private static void TestKeystoreSqlite() { Dictionary <string, string> parameters = new Dictionary <string, string>(); parameters.Add("file", "test.db"); using (TPMKeystoreProvider keystore = TPMKeystoreProviders.Create("SQLiteKeystore", parameters)) { if (keystore.KeyCount == 0) { for (int i = 0; i < 1000; i++) { Console.WriteLine("Inserting {0}/1000", i); keystore.AddKey("FN" + i.ToString(), "ident" + i.ToString(), null, new byte[] { 0, 1, 2, 3, (byte)(i % 255) }); } } Console.WriteLine("FriendlyNames: "); foreach (string friendlyName in keystore.EnumerateFriendlyNames()) { Console.WriteLine("{0} - {1} - Parent: {2}, data: {3}", friendlyName, keystore.FriendlyNameToIdentifier(friendlyName), keystore.FindParentKeyByFriendlyName(friendlyName), ByteHelper.ByteArrayToHexString(keystore.GetKeyBlob(keystore.FriendlyNameToIdentifier(friendlyName)))); } Console.WriteLine("End of friendlynames\n"); Console.WriteLine("Identifiers: "); //keystore.AddKey("FriendlyName1", "ident1", null, new byte[]{0,1,2,3,4}); foreach (string ident in keystore.EnumerateIdentifiers()) { Console.WriteLine("{0} - {1}", ident, keystore.IdentifierToFriendlyName(ident)); } Console.WriteLine("End of Identifiers\n"); } }
public override void Execute(string[] commandline) { if (commandline.Length < 2) { _console.Out.WriteLine("Error: [local_session_alias] not specified"); return; } else if (commandline.Length < 3) { _console.Out.WriteLine("Error: [command] not specified"); return; } ClientContext ctx = _console.GetValue <ClientContext> ("client_context", null); if (ctx == null) { _console.Out.WriteLine("No active connection was found"); return; } string localAlias = commandline[1]; string keyCommand = commandline[2]; IDictionary <string, TPMSession> tpmSessions = _console.GetValue <IDictionary <string, TPMSession> > ("tpm_sessions", null); if (tpmSessions == null || tpmSessions.ContainsKey(localAlias) == false) { _console.Out.WriteLine("Error: Specified local alias was not found"); return; } if (keyCommand == "keystore_open") { if (commandline.Length < 4) { _console.Out.WriteLine("Error: keystore_open requires some arguments, check help for further information"); return; } if (tpmSessions[localAlias].Keystore != null) { _console.Out.WriteLine("Error: There is already an open keystore!"); return; } string[] sArguments = commandline[3].Split(','); IDictionary <string, string> arguments = _console.SplitArguments(commandline[3], 1); TPMKeystoreProvider keystore = TPMKeystoreProviders.Create(sArguments[0], arguments); tpmSessions[localAlias].Keystore = keystore; } else if (keyCommand == "keystore_close") { TPMKeystoreProvider keystore = tpmSessions[localAlias].Keystore; if (keystore != null) { keystore.Dispose(); tpmSessions[localAlias].Keystore = keystore; } } else if (keyCommand == "keystore_list") { TPMKeystoreProvider keystore = tpmSessions[localAlias].Keystore; if (keystore == null) { _console.Out.WriteLine("Error: No keystore opened"); return; } _console.Out.WriteLine("The keystore contains #{0} keys", keystore.EnumerateFriendlyNames().Length); _console.Out.WriteLine(); foreach (string friendlyName in keystore.EnumerateFriendlyNames()) { string parent = "<SRK>"; KeyValuePair <string, string>?parentKey = keystore.FindParentKeyByFriendlyName(friendlyName); if (parentKey != null) { parent = parentKey.Value.Key; } _console.Out.WriteLine("{0} ({1}) parent: {2}", friendlyName, keystore.FriendlyNameToIdentifier(friendlyName), parent); } } else if (keyCommand == "create") { if (tpmSessions[localAlias].Keystore == null) { _console.Out.WriteLine("Error: No keystore was opened"); return; } IDictionary <string, string> arguments = _console.SplitArguments(commandline[3], 0); if (arguments.ContainsKey("name") == false) { _console.Out.WriteLine("Error: No name specified"); return; } if (arguments.ContainsKey("parent") == false) { _console.Out.WriteLine("Error: No parent key specified"); return; } ClientKeyHandle keyHandle; if (arguments["parent"] == "srk") { keyHandle = tpmSessions[localAlias].KeyClient.GetSrkKeyHandle(); } else { keyHandle = tpmSessions[localAlias].KeyClient.GetKeyHandleByFriendlyName(arguments["parent"]); } if (keyHandle == null) { _console.Out.WriteLine("Error: Key with name '{0}' not found", arguments["parent"]); return; } if (arguments.ContainsKey("key_usage") == false) { _console.Out.WriteLine("Error: key_usage not defined"); return; } TPMKeyUsage keyUsage; switch (arguments["key_usage"]) { case "sign": keyUsage = TPMKeyUsage.TPM_KEY_SIGNING; break; case "bind": keyUsage = TPMKeyUsage.TPM_KEY_BIND; break; case "storage": keyUsage = TPMKeyUsage.TPM_KEY_STORAGE; break; default: _console.Out.WriteLine("Error: Invalid key_usage '{0}'", arguments["key_usage"]); return; } if (arguments.ContainsKey("key_length") == false) { _console.Out.WriteLine("Error: key_length not defined!"); return; } uint keyLength = 0; if (uint.TryParse(arguments["key_length"], out keyLength) == false) { _console.Out.WriteLine("Error: Could not parse key_length"); return; } TPMKeyFlags keyFlags = TPMKeyFlags.None; if (arguments.ContainsKey("key_flags")) { switch (arguments["key_flags"]) { case "none": keyFlags = TPMKeyFlags.None; break; case "migratable": keyFlags = TPMKeyFlags.Migratable; break; } } //Make sure that key usage auth and if required migration auth is in the secret cache Parameters hmacParams = new Parameters(); hmacParams.AddPrimitiveType("identifierIsFriendlyName", true); hmacParams.AddPrimitiveType("identifier", arguments["name"]); ProtectedPasswordStorage usageAuth = tpmSessions[localAlias].RequestSecret( new HMACKeyInfo(HMACKeyInfo.HMACKeyType.KeyUsageSecret, hmacParams)); if (usageAuth != null) { tpmSessions[localAlias].SetValue("secret_usage_" + arguments["name"], usageAuth); } if ((keyFlags & TPMKeyFlags.Migratable) == TPMKeyFlags.Migratable) { ProtectedPasswordStorage migrationAuth = tpmSessions[localAlias].RequestSecret( new HMACKeyInfo(HMACKeyInfo.HMACKeyType.KeyMigrationSecret, hmacParams)); if (migrationAuth != null) { tpmSessions[localAlias].SetValue("secret_migration_" + arguments["name"], migrationAuth); } } /*ClientKeyHandle newKey =*/ keyHandle.CreateKey(arguments["name"], keyLength, keyUsage, keyFlags); } else { _console.Out.WriteLine("Error, unknown command '{0}'", commandline[2]); } }