WolfSSL
/
wolfTPM
mirror of https://github.com/wolfSSL/wolfTPM.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #224 from dgarske/csharp_exception 

CSharp support for handling TPM errors with exception
pull/225/head
Anthony Hu 2022-07-13 11:39:16 -04:00 committed by GitHub
parent 1a78e4f27f 1a76727edf
commit bbecd2bb45
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 518 additions and 208 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/tpm2.c
View File

@ -5485,10 +5485,11 @@ const char* TPM2_GetRCString(int rc)
#endif #endif
#else #else
switch (rc) { switch (rc) {
TPM_RC_STR(BAD_FUNC_ARG, "Bad function argument provided"); /* copy of the error code strings from wolfCrypt */
TPM_RC_STR(BUFFER_E, "Output buffer too small or input too large"); TPM_RC_STR(BAD_FUNC_ARG, "Bad function argument");
TPM_RC_STR(BUFFER_E, "Buffer error, output too small or input too big");
TPM_RC_STR(NOT_COMPILED_IN, "Feature not compiled in"); TPM_RC_STR(NOT_COMPILED_IN, "Feature not compiled in");
TPM_RC_STR(BAD_MUTEX_E, "Bad mutex operation"); TPM_RC_STR(BAD_MUTEX_E, "Bad mutex, operation failed");
TPM_RC_STR(WC_TIMEOUT_E, "Timeout error"); TPM_RC_STR(WC_TIMEOUT_E, "Timeout error");
default: default:
break; break;

8
src/tpm2_wrap.c
View File

@ -510,6 +510,14 @@ int wolfTPM2_SelfTest(WOLFTPM2_DEV* dev)
XMEMSET(&selfTest, 0, sizeof(selfTest)); XMEMSET(&selfTest, 0, sizeof(selfTest));
selfTest.fullTest = YES; selfTest.fullTest = YES;
rc = TPM2_SelfTest(&selfTest); rc = TPM2_SelfTest(&selfTest);
#ifdef WOLFTPM_WINAPI
if (rc == TPM_E_COMMAND_BLOCKED) {
#ifdef DEBUG_WOLFTPM
printf("TPM2_SelfTest not allowed on Windows TBS (err 0x%x)\n", rc);
#endif
rc = TPM_RC_SUCCESS; /* report success */
}
#endif
if (rc != TPM_RC_SUCCESS) { if (rc != TPM_RC_SUCCESS) {
#ifdef DEBUG_WOLFTPM #ifdef DEBUG_WOLFTPM
printf("TPM2_SelfTest failed 0x%x: %s\n", rc, TPM2_GetRCString(rc)); printf("TPM2_SelfTest failed 0x%x: %s\n", rc, TPM2_GetRCString(rc));

254
wrapper/CSharp/wolfTPM-tests.cs
View File

@ -107,33 +107,33 @@ namespace tpm_csharp_test
private void GetSRK(Key srkKey, string auth) private void GetSRK(Key srkKey, string auth)
{ {
int ret = device.CreateSRK(srkKey, int rc = device.CreateSRK(srkKey,
(int)TPM2_Alg.RSA, (int)TPM2_Alg.RSA,
auth); auth);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
private void GenerateKey(string algorithm) private void GenerateKey(string algorithm)
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int rc = (int)Status.TPM_RC_SUCCESS;
KeyBlob blob = new KeyBlob(); KeyBlob blob = new KeyBlob();
Template template = new Template(); Template template = new Template();
byte[] blob_buffer = new byte[Device.MAX_KEYBLOB_BYTES]; byte[] blob_buffer = new byte[Device.MAX_KEYBLOB_BYTES];
if (algorithm == "RSA") if (algorithm == "RSA")
{ {
ret = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
TPM2_Object.decrypt | TPM2_Object.decrypt |
TPM2_Object.sign | TPM2_Object.sign |
TPM2_Object.noDA)); TPM2_Object.noDA));
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
else if (algorithm == "AES") else if (algorithm == "AES")
{ {
ret = template.GetKeyTemplate_Symmetric(256, TPM2_Alg.CTR, true, true); rc = template.GetKeyTemplate_Symmetric(256, TPM2_Alg.CTR, true, true);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
else else
{ {
@ -141,17 +141,17 @@ namespace tpm_csharp_test
Assert.Fail(); Assert.Fail();
} }
ret = device.CreateKey(blob, parent_key, template, rc = device.CreateKey(blob, parent_key, template,
"ThisIsMyStorageKeyAuth"); "ThisIsMyStorageKeyAuth");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.LoadKey(blob, parent_key); rc = device.LoadKey(blob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = blob.GetKeyBlobAsBuffer(blob_buffer); rc = blob.GetKeyBlobAsBuffer(blob_buffer);
if (ret > 0) if (rc > 0)
{ {
Array.Resize(ref blob_buffer, ret); Array.Resize(ref blob_buffer, rc);
if (algorithm == "RSA") if (algorithm == "RSA")
{ {
generatedRSA = blob_buffer; generatedRSA = blob_buffer;
@ -165,21 +165,21 @@ namespace tpm_csharp_test
Console.WriteLine("Unexpected algorithm name!"); Console.WriteLine("Unexpected algorithm name!");
return; return;
} }
ret = (int)Status.TPM_RC_SUCCESS; rc = (int)Status.TPM_RC_SUCCESS;
} }
else else
{ {
Console.WriteLine("wolfTPM2_GetKeyBlobAsBuffer() failed."); Console.WriteLine("wolfTPM2_GetKeyBlobAsBuffer() failed.");
ret = -1; rc = -1;
} }
ret = device.UnloadHandle(blob); rc = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
private void LoadGeneratedKey(string algorithm) private void LoadGeneratedKey(string algorithm)
{ {
int ret = (int)Status.TPM_RC_SUCCESS; int rc = (int)Status.TPM_RC_SUCCESS;
KeyBlob blob = new KeyBlob(); KeyBlob blob = new KeyBlob();
byte[] blob_buffer; byte[] blob_buffer;
@ -197,14 +197,14 @@ namespace tpm_csharp_test
