FromData() public static method

Return a new TpmHash set to the hash of the supplied data
public static FromData ( TpmAlgId hashAlg, byte dataToHash ) : TpmHash
hashAlg TpmAlgId
dataToHash byte
return TpmHash
Exemplo n.º 1
0
        public static byte[] PssEncode(byte[] m, TpmAlgId hashAlg, int sLen, int emBits)
        {
            var emLen = (int)Math.Ceiling(1.0 * emBits / 8);
            int hLen  = CryptoLib.DigestSize(hashAlg);

            // 1 - Ignore
            // 2
            byte[] mHash = TpmHash.FromData(hashAlg, m);

            // 3
            if (emLen < hLen + sLen + 2)
            {
                if (Tpm2._TssBehavior.Passthrough)
                {
                    return(new byte[0]);
                }
                else
                {
                    throw new Exception("Encoding error");
                }
            }

            // 4
            byte[] salt = Globs.GetRandomBytes(sLen);

            // 5
            byte[] mPrime = Globs.Concatenate(new[] { Globs.ByteArray(8, 0),
                                                      mHash,
                                                      salt });

            // 6
            byte[] h = CryptoLib.HashData(hashAlg, mPrime);

            // 7
            byte[] ps = Globs.GetZeroBytes(emLen - sLen - hLen - 2);

            // 8
            byte[] db = Globs.Concatenate(new[] { ps,
                                                  new byte[] { 0x01 },
                                                  salt });

            // 9
            byte[] dbMask = CryptoLib.MGF(h, emLen - hLen - 1, hashAlg);

            // 10
            byte[] maskedDb = XorEngine.Xor(db, dbMask);

            // 11
            int  numZeroBits = 8 * emLen - emBits;
            byte mask        = GetByteMask(numZeroBits);

            maskedDb[0] &= mask;

            // 12
            byte[] em = Globs.Concatenate(new[] { maskedDb,
                                                  h,
                                                  new byte[] { 0xbc } });
            // 13
            return(em);
        }
Exemplo n.º 2
0
        /// <summary>
        // Calculate and return the name of the entity. The name is an alg-prepended
        // digest in a byte buffer
        /// </summary>
        /// <returns></returns>
        public byte[] GetName()
        {
            byte[]  rawData   = GetTpmRepresentation();
            TpmHash pubDigest = TpmHash.FromData(nameAlg, rawData);

            return(Marshaller.GetTpmRepresentation(pubDigest));
        }
Exemplo n.º 3
0
        /// <summary>
        /// Verify that quotedInfo is properly signed by an associated private key
        /// holder, and that the quotedInfo.type, .extraData and .magic are correct.
        /// Also check that the certified name is what the caller expects.  The caller
        /// must check other fields (for instance the qualified name)
        /// </summary>
        /// <param name="name"></param>
        /// <param name="nonce"></param>
        /// <param name="quotedInfo"></param>
        /// <param name="expectedName"></param>
        /// <param name="signature"></param>
        /// <returns></returns>
        public bool VerifyCertify(TpmHash name, byte[] nonce, Attest quotedInfo,
                                  byte[] expectedName, ISignatureUnion signature)
        {
            // Check generic signature stuff
            if (quotedInfo.type != TpmSt.AttestCertify)
            {
                return(false);
            }

            if (!Globs.ArraysAreEqual(quotedInfo.extraData, nonce))
            {
                return(false);
            }

            if (quotedInfo.magic != Generated.Value)
            {
                return(false);
            }

