· 5 years ago · May 20, 2020, 11:22 AM
1using System;
2using System.Collections.Generic;
3using System.Linq;
4using System.Text;
5using System.Threading.Tasks;
6using Tpm2Lib;
7
8namespace EncryptionDecryption
9{
10 class Program
11 {
12 /// <summary>
13 /// Defines the argument to use to have this program use a TCP connection
14 /// to communicate with a TPM 2.0 simulator.
15 /// </summary>
16 private const string DeviceSimulator = "-tcp";
17
18 /// <summary>
19 /// Defines the argument to use to have this program use the Windows TBS
20 /// API to communicate with a TPM 2.0 device.
21 /// </summary>
22 private const string DeviceWinTbs = "-tbs";
23
24 /// <summary>
25 /// The default connection to use for communication with the TPM.
26 /// </summary>
27 private const string DefaultDevice = DeviceSimulator;
28
29 /// <summary>
30 /// If using a TCP connection, the default DNS name/IP address for the
31 /// simulator.
32 /// </summary>
33 private const string DefaultSimulatorName = "127.0.0.1";
34
35 /// <summary>
36 /// If using a TCP connection, the default TCP port of the simulator.
37 /// </summary>
38 private const int DefaultSimulatorPort = 2321;
39
40 static void Main(string[] args)
41 {
42 string tpmDeviceName = "-tcp";
43
44 try
45 {
46
47 Tpm2Device tpmDevice;
48 switch (tpmDeviceName)
49 {
50 case DeviceSimulator:
51 tpmDevice = new TcpTpmDevice(DefaultSimulatorName, DefaultSimulatorPort);
52 break;
53
54 case DeviceWinTbs:
55 tpmDevice = new TbsDevice();
56 break;
57
58 default:
59 throw new Exception("Unknown device selected.");
60 }
61
62 tpmDevice.Connect();
63
64 var tpm = new Tpm2(tpmDevice);
65
66 if (tpmDevice is TcpTpmDevice)
67 {
68 //
69 // If we are using the simulator, we have to do a few things the
70 // firmware would usually do. These actions have to occur after
71 // the connection has been established.
72 //
73 tpmDevice.PowerCycle();
74 tpm.Startup(Su.Clear);
75 }
76
77 var sensCreate = new SensitiveCreate(new byte[] { 0xa, 0xb, 0xc }, null);
78
79 TpmPublic parms = new TpmPublic(
80 TpmAlgId.Sha1,
81 ObjectAttr.Decrypt | ObjectAttr.UserWithAuth | ObjectAttr.SensitiveDataOrigin,
82 null,
83 new RsaParms(
84 null, // new SymDefObject(TpmAlgId.Aes, 128, TpmAlgId.Cfb),
85 new SchemeOaep(TpmAlgId.Sha1),
86 2048,
87 65537),
88 new Tpm2bPublicKeyRsa());
89
90 byte[] outsideInfo = Globs.GetRandomBytes(8);
91 var creationPcr = new PcrSelection(TpmAlgId.Sha1, new uint[] { 0, 1, 2 });
92
93 TpmPublic pubCreated;
94 CreationData creationData;
95 TkCreation creationTicket;
96 byte[] creationHash;
97
98
99 TpmHandle h = tpm.CreatePrimary(TpmRh.Null,
100 sensCreate, // null,
101 parms,
102 null, //outsideInfo,
103 null, //new PcrSelection[] { creationPcr },
104 out pubCreated,
105 out creationData,
106 out creationHash,
107 out creationTicket);
108
109 Console.WriteLine("Primary RSA storage key created.");
110
111 System.Text.ASCIIEncoding encASCII = new System.Text.ASCIIEncoding();
112
113 byte[] secret = encASCII.GetBytes("secret");
114
115 var encrypted = pubCreated.EncryptOaep(secret, null);
116 var decrypted = tpm.RsaDecrypt(h, encrypted, new NullAsymScheme(), null);
117
118 Console.WriteLine("secret: '{0}'", secret);
119 Console.WriteLine("encrypted: '{0}'", encrypted);
120 Console.WriteLine("decrypted: '{0}'", decrypted);
121
122 tpm.FlushContext(h);
123 tpm.Dispose();
124
125 }
126 catch (TpmException e)
127 {
128 //
129 // If a command fails because an unexpected return code is in the response,
130 // i.e., TPM returns an error code where success is expected or success
131 // where an error code is expected. Or if the response is malformed, then
132 // the unmarshaling code will throw a TPM exception.
133 // The Error string will contain a description of the return code. Usually the
134 // return code will be a known TPM return code. However, if using the TPM through
135 // TBS, TBS might encode internal error codes into the response code. For instance
136 // a return code of 0x80280400 indicates that a command is blocked by TBS. This
137 // error code is also returned if the command is not implemented by the TPM.
138 //
139 // You can see the information included in the TPM exception by removing the
140 // checks for available TPM commands above and running the sample on a TPM
141 // without the required commands.
142 //
143 Console.WriteLine("TPM exception occurred: {0}", e.ToString());
144 }
145 catch (Exception e)
146 {
147 Console.WriteLine("Exception occurred: {0}", e.ToString());
148 }
149
150
151 Console.WriteLine("Press Any Key to continue.");
152
153 Console.ReadLine();
154 }
155 }
156}