return; return;
} }
ret = blob.SetKeyBlobFromBuffer(blob_buffer); rc = blob.SetKeyBlobFromBuffer(blob_buffer);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.LoadKey(blob, parent_key); rc = device.LoadKey(blob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.UnloadHandle(blob); rc = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
@ -218,27 +218,26 @@ namespace tpm_csharp_test
[TearDown] [TearDown]
public void TestCleanup() public void TestCleanup()
{ {
int ret = device.UnloadHandle(parent_key); int rc = device.UnloadHandle(parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TrySelfTest() public void TrySelfTest()
{ {
uint ret = (uint)device.SelfTest(); int rc = device.SelfTest();
Assert.That(ret, Is.EqualTo((uint)Status.TPM_RC_SUCCESS) | Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
Is.EqualTo(0x80280400));
} }
[Test] [Test]
public void TryFillBufferWithRandom() public void TryFillBufferWithRandom()
{ {
int ret; int rc;
const int bufSz = 256; const int bufSz = 256;
byte[] buf = new byte[bufSz]; byte[] buf = new byte[bufSz];
ret = device.GetRandom(buf); rc = device.GetRandom(buf);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
PrintByteArray(buf); PrintByteArray(buf);
Assert.That(buf, Has.Some.GreaterThan(0)); Assert.That(buf, Has.Some.GreaterThan(0));
@ -261,28 +260,28 @@ namespace tpm_csharp_test
[Test] [Test]
public void TryAuthSession() public void TryAuthSession()
{ {
int ret; int rc;
Session tpmSession = new Session(); Session tpmSession = new Session();
const int bufSz = 256; const int bufSz = 256;
byte[] buf = new byte[bufSz]; byte[] buf = new byte[bufSz];
Console.WriteLine("Testing Parameter Encryption with AES CFB"); Console.WriteLine("Testing Parameter Encryption with AES CFB");
ret = tpmSession.StartAuth(device, parent_key, TPM2_Alg.CFB); rc = tpmSession.StartAuth(device, parent_key, TPM2_Alg.CFB);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Do sensitive operation */ /* Do sensitive operation */
ret = device.GetRandom(buf); rc = device.GetRandom(buf);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = tpmSession.StopAuth(device); rc = tpmSession.StopAuth(device);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryLoadRSAPublicKey() public void TryLoadRSAPublicKey()
{ {
int ret; int rc;
Key pub_key; Key pub_key;
int exp = 0x10001; int exp = 0x10001;
@ -290,17 +289,17 @@ namespace tpm_csharp_test
pub_key = new Key(); pub_key = new Key();
ret = device.LoadRsaPublicKey(pub_key, pub_buffer, exp); rc = device.LoadRsaPublicKey(pub_key, pub_buffer, exp);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.UnloadHandle(pub_key); rc = device.UnloadHandle(pub_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryLoadRSAPrivateKey() public void TryLoadRSAPrivateKey()
{ {
int ret; int rc;
Key priv_key; Key priv_key;
int exp = 0x10001; int exp = 0x10001;
@ -309,19 +308,19 @@ namespace tpm_csharp_test
priv_key = new Key(); priv_key = new Key();
ret = device.LoadRsaPrivateKey(parent_key, priv_key, rc = device.LoadRsaPrivateKey(parent_key, priv_key,
pub_buffer, exp, pub_buffer, exp,
priv_buffer); priv_buffer);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.UnloadHandle(priv_key); rc = device.UnloadHandle(priv_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryImportRSAPrivateKey() public void TryImportRSAPrivateKey()
{ {
int ret; int rc;
KeyBlob blob; KeyBlob blob;
int exp = 0x10001; int exp = 0x10001;
@ -331,64 +330,72 @@ namespace tpm_csharp_test
blob = new KeyBlob(); blob = new KeyBlob();
ret = device.ImportRsaPrivateKey(parent_key, blob, rc = device.ImportRsaPrivateKey(parent_key, blob,
pub_buffer, pub_buffer,
exp, priv_buffer, exp, priv_buffer,
(uint)TPM2_Alg.NULL, (uint)TPM2_Alg.NULL); (uint)TPM2_Alg.NULL, (uint)TPM2_Alg.NULL);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.UnloadHandle(blob); rc = device.UnloadHandle(blob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryCreatePrimaryKey() public void TryCreatePrimaryKey()
{ {
int ret; int rc;
Key key = new Key(); Key key = new Key();
Template template = new Template(); Template template = new Template();
/* Test creating the primary RSA endorsement key (EK) */ /* Test creating the primary RSA endorsement key (EK) */
ret = template.GetKeyTemplate_RSA_EK(); rc = template.GetKeyTemplate_RSA_EK();
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.CreatePrimaryKey(key, TPM_RH.ENDORSEMENT, template, null); rc = device.CreatePrimaryKey(key, TPM_RH.ENDORSEMENT, template, null);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.UnloadHandle(key); rc = device.UnloadHandle(key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryCreateCustomPrimaryKey() public void TryCreateCustomPrimaryKey()
{ {
int ret; int rc;
Key key = new Key(); Key key = new Key();
