public Tpm2bSensitiveCreate(Tpm2bSensitiveCreate the_Tpm2bSensitiveCreate)
{
if((Object) the_Tpm2bSensitiveCreate == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
sensitive = the_Tpm2bSensitiveCreate.sensitive;
}
///<param name = "the_sensitive">data to be sealed or a symmetric key value.</param>
public Tpm2bSensitiveCreate(
SensitiveCreate the_sensitive
)
{
this.sensitive = the_sensitive;
}
public SensitiveCreate(SensitiveCreate the_SensitiveCreate)
{
if((Object) the_SensitiveCreate == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
userAuth = the_SensitiveCreate.userAuth;
data = the_SensitiveCreate.data;
}
public Tpm2bSensitiveCreate()
{
sensitive = new SensitiveCreate();
}
public Tpm2CreateLoadedRequest(Tpm2CreateLoadedRequest the_Tpm2CreateLoadedRequest)
{
if((Object) the_Tpm2CreateLoadedRequest == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
parentHandle = the_Tpm2CreateLoadedRequest.parentHandle;
inSensitive = the_Tpm2CreateLoadedRequest.inSensitive;
inPublic = the_Tpm2CreateLoadedRequest.inPublic;
}
public TpmHandle CreatePrimary(
TpmHandle primaryHandle,
SensitiveCreate inSensitive,
TpmPublic inPublic,
byte[] outsideInfo,
PcrSelection[] creationPCR,
[SuppressMessage("Microsoft.Design", "CA1021")]
out TpmPublic outPublic,
[SuppressMessage("Microsoft.Design", "CA1021")]
out CreationData creationData,
[SuppressMessage("Microsoft.Design", "CA1021")]
out byte[] creationHash,
[SuppressMessage("Microsoft.Design", "CA1021")]
out TkCreation creationTicket
)
{
Tpm2CreatePrimaryRequest inS = new Tpm2CreatePrimaryRequest();
inS.primaryHandle = primaryHandle;
inS.inSensitive = inSensitive;
inS.inPublic = inPublic;
inS.outsideInfo = outsideInfo;
inS.creationPCR = creationPCR;
TpmStructureBase outSBase;
DispatchMethod(TpmCc.CreatePrimary, (TpmStructureBase) inS, typeof(Tpm2CreatePrimaryResponse), out outSBase, 1, 1);
Tpm2CreatePrimaryResponse outS = (Tpm2CreatePrimaryResponse) outSBase;
outPublic = outS.outPublic;
creationData = outS.creationData;
creationHash = outS.creationHash;
creationTicket = outS.creationTicket;
return outS.objectHandle;
}
/// <summary>
/// Creates a primary RSA storage key.
/// Illustrates automatic authorization of a permanent handle access.
/// </summary>
/// <returns>Handle of the created key.</returns>
static TpmHandle CreateRsaPrimaryKey(Tpm2 tpm)
{
//
// First member of SensitiveCreate contains auth value of the key
//
var sensCreate = new SensitiveCreate(new byte[] {0xa, 0xb, 0xc}, new byte[0]);
TpmPublic parms = new TpmPublic(
TpmAlgId.Sha1,
ObjectAttr.Restricted | ObjectAttr.Decrypt | ObjectAttr.FixedParent | ObjectAttr.FixedTPM
| ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin,
new byte[0],
new RsaParms(
new SymDefObject(TpmAlgId.Aes, 128, TpmAlgId.Cfb),
new NullAsymScheme(),
2048,
0),
new Tpm2bPublicKeyRsa());
byte[] outsideInfo = Globs.GetRandomBytes(8);
var creationPcr = new PcrSelection(TpmAlgId.Sha1, new uint[] { 0, 1, 2 });
TpmPublic pubCreated;
CreationData creationData;
TkCreation creationTicket;
byte[] creationHash;
Console.WriteLine("Automatic authorization of TpmRh.Owner.");
//
// An auth session is added automatically to authorize access to the permanent
// handle TpmHandle.RhOwner.
//
// Note that if the TPM is not a simulator and not cleared, you need to
// assign the corresponding auth value to the tpm.OwnerAuth property of
// the given Tpm2 object.
