如何使用 TSS.net 从 TPM 导出 public 密钥?
How to export public key from TPM with TSS.net?
我已经在 TPM 模拟器上获得了从 here 到 运行 的 Signing 样本。
调用后,我似乎对 public 键有某种引用:
TpmPublic keyPublic; //This seems to have what we're looking for
CreationData creationData;
TkCreation creationTicket;
byte[] creationHash;
//
// Ask the TPM to create a new primary RSA signing key.
//
TpmHandle keyHandle = tpm[ownerAuth].CreatePrimary(
TpmRh.Owner, // In the owner-hierarchy
new SensitiveCreate(keyAuth, null), // With this auth-value
keyTemplate, // Describes key
null, // Extra data for creation ticket
new PcrSelection[0], // Non-PCR-bound
out keyPublic, // PubKey and attributes
out creationData, out creationHash, out creationTicket);
关于以前导出 public 键的方法的提示,还有一些注释代码:
// (Note that serialization is not supported on WinRT)
//
// Demonstrate the use of XML persistence by saving keyPublic to
// a file and making a copy by reading it back into a new object
//
// NOTE: 12-JAN-2016: May be removing support for policy
// serialization. We'd like to get feedback on whether
// this is a desirable feature and should be retained.
//
// {
// const string fileName = "sample.xml";
// string xmlVersionOfObject = keyPublic.GetXml();
// keyPublic.XmlSerializeToFile(fileName);
// var copyOfPublic = TpmStructureBase.XmlDeserializeFromFile<TpmPublic>(fileName);
TpmPublic.GetXml() 似乎不再存在,因此可能已根据注释将其删除。
还不完全清楚你需要什么; public 密钥的类型是什么?您想用它做什么?所以这个答案假设您正在尝试获取 RSA public 密钥的指数和模数的原始字节,以便您可以将它们导出到一个密钥,例如, OpenSSL.
您看到的 "XML export" 功能指的是序列化和 de-serializing 一个 TpmPublic 对象,并没有真正让您更接近您的目标:您只会得到原始对象背部。它可能已被删除,因为它运行得不是很好。
假设 keyPublic 是代表 RSA 密钥的 TpmPublic 对象,要获取指数,您将执行以下操作:
var rsaParams = (RsaParms)keyPublic.parameters;
var exponent = rsaParams.exponent != 0
? Globs.HostToNet(rsaParams.exponent)
: RsaParms.DefaultExponent;
并获取模数:
var modulus = (keyPublic.unique as Tpm2bPublicKeyRsa).buffer;
要了解 ECC 密钥的处理方式,请查看 AsymCryptoSystem.CreateFrom():
public static AsymCryptoSystem CreateFrom(TpmPublic pubKey, TpmPrivate privKey = null)
{
var cs = new AsymCryptoSystem();
TpmAlgId keyAlgId = pubKey.type;
cs.PublicParms = pubKey.Copy();
// Create an algorithm provider from the provided PubKey
switch (keyAlgId)
{
case TpmAlgId.Rsa:
{
RawRsa rr = null;
byte[] prime1 = null,
prime2 = null;
if (privKey != null)
{
rr = new RawRsa(pubKey, privKey);
prime1 = RawRsa.ToBigEndian(rr.P);
prime2 = RawRsa.ToBigEndian(rr.Q);
}
var rsaParams = (RsaParms)pubKey.parameters;
var exponent = rsaParams.exponent != 0
? Globs.HostToNet(rsaParams.exponent)
: RsaParms.DefaultExponent;
var modulus = (pubKey.unique as Tpm2bPublicKeyRsa).buffer;
AsymmetricKeyAlgorithmProvider rsaProvider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaOaepSha256);
uint primeLen1 = 0, primeLen2 = 0;
// Compute the size of BCRYPT_RSAKEY_BLOB
int rsaKeySize = exponent.Length + modulus.Length + 24;
if (prime1 != null && prime1.Length > 0)
{
if (prime2 == null || prime2.Length == 0)
{
Globs.Throw<ArgumentException>("LoadRSAKey(): The second prime is missing");
return null;
}
primeLen1 = (uint)prime1.Length;
primeLen2 = (uint)prime2.Length;
rsaKeySize += prime1.Length + prime2.Length;
}
else if (prime2 != null && prime2.Length > 0)
{
Globs.Throw<ArgumentException>("LoadRSAKey(): The first prime is missing");
return null;
}
var rsaKey = new byte[rsaKeySize];
// Initialize BCRYPT_RSAKEY_BLOB
int offset = 0;
WriteToBuffer(ref rsaKey, ref offset, primeLen1 == 0 ?
