Пример #1
0
        public static TPMKeyCore CreateFromStream(Stream sink)
        {
            TPMKeyCore tpmKey = new TPMKeyCore();

            tpmKey.Read(sink);
            return(tpmKey);
        }
Пример #2
0
 public static TPMKeyCore CreateFromBytes(byte[] data)
 {
     using (MemoryStream src = new MemoryStream(data))
     {
         return(TPMKeyCore.CreateFromStream(src));
     }
 }
Пример #3
0
        public static TPMKeyCore Create(CapabilityDataCore.TPMVersionCore version, TPMKeyUsage keyUsage, TPMKeyFlags keyFlags, 
			TPMAuthDataUsage authDataUsage, TPMKeyParamsCore algorithmParams, TPMStorePubkeyCore pubkey, byte[] encdata)
        {
            TPMKeyCore key = new TPMKeyCore ();

            key._keyUsage = keyUsage;
            key._keyFlags = keyFlags;
            key._authDataUsage = authDataUsage;
            key._algorithmParams = algorithmParams;

            if (version == null)
                key._version = CapabilityDataCore.TPMVersionCore.CreateVersion12 ();
            else
                key._version = version;

            if (pubkey == null)
                key._pubKey = TPMStorePubkeyCore.CreateEmptyPubkey ();
            else
                key._pubKey = pubkey;

            if (encdata == null)
                key._encData = new byte[0];
            else
                key._encData = encdata;

            return key;
        }
Пример #4
0
        public static TPMKeyCore Create(CapabilityDataCore.TPMVersionCore version, TPMKeyUsage keyUsage, TPMKeyFlags keyFlags,
                                        TPMAuthDataUsage authDataUsage, TPMKeyParamsCore algorithmParams, TPMStorePubkeyCore pubkey, byte[] encdata)
        {
            TPMKeyCore key = new TPMKeyCore();


            key._keyUsage        = keyUsage;
            key._keyFlags        = keyFlags;
            key._authDataUsage   = authDataUsage;
            key._algorithmParams = algorithmParams;


            if (version == null)
            {
                key._version = CapabilityDataCore.TPMVersionCore.CreateVersion12();
            }
            else
            {
                key._version = version;
            }

            if (pubkey == null)
            {
                key._pubKey = TPMStorePubkeyCore.CreateEmptyPubkey();
            }
            else
            {
                key._pubKey = pubkey;
            }

            if (encdata == null)
            {
                key._encData = new byte[0];
            }
            else
            {
                key._encData = encdata;
            }

            return(key);
        }
Пример #5
0
        protected override TPMCommandResponse InternalProcess()
        {
            // Unencrypted authorization values, they need to be XOR-Encrypted with
            // XOR(auth, SHA-1(OSAP shared secret | session nonce))
            //
            // OSAP_shared_secret = HMAC(key=usage secret of key handle, nonce even osap | nonce odd osap)
            AuthHandle auth1OSAP = _commandAuthHelper.AssureOSAPSharedSecret(this, AuthSessionNum.Auth1);

            _usageAuth = _params.GetValueOf<byte[]> ("usage_auth");
            _migrationAuth = _params.GetValueOf<byte[]> ("migration_auth");
            byte[] xorKey = new HashProvider().Hash(
                    new HashByteDataProvider(auth1OSAP.SharedSecret),
                    new HashByteDataProvider(auth1OSAP.NonceEven));

            ByteHelper.XORBytes(_usageAuth, xorKey);
            ByteHelper.XORBytes(_migrationAuth, xorKey);

            //Load parent key if not loaded
            _keyManager.LoadKey(_params.GetValueOf<string>("parent"));

            TPMBlob requestBlob = new TPMBlob();
            requestBlob.WriteCmdHeader(TPMCmdTags.TPM_TAG_RQU_AUTH1_COMMAND, TPMOrdinals.TPM_ORD_CreateWrapKey);

