/// <summary>
/// Verify a TPM signature structure of the hash of some data (caller hashes
/// the data that will be verified).
/// </summary>
/// <param name="digest"></param>
/// <param name="sig"></param>
/// <returns></returns>
public bool VerifySignatureOverHash(byte[] digest, ISignatureUnion sig)
{
if (Public.type == TpmAlgId.Keyedhash)
{
byte[] hmacKey = (Sensitive.sensitive as Tpm2bSensitiveData).buffer;
return(CryptoLib.VerifyHmac(CryptoLib.SchemeHash(sig),
hmacKey, digest, (TpmHash)sig));
}
else
{
return(Public.VerifySignatureOverHash(digest, sig));
}
}
/// <summary>
/// The TPM always signs hash-sized data. This version of the VerifySignature
/// performs the necessary hashing operation over arbitrarily-length data and
/// verifies that the hash is properly signed.
/// </summary>
/// <param name="data"></param>
/// <param name="sig"></param>
/// <returns></returns>
public bool VerifySignatureOverData(byte[] data, ISignatureUnion sig)
{
byte[] digest = CryptoLib.HashData(CryptoLib.SchemeHash(sig), data);
return(VerifySignatureOverHash(digest, sig));
}
/// <summary>
/// Verifies the signature over data or a digest.
/// The data will be hashed internall by the method using hash algorithm from
/// the signing scheme digest computed from the specified data buffer.
/// The signing scheme is retrieved from the signature. The verification key
/// shall have either compatible or null scheme.
/// </summary>
/// <param name="data">Byte buffer containing either digest or data to check against the signature</param>
/// <param name="dataIsDigest">Specifies the type of 'data' parameter contents</param>
/// <param name="signature">The signature</param>
/// <returns>True if the verification succeeds.</returns>
private bool VerifySignature(byte[] data, bool dataIsDigest, ISignatureUnion sig)
{
#if TSS_USE_BCRYPT
Debug.Assert(Key != UIntPtr.Zero);
#endif
TpmAlgId sigScheme = sig.GetUnionSelector();
TpmAlgId sigHash = CryptoLib.SchemeHash(sig);
var rsaParams = PublicParms.parameters as RsaParms;
if (rsaParams != null)
{
#if !TSS_USE_BCRYPT
Debug.Assert(RsaProvider != null);
#endif
var s = sig as SignatureRsa;
TpmAlgId keyScheme = rsaParams.scheme.GetUnionSelector();
if (keyScheme != TpmAlgId.Null && keyScheme != sigScheme)
{
Globs.Throw <ArgumentException>("Key scheme and signature scheme do not match");
return(false);
}
byte[] digest = dataIsDigest ? data : CryptoLib.HashData(sigHash, data);
if (sigScheme == TpmAlgId.Rsassa)
{
#if TSS_USE_BCRYPT
return(Key.VerifySignature(digest, s.sig, sigHash, true));
#else
return(RsaProvider.VerifyHash(digest, CryptoLib.GetHashName(sigHash), s.sig));
#endif
}
if (sigScheme == TpmAlgId.Rsapss)
{
#if true
Globs.Throw <ArgumentException>("VerifySignature(): PSS scheme is not supported");
return(false);
#else
#if TSS_USE_BCRYPT
return(BCryptInterface.VerifySignature(KeyHandle, digest, sig.sig, sigHash, false));
#else
var rr = new RawRsa(RsaProvider.ExportParameters(false), RsaProvider.KeySize);
return(rr.PssVerify(digest, sig.sig, sigHash));
#endif
#endif // false
}
Globs.Throw <ArgumentException>("VerifySignature(): Unrecognized scheme");
return(false);
}
var eccParams = PublicParms.parameters as EccParms;
if (eccParams != null)
{
if (eccParams.scheme.GetUnionSelector() != TpmAlgId.Ecdsa)
{
Globs.Throw <ArgumentException>("Unsupported ECC sig scheme");
return(false);
}
TpmAlgId keyScheme = eccParams.scheme.GetUnionSelector();
if (keyScheme != TpmAlgId.Null && keyScheme != sigScheme)
{
Globs.Throw <ArgumentException>("Key scheme and signature scheme do not match");
return(false);
}
var s = sig as SignatureEcdsa;
byte[] digest = dataIsDigest ? data : CryptoLib.HashData(sigHash, data);
byte[] sigBlob = Globs.Concatenate(s.signatureR, s.signatureS);
#if TSS_USE_BCRYPT
return(Key.VerifySignature(digest, sigBlob));
#elif !__MonoCS__
Debug.Assert(EcdsaProvider != null);
EcdsaProvider.HashAlgorithm = GetCngAlgorithm(sigHash);
return(EcdsaProvider.VerifyHash(digest, sigBlob));
#endif // !TSS_USE_BCRYPT && !__MonoCS__
}
// Should never be here
Globs.Throw("VerifySignature: Unrecognized asymmetric algorithm");
return(false);
} // VerifySignature()
