public KeyManagerHelper(ServerContext ctx, TPMContext tpmContext, int tpmSessionIdentifier, ICommandAuthorizationHelper commandAuthHelper) { _ctx = ctx; _tpmContext = tpmContext; _tpmSessionIdentifier = tpmSessionIdentifier; _commandAuthHelper = commandAuthHelper; }
/// <summary> /// Checks if the current user is allowed to run the specified command on the specified tpm /// </summary> /// <param name="commandIdentifier"></param> /// <param name="tpmContext"></param> /// <returns></returns> private bool IsAllowedToRunCommand(string commandIdentifier, TPMContext tpmContext) { Permission permission = ServerContext.AccessControlList.FindPermission(SubsystemIdentifier, commandIdentifier + "_" + tpmContext.DeviceName); if (permission == null) { permission = ServerContext.AccessControlList.FindPermission(SubsystemIdentifier, commandIdentifier); } if (permission != null) { return(permission.IsPermitted(ServerContext.ServerAuthenticationContext.AuthenticatedPermissionMember)); } return(false); }
/// <summary> /// Reads the configured tpm devices from the configuration and /// sets up the corresponding tpm contexts /// </summary> private void SetupTPMContexts() { IConnectionsConfiguration connectionConfig = (IConnectionsConfiguration)ConfigurationManager.GetSection ("connections"); foreach (Iaik.Tc.TPM.Configuration.DotNetConfiguration.TPMDevice device in connectionConfig.TpmDevices) { try { _logger.InfoFormat ("Setting up tpm context '{0}'", device.TPMName); TPMWrapper tpmDevice = new TPMWrapper (); tpmDevice.Init (device.TPMType, device.Parameters); TPMContext tpmContext = new TPMContext (device.TPMName, tpmDevice); _tpmContexts.Add (device.TPMName, tpmContext); _logger.InfoFormat ("Flushing device '{0}'", device.TPMName); foreach (TPMResourceType resourceType in new TPMResourceType[] { TPMResourceType.TPM_RT_AUTH, TPMResourceType.TPM_RT_KEY}) { Parameters listLoadedHandlesParameters = new Parameters (); listLoadedHandlesParameters.AddPrimitiveType ("capArea", CapabilityData.TPMCapabilityArea.TPM_CAP_HANDLE); listLoadedHandlesParameters.AddPrimitiveType ("handle_type", resourceType); TPMCommandRequest listLoadedHandlesRequest = new TPMCommandRequest (TPMCommandNames.TPM_CMD_GetCapability, listLoadedHandlesParameters); TPMCommandResponse response = tpmDevice.Process (listLoadedHandlesRequest); if (response.Status == false) throw new Exception ("An unknown tpm exception while flushing occured"); foreach (uint handle in response.Parameters.GetValueOf<HandleList> ("handles")) { Parameters flushParameters = new Parameters (); flushParameters.AddValue ("handle", HandleFactory.Create (resourceType, handle)); TPMCommandRequest flushRequest = new TPMCommandRequest (TPMCommandNames.TPM_CMD_FlushSpecific, flushParameters); TPMCommandResponse flushResponse = tpmDevice.Process (flushRequest); if (flushResponse.Status == false) throw new Exception ("Something went wrong while flushing"); } } _logger.InfoFormat ("Successfully setup tpm context '{0}' with type '{1}'", device.TPMName, device.TPMType); } catch (Exception ex) { _logger.FatalFormat ("Error setting up tpm device '{0}', the device will not be available ({1})", device.TPMName, ex); } ///Set the Assembly search order for incoming Parameters so that core classes are always at first Parameters.AssemblySearchOrder = new Assembly[]{ typeof(TPMWrapper).Assembly, //lib core typeof(ITypedParameter).Assembly}; //lib common } }
public CommandAuthorizationHelper(ServerContext ctx, int tpmSessionIdentifier, TPMContext tpmContext) { _ctx = ctx; _tpmSessionIdentifier = tpmSessionIdentifier; _tpmContext = tpmContext; }
public KeyManager(TPMContext tpmContext) : base(new Aging()) { _tpmContext = tpmContext; }
public AuthHandleManager(TPMContext tpmContext) : base(new Aging()) { _tpmContext = tpmContext; }