//
TpmHandle h = tpm.CreatePrimary(TpmRh.Owner,
sensCreate,
parms,
outsideInfo,
new PcrSelection[] { creationPcr },
out pubCreated,
out creationData,
out creationHash,
out creationTicket);
Console.WriteLine("Primary RSA storage key created.");
return h;
}
/// <summary>
/// Create an RSA primary storage key in the storage hierarchy and return the key-handle
/// to the caller. The key will be RSA2048 with a SHA256-name algorithm. The caller can
/// provide user-auth. The caller is responsible for disposing of this key.
/// </summary>
/// <returns></returns>
static TpmHandle CreateRsaPrimaryStorageKey(Tpm2 tpm, byte[] auth, out TpmPublic newKeyPub)
{
//
// Creation parameters (no external data for TPM-created objects)
//
var sensCreate = new SensitiveCreate(auth, // Auth-data provided by the caller
new byte[0]); // No external data (the TPM will create the new key).
var parms = new TpmPublic(TpmAlgId.Sha256,
ObjectAttr.Restricted | ObjectAttr.Decrypt | // Storage key
ObjectAttr.FixedParent | ObjectAttr.FixedTPM | // Non-duplicable
ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin,
new byte[0], // No policy, and Storage key should be RSA + AES128
new RsaParms(new SymDefObject(TpmAlgId.Aes, 128, TpmAlgId.Cfb),
new NullAsymScheme(), 2048, 0),
new Tpm2bPublicKeyRsa());
//
// The following are returned by the TPM in CreatePrimary (and Create)
// they are not used in this sample.
//
CreationData creationData;
TkCreation creationTicket;
byte[] creationHash;
TpmHandle primHandle = tpm[_ownerAuth].CreatePrimary(TpmHandle.RhOwner, // In storage hierarchy
sensCreate, // UserAuth
parms, // Creation parms set above
//
// The following parameters influence the creation of the
// creation-ticket. They are not used in this sample
//
new byte[0], // Null outsideInfo
new PcrSelection[0], // Do not record PCR-state
out newKeyPub, // Our outs
out creationData, out creationHash, out creationTicket);
return primHandle;
}
public TpmHandle CreateLoaded(
TpmHandle parentHandle,
SensitiveCreate inSensitive,
byte[] inPublic,
[SuppressMessage("Microsoft.Design", "CA1021")]
out TpmPrivate outPrivate,
[SuppressMessage("Microsoft.Design", "CA1021")]
out TpmPublic outPublic
)
{
Tpm2CreateLoadedRequest inS = new Tpm2CreateLoadedRequest();
inS.parentHandle = parentHandle;
inS.inSensitive = inSensitive;
inS.inPublic = inPublic;
TpmStructureBase outSBase;
DispatchMethod(TpmCc.CreateLoaded, (TpmStructureBase) inS, typeof(Tpm2CreateLoadedResponse), out outSBase, 1, 1);
Tpm2CreateLoadedResponse outS = (Tpm2CreateLoadedResponse) outSBase;
outPrivate = outS.outPrivate;
outPublic = outS.outPublic;
return outS.objectHandle;
}
/// <summary>
/// Creates a child of the given storage key, which can be used both for signing and decryption.
/// Illustrates strict mode effect on automatic authorization handling.
/// </summary>
/// <returns>Handle of the created key.</returns>
static TpmHandle CreateSigningDecryptionKey(Tpm2 tpm, TpmHandle primHandle, out TpmPublic keyPublic)
{
TpmPublic keyInPublic = new TpmPublic(
TpmAlgId.Sha1,
ObjectAttr.Decrypt | ObjectAttr.Sign | ObjectAttr.FixedParent | ObjectAttr.FixedTPM
| ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin,
new byte[0],
new RsaParms(
new SymDefObject(),
new NullAsymScheme(),
2048, 0),
new Tpm2bPublicKeyRsa());
SensitiveCreate sensCreate = new SensitiveCreate(new byte[] {1, 2, 3}, new byte[0]);
CreationData keyCreationData;
TkCreation creationTicket;
byte[] creationHash;
Console.WriteLine("Automatic authorization of a primary storage key.");
//
// An auth session is added automatically to authorize access to primHandle.
//
TpmPrivate keyPrivate = tpm.Create(primHandle,
sensCreate,
keyInPublic,
new byte[0],
new PcrSelection[0],
out keyPublic,
out keyCreationData,
out creationHash,
out creationTicket);
TpmHandle keyHandle = null;
Console.WriteLine("Strict mode.");
//
// Switch TPM object to the strict mode. (Note that this is a TSS.Net
// specific piece of functionality, not a part of TPM 2.0 specification).
//
tpm._Behavior.Strict = true;
//
// No auth session is added automatically when TPM object is in strict mode.
//
tpm._ExpectError(TpmRc.AuthMissing)
.Load(primHandle, keyPrivate, keyPublic);
//
// Now explicitly request an auth session of a desired type.
// The actual auth value will be supplied by TSS.Net implicitly.
//
keyHandle = tpm[Auth.Default].Load(primHandle, keyPrivate, keyPublic);
//
// Switch TPM object back to the normal mode.
//
tpm._Behavior.Strict = false;
Console.WriteLine("Signing decryption key created.");
return keyHandle;
}
public Tpm2CreatePrimaryRequest(Tpm2CreatePrimaryRequest the_Tpm2CreatePrimaryRequest)
{
if((Object) the_Tpm2CreatePrimaryRequest == null ) throw new ArgumentException(Globs.GetResourceString("parmError"));
primaryHandle = the_Tpm2CreatePrimaryRequest.primaryHandle;
inSensitive = the_Tpm2CreatePrimaryRequest.inSensitive;
inPublic = the_Tpm2CreatePrimaryRequest.inPublic;
outsideInfo = the_Tpm2CreatePrimaryRequest.outsideInfo;
creationPCR = the_Tpm2CreatePrimaryRequest.creationPCR;
}
public Tpm2CreatePrimaryRequest()
{
primaryHandle = new TpmHandle();
inSensitive = new SensitiveCreate();
inPublic = null;
outsideInfo = null;
creationPCR = null;
}
///<param name = "the_parentHandle">Handle of a transient storage key, a persistent storage key, TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL Auth Index: 1 Auth Role: USER</param>
///<param name = "the_inSensitive">the sensitive data, see TPM 2.0 Part 1 Sensitive Values</param>
///<param name = "the_inPublic">the public template</param>
public Tpm2CreateLoadedRequest(
TpmHandle the_parentHandle,
SensitiveCreate the_inSensitive,
byte[] the_inPublic
)
{
this.parentHandle = the_parentHandle;
this.inSensitive = the_inSensitive;
this.inPublic = the_inPublic;
}
public async Task<Tpm2CreateResponse> CreateAsync(
TpmHandle parentHandle,
SensitiveCreate inSensitive,
TpmPublic inPublic,
byte[] outsideInfo,
PcrSelection[] creationPCR)
{
var inS = new Tpm2CreateRequest {
parentHandle = parentHandle,
inSensitive = inSensitive,
inPublic = inPublic,
outsideInfo = outsideInfo,
creationPCR = creationPCR
};
TpmStructureBase outSBase = null;
await Task.Run(() => DispatchMethod(TpmCc.Create, inS, typeof (Tpm2CreateResponse), out outSBase, 1, 0));
var outS = (Tpm2CreateResponse)outSBase;
return outS;
}
public Tpm2CreatePrimaryRequest()
{
primaryHandle = new TpmHandle();
inSensitive = new SensitiveCreate();
inPublic = new TpmPublic();
outsideInfo = new byte[0];
creationPCR = new PcrSelection[0];
}
/// <summary>
/// Create a sealed-object primary that can be accessed with the given policy. SHA256 is assumed.
/// </summary>
/// <param name="tpm"></param>
/// <param name="dataToSeal"></param>
/// <param name="authValue"></param>
/// <param name="policy"></param>
/// <returns></returns>
private static TpmHandle CreateSealedPrimaryObject(Tpm2 tpm, byte[] dataToSeal, byte[] authValue, byte[] policy)
{
ObjectAttr attrs = ObjectAttr.FixedTPM | ObjectAttr.FixedParent;
if (authValue != null)
{
attrs |= ObjectAttr.UserWithAuth;
}
byte[] policyVal = policy ?? new byte[0];
var sealedInPublic = new TpmPublic(TpmAlgId.Sha256,
attrs,
policyVal,
new KeyedhashParms(new NullSchemeKeyedhash()),
new Tpm2bDigestKeyedhash());
//
// Envelope for sealed data and auth
//
byte[] authVal = authValue ?? new byte[0];
var sealedInSensitive = new SensitiveCreate(authVal, dataToSeal);
TkCreation creationTicket;
byte[] creationHashSealed;
TpmPublic sealedPublic;
CreationData sealedCreationData;
//
// AuthValue encapsulates an authorization value: essentially a byte-array.
// OwnerAuth is the owner authorization value of the TPM-under-test. We
// assume that it (and other) auths are set to the default (null) value.
// If running on a real TPM, which has been provisioned by Windows, this
// value will be different. An administrator can retrieve the owner
// authorization value from the registry.
//
var ownerAuth = new AuthValue();
//
// Ask the TPM to create a primary containing the "sealed" data
//
TpmHandle primHandle = tpm[ownerAuth].CreatePrimary(TpmHandle.RhOwner,
sealedInSensitive,
sealedInPublic,
new byte[0],
new PcrSelection[0],
out sealedPublic,
out sealedCreationData,
out creationHashSealed,
out creationTicket);
return primHandle;
}
///<param name = "the_primaryHandle">TPM_RH_ENDORSEMENT, TPM_RH_OWNER, TPM_RH_PLATFORM+{PP}, or TPM_RH_NULL Auth Index: 1 Auth Role: USER</param>
///<param name = "the_inSensitive">the sensitive data, see TPM 2.0 Part 1 Sensitive Values</param>
///<param name = "the_inPublic">the public template</param>
///<param name = "the_outsideInfo">data that will be included in the creation data for this object to provide permanent, verifiable linkage between this object and some object owner data</param>
///<param name = "the_creationPCR">PCR that will be used in creation data</param>
public Tpm2CreatePrimaryRequest(
TpmHandle the_primaryHandle,
SensitiveCreate the_inSensitive,
TpmPublic the_inPublic,
byte[] the_outsideInfo,
PcrSelection[] the_creationPCR
)
{
this.primaryHandle = the_primaryHandle;
this.inSensitive = the_inSensitive;
this.inPublic = the_inPublic;
this.outsideInfo = the_outsideInfo;
this.creationPCR = the_creationPCR;
}
/// <summary>
/// This sample illustrates the creation and use of an RSA signing key to
/// "quote" PCR state
/// </summary>
/// <param name="tpm">Reference to the TPM object.</param>
static void QuotePcrs(Tpm2 tpm)
{
//
// First use a library routine to create an RSA/AES primary storage key
// with null user-auth.
//
TpmPublic rsaPrimaryPublic;
var primaryAuth = new byte[0];
TpmHandle primHandle = CreateRsaPrimaryStorageKey(tpm, primaryAuth, out rsaPrimaryPublic);
//
// Template for a signing key. We will make the key restricted so that we
// can quote with it too.
//
var signKeyPubTemplate = new TpmPublic(TpmAlgId.Sha1,
ObjectAttr.Sign | ObjectAttr.Restricted | // A "quoting" key
ObjectAttr.FixedParent | ObjectAttr.FixedTPM | // Non-duplicable
ObjectAttr.UserWithAuth | // Authorize with auth-data
ObjectAttr.SensitiveDataOrigin, // TPM will create a new key
new byte[0],
new RsaParms(new SymDefObject(), new SchemeRsassa(TpmAlgId.Sha1), 2048, 0),
new Tpm2bPublicKeyRsa());
//
// Auth-data for new key
//
var userAuth = new byte[] { 1, 2, 3, 4 };
var sensCreate = new SensitiveCreate(userAuth, new byte[0]);
//
// Creation data (not used in this sample)
//
CreationData childCreationData;
TkCreation creationTicket;
byte[] creationHash;
//
// Create the key
//
TpmPublic keyPub;
TpmPrivate keyPriv = tpm[primaryAuth].Create(primHandle, // Child of primary key created above
sensCreate, // Auth-data
signKeyPubTemplate, // Template created above
new byte[0], // Other parms are not used here
new PcrSelection[0],
out keyPub,
out childCreationData, out creationHash, out creationTicket);
Console.WriteLine("New public key\n" + keyPub.ToString());
//
// Load the key as a child of the primary that it
// was created under.
//
TpmHandle signHandle = tpm[primaryAuth].Load(primHandle, keyPriv, keyPub);
//
// Note that Load returns the "name" of the key and this is automatically
// associated with the handle.
//
Console.WriteLine("Name of key:" + BitConverter.ToString(signHandle.Name));
//
// Aome data to quote
//
TpmHash hashToSign = TpmHash.FromData(TpmAlgId.Sha1, new byte[] { 4, 3, 2, 1 });
//
// PCRs to quote. SHA-1 bank, PCR-indices 1, 2, and 3
//
var pcrsToQuote = new PcrSelection[]
{
new PcrSelection(TpmAlgId.Sha, new uint[] { 1, 2, 3 })
};
//
// Ask the TPM to quote the PCR (and the nonce). The TPM
// returns the quote-signature and the data that was signed
//
ISignatureUnion quoteSig;
Attest quotedInfo = tpm[userAuth].Quote(signHandle,
hashToSign.HashData,
new SchemeRsassa(TpmAlgId.Sha1),
pcrsToQuote,
out quoteSig);
//
// Print out what was quoted
//
var info = (QuoteInfo)quotedInfo.attested;
Console.WriteLine("PCRs that were quoted: " +
info.pcrSelect[0].ToString() +
"\nHash of PCR-array: " +
BitConverter.ToString(info.pcrDigest));
//
// Read the PCR to check the quoted value
//
PcrSelection[] outSelection;
Tpm2bDigest[] outValues;
tpm.PcrRead(new PcrSelection[] {
new PcrSelection(TpmAlgId.Sha, new uint[] { 1, 2, 3 })
},
out outSelection,
out outValues);
//
// Use the Tpm2Lib library to validate the quote against the
// values just read.
//
bool quoteOk = keyPub.VerifyQuote(TpmAlgId.Sha1,
outSelection,
outValues,
hashToSign.HashData,
quotedInfo,
quoteSig);
if (!quoteOk)
{
throw new Exception("Quote did not validate");
}
Console.WriteLine("Quote correctly validated.");
//
// Test other uses of the signing key. A restricted key can only
// sign data that the TPM knows does not start with a magic
// number (that identifies TPM internal data). So this does not
// work
//
var nullProof = new TkHashcheck(TpmHandle.RhNull, new byte[0]);
tpm[userAuth]._ExpectError(TpmRc.Ticket).Sign(signHandle,
hashToSign.HashData,
new SchemeRsassa(TpmAlgId.Sha1),
nullProof);
//
// But if we ask the TPM to hash the same data and then sign it
// then the TPM can be sure that the data is safe, so it will
// sign it.
//
TkHashcheck safeHashTicket;
TpmHandle hashHandle = tpm.HashSequenceStart(_nullAuth, TpmAlgId.Sha1);
//
// The ticket is only generated if the data is "safe."
//
tpm[_nullAuth].SequenceComplete(hashHandle,
new byte[] { 4, 3, 2, 1 },
TpmHandle.RhOwner,
out safeHashTicket);
//
// This will now work because the ticket proves to the
// TPM that the data that it is about to sign does not
// start with TPM_GENERATED
//
ISignatureUnion sig = tpm[userAuth].Sign(signHandle,
hashToSign.HashData,
new SchemeRsassa(TpmAlgId.Sha1),
safeHashTicket);
//
// And we can verify the signature
//
bool sigOk = keyPub.VerifySignatureOverData(new byte[] { 4, 3, 2, 1 }, sig);
if (!sigOk)
{
throw new Exception("Signature did not verify");
}
Console.WriteLine("Signature verified.");
//
// Clean up
//
tpm.FlushContext(primHandle);
tpm.FlushContext(signHandle);
}
public Tpm2CreateLoadedRequest()
{
parentHandle = new TpmHandle();
inSensitive = new SensitiveCreate();
inPublic = null;
}