            // Check specific certify-signature stuff
            var certInfo = (CertifyInfo)quotedInfo.attested;

            if (!Globs.ArraysAreEqual(expectedName, certInfo.name))
            {
                return(false);
            }
            // Check the actual signature
            TpmHash sigHash   = TpmHash.FromData(TpmAlgId.Sha1, quotedInfo.GetTpmRepresentation());
            bool    certifyOk = VerifySignatureOverHash(sigHash, signature);

            return(certifyOk);
        }
Exemplo n.º 4
0
        public static byte[] Pkcs15Encode(byte[] m, int emLen, TpmAlgId hashAlg)
        {
            byte[] prefix;
            switch (hashAlg)
            {
            case TpmAlgId.Sha1:
                prefix = new byte[]
                { 0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b,
                  0x0e, 0x03, 0x02, 0x1a, 0x05, 0x00, 0x04, 0x14 };
                break;

            case TpmAlgId.Sha256:
                prefix = new byte[] {
                    0x30, 0x31, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
                    0x65, 0x03, 0x04, 0x02, 0x01, 0x05, 0x00, 0x04, 0x20
                };
                break;

            case TpmAlgId.Sha384:
                prefix = new byte[] {
                    0x30, 0x41, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
                    0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30
                };
                break;

            case TpmAlgId.Sha512:
                prefix = new byte[] {
                    0x30, 0x51, 0x30, 0x0d, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
                    0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40
                };
                break;

            default:
                Globs.Throw <ArgumentException>("Pkcs15Encode: Unsupported hashAlg");
                return(new byte[0]);
            }
            byte[] messageHash = TpmHash.FromData(hashAlg, m);
            byte[] T           = Globs.Concatenate(prefix, messageHash);
            int    tLen        = T.Length;

            if (emLen < tLen + 11)
            {
                Globs.Throw <ArgumentException>("Pkcs15Encode: Encoded message is too short");
                return(new byte[0]);
            }

            byte[] ps = Globs.ByteArray(emLen - tLen - 3, 0xff);
            byte[] em = Globs.Concatenate(new[] { new byte[] { 0x00, 0x01 }, ps,
                                                  new byte[] { 0x00 }, T });
            return(em);
        }
Exemplo n.º 5
0
        internal override TpmHash GetPolicyDigest(TpmAlgId hashAlg)
        {
            int numBranches = PolicyBranches.Count;

            if (numBranches < 2 || numBranches > 8)
            {
                Globs.Throw("GetPolicyDigest: Must have between 2 and 8 branches in a PolicyOr");
            }

            var m = new Marshaller();

            m.Put(TpmHash.ZeroHash(hashAlg).HashData, "zero");
            m.Put(TpmCc.PolicyOR, "ordinal");
            foreach (PolicyAce branch in PolicyBranches)
            {
                TpmHash branchPolicyHash = branch.GetPolicyDigest(hashAlg);
                m.Put(branchPolicyHash.HashData, "h");
            }

            return(TpmHash.FromData(hashAlg, m.GetBytes()));
        }
Exemplo n.º 6
0
        /// <summary>
        /// PSS verify.  Note: we expect the caller to do the hash.
        /// </summary>
        /// <param name="m"></param>
        /// <param name="em"></param>
        /// <param name="sLen"></param>
        /// <param name="emBits"></param>
        /// <param name="hashAlg"></param>
        /// <returns></returns>
        public static bool PssVerify(byte[] m, byte[] em, int sLen, int emBits, TpmAlgId hashAlg)
        {
            var emLen = (int)Math.Ceiling(1.0 * emBits / 8);
            int hLen  = CryptoLib.DigestSize(hashAlg);

            // 1 - Skip
            // 2
            byte[] mHash = TpmHash.FromData(hashAlg, m);

            // 3
            if (emLen < hLen + sLen + 2)
            {
                return(false);
            }

            // 4
            if (em[em.Length - 1] != 0xbc)
            {
                return(false);
            }

            // 5
            byte[] maskedDB = Globs.CopyData(em, 0, emLen - hLen - 1);
            byte[] h        = Globs.CopyData(em, emLen - hLen - 1, hLen);

            // 6
            int numZeroBits = 8 * emLen - emBits;
            // First numZero bits is zero in mask
            byte mask = GetByteMask(numZeroBits);

            if ((maskedDB[0] & mask) != maskedDB[0])
            {
                return(false);
            }

            // 7
            byte[] dbMask = CryptoLib.MGF(h, emLen - hLen - 1, hashAlg);