Template template = new Template(); Template template = new Template();
/* Test creating custom SRK (different than one Windows uses) */ /* Test creating custom SRK (different than one Windows uses) */
ret = template.GetKeyTemplate_RSA_SRK(); rc = template.GetKeyTemplate_RSA_SRK();
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = template.SetKeyTemplate_Unique("myUniqueValue"); rc = template.SetKeyTemplate_Unique("myUniqueValue");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.CreatePrimaryKey(key, TPM_RH.OWNER, template, null); rc = device.CreatePrimaryKey(key, TPM_RH.OWNER, template, null);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* use temporary handle (in memory), cannot store to /* use temporary handle (in memory), cannot store to
* Non-Volatile (NV) Memory on Windows */ * Non-Volatile (NV) Memory on Windows */
Console.WriteLine("Primary Key Handle 0x{0}", Console.WriteLine("Primary Key Handle 0x{0}",
device.GetHandleValue(key.GetHandle()).ToString("X8")); device.GetHandleValue(key.GetHandle()).ToString("X8"));
ret = device.UnloadHandle(key); rc = device.UnloadHandle(key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
}
[Test]
public void TryGetErrorString()
{
string err = device.GetErrorString(Status.BAD_FUNC_ARG);
if (!string.IsNullOrEmpty(err))
Assert.AreEqual(err, "Bad function argument");
} }
[Test] [Test]
public void TryGenerateCSR() public void TryGenerateCSR()
{ {
int ret; int rc;
KeyBlob keyBlob = new KeyBlob(); KeyBlob keyBlob = new KeyBlob();
Template template = new Template(); Template template = new Template();
byte[] output = new byte[Device.MAX_TPM_BUFFER]; byte[] output = new byte[Device.MAX_TPM_BUFFER];
@ -398,35 +405,75 @@ namespace tpm_csharp_test
"/emailAddress=info@wolfssl.com"; "/emailAddress=info@wolfssl.com";
string keyUsage = "serverAuth,clientAuth,codeSigning"; string keyUsage = "serverAuth,clientAuth,codeSigning";
ret = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
TPM2_Object.decrypt | TPM2_Object.decrypt |
TPM2_Object.sign | TPM2_Object.sign |
TPM2_Object.noDA)); TPM2_Object.noDA));
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.CreateKey(keyBlob, parent_key, template, rc = device.CreateKey(keyBlob, parent_key, template,
"ThisIsMyStorageKeyAuth"); "ThisIsMyStorageKeyAuth");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.LoadKey(keyBlob, parent_key); rc = device.LoadKey(keyBlob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.GenerateCSR(keyBlob, subject, keyUsage, /* Generate a CSR (Certificate Signing Request) */
X509_Format.PEM, output, 0); rc = device.GenerateCSR(keyBlob, subject, keyUsage,
Assert.That(ret, Is.GreaterThan(0)); X509_Format.PEM, output);
Assert.That(rc, Is.GreaterThan(0));
Console.WriteLine("CSR PEM {0} bytes", ret.ToString()); Console.WriteLine("CSR PEM {0} bytes", rc.ToString());
ret = device.UnloadHandle(keyBlob); rc = device.UnloadHandle(keyBlob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
}
[Test]
public void TryGenerateCert()
{
int rc;
KeyBlob keyBlob = new KeyBlob();
Template template = new Template();
byte[] output = new byte[Device.MAX_TPM_BUFFER];
string subject = "/C=US/ST=Oregon/L=Portland/SN=Development" +
"/O=wolfSSL/OU=RSA/CN=www.wolfssl.com" +
"/emailAddress=info@wolfssl.com";
string keyUsage = "serverAuth,clientAuth,codeSigning";
rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth |
TPM2_Object.decrypt |
TPM2_Object.sign |
TPM2_Object.noDA));
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
rc = device.CreateKey(keyBlob, parent_key, template,
"ThisIsMyStorageKeyAuth");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
rc = device.LoadKey(keyBlob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
/* Generate a self signed certificate */
rc = device.GenerateCSR(keyBlob, subject, keyUsage,
X509_Format.PEM, output, 0, 1);
Assert.That(rc, Is.GreaterThan(0));
Console.WriteLine("Cert PEM {0} bytes", rc.ToString());
rc = device.UnloadHandle(keyBlob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
[Test] [Test]
public void TryGenerateCSRCustomOID() public void TryGenerateCSRCustomOID()
{ {
int ret; int rc;
KeyBlob keyBlob = new KeyBlob(); KeyBlob keyBlob = new KeyBlob();
Template template = new Template(); Template template = new Template();
Csr csr = new Csr(); Csr csr = new Csr();
@ -440,43 +487,42 @@ namespace tpm_csharp_test
string custOid = "1.2.3.4.5"; string custOid = "1.2.3.4.5";
string custOidVal = "This is NOT a critical extension"; string custOidVal = "This is NOT a critical extension";
ret = template.GetKeyTemplate_RSA((ulong)( rc = template.GetKeyTemplate_RSA((ulong)(
TPM2_Object.sensitiveDataOrigin | TPM2_Object.sensitiveDataOrigin |
TPM2_Object.userWithAuth | TPM2_Object.userWithAuth |
TPM2_Object.decrypt | TPM2_Object.decrypt |
TPM2_Object.sign | TPM2_Object.sign |
