------------------------------\n"); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(1, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); sessionToUse.IntegrityClient.Extend(2, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); TPMPCRSelection pcrselect = sessionToUse.CreateEmptyPCRSelection(); pcrselect.PcrSelection[0] = true; pcrselect.PcrSelection[1] = true; pcrselect.PcrSelection[2] = true; Console.WriteLine("Create Cipher, init and cipher"); IAsymmetricBlockCipher cipher = myFirstSealKey.CreateSealBlockCipher(pcrselect); cipher.Init(true, null); byte[][] cipherText = new byte[sealMe.Length][]; int i = 0; foreach (string msg in sealMe) { byte[] block = System.Text.ASCIIEncoding.ASCII.GetBytes(msg); cipherText[i] = cipher.ProcessBlock(block, 0, block.Length); i++; } Console.WriteLine("Original vs. CiperText:"); for (i = 0; i < sealMe.Length; i++) { Console.WriteLine("{0} --> {1}", sealMe[i], ByteHelper.ByteArrayToHexString(cipherText[i])); } Console.WriteLine("---------------------------------\n"); Console.WriteLine("Init and decode"); cipher.Init(false, null); byte[][] decode = new byte[sealMe.Length][]; i = 0; foreach (byte[] msg in cipherText) { decode[i] = cipher.ProcessBlock(msg, 0, msg.Length); i++; } Console.WriteLine("Does it work?:"); for (i = 0; i < sealMe.Length; i++) { Console.WriteLine("{0}: {1}", sealMe[i] == System.Text.ASCIIEncoding.ASCII.GetString(decode[i])?"Y":"N", System.Text.ASCIIEncoding.ASCII.GetString(decode[i])); } Console.WriteLine("---------------------------------\n"); Console.WriteLine("Changing PCR Values"); sessionToUse.IntegrityClient.Extend(0, new byte[] { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0 }); Console.WriteLine("Decode, now an TPMRequest Exception should be thrown, with Error Code (0x18): TPM_WRONGPCRVAL"); decode = new byte[sealMe.Length][]; i = 0; foreach (byte[] msg in cipherText) { try { decode[i] = cipher.ProcessBlock(msg, 0, msg.Length); Console.WriteLine("UUUUUPPPPSSSS, something went wrong!"); } catch (TPMRequestException e) { Console.WriteLine(e.ToString()); } i++; } }