private CreatePrimary ( |
||
primaryHandle | ||
inSensitive | ||
inPublic | byte | |
outsideInfo | byte | |
creationPCR | ||
outPublic | [ | |
creationData | [ | |
creationHash | [ | |
creationTicket | [ | |
리턴 |
/// <summary> /// Creates a primary RSA storage key. /// Illustrates automatic authorization of a permanent handle access. /// </summary> /// <returns>Handle of the created key.</returns> static TpmHandle CreateRsaPrimaryKey(Tpm2 tpm) { // // First member of SensitiveCreate contains auth value of the key // var sensCreate = new SensitiveCreate(new byte[] {0xa, 0xb, 0xc}, new byte[0]); TpmPublic parms = new TpmPublic( TpmAlgId.Sha1, ObjectAttr.Restricted | ObjectAttr.Decrypt | ObjectAttr.FixedParent | ObjectAttr.FixedTPM | ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin, new byte[0], new RsaParms( new SymDefObject(TpmAlgId.Aes, 128, TpmAlgId.Cfb), new NullAsymScheme(), 2048, 0), new Tpm2bPublicKeyRsa()); byte[] outsideInfo = Globs.GetRandomBytes(8); var creationPcr = new PcrSelection(TpmAlgId.Sha1, new uint[] { 0, 1, 2 }); TpmPublic pubCreated; CreationData creationData; TkCreation creationTicket; byte[] creationHash; Console.WriteLine("Automatic authorization of TpmRh.Owner."); // // An auth session is added automatically to authorize access to the permanent // handle TpmHandle.RhOwner. // // Note that if the TPM is not a simulator and not cleared, you need to // assign the corresponding auth value to the tpm.OwnerAuth property of // the given Tpm2 object. // TpmHandle h = tpm.CreatePrimary(TpmRh.Owner, sensCreate, parms, outsideInfo, new PcrSelection[] { creationPcr }, out pubCreated, out creationData, out creationHash, out creationTicket); Console.WriteLine("Primary RSA storage key created."); return h; }