TPM2_Object.noDA)); TPM2_Object.noDA));
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.CreateKey(keyBlob, parent_key, template, rc = device.CreateKey(keyBlob, parent_key, template,
"ThisIsMyStorageKeyAuth"); "ThisIsMyStorageKeyAuth");
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = device.LoadKey(keyBlob, parent_key); rc = device.LoadKey(keyBlob, parent_key);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = csr.SetSubject(subject); rc = csr.SetSubject(subject);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = csr.SetKeyUsage(keyUsage); rc = csr.SetKeyUsage(keyUsage);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = csr.SetCustomExtension(custOid, custOidVal, 0); rc = csr.SetCustomExtension(custOid, custOidVal, 0);
/* if custom OID support is not compiled in then test is /* if custom OID support is not compiled in then test is
* inconclusive */ * inconclusive */
if (ret == (int)Status.NOT_COMPILED_IN) if (rc == (int)Status.NOT_COMPILED_IN)
Assert.Inconclusive(); Assert.Inconclusive();
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
ret = csr.MakeAndSign(device, keyBlob, X509_Format.PEM, output); rc = csr.MakeAndSign(device, keyBlob, X509_Format.PEM, output);
Assert.That(ret, Is.GreaterThan(0)); Assert.That(rc, Is.GreaterThan(0));
Console.WriteLine("CSR PEM {0} bytes", ret.ToString()); Console.WriteLine("CSR PEM {0} bytes", rc.ToString());
ret = device.UnloadHandle(keyBlob); rc = device.UnloadHandle(keyBlob);
Assert.AreEqual((int)Status.TPM_RC_SUCCESS, ret); Assert.AreEqual((int)Status.TPM_RC_SUCCESS, rc);
} }
} }
} }

455
wrapper/CSharp/wolfTPM.cs
View File

@ -25,6 +25,42 @@ using System.Runtime.InteropServices;
namespace wolfTPM namespace wolfTPM
{ {
[Serializable]
public class WolfTpm2Exception : Exception
{
const string DLLNAME = "wolftpm";
private string _Message;
public int ErrorCode { get; }
public override string Message
{
get { return _Message; }
}
[DllImport(DLLNAME, EntryPoint = "TPM2_GetRCString")]
private static extern IntPtr TPM2_GetRCString(int rc);
public string GetErrorString(int rc)
{
IntPtr err = TPM2_GetRCString(rc);
return Marshal.PtrToStringAnsi(err);
}
public WolfTpm2Exception() { }
public WolfTpm2Exception(string message)
: base(message) { }
public WolfTpm2Exception(string message, Exception inner)
: base(message, inner) { }
public WolfTpm2Exception(string message, int errorCode)
: this(message)
{
ErrorCode = errorCode;
_Message = message + " failure 0x" + errorCode.ToString("X8") +
" (" + GetErrorString(errorCode) + ")";
}
}
public enum Status : int public enum Status : int
{ {
@ -180,19 +216,32 @@ namespace wolfTPM
{ {
if (keyblob != IntPtr.Zero) if (keyblob != IntPtr.Zero)
{ {
// TODO: check return value? /* ignore return code */
wolfTPM2_FreeKeyBlob(keyblob); wolfTPM2_FreeKeyBlob(keyblob);
} }
} }
public int GetKeyBlobAsBuffer(byte[] buffer) public int GetKeyBlobAsBuffer(byte[] buffer)
{ {
return wolfTPM2_GetKeyBlobAsBuffer(buffer, buffer.Length, keyblob); int rc = wolfTPM2_GetKeyBlobAsBuffer(buffer, buffer.Length,
keyblob);
/* positive return code is length of buffer filled */
if (rc < 0) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyBlobAsBuffer", rc);
}
return rc;
} }
public int SetKeyBlobFromBuffer(byte[] buffer) public int SetKeyBlobFromBuffer(byte[] buffer)
{ {
return wolfTPM2_SetKeyBlobFromBuffer(keyblob, buffer, buffer.Length); int rc = wolfTPM2_SetKeyBlobFromBuffer(keyblob,
buffer, buffer.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_SetKeyBlobFromBuffer", rc);
}
return rc;
} }
public IntPtr GetHandle() public IntPtr GetHandle()
@ -235,7 +284,7 @@ namespace wolfTPM
{ {
if (key != IntPtr.Zero) if (key != IntPtr.Zero)
{ {
// TODO: check return value /* ignore return code */
wolfTPM2_FreeKey(key); wolfTPM2_FreeKey(key);
} }
} }
@ -253,9 +302,14 @@ namespace wolfTPM
public int SetKeyAuthPassword(string auth) public int SetKeyAuthPassword(string auth)
{ {
return wolfTPM2_SetKeyAuthPassword(key, int rc = wolfTPM2_SetKeyAuthPassword(key,
auth, auth,
auth.Length); auth.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_SetKeyAuthPassword", rc);
}
return rc;
} }
} }
@ -287,8 +341,13 @@ namespace wolfTPM
ulong objectAttributes); ulong objectAttributes);
public int GetKeyTemplate_RSA(ulong objectAttributes) public int GetKeyTemplate_RSA(ulong objectAttributes)
{ {
return wolfTPM2_GetKeyTemplate_RSA(template, int rc = wolfTPM2_GetKeyTemplate_RSA(template,
objectAttributes); objectAttributes);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_RSA", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC")]
@ -299,8 +358,15 @@ namespace wolfTPM
public int GetKeyTemplate_ECC(ulong objectAttributes, TPM2_ECC curve, public int GetKeyTemplate_ECC(ulong objectAttributes, TPM2_ECC curve,
TPM2_Alg sigScheme) TPM2_Alg sigScheme)