            // 8
            byte[] db = XorEngine.Xor(maskedDB, dbMask);

            // 9
            int  numZeroBits2 = 8 * emLen - emBits;
            byte mask2        = GetByteMask(numZeroBits2);

            db[0] &= mask2;

            // 10
            for (int j = 0; j < emLen - hLen - sLen - 2; j++)
            {
                if (db[j] != 0)
                {
                    return(false);
                }
            }
            if (db[emLen - hLen - sLen - 1 - 1] != 1)
            {
                return(false);
            }

            // 11
            byte[] salt = Globs.CopyData(db, db.Length - sLen);

            // 12
            byte[] mPrime = Globs.Concatenate(new[] { Globs.ByteArray(8, 0), mHash, salt });

            // 13
            byte[] hPrime = TpmHash.FromData(hashAlg, mPrime);

            // 14
            bool match = Globs.ArraysAreEqual(h, hPrime);

            if (match == false)
            {
                return(false);
            }
            return(true);
        }
Exemplo n.º 7
0
        /// <summary>
        // Verify that a TPM quote matches an expect PCR selection, is well formed,
        // and is properly signed. In acse of failure this overload additionally
        // returns information about the specific check that failed.
        /// </summary>
        /// <param name="pcrDigestAlg"></param>
        /// <param name="expectedSelectedPcr"></param>
        /// <param name="expectedPcrValues"></param>
        /// <param name="nonce"></param>
        /// <param name="quotedInfo"></param>
        /// <param name="signature"></param>
        /// <param name="pointOfFailure"></param>
        /// <param name="qualifiedNameOfSigner"></param>
        /// <returns></returns>
        public bool VerifyQuote(TpmAlgId pcrDigestAlg,
                                PcrSelection[] expectedSelectedPcr,
                                Tpm2bDigest[] expectedPcrValues,
                                byte[] nonce,
                                Attest quotedInfo,
                                ISignatureUnion signature,
                                out QuoteElt pointOfFailure,
                                byte[] qualifiedNameOfSigner = null)
        {
            pointOfFailure = QuoteElt.None;

            if (!(quotedInfo.attested is QuoteInfo))
            {
                pointOfFailure = QuoteElt.Type;
                return(false);
            }

            if (quotedInfo.magic != Generated.Value)
            {
                pointOfFailure = QuoteElt.Magic;
                return(false);
            }

            if (!quotedInfo.extraData.IsEqual(nonce))
            {
                pointOfFailure = QuoteElt.ExtraData;
                return(false);
            }

            // Check environment of signer (name) is expected
            if (qualifiedNameOfSigner != null &&
                !quotedInfo.qualifiedSigner.IsEqual(qualifiedNameOfSigner))
            {
                pointOfFailure = QuoteElt.QualifiedSigner;
                return(false);
            }

            // Now check the quote-specific fields
            var quoted = (QuoteInfo)quotedInfo.attested;

            // Check values pcr indices are what we expect
            if (!Globs.ArraysAreEqual(quoted.pcrSelect, expectedSelectedPcr))
            {
                pointOfFailure = QuoteElt.PcrSelect;
                return(false);
            }

            // Check that values in the indices above are what we expect
            // ReSharper disable once UnusedVariable
            var expected = new PcrValueCollection(expectedSelectedPcr, expectedPcrValues);
            var m        = new Marshaller();

            foreach (Tpm2bDigest d in expectedPcrValues)
            {
                m.Put(d.buffer, "");
            }

            TpmHash expectedPcrHash = TpmHash.FromData(pcrDigestAlg, m.GetBytes());

            if (!Globs.ArraysAreEqual(expectedPcrHash, quoted.pcrDigest))
            {
                pointOfFailure = QuoteElt.PcrDigest;
                return(false);
            }

            // And finally check the signature
            if (!VerifySignatureOverData(quotedInfo.GetTpmRepresentation(), signature))
            {
                pointOfFailure = QuoteElt.Signature;
                return(false);
            }
            return(true);
        }