API tools faq
paste
Advertisement
Guest User

(Exception) Public Key Encryption using TSS.Net

a guest
May 20th, 2020
1,143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C# 6.10 KB | None | 0 0
raw download clone embed print report
  1. using System;
  2. using System.Collections.Generic;
  3. using System.Linq;
  4. using System.Text;
  5. using System.Threading.Tasks;
  6. using Tpm2Lib;
  7.  
  8. namespace EncryptionDecryption
  9. {
  10.     class Program
  11.     {
  12.         /// <summary>
  13.         /// Defines the argument to use to have this program use a TCP connection
  14.         /// to communicate with a TPM 2.0 simulator.
  15.         /// </summary>
  16.         private const string DeviceSimulator = "-tcp";
  17.  
  18.         /// <summary>
  19.         /// Defines the argument to use to have this program use the Windows TBS
  20.         /// API to communicate with a TPM 2.0 device.
  21.         /// </summary>
  22.         private const string DeviceWinTbs = "-tbs";
  23.  
  24.         /// <summary>
  25.         /// The default connection to use for communication with the TPM.
  26.         /// </summary>
  27.         private const string DefaultDevice = DeviceSimulator;
  28.  
  29.         /// <summary>
  30.         /// If using a TCP connection, the default DNS name/IP address for the
  31.         /// simulator.
  32.         /// </summary>
  33.         private const string DefaultSimulatorName = "127.0.0.1";
  34.  
  35.         /// <summary>
  36.         /// If using a TCP connection, the default TCP port of the simulator.
  37.         /// </summary>
  38.         private const int DefaultSimulatorPort = 2321;
  39.  
  40.         static void Main(string[] args)
  41.         {
  42.             string tpmDeviceName = "-tcp";
  43.  
  44.             try
  45.             {
  46.  
  47.                 Tpm2Device tpmDevice;
  48.                 switch (tpmDeviceName)
  49.                 {
  50.                     case DeviceSimulator:
  51.                         tpmDevice = new TcpTpmDevice(DefaultSimulatorName, DefaultSimulatorPort);
  52.                         break;
  53.  
  54.                     case DeviceWinTbs:
  55.                         tpmDevice = new TbsDevice();
  56.                         break;
  57.  
  58.                     default:
  59.                         throw new Exception("Unknown device selected.");
  60.                 }
  61.  
  62.                 tpmDevice.Connect();
  63.  
  64.                 var tpm = new Tpm2(tpmDevice);
  65.  
  66.                 if (tpmDevice is TcpTpmDevice)
  67.                 {
  68.                     //
  69.                     // If we are using the simulator, we have to do a few things the
  70.                     // firmware would usually do. These actions have to occur after
  71.                     // the connection has been established.
  72.                     //
  73.                     tpmDevice.PowerCycle();
  74.                     tpm.Startup(Su.Clear);
  75.                 }
  76.  
  77.                 var sensCreate = new SensitiveCreate(new byte[] { 0xa, 0xb, 0xc }, null);
  78.  
  79.                 TpmPublic parms = new TpmPublic(
  80.                     TpmAlgId.Sha1,
  81.                     ObjectAttr.Decrypt | ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin,
  82.                     null,
  83.                     new RsaParms(
  84.                         null, // new SymDefObject(TpmAlgId.Aes, 128, TpmAlgId.Cfb),
  85.                         new SchemeOaep(TpmAlgId.Sha1),
  86.                         2048,
  87.                         65537),
  88.                     new Tpm2bPublicKeyRsa());
  89.  
  90.                 byte[] outsideInfo = Globs.GetRandomBytes(8);
  91.                 var creationPcr = new PcrSelection(TpmAlgId.Sha1, new uint[] { 0, 1, 2 });
  92.  
  93.                 TpmPublic pubCreated;
  94.                 CreationData creationData;
  95.                 TkCreation creationTicket;
  96.                 byte[] creationHash;
  97.  
  98.                
  99.                 TpmHandle h = tpm.CreatePrimary(TpmRh.Null,
  100.                                                 sensCreate, // null,
  101.                                                 parms,
  102.                                                 null, //outsideInfo,
  103.                                                 null, //new PcrSelection[] { creationPcr },
  104.                                                 out pubCreated,
  105.                                                 out creationData,
  106.                                                 out creationHash,
  107.                                                 out creationTicket);
  108.  
  109.                 Console.WriteLine("Primary RSA storage key created.");
  110.  
  111.                 System.Text.ASCIIEncoding encASCII = new System.Text.ASCIIEncoding();
  112.  
  113.                 byte[] secret = encASCII.GetBytes("secret");
  114.  
  115.                 var encrypted = pubCreated.EncryptOaep(secret, null);
  116.                 var decrypted = tpm.RsaDecrypt(h, encrypted, new NullAsymScheme(), null);
  117.  
  118.                 Console.WriteLine("secret:    '{0}'", secret);
  119.                 Console.WriteLine("encrypted: '{0}'", encrypted);
  120.                 Console.WriteLine("decrypted: '{0}'", decrypted);
  121.  
  122.                 tpm.FlushContext(h);
  123.                 tpm.Dispose();
  124.  
  125.             }
  126.             catch (TpmException e)
  127.             {
  128.                 //
  129.                 // If a command fails because an unexpected return code is in the response,
  130.                 // i.e., TPM returns an error code where success is expected or success
  131.                 // where an error code is expected. Or if the response is malformed, then
  132.                 // the unmarshaling code will throw a TPM exception.
  133.                 // The Error string will contain a description of the return code. Usually the
  134.                 // return code will be a known TPM return code. However, if using the TPM through
  135.                 // TBS, TBS might encode internal error codes into the response code. For instance
  136.                 // a return code of 0x80280400 indicates that a command is blocked by TBS. This
  137.                 // error code is also returned if the command is not implemented by the TPM.
  138.                 //
  139.                 // You can see the information included in the TPM exception by removing the
  140.                 // checks for available TPM commands above and running the sample on a TPM
  141.                 // without the required commands.
  142.                 //
  143.                 Console.WriteLine("TPM exception occurred: {0}", e.ToString());
  144.             }
  145.             catch (Exception e)
  146.             {
  147.                 Console.WriteLine("Exception occurred: {0}", e.ToString());
  148.             }
  149.  
  150.  
  151.             Console.WriteLine("Press Any Key to continue.");
  152.  
  153.             Console.ReadLine();
  154.         }
  155.     }
  156. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!