{ {
return wolfTPM2_GetKeyTemplate_ECC(template, objectAttributes, int rc = wolfTPM2_GetKeyTemplate_ECC(template,
(uint)curve, (uint)sigScheme); objectAttributes,
(uint)curve,
(uint)sigScheme);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_ECC", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_Symmetric")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_Symmetric")]
@ -312,60 +378,101 @@ namespace wolfTPM
bool isSign, bool isSign,
bool isDecrypt) bool isDecrypt)
{ {
return wolfTPM2_GetKeyTemplate_Symmetric(template, int rc = wolfTPM2_GetKeyTemplate_Symmetric(template,
keyBits, keyBits,
(uint)algMode, (uint)algMode,
isSign ? 1 : 0, isSign ? 1 : 0,
isDecrypt ? 1 : 0); isDecrypt ? 1 : 0);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_Symmetric", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_EK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_EK")]
private static extern int wolfTPM2_GetKeyTemplate_RSA_EK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_RSA_EK(IntPtr publicTemplate);
public int GetKeyTemplate_RSA_EK() public int GetKeyTemplate_RSA_EK()
{ {
return wolfTPM2_GetKeyTemplate_RSA_EK(template); int rc = wolfTPM2_GetKeyTemplate_RSA_EK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_RSA_EK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_EK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_EK")]
private static extern int wolfTPM2_GetKeyTemplate_ECC_EK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_ECC_EK(IntPtr publicTemplate);
public int GetKeyTemplate_ECC_EK() public int GetKeyTemplate_ECC_EK()
{ {
return wolfTPM2_GetKeyTemplate_ECC_EK(template); int rc = wolfTPM2_GetKeyTemplate_ECC_EK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_ECC_EK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_SRK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_SRK")]
private static extern int wolfTPM2_GetKeyTemplate_RSA_SRK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_RSA_SRK(IntPtr publicTemplate);
public int GetKeyTemplate_RSA_SRK() public int GetKeyTemplate_RSA_SRK()
{ {
return wolfTPM2_GetKeyTemplate_RSA_SRK(template); int rc = wolfTPM2_GetKeyTemplate_RSA_SRK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_RSA_SRK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_SRK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_SRK")]
private static extern int wolfTPM2_GetKeyTemplate_ECC_SRK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_ECC_SRK(IntPtr publicTemplate);
public int GetKeyTemplate_ECC_SRK() public int GetKeyTemplate_ECC_SRK()
{ {
return wolfTPM2_GetKeyTemplate_ECC_SRK(template); int rc = wolfTPM2_GetKeyTemplate_ECC_SRK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_ECC_SRK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_AIK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_RSA_AIK")]
private static extern int wolfTPM2_GetKeyTemplate_RSA_AIK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_RSA_AIK(IntPtr publicTemplate);
public int GetKeyTemplate_RSA_AIK() public int GetKeyTemplate_RSA_AIK()
{ {
return wolfTPM2_GetKeyTemplate_RSA_AIK(template); int rc = wolfTPM2_GetKeyTemplate_RSA_AIK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_RSA_AIK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_AIK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetKeyTemplate_ECC_AIK")]
private static extern int wolfTPM2_GetKeyTemplate_ECC_AIK(IntPtr publicTemplate); private static extern int wolfTPM2_GetKeyTemplate_ECC_AIK(IntPtr publicTemplate);
public int GetKeyTemplate_ECC_AIK() public int GetKeyTemplate_ECC_AIK()
{ {
return wolfTPM2_GetKeyTemplate_ECC_AIK(template); int rc = wolfTPM2_GetKeyTemplate_ECC_AIK(template);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_ECC_AIK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyTemplate_Unique")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetKeyTemplate_Unique")]
private static extern int wolfTPM2_SetKeyTemplate_Unique(IntPtr publicTemplate, string unique, int uniqueSz); private static extern int wolfTPM2_SetKeyTemplate_Unique(IntPtr publicTemplate, string unique, int uniqueSz);
public int SetKeyTemplate_Unique(string unique) public int SetKeyTemplate_Unique(string unique)
{ {
return wolfTPM2_SetKeyTemplate_Unique(template, unique, unique.Length); int rc = wolfTPM2_SetKeyTemplate_Unique(template,
unique, unique.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetKeyTemplate_ECC_AIK", rc);
}
return rc;
} }
} }
@ -412,7 +519,7 @@ namespace wolfTPM
public int StartAuth(Device device, Key parentKey, TPM2_Alg algMode) public int StartAuth(Device device, Key parentKey, TPM2_Alg algMode)
{ {
int ret; int rc;
/* Algorithm modes: With parameter encryption use CFB or XOR. /* Algorithm modes: With parameter encryption use CFB or XOR.
