Shu Zhang <zhangshushu15 <at> gmail.com> writes:
> Is there any *working* sample code for binding and unbinding data in
> TPM? I've looked for a while but haven't got any luck so far.
In addition the documentation referenced by Olga, you'll need the following.
// create a TPM Bind Key using the PKCS#1 OAEP SHA-1 encryption scheme
Tspi_SetAttribUint32(hBind_Key, TSS_TSPATTRIB_KEY_INFO,
TSS_TSPATTRIB_KEYINFO_ENCSCHEME, TSS_ES_RSAESOAEP_SHA1_MGF1);
// extract the modulus and exponent to create the RSA PEM public key
// using PEM_write_bio_RSA_PUBKEY() from OpenSSL
Tspi_GetAttribData(hBind_Key, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_MODULUS, &m_size, &m);
Tspi_GetAttribData(hBind_Key, TSS_TSPATTRIB_RSAKEY_INFO,
TSS_TSPATTRIB_KEYINFO_RSA_EXPONENT, &e_size, &e);
// when encrypting with the public key using OpenSSL, add the
// TPM_BOUND_DATA header and TPM padding
unsigned char *input_wrapped = malloc(input_wrapped_length);
TPM_BOUND_DATA tpm_bound_data_header = {
{0x01, 0x01, 0x00, 0x00},
TPM_PT_BIND,
0
};
memcpy(input_wrapped, &tpm_bound_data_header, sizeof(TPM_BOUND_DATA));
memcpy(input_wrapped + 5, input, input_length);
unsigned char input_wrapped_padded[256] = {'\0'};
const unsigned char oaep_pad[] = "TCPA";
int rsa_status = RSA_padding_add_PKCS1_OAEP(
input_wrapped_padded, RSA_size(rsa),
input_wrapped, input_wrapped_length,
oaep_pad, strlen((const char *)oaep_pad));
// TODO seed random number generator
RSA_public_encrypt(RSA_size(rsa), input_wrapped_padded, output,
rsa, RSA_NO_PADDING);
Good luck!
------------------------------------------------------------------------------
_______________________________________________
TrouSerS-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-users
