c# - 如何读取和存储数据到TPM芯片

Question

我正在检查 TPM(可信平台模块)并尝试执行一些任务。 我如何将数据存储到 TPM(可信平台模块)芯片以及如何读取该数据。 谁能帮我解决这个问题吗？

Answer 1

这是使用 NV 存储命令完成的。使用 TSS.MSR，from their samples :

static void NVReadWrite(Tpm2 tpm)
{
    //
    // AuthValue encapsulates an authorization value: essentially a byte-array.
    // OwnerAuth is the owner authorization value of the TPM-under-test.  We
    // assume that it (and other) auths are set to the default (null) value.
    // If running on a real TPM, which has been provisioned by Windows, this
    // value will be different. An administrator can retrieve the owner
    // authorization value from the registry.
    //
    var ownerAuth = new AuthValue();
    TpmHandle nvHandle = TpmHandle.NV(3001);

    //
    // Clean up any slot that was left over from an earlier run
    // 
    tpm._AllowErrors()
       .NvUndefineSpace(TpmRh.Owner, nvHandle);
    //
    // Scenario 1 - write and read a 32-byte NV-slot
    // 
    AuthValue nvAuth = AuthValue.FromRandom(8);
    tpm.NvDefineSpace(TpmRh.Owner, nvAuth,
                      new NvPublic(nvHandle, TpmAlgId.Sha1,
                                   NvAttr.Authread | NvAttr.Authwrite,
                                   null, 32));

    //
    // Write some data
    // 
    var nvData = new byte[] { 0, 1, 2, 3, 4, 5, 6, 7 };
    tpm.NvWrite(nvHandle, nvHandle, nvData, 0);
    //
    // And read it back
    // 
    byte[] nvRead = tpm.NvRead(nvHandle, nvHandle, (ushort)nvData.Length, 0);

    //
    // Is it correct?
    // 
    bool correct = nvData.SequenceEqual(nvRead);
    if (!correct)
    {
        throw new Exception("NV data was incorrect.");
    }

    Console.WriteLine("NV data written and read.");

    //
    // And clean up
    // 
    tpm.NvUndefineSpace(TpmRh.Owner, nvHandle);
}