示例#1
0
文件: TpmKey.cs 项目: jimsdog/TSS.MSR
 /// <summary>
 /// OEAP pad and encrypt the data using the specified encoding parameters (RSA only).
 /// </summary>
 /// <param name="dataToEncrypt"></param>
 /// <param name="encodingParms"></param>
 /// <returns></returns>
 public byte[] EncryptOaep(byte[] dataToEncrypt, byte[] encodingParms)
 {
     using (AsymCryptoSystem encryptor = AsymCryptoSystem.CreateFrom(this))
     {
         return(encryptor.EncryptOaep(dataToEncrypt, encodingParms));
     }
 }
示例#2
0
文件: TpmKey.cs 项目: jimsdog/TSS.MSR
 /// <summary>
 /// The TPM always signs hash-sized data. This version of the VerifySignature
 /// performs the necessary hashing operation over arbitrarily-length data and
 /// verifies that the hash is properly signed.
 /// </summary>
 /// <param name="data"></param>
 /// <param name="sig"></param>
 /// <returns></returns>
 public bool VerifySignatureOverData(byte[] data, ISignatureUnion sig)
 {
     using (AsymCryptoSystem verifier = AsymCryptoSystem.CreateFrom(this))
     {
         return(verifier.VerifySignatureOverData(data, sig));
     }
 }
示例#3
0
文件: TpmKey.cs 项目: jimsdog/TSS.MSR
 /// <summary>
 /// Get an ECDH key exchange key (one pass ephemeral) and the public key of
 /// the ephemeral key using ECDH with encodingParms as input to the KDF (ECC only).
 /// </summary>
 /// <param name="encodingParms"></param>
 /// <param name="pubEphem"></param>
 /// <returns></returns>
 public byte[] EcdhGetKeyExchangeKey(byte[] encodingParms, out EccPoint ephemPubPt)
 {
     using (AsymCryptoSystem encryptor = AsymCryptoSystem.CreateFrom(this))
     {
         return(encryptor.EcdhGetKeyExchangeKey(encodingParms, nameAlg, out ephemPubPt));
     }
 }
示例#4
0
文件: TpmKey.cs 项目: jimsdog/TSS.MSR
 /// <summary>
 /// Verify a TPM signature structure of the hash of some data (caller hashes
 /// the data that will be verified).
 /// </summary>
 public bool VerifySignatureOverHash(byte[] digest, ISignatureUnion sig)
 {
     using (AsymCryptoSystem verifier = AsymCryptoSystem.CreateFrom(this))
     {
         return(verifier.VerifySignatureOverHash(digest, sig));
     }
 }
示例#5
0
 /// <summary>
 /// Verify a TPM signature structure of the hash of some data (caller hashes the data that will be verified)
 /// </summary>
 /// <param name="signedHash"></param>
 /// <param name="signature"></param>
 /// <returns></returns>
 public bool VerifySignatureOverHash(TpmHash signedHash, ISignatureUnion signature)
 {
     using (AsymCryptoSystem verifier = AsymCryptoSystem.CreateFrom(this))
     {
         return(verifier.VerifySignatureOverHash(signedHash, signature));
     }
 }
示例#6
0
 /// <summary>
 /// Get an ECDH key exchange key (one pass ephemeral) and the public key of the ephemeral
 /// key using ECDH with encodingParms as input to the KDF (ECC only)
 /// </summary>
 /// <param name="encodingParms"></param>
 /// <param name="decryptKeyNameAlg"></param>
 /// <param name="pubEphem"></param>
 /// <returns></returns>
 public byte[] EcdhGetKeyExchangeKey(byte[] encodingParms, TpmAlgId decryptKeyNameAlg, out EccPoint pubEphem)
 {
     using (AsymCryptoSystem encryptor = AsymCryptoSystem.CreateFrom(this))
     {
         return(encryptor.EcdhGetKeyExchangeKey(encodingParms, decryptKeyNameAlg, out pubEphem));
     }
 }
示例#7
0
 /// <summary>
 /// The TPM always signs hash-sized data.  This version of the VerifySignature performs the necessary
 /// hash operation over arbitrarily-length data and verifies that the hash is properly signed
 /// (i.e. the library performs the hash)
 /// </summary>
 /// <param name="signedData"></param>
 /// <param name="signature"></param>
 /// <returns></returns>
 public bool VerifySignatureOverData(byte[] signedData, ISignatureUnion signature, TpmAlgId sigHashAlg = TpmAlgId.Null)
 {
     using (AsymCryptoSystem verifier = AsymCryptoSystem.CreateFrom(this))
     {
         bool sigOk = verifier.VerifySignatureOverData(signedData, signature, sigHashAlg);
         return(sigOk);
     }
 }
示例#8
0
文件: TpmKey.cs 项目: jimsdog/TSS.MSR
        /// <summary>
        /// Creates a duplication blob for the current key that can be Imported as a child
        /// of newParent. Three forms are possible. GetPlaintextDuplicationBlob() allows
        /// plaintext-import. This function enables duplication with and without an
        /// inner wrapper (depending on whether innerWrapper is null)
        /// </summary>
        /// <param name="newParent"></param>
        /// <param name="innerWrapper"></param>
        /// <param name="encSecret"></param>
        /// <returns></returns>
        public TpmPrivate GetDuplicationBlob(
            TpmPublic pubNewParent,
            SymCipher innerWrapper,
            out byte[] encSecret)
        {
            byte[] encSensitive;
            if (innerWrapper == null)
            {
                // No inner wrapper
                encSensitive = Marshaller.ToTpm2B(Sensitive.GetTpmRepresentation());
                Transform(encSensitive);
            }
            else
            {
                byte[] sens   = Marshaller.ToTpm2B(Sensitive.GetTpmRepresentation());
                byte[] toHash = Globs.Concatenate(sens, GetName());
                Transform(toHash);
                byte[] innerIntegrity = Marshaller.ToTpm2B(CryptoLib.HashData(
                                                               Public.nameAlg, toHash));
                byte[] innerData = Globs.Concatenate(innerIntegrity, sens);
                Transform(innerData);
                encSensitive = innerWrapper.Encrypt(innerData);
                Transform(encSensitive);
            }