* For HMAC only (no parameter encryption) use NULL. */ * For HMAC only (no parameter encryption) use NULL. */
@ -424,29 +531,28 @@ namespace wolfTPM
/* Start an authenticated session (salted / unbound) with /* Start an authenticated session (salted / unbound) with
* parameter encryption */ * parameter encryption */
ret = device.StartSession(this, parentKey, IntPtr.Zero, rc = device.StartSession(this, parentKey, IntPtr.Zero,
(byte)SE.HMAC, (int)algMode); (byte)SE.HMAC, (int)algMode);
if (ret == (int)Status.TPM_RC_SUCCESS) { if (rc == (int)Status.TPM_RC_SUCCESS) {
/* Set session for authorization of the primary key */ /* Set session for authorization of the primary key */
ret = device.SetAuthSession(this, this.sessionIdx, rc = device.SetAuthSession(this, this.sessionIdx,
(byte)(SESSION_mask.decrypt | SESSION_mask.encrypt | (byte)(SESSION_mask.decrypt | SESSION_mask.encrypt |
SESSION_mask.continueSession)); SESSION_mask.continueSession));
} }
return ret; if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception("StartAuth", rc);
}
return rc;
} }
public int StopAuth(Device device) public int StopAuth(Device device)
{ {
int ret;
/* Clear the auth index, since the auth session is ending */ /* Clear the auth index, since the auth session is ending */
device.ClearAuthSession(this, this.sessionIdx); device.ClearAuthSession(this, this.sessionIdx);
/* Unload session */ /* Unload session */
ret = device.UnloadHandle(this); return device.UnloadHandle(this);
return ret;
} }
} }
@ -485,8 +591,14 @@ namespace wolfTPM
public int SetCustomExtension(string oid, string der, int critical) public int SetCustomExtension(string oid, string der, int critical)
{ {
byte[] derBuf = Encoding.ASCII.GetBytes(der); byte[] derBuf = Encoding.ASCII.GetBytes(der);
return wolfTPM2_CSR_SetCustomExt(IntPtr.Zero, csr, critical, int rc = wolfTPM2_CSR_SetCustomExt(IntPtr.Zero, csr, critical,
oid, derBuf, (uint)der.Length); oid, derBuf, (uint)der.Length);
if (rc != (int)Status.TPM_RC_SUCCESS &&
rc != (int)Status.NOT_COMPILED_IN) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_SetCustomExt", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_SetKeyUsage")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_SetKeyUsage")]
@ -495,7 +607,12 @@ namespace wolfTPM
string keyUsage); string keyUsage);
public int SetKeyUsage(string keyUsage) public int SetKeyUsage(string keyUsage)
{ {
return wolfTPM2_CSR_SetKeyUsage(IntPtr.Zero, csr, keyUsage); int rc = wolfTPM2_CSR_SetKeyUsage(IntPtr.Zero, csr, keyUsage);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_SetKeyUsage", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_SetSubject")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_SetSubject")]
@ -504,7 +621,12 @@ namespace wolfTPM
string subject); string subject);
public int SetSubject(string subject) public int SetSubject(string subject)
{ {
return wolfTPM2_CSR_SetSubject(IntPtr.Zero, csr, subject); int rc = wolfTPM2_CSR_SetSubject(IntPtr.Zero, csr, subject);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_SetSubject", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_MakeAndSign")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_MakeAndSign")]
@ -519,8 +641,14 @@ namespace wolfTPM
X509_Format outputFormat, X509_Format outputFormat,
byte[] output) byte[] output)
{ {
return wolfTPM2_CSR_MakeAndSign(device.Ref, csr, int rc = wolfTPM2_CSR_MakeAndSign(device.Ref, csr,
keyBlob.keyblob, (int)outputFormat, output, output.Length); keyBlob.keyblob, (int)outputFormat, output, output.Length);
/* positive return code is length of resulting output */
if (rc < 0) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_MakeAndSign", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_MakeAndSign_ex")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_MakeAndSign_ex")]
@ -540,9 +668,14 @@ namespace wolfTPM
int sigType, int sigType,
int selfSign) int selfSign)
{ {
return wolfTPM2_CSR_MakeAndSign_ex(device.Ref, csr, int rc = wolfTPM2_CSR_MakeAndSign_ex(device.Ref, csr,
keyBlob.keyblob, (int)outputFormat, output, output.Length, keyBlob.keyblob, (int)outputFormat, output, output.Length,
sigType, selfSign, Device.INVALID_DEVID); sigType, selfSign, Device.INVALID_DEVID);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_MakeAndSign_ex", rc);
}
return rc;
} }
} }
@ -597,7 +730,12 @@ namespace wolfTPM
private static extern int wolfTPM2_SelfTest(IntPtr dev); private static extern int wolfTPM2_SelfTest(IntPtr dev);