BCRYPT_RSAPUBLIC_MAGIC : BCRYPT_RSAPRIVATE_MAGIC);
WriteToBuffer(ref rsaKey, ref offset, (uint)modulus.Length * 8);
WriteToBuffer(ref rsaKey, ref offset, (uint)exponent.Length);
WriteToBuffer(ref rsaKey, ref offset, (uint)modulus.Length);
WriteToBuffer(ref rsaKey, ref offset, primeLen1);
WriteToBuffer(ref rsaKey, ref offset, primeLen1);
WriteToBuffer(ref rsaKey, ref offset, exponent);
WriteToBuffer(ref rsaKey, ref offset, modulus);
if (primeLen1 != 0)
{
WriteToBuffer(ref rsaKey, ref offset, prime1);
WriteToBuffer(ref rsaKey, ref offset, prime2);
}
IBuffer rsaBuffer = CryptographicBuffer.CreateFromByteArray(rsaKey);
if (primeLen1 == 0)
{
cs.Key = rsaProvider.ImportPublicKey(rsaBuffer, CryptographicPublicKeyBlobType.BCryptPublicKey);
}
else
{
cs.Key = rsaProvider.ImportKeyPair(rsaBuffer, CryptographicPrivateKeyBlobType.BCryptPrivateKey);
}
break;
}
case TpmAlgId.Ecc:
{
var eccParms = (EccParms)pubKey.parameters;
var eccPub = (EccPoint)pubKey.unique;
var algId = RawEccKey.GetEccAlg(pubKey);
if (algId == null)
{
return null;
}
bool isEcdsa = eccParms.scheme.GetUnionSelector() == TpmAlgId.Ecdsa;
byte[] keyBlob = RawEccKey.GetKeyBlob(eccPub.x, eccPub.y, keyAlgId,
!isEcdsa, eccParms.curveID);
AsymmetricKeyAlgorithmProvider eccProvider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(algId);
cs.Key = eccProvider.ImportKeyPair(CryptographicBuffer.CreateFromByteArray(keyBlob));
break;
}
default:
Globs.Throw<ArgumentException>("Algorithm not supported");
cs = null;
break;
}
return cs;
}
我已经在 TPM 模拟器上获得了从 here 到 运行 的 Signing 样本。
调用后,我似乎对 public 键有某种引用:
TpmPublic keyPublic; //This seems to have what we're looking for
CreationData creationData;
TkCreation creationTicket;
byte[] creationHash;
//
// Ask the TPM to create a new primary RSA signing key.
//
TpmHandle keyHandle = tpm[ownerAuth].CreatePrimary(
TpmRh.Owner, // In the owner-hierarchy
new SensitiveCreate(keyAuth, null), // With this auth-value
keyTemplate, // Describes key
null, // Extra data for creation ticket
new PcrSelection[0], // Non-PCR-bound
out keyPublic, // PubKey and attributes
out creationData, out creationHash, out creationTicket);
关于以前导出 public 键的方法的提示,还有一些注释代码:
// (Note that serialization is not supported on WinRT)
//
// Demonstrate the use of XML persistence by saving keyPublic to
// a file and making a copy by reading it back into a new object
//
// NOTE: 12-JAN-2016: May be removing support for policy
// serialization. We'd like to get feedback on whether
// this is a desirable feature and should be retained.
//
// {
// const string fileName = "sample.xml";
// string xmlVersionOfObject = keyPublic.GetXml();
// keyPublic.XmlSerializeToFile(fileName);
// var copyOfPublic = TpmStructureBase.XmlDeserializeFromFile<TpmPublic>(fileName);
TpmPublic.GetXml() 似乎不再存在,因此可能已根据注释将其删除。
还不完全清楚你需要什么; public 密钥的类型是什么?您想用它做什么?所以这个答案假设您正在尝试获取 RSA public 密钥的指数和模数的原始字节,以便您可以将它们导出到一个密钥,例如, OpenSSL.