            byte[]       seed;
            SymDefObject symDef = GetSymDef(pubNewParent).Copy();

            // TPM duplication procedures always use CFB mode
            symDef.Mode = TpmAlgId.Cfb;

            using (var swNewParent = AsymCryptoSystem.CreateFrom(pubNewParent))
            {
                switch (pubNewParent.type)
                {
                case TpmAlgId.Rsa:
                    // The seed should be the same size as the scheme hash
                    LastSeed =
                        seed = Globs.GetRandomBytes(
                            CryptoLib.DigestSize(swNewParent.OaepHash));
                    encSecret = swNewParent.EncryptOaep(seed, DuplicateEncodingParms);
                    break;

                case TpmAlgId.Ecc:
                    EccPoint pubEphem;
                    seed = swNewParent.EcdhGetKeyExchangeKey(DuplicateEncodingParms,
                                                             pubNewParent.nameAlg,
                                                             out pubEphem);
                    encSecret = Marshaller.GetTpmRepresentation(pubEphem);
                    break;

                default:
                    Globs.Throw <NotImplementedException>(
                        "GetDuplicationBlob: Unsupported algorithm");
                    encSecret = new byte[0];
                    return(new TpmPrivate());
                }
            }
            Transform(seed);
            Transform(encSecret);

            byte[] symKey = KDF.KDFa(pubNewParent.nameAlg, seed, "STORAGE",
                                     Public.GetName(), new byte[0], symDef.KeyBits);
            Transform(symKey);

            byte[] dupSensitive;
            using (SymCipher enc2 = SymCipher.Create(symDef, symKey))
            {
                if (enc2 == null)
                {
                    return(null);
                }

                dupSensitive = enc2.Encrypt(encSensitive);
            }
            Transform(dupSensitive);

            var npNameNumBits = CryptoLib.DigestSize(pubNewParent.nameAlg) * 8;

            byte[] hmacKey = KDF.KDFa(pubNewParent.nameAlg, seed, "INTEGRITY",
                                      new byte[0], new byte[0], npNameNumBits);