            //parent key handle gets inserted later, it may be not available now
            requestBlob.WriteUInt32(0);
            requestBlob.Write(_usageAuth, 0, 20);
            requestBlob.Write(_migrationAuth, 0, 20);
            _tpmKey.WriteToTpmBlob(requestBlob);

            using(_keyManager.AcquireLock())
            {
                AuthorizeMe(requestBlob);
                requestBlob.SkipHeader();

                if(_params.GetValueOf<string>("parent") == KeyHandle.KEY_SRK)
                    requestBlob.WriteUInt32((uint)TPMKeyHandles.TPM_KH_SRK);
                else
                    requestBlob.WriteUInt32(_keyManager.IdentifierToHandle(_params.GetValueOf<string>("parent")).Handle);

                _responseBlob = TransmitMe(requestBlob);
            }

            CheckResponseAuthInfo();

            _responseBlob.SkipHeader();
            TPMKeyCore newKey = new TPMKeyCore(_responseBlob);
            _responseParameters = new Parameters();

            //Build and save the key identifier
            //The key identifier is the hex-string representation of the hash of the newly created key
            _responseParameters.AddPrimitiveType("key_identifier",
                ByteHelper.ByteArrayToHexString(
                    new HashProvider().Hash(
                            new HashByteDataProvider(
                                ByteHelper.SerializeToBytes(newKey)
                            )
                        ),
                    ""));

            _responseParameters.AddPrimitiveType("key_data", ByteHelper.SerializeToBytes(newKey));

            return new TPMCommandResponse(true, TPMCommandNames.TPM_CMD_CreateWrapKey, _responseParameters);
        }
Пример #6
0
        public override void Init(Parameters param, TPMProvider tpmProvider, TPMWrapper tpmWrapper)
        {
            base.Init (param, tpmProvider, tpmWrapper);

            _digest = null;

            _tpmKey = TPMKeyCore.Create (
                CapabilityDataCore.TPMVersionCore.CreateVersion11(),
                _params.GetValueOf<TPMKeyUsage>("key_usage"),
                _params.GetValueOf<TPMKeyFlags>("key_flags"),
                TPMAuthDataUsage.TPM_AUTH_ALWAYS,
                TPMKeyParamsCore.Create (
                    TPMAlgorithmId.TPM_ALG_RSA,
                    _params.GetValueOf<TPMEncScheme>("enc_scheme"),
                    _params.GetValueOf<TPMSigScheme>("sig_scheme"),
                    TPMRSAKeyParamsCore.Create (
                        _params.GetValueOf<uint>("key_length"),
                        _params.GetValueOf<uint>("num_primes"),
                        _params.GetValueOf<byte[]>("exponent"))
                    ),
                null, //Pubkey, use default (empty) pubkey
                null  //no encoded data
                );
        }
Пример #7
0
 public static TPMKeyCore CreateFromStream(Stream sink)
 {
     TPMKeyCore tpmKey = new TPMKeyCore();
     tpmKey.Read(sink);
     return tpmKey;
 }
Пример #8
0
        public override void Init(Parameters param, TPMProvider tpmProvider, TPMWrapper tpmWrapper)
        {
            base.Init (param, tpmProvider, tpmWrapper);

            _digest = null;
            _tpmKey =  TPMKeyCore.CreateFromBytes(param.GetValueOf<byte[]>("key_blob"));
        }
Пример #9
0
        public override void Init(Parameters param, TPMProvider tpmProvider, TPMWrapper tpmWrapper)
        {
            base.Init (param, tpmProvider, tpmWrapper);

            _digest = null;

            _tpmKey = TPMKeyCore.Create (
                CapabilityDataCore.TPMVersionCore.CreateVersion11(),
                TPMKeyUsage.TPM_KEY_STORAGE,
                TPMKeyFlags.None,
                TPMAuthDataUsage.TPM_AUTH_ALWAYS,
                TPMKeyParamsCore.Create (
                    TPMAlgorithmId.TPM_ALG_RSA,
                    TPMEncScheme.TPM_ES_RSAESOAEP_SHA1_MGF1,
                    TPMSigScheme.TPM_SS_NONE,
                    TPMRSAKeyParamsCore.Create (TPMRSAKeyParamsCore.DEFAULT_KEYLENGTH, TPMRSAKeyParamsCore.DEFAULT_NUMPRIMES, null)
                    ),
                null, //Pubkey, use default (empty) pubkey
                null  //no encoded data
                );
        }
Пример #10
0
        public override void Clear()
        {
            base.Clear ();

            _tpmKey = null;
            _digest = null;
        }