您看到的 "XML export" 功能指的是序列化和 de-serializing 一个 TpmPublic 对象,并没有真正让您更接近您的目标:您只会得到原始对象背部。它可能已被删除,因为它运行得不是很好。
假设 keyPublic 是代表 RSA 密钥的 TpmPublic 对象,要获取指数,您将执行以下操作:
var rsaParams = (RsaParms)keyPublic.parameters;
var exponent = rsaParams.exponent != 0
? Globs.HostToNet(rsaParams.exponent)
: RsaParms.DefaultExponent;
并获取模数:
var modulus = (keyPublic.unique as Tpm2bPublicKeyRsa).buffer;
要了解 ECC 密钥的处理方式,请查看 AsymCryptoSystem.CreateFrom():
public static AsymCryptoSystem CreateFrom(TpmPublic pubKey, TpmPrivate privKey = null)
{
var cs = new AsymCryptoSystem();
TpmAlgId keyAlgId = pubKey.type;
cs.PublicParms = pubKey.Copy();
// Create an algorithm provider from the provided PubKey
switch (keyAlgId)
{
case TpmAlgId.Rsa:
{
RawRsa rr = null;
byte[] prime1 = null,
prime2 = null;
if (privKey != null)
{
rr = new RawRsa(pubKey, privKey);
prime1 = RawRsa.ToBigEndian(rr.P);
prime2 = RawRsa.ToBigEndian(rr.Q);
}
var rsaParams = (RsaParms)pubKey.parameters;
var exponent = rsaParams.exponent != 0
? Globs.HostToNet(rsaParams.exponent)
: RsaParms.DefaultExponent;
var modulus = (pubKey.unique as Tpm2bPublicKeyRsa).buffer;
AsymmetricKeyAlgorithmProvider rsaProvider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(AsymmetricAlgorithmNames.RsaOaepSha256);
uint primeLen1 = 0, primeLen2 = 0;
// Compute the size of BCRYPT_RSAKEY_BLOB
int rsaKeySize = exponent.Length + modulus.Length + 24;
if (prime1 != null && prime1.Length > 0)
{
if (prime2 == null || prime2.Length == 0)
{
Globs.Throw<ArgumentException>("LoadRSAKey(): The second prime is missing");
return null;
}
primeLen1 = (uint)prime1.Length;
primeLen2 = (uint)prime2.Length;
rsaKeySize += prime1.Length + prime2.Length;
}
else if (prime2 != null && prime2.Length > 0)
{
Globs.Throw<ArgumentException>("LoadRSAKey(): The first prime is missing");
return null;
}
var rsaKey = new byte[rsaKeySize];
// Initialize BCRYPT_RSAKEY_BLOB
int offset = 0;
WriteToBuffer(ref rsaKey, ref offset, primeLen1 == 0 ?
BCRYPT_RSAPUBLIC_MAGIC : BCRYPT_RSAPRIVATE_MAGIC);
WriteToBuffer(ref rsaKey, ref offset, (uint)modulus.Length * 8);
WriteToBuffer(ref rsaKey, ref offset, (uint)exponent.Length);
WriteToBuffer(ref rsaKey, ref offset, (uint)modulus.Length);
WriteToBuffer(ref rsaKey, ref offset, primeLen1);
WriteToBuffer(ref rsaKey, ref offset, primeLen1);
WriteToBuffer(ref rsaKey, ref offset, exponent);
WriteToBuffer(ref rsaKey, ref offset, modulus);
if (primeLen1 != 0)
{
WriteToBuffer(ref rsaKey, ref offset, prime1);
WriteToBuffer(ref rsaKey, ref offset, prime2);
}
IBuffer rsaBuffer = CryptographicBuffer.CreateFromByteArray(rsaKey);
if (primeLen1 == 0)
{
cs.Key = rsaProvider.ImportPublicKey(rsaBuffer, CryptographicPublicKeyBlobType.BCryptPublicKey);
}
else
{
cs.Key = rsaProvider.ImportKeyPair(rsaBuffer, CryptographicPrivateKeyBlobType.BCryptPrivateKey);
}
break;
}
case TpmAlgId.Ecc:
{
var eccParms = (EccParms)pubKey.parameters;
var eccPub = (EccPoint)pubKey.unique;
var algId = RawEccKey.GetEccAlg(pubKey);
if (algId == null)
{
return null;
}
bool isEcdsa = eccParms.scheme.GetUnionSelector() == TpmAlgId.Ecdsa;
byte[] keyBlob = RawEccKey.GetKeyBlob(eccPub.x, eccPub.y, keyAlgId,
!isEcdsa, eccParms.curveID);
AsymmetricKeyAlgorithmProvider eccProvider = AsymmetricKeyAlgorithmProvider.OpenAlgorithm(algId);
cs.Key = eccProvider.ImportKeyPair(CryptographicBuffer.CreateFromByteArray(keyBlob));
break;
}
default:
Globs.Throw<ArgumentException>("Algorithm not supported");
cs = null;
break;
}
return cs;
}