            byte[] outerDataToHmac = Globs.Concatenate(dupSensitive, Public.GetName());
            Transform(outerDataToHmac);

            byte[] outerHmac = Marshaller.ToTpm2B(CryptoLib.Hmac(pubNewParent.nameAlg,
                                                                 hmacKey, outerDataToHmac));
            Transform(outerHmac);

            byte[] dupBlob = Globs.Concatenate(outerHmac, dupSensitive);
            Transform(dupBlob);

            return(new TpmPrivate(dupBlob));
        }
示例#9
0
        /// <summary>
        /// Creates a duplication blob for the current key that can be Imported as a child
        /// of newParent. Three forms are possible. GetPlaintextDuplicationBlob() allows
        /// plaintext-import. This function enables duplication with and without an
        /// inner wrapper (depending on whether innerWrapper is null)
        /// </summary>
        /// <param name="newParent"></param>
        /// <param name="innerWrapper"></param>
        /// <param name="encryptedWrappingKey"></param>
        /// <returns></returns>
        public TpmPrivate GetDuplicationBlob(
            TpmPublic newParent,
            SymmCipher innerWrapper,
            out byte[] encryptedWrappingKey)
        {
            byte[] encSensitive;
            if (innerWrapper == null)
            {
                // No inner wrapper
                encSensitive = Marshaller.ToTpm2B(sensitivePart.GetTpmRepresentation());
            }
            else
            {
                byte[] sens           = Marshaller.ToTpm2B(sensitivePart.GetTpmRepresentation());
                byte[] toHash         = Globs.Concatenate(sens, GetName());
                byte[] innerIntegrity = Marshaller.ToTpm2B(CryptoLib.HashData(publicPart.nameAlg, toHash));
                byte[] innerData      = Globs.Concatenate(innerIntegrity, sens);
                encSensitive = innerWrapper.Encrypt(innerData);
            }

            byte[]       seed, encSecret;
            SymDefObject symDef = GetSymDef(newParent);

            using (AsymCryptoSystem newParentPubKey = AsymCryptoSystem.CreateFrom(newParent))
            {
                switch (newParent.type)
                {
                case TpmAlgId.Rsa:
                    // The seed should be the same size as the symmKey
                    seed      = Globs.GetRandomBytes((symDef.KeyBits + 7) / 8);
                    encSecret = newParentPubKey.EncryptOaep(seed, DuplicateEncodingParms);
                    break;

                case TpmAlgId.Ecc:
                    EccPoint pubEphem;
                    seed = newParentPubKey.EcdhGetKeyExchangeKey(DuplicateEncodingParms,
                                                                 newParent.nameAlg,
                                                                 out pubEphem);
                    encSecret = Marshaller.GetTpmRepresentation(pubEphem);
                    break;

                default:
                    Globs.Throw <NotImplementedException>("GetDuplicationBlob: Unsupported algorithm");
                    encryptedWrappingKey = new byte[0];
                    return(new TpmPrivate());
                }
            }

            encryptedWrappingKey = encSecret;

            byte[] symKey = KDF.KDFa(newParent.nameAlg, seed, "STORAGE", publicPart.GetName(), new byte[0], symDef.KeyBits);

            byte[] dupSensitive;
            using (SymmCipher enc2 = SymmCipher.Create(symDef, symKey))
            {
                dupSensitive = enc2.Encrypt(encSensitive);
            }

            var npNameNumBits = CryptoLib.DigestSize(newParent.nameAlg) * 8;

            byte[] hmacKey = KDF.KDFa(newParent.nameAlg, seed, "INTEGRITY", new byte[0], new byte[0], npNameNumBits);

            byte[] outerDataToHmac = Globs.Concatenate(dupSensitive, publicPart.GetName());

            byte[] outerHmac = Marshaller.ToTpm2B(CryptoLib.HmacData(newParent.nameAlg, hmacKey, outerDataToHmac));

            byte[] dupBlob = Globs.Concatenate(outerHmac, dupSensitive);

            return(new TpmPrivate(dupBlob));
        }