tis-audit-tpm-endorsementkeyinfo icon

Audit TpmEndorsementKeyInfo

Silent install package for Audit TpmEndorsementKeyInfo

2-0
System and network
System and network
Luti Build VirusTotal

  • package: tis-audit-tpm-endorsementkeyinfo
  • name: Audit TpmEndorsementKeyInfo
  • version: 2-0
  • categories: System and network
  • maintainer: WAPT Team,Tranquil IT,Simon Fonteneau
  • licence: wapt_public
  • target_os: windows
  • architecture: all
  • signature_date:
  • size: 8.27 Ko

package           : tis-audit-tpm-endorsementkeyinfo
version           : 2-0
architecture      : all
section           : base
priority          : optional
name              : Audit TpmEndorsementKeyInfo
categories        : System and network
maintainer        : WAPT Team,Tranquil IT,Simon Fonteneau
description       : Audit TpmEndorsementKeyInfo
depends           : 
conflicts         : 
maturity          : PROD
locale            : 
target_os         : windows
min_wapt_version  : 2.3
sources           : 
installed_size    : 
impacted_process  : 
description_fr    : 
description_pl    : 
description_de    : 
description_es    : 
description_pt    : 
description_it    : 
description_nl    : 
description_ru    : 
audit_schedule    : 7d
editor            : 
keywords          : inventory
licence           : wapt_public
homepage          : 
package_uuid      : b5f1ae3f-8a22-497e-abc1-23353992f6f5
valid_from        : 
valid_until       : 
forced_install_on : 
changelog         : 
min_os_version    : 10
max_os_version    : 
icon_sha256sum    : 7f00fc99ce8f9f34ed57f77501e4e635afaef7809c99755f6f108cdf53c5f955
signer            : Tranquil IT
signer_fingerprint: 8c5127a75392be9cc9afd0dbae1222a673072c308c14d88ab246e23832e8c6bb
signature_date    : 2026-04-27T18:00:26.000000
signed_attributes : package,version,architecture,section,priority,name,categories,maintainer,description,depends,conflicts,maturity,locale,target_os,min_wapt_version,sources,installed_size,impacted_process,description_fr,description_pl,description_de,description_es,description_pt,description_it,description_nl,description_ru,audit_schedule,editor,keywords,licence,homepage,package_uuid,valid_from,valid_until,forced_install_on,changelog,min_os_version,max_os_version,icon_sha256sum,signer,signer_fingerprint,signature_date,signed_attributes
signature         : K6pnH3Eb7udmDV5pZAx0JBRl+QOZSMm/vnC5qwu/gaFIiKw4AWxH4dG70gH6+OSLMWGEHRW9acLhQ72SopA8sFkwjfXL9I0+3ubq5PlqlClOCyLGYWWWbDpp/BW2Wr9YNS3wDhBGLgwSPdtYJfTIH2t4MnA4RDdZqCEEh6yBxGhQIdPgj4+/MHo3ZawuQUbISOdgjGc7/qQ4/H5puaYfra2GHa8cWjQuzOyGNmHnF9kzOcZMYSr7vLt9xmavLGIOzEffQ80pt504rVrVG+VHunze5vuQ7+hjfK+hLJEEYK9mxdpVtkBAWIz61Mp07oTCWuXthA/Sy6Z/o/ZzfguRRA==

# -*- coding: utf-8 -*-
from setuphelpers import *
import ctypes
from ctypes import wintypes
import hashlib, base64, ssl, struct

ncrypt = ctypes.WinDLL("ncrypt.dll")

def get_property(handle, prop):
    size = wintypes.DWORD(0)
    ncrypt.NCryptGetProperty(handle, prop, None, 0, ctypes.byref(size), 0)
    buf = (ctypes.c_ubyte * size.value)()
    ncrypt.NCryptGetProperty(handle, prop, buf, size.value, ctypes.byref(size), 0)
    return bytes(buf[:size.value])

def blob_to_der(blob):
    magic, _, cb_e, cb_n, p1, p2 = struct.unpack("<6I", blob[:24])
    assert magic == 0x31415352 and p1 == p2 == 0, "Blob invalide"
    e = int.from_bytes(blob[24:24+cb_e], "big")
    n = int.from_bytes(blob[24+cb_e:24+cb_e+cb_n], "big")
    from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers
    from cryptography.hazmat.primitives.serialization import Encoding, PublicFormat
    return RSAPublicNumbers(e, n).public_key().public_bytes(Encoding.DER, PublicFormat.PKCS1)

def get_tpm_ek():
    prov = wintypes.HANDLE()
    ncrypt.NCryptOpenStorageProvider(ctypes.byref(prov), "Microsoft Platform Crypto Provider", 0)

    try:
        blob = get_property(prov, "PCP_EKPUB")
        der  = blob_to_der(blob)
        result = {
            "present":   True,
            "sha256":    hashlib.sha256(der).hexdigest(),
        }

    except OSError as e:
        result = {"present": False, "error": str(e)}
    finally:
        ncrypt.NCryptFreeObject(prov)

    return result


def install():
    pass

def audit():
    WAPT.write_audit_data_if_changed("audit-tpm-endorsementkeyinfo", "audit-tpm-endorsementkeyinfo", get_tpm_ek())
    return "OK"


38d056ab130f7bf7c481c12636a4e9959de36561d3dfcbe54c6e3571bc0c1dc3 : WAPT/certificate.crt
c2d17bfa86b0b22e5b137eca2f9ad89d8f1b4942e0b1753cad1b40349aa96249 : WAPT/control
7f00fc99ce8f9f34ed57f77501e4e635afaef7809c99755f6f108cdf53c5f955 : WAPT/icon.png
60