C# Class Tpm2Lib.PolicyTree

A PolicyTree contains machinery for creating, executing and persisting TPM policy expression.
Afficher le fichier Open project: Microsoft/TSS.MSR Class Usage Examples

Méthodes publiques

Méthode Description
Create ( PolicyAce singlePolicyChain ) : void

Create a simple policy chain (no ORs).
CreateNormalizedPolicy ( PolicyAce policy ) : void

A "normalized" policy is one transformed into disjunctive normal form in which a collection of policy "AND chains" is combined with PolicyOR before submission to the TPM. Callers must provide an-array-of-arrays of TpmPolicyACEs. The arrays may NOT contain PolicyOr (these will be added automatically), but each array MUST be terminated with a unique string identifier encoded in a TpmPolicyChainId.
Deserialize ( PolicySerializationFormat format, Stream sourceStream ) : void

Load a policy from a stream (MemoryStream, FileStream) in the specified format
DeserializeFromFile ( PolicySerializationFormat fmt, string fileName ) : void
DeserializeFromString ( PolicySerializationFormat fmt, string stream ) : void
GetDataStructureToSign ( int expirationTime, byte nonceTpm, byte cpHash, byte policyRef ) : byte[]

This is a formatting helper to help callbacks create a properly formed hash to sign.
GetPolicyDigest ( ) : TpmHash
GetPolicyRoot ( ) : PolicyAce
InsertPolicyRoot ( PolicyAce newRoot ) : PolicyTree
PolicyTree ( TpmAlgId hashAlgorithm ) : System
ResetPolicyDigest ( ) : void
Serialize ( string policyIdentifier, PolicySerializationFormat format, Stream targetStream ) : void

Create a serialization of the current policy object in a stream (e.g. MemoryStream or FileStream)
SerializeToFile ( string policyIdentifier, PolicySerializationFormat fmt, string fileName ) : void
SerializeToString ( string policyIdentifier, PolicySerializationFormat fmt ) : string
Set ( PolicyAce leaf ) : void

Sets the current policy tree to a policy branch represented by its leaf ACE. A policy branch can be constructed by means of the following expressions: new TpmAce1().And(new TpmAce2()).And(new TpmAce3()); or new TpmAce1().AddNextAce(new TpmAce2()).AddNextAce(new TpmAce3());
SetNvCallback ( PolicyNVDelegate policyNvCallback ) : void
SetPolicyActionCallback ( PolicyActionDelegate policyActionCallback ) : void
SetPolicyRoot ( PolicyAce root ) : PolicyAce
SetPolicySecretCallback ( PolicySecretDelegate policySecretCallback ) : void
SetSignerCallback ( SignDelegate signer ) : void

Private Methods

Méthode Description
CheckPolicy ( string branchIdToFind, PolicyAce &matchingAce ) : void

Check to see if all branches have an ID and that the IDs are unique.
CheckPolicyIdInternal ( PolicyAce ace, string branchIdToFind, PolicyAce &matchingAce, string nodeIdToFind = "" ) : void
ExecutePolicyActionCallback ( TpmPolicyAction ace ) : void
ExecutePolicyNvCallback ( TpmPolicyNV ace, TpmHandle &authHandle, TpmHandle &nvHandle, SessionBase &authSession ) : void

Called from TpmPolicyNV.
ExecutePolicySecretCallback ( TpmPolicySecret ace, SessionBase &authorizingSession, TpmHandle &authorizedEntityHandle, bool &flushAuthEntity ) : void

Called from TpmPolicySecret.
ExecuteSignerCallback ( TpmPolicySigned ace, byte nonceTpm, TpmPublic &verificationKey ) : ISignatureUnion

This is called from TpmPolicySigned when an external caller must sign the session data.

Method Details

Create() public méthode

Create a simple policy chain (no ORs).
public Create ( PolicyAce singlePolicyChain ) : void
singlePolicyChain PolicyAce
Résultat void

CreateNormalizedPolicy() public méthode

A "normalized" policy is one transformed into disjunctive normal form in which a collection of policy "AND chains" is combined with PolicyOR before submission to the TPM. Callers must provide an-array-of-arrays of TpmPolicyACEs. The arrays may NOT contain PolicyOr (these will be added automatically), but each array MUST be terminated with a unique string identifier encoded in a TpmPolicyChainId.
public CreateNormalizedPolicy ( PolicyAce policy ) : void
policy PolicyAce
Résultat void

Deserialize() public méthode

Load a policy from a stream (MemoryStream, FileStream) in the specified format
public Deserialize ( PolicySerializationFormat format, Stream sourceStream ) : void
format PolicySerializationFormat
sourceStream Stream
Résultat void

DeserializeFromFile() public méthode

public DeserializeFromFile ( PolicySerializationFormat fmt, string fileName ) : void
fmt PolicySerializationFormat
fileName string
Résultat void

DeserializeFromString() public méthode

public DeserializeFromString ( PolicySerializationFormat fmt, string stream ) : void
fmt PolicySerializationFormat
stream string
Résultat void

GetDataStructureToSign() public static méthode

This is a formatting helper to help callbacks create a properly formed hash to sign.
public static GetDataStructureToSign ( int expirationTime, byte nonceTpm, byte cpHash, byte policyRef ) : byte[]
expirationTime int
nonceTpm byte
cpHash byte
policyRef byte
Résultat byte[]

GetPolicyDigest() public méthode

public GetPolicyDigest ( ) : TpmHash
Résultat TpmHash

GetPolicyRoot() public méthode

public GetPolicyRoot ( ) : PolicyAce
Résultat PolicyAce

InsertPolicyRoot() public méthode

public InsertPolicyRoot ( PolicyAce newRoot ) : PolicyTree
newRoot PolicyAce
Résultat PolicyTree

PolicyTree() public méthode

public PolicyTree ( TpmAlgId hashAlgorithm ) : System
hashAlgorithm TpmAlgId
Résultat System

ResetPolicyDigest() public méthode

public ResetPolicyDigest ( ) : void
Résultat void

Serialize() public méthode

Create a serialization of the current policy object in a stream (e.g. MemoryStream or FileStream)
public Serialize ( string policyIdentifier, PolicySerializationFormat format, Stream targetStream ) : void
policyIdentifier string
format PolicySerializationFormat
targetStream Stream
Résultat void

SerializeToFile() public méthode

public SerializeToFile ( string policyIdentifier, PolicySerializationFormat fmt, string fileName ) : void
policyIdentifier string
fmt PolicySerializationFormat
fileName string
Résultat void

SerializeToString() public méthode

public SerializeToString ( string policyIdentifier, PolicySerializationFormat fmt ) : string
policyIdentifier string
fmt PolicySerializationFormat
Résultat string

Set() public méthode

Sets the current policy tree to a policy branch represented by its leaf ACE. A policy branch can be constructed by means of the following expressions: new TpmAce1().And(new TpmAce2()).And(new TpmAce3()); or new TpmAce1().AddNextAce(new TpmAce2()).AddNextAce(new TpmAce3());
public Set ( PolicyAce leaf ) : void
leaf PolicyAce
Résultat void

SetNvCallback() public méthode

public SetNvCallback ( PolicyNVDelegate policyNvCallback ) : void
policyNvCallback PolicyNVDelegate
Résultat void

SetPolicyActionCallback() public méthode

public SetPolicyActionCallback ( PolicyActionDelegate policyActionCallback ) : void
policyActionCallback PolicyActionDelegate
Résultat void

SetPolicyRoot() public méthode

public SetPolicyRoot ( PolicyAce root ) : PolicyAce
root PolicyAce
Résultat PolicyAce

SetPolicySecretCallback() public méthode

public SetPolicySecretCallback ( PolicySecretDelegate policySecretCallback ) : void
policySecretCallback PolicySecretDelegate
Résultat void

SetSignerCallback() public méthode

public SetSignerCallback ( SignDelegate signer ) : void
signer SignDelegate
Résultat void