public int SelfTest() public int SelfTest()
{ {
return wolfTPM2_SelfTest(device); int rc = wolfTPM2_SelfTest(device);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_SelfTest", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetRandom")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_GetRandom")]
@ -606,7 +744,12 @@ namespace wolfTPM
int len); int len);
public int GetRandom(byte[] buf) public int GetRandom(byte[] buf)
{ {
return wolfTPM2_GetRandom(device, buf, buf.Length); int rc = wolfTPM2_GetRandom(device, buf, buf.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_GetRandom", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CreateSRK")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CreateSRK")]
@ -619,11 +762,16 @@ namespace wolfTPM
int alg, int alg,
string auth) string auth)
{ {
return wolfTPM2_CreateSRK(device, int rc = wolfTPM2_CreateSRK(device,
srkKey.key, srkKey.key,
alg, alg,
auth, auth,
auth.Length); auth.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CreateSRK", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_StartSession")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_StartSession")]
@ -639,12 +787,17 @@ namespace wolfTPM
byte sesType, byte sesType,
int encDecAlg) int encDecAlg)
{ {
return wolfTPM2_StartSession(device, int rc = wolfTPM2_StartSession(device,
tpmSession.session, tpmSession.session,
tmpKey.key, tmpKey.key,
bind, bind,
sesType, sesType,
encDecAlg); encDecAlg);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_StartSession", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetAuthSession")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_SetAuthSession")]
@ -659,19 +812,29 @@ namespace wolfTPM
/* For sessionAttributes suggest using: /* For sessionAttributes suggest using:
* (byte)(SESSION_mask.decrypt | SESSION_mask.encrypt | SESSION_mask.continueSession) * (byte)(SESSION_mask.decrypt | SESSION_mask.encrypt | SESSION_mask.continueSession)
*/ */
return wolfTPM2_SetAuthSession(device, int rc = wolfTPM2_SetAuthSession(device,
index, index,
tpmSession.session, tpmSession.session,
sessionAttributes); sessionAttributes);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_SetAuthSession", rc);
}
return rc;
} }
public int ClearAuthSession(Session tpmSession, public int ClearAuthSession(Session tpmSession,
int index) int index)
{ {
return wolfTPM2_SetAuthSession(device, int rc = wolfTPM2_SetAuthSession(device,
index, index,
IntPtr.Zero, IntPtr.Zero,
0); 0);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_SetAuthSession clear", rc);
}
return rc;
} }
@ -682,9 +845,14 @@ namespace wolfTPM
public int ReadPublicKey(Key key, public int ReadPublicKey(Key key,
ulong handle) ulong handle)
{ {
return wolfTPM2_ReadPublicKey(device, int rc = wolfTPM2_ReadPublicKey(device,
key.key, key.key,
handle); handle);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_ReadPublicKey", rc);
}
return rc;
} }
@ -701,12 +869,17 @@ namespace wolfTPM
Template publicTemplate, Template publicTemplate,
string auth) string auth)
{ {
return wolfTPM2_CreateKey(device, int rc = wolfTPM2_CreateKey(device,
keyBlob.keyblob, keyBlob.keyblob,
parent.GetHandle(), parent.GetHandle(),
publicTemplate.template, publicTemplate.template,
auth, auth,
auth.Length); auth.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CreateKey", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadKey")]
@ -717,7 +890,13 @@ namespace wolfTPM
public int LoadKey(KeyBlob keyBlob, public int LoadKey(KeyBlob keyBlob,
Key parent) Key parent)
{ {
return wolfTPM2_LoadKey(device, keyBlob.keyblob, parent.GetHandle()); int rc = wolfTPM2_LoadKey(device, keyBlob.keyblob,
parent.GetHandle());
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_LoadKey", rc);
}
return rc;
} }
@ -726,8 +905,13 @@ namespace wolfTPM
IntPtr primaryHandle, IntPtr key, IntPtr persistentHandle); IntPtr primaryHandle, IntPtr key, IntPtr persistentHandle);
public int StoreKey(Key key, IntPtr primaryHandle, IntPtr persistentHandle) public int StoreKey(Key key, IntPtr primaryHandle, IntPtr persistentHandle)
{ {
return wolfTPM2_NVStoreKey(device, primaryHandle, key.GetHandle(), int rc = wolfTPM2_NVStoreKey(device, primaryHandle, key.GetHandle(),
persistentHandle); persistentHandle);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_NVStoreKey", rc);
}
return rc;
} }
@ -753,16 +937,21 @@ namespace wolfTPM
