public bool VerifyQuote(
TpmAlgId pcrDigestAlg,
PcrSelection[] expectedSelectedPcr,
Tpm2bDigest[] expectedPcrValues,
byte[] nonce,
Attest quotedInfo,
ISignatureUnion signature,
byte[] qualifiedNameOfSigner = null)
{
if (!(quotedInfo.attested is QuoteInfo))
{
return false;
}
if (quotedInfo.magic != Generated.Value)
{
return false;
}
if (!quotedInfo.extraData.IsEqual(nonce))
{
return false;
}
// Check environment of signer (name) is expected
if (qualifiedNameOfSigner != null)
{
if (!quotedInfo.qualifiedSigner.IsEqual(qualifiedNameOfSigner))
{
return false;
}
}
// Now check the quote-specific fields
var quoted = (QuoteInfo)quotedInfo.attested;
// Check values pcr indices are what we expect
if (!Globs.ArraysAreEqual(quoted.pcrSelect, expectedSelectedPcr))
{
return false;
}
// Check that values in the indices above are what we expect
// ReSharper disable once UnusedVariable
var expected = new PcrValueCollection(expectedSelectedPcr, expectedPcrValues);
var m = new Marshaller();
foreach (Tpm2bDigest d in expectedPcrValues)
{
m.Put(d.buffer, "");
}
TpmHash expectedPcrHash = TpmHash.FromData(pcrDigestAlg, m.GetBytes());
if (!Globs.ArraysAreEqual(expectedPcrHash, quoted.pcrDigest))
{
return false;
}
// And finally check the signature
bool sigOk = VerifySignatureOverData(quotedInfo.GetTpmRepresentation(), signature);
return sigOk;
}