private static void TestKeystoreSqlite() { Dictionary <string, string> parameters = new Dictionary <string, string>(); parameters.Add("file", "test.db"); using (TPMKeystoreProvider keystore = TPMKeystoreProviders.Create("SQLiteKeystore", parameters)) { if (keystore.KeyCount == 0) { for (int i = 0; i < 1000; i++) { Console.WriteLine("Inserting {0}/1000", i); keystore.AddKey("FN" + i.ToString(), "ident" + i.ToString(), null, new byte[] { 0, 1, 2, 3, (byte)(i % 255) }); } } Console.WriteLine("FriendlyNames: "); foreach (string friendlyName in keystore.EnumerateFriendlyNames()) { Console.WriteLine("{0} - {1} - Parent: {2}, data: {3}", friendlyName, keystore.FriendlyNameToIdentifier(friendlyName), keystore.FindParentKeyByFriendlyName(friendlyName), ByteHelper.ByteArrayToHexString(keystore.GetKeyBlob(keystore.FriendlyNameToIdentifier(friendlyName)))); } Console.WriteLine("End of friendlynames\n"); Console.WriteLine("Identifiers: "); //keystore.AddKey("FriendlyName1", "ident1", null, new byte[]{0,1,2,3,4}); foreach (string ident in keystore.EnumerateIdentifiers()) { Console.WriteLine("{0} - {1}", ident, keystore.IdentifierToFriendlyName(ident)); } Console.WriteLine("End of Identifiers\n"); } }
/// <summary> /// If not cached, the desired secret is requested from the user /// </summary> /// <param name="keyInfo"></param> /// <returns></returns> public ProtectedPasswordStorage RequestSecret(HMACKeyInfo keyInfo) { string dictKey = null; if (keyInfo.KeyType == HMACKeyInfo.HMACKeyType.OwnerSecret) { dictKey = PARAM_AUTH_OWNER; } else if (keyInfo.KeyType == HMACKeyInfo.HMACKeyType.SrkSecret) { dictKey = PARAM_AUTH_SRK; } else if (keyInfo.KeyType == HMACKeyInfo.HMACKeyType.KeyUsageSecret) { string friendlyName = keyInfo.Parameters.GetValueOf <string>("identifier"); bool identifierIsFriendlyName = keyInfo.Parameters.GetValueOf <bool>("identifierIsFriendlyName", false); if (!identifierIsFriendlyName) { if (_keystore.ContainsIdentifier(friendlyName) == false) { throw new ArgumentException(string.Format("Requests for secret for key not in keystore! identifier: {0}", friendlyName)); } friendlyName = _keystore.IdentifierToFriendlyName(friendlyName); } dictKey = "usage_" + friendlyName; } else if (keyInfo.KeyType == HMACKeyInfo.HMACKeyType.SealAuth) { string friendlyName = keyInfo.Parameters.GetValueOf <string>("identifier"); bool identifierIsFriendlyName = keyInfo.Parameters.GetValueOf <bool>("identifierIsFriendlyName", false); if (!identifierIsFriendlyName) { if (_keystore.ContainsIdentifier(friendlyName) == false) { throw new ArgumentException(string.Format("Requests for secret for key not in keystore! identifier: {0}", friendlyName)); } friendlyName = _keystore.IdentifierToFriendlyName(friendlyName); } dictKey = "seal_" + friendlyName; } else if (keyInfo.KeyType == HMACKeyInfo.HMACKeyType.CounterSecret) { dictKey = "counter"; } else { throw new NotSupportedException(string.Format("The key type '{0}' is not supported", keyInfo.KeyType)); } ProtectedPasswordStorage pw = GetValue <ProtectedPasswordStorage>("secret_" + dictKey, null); if (pw == null) { _logger.DebugFormat("Secret for dictkey '{0}' was not found in cache, requesting from user", dictKey); ProtectedPasswordStorage password = RaiseRequestSecret(keyInfo); SetValue("secret_" + dictKey, password); return(password); } else { _logger.DebugFormat("Secret for dictkey '{0}' was found in cache", dictKey); return(pw); } }