uint scheme, uint scheme,
uint hashAlg) uint hashAlg)
{ {
return wolfTPM2_ImportRsaPrivateKey(device, int rc = wolfTPM2_ImportRsaPrivateKey(device,
parentKey.key, parentKey.key,
keyBlob.keyblob, keyBlob.keyblob,
rsaPub, rsaPub,
rsaPub.Length, rsaPub.Length,
exponent, exponent,
rsaPriv, rsaPriv,
rsaPriv.Length, rsaPriv.Length,
scheme, scheme,
hashAlg); hashAlg);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_ImportRsaPrivateKey", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadRsaPublicKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadRsaPublicKey")]
@ -776,11 +965,16 @@ namespace wolfTPM
byte[] rsaPub, byte[] rsaPub,
int exponent) int exponent)
{ {
return wolfTPM2_LoadRsaPublicKey(device, int rc = wolfTPM2_LoadRsaPublicKey(device,
key.key, key.key,
rsaPub, rsaPub,
rsaPub.Length, rsaPub.Length,
exponent); exponent);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_LoadRsaPublicKey", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadRsaPrivateKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_LoadRsaPrivateKey")]
@ -800,7 +994,7 @@ namespace wolfTPM
int exponent, int exponent,
byte[] rsaPriv) byte[] rsaPriv)
{ {
return wolfTPM2_LoadRsaPrivateKey( int rc = wolfTPM2_LoadRsaPrivateKey(
device, device,
parentKey.key, parentKey.key,
key.key, key.key,
@ -809,6 +1003,11 @@ namespace wolfTPM
exponent, exponent,
rsaPriv, rsaPriv,
rsaPriv.Length); rsaPriv.Length);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_LoadRsaPrivateKey", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CreatePrimaryKey")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CreatePrimaryKey")]
@ -825,13 +1024,57 @@ namespace wolfTPM
Template publicTemplate, Template publicTemplate,
string auth) string auth)
{ {
return wolfTPM2_CreatePrimaryKey( int rc = wolfTPM2_CreatePrimaryKey(
device, device,
key.key, key.key,
(ulong)primaryHandle, (ulong)primaryHandle,
publicTemplate.template, publicTemplate.template,
auth, auth,
!string.IsNullOrEmpty(auth) ? auth.Length : 0); !string.IsNullOrEmpty(auth) ? auth.Length : 0);
if (rc != (int)Status.TPM_RC_SUCCESS) {
throw new WolfTpm2Exception(
"wolfTPM2_CreatePrimaryKey", rc);
}
return rc;
}
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_Generate_ex")]
private static extern int wolfTPM2_CSR_Generate_ex(
IntPtr dev,
IntPtr key,
string subject,
string keyUsage,
int outFormat,
byte[] output,
int outputSz,
int sigType,
int selfSignCert,
int devId);
public int GenerateCSR(
KeyBlob keyBlob,
string subject,
string keyUsage,
X509_Format outputFormat,
byte[] output,
int sigType,
int selfSignCert)
{
int rc = wolfTPM2_CSR_Generate_ex(
device,
keyBlob.keyblob,
subject,
keyUsage,
(int)outputFormat,
output, output.Length,
sigType,
selfSignCert,
Device.INVALID_DEVID);
/* positive return code is length of resulting output */
if (rc < 0) {
throw new WolfTpm2Exception(
"wolfTPM2_CSR_Generate_ex", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_Generate")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_CSR_Generate")]
@ -842,28 +1085,27 @@ namespace wolfTPM
string keyUsage, string keyUsage,
int outFormat, int outFormat,
byte[] output, byte[] output,
int outputSz, int outputSz);
int sigType,
int devId,
int selfSign);
public int GenerateCSR( public int GenerateCSR(
KeyBlob keyBlob, KeyBlob keyBlob,
string subject, string subject,
string keyUsage, string keyUsage,
X509_Format outputFormat, X509_Format outputFormat,
byte[] output, byte[] output)
int sigType)
{ {
return wolfTPM2_CSR_Generate( int rc = wolfTPM2_CSR_Generate(
device, device,
keyBlob.keyblob, keyBlob.keyblob,
subject, subject,
keyUsage, keyUsage,
(int)outputFormat, (int)outputFormat,
output, output.Length, output, output.Length);
sigType, /* positive return code is length of resulting output */
Device.INVALID_DEVID, if (rc < 0) {
0); throw new WolfTpm2Exception(
"wolfTPM2_CSR_Generate", rc);
}
return rc;
} }
[DllImport(DLLNAME, EntryPoint = "wolfTPM2_UnloadHandle")] [DllImport(DLLNAME, EntryPoint = "wolfTPM2_UnloadHandle")]
@ -888,5 +1130,18 @@ namespace wolfTPM
return wolfTPM2_GetHandleValue(handle); return wolfTPM2_GetHandleValue(handle);
} }
[DllImport(DLLNAME, EntryPoint = "TPM2_GetRCString")]
private static extern IntPtr TPM2_GetRCString(int rc);
public string GetErrorString(int rc)
{
IntPtr err = TPM2_GetRCString(rc);
return Marshal.PtrToStringAnsi(err);
}
public string GetErrorString(Status rc)
{
return GetErrorString((int)rc);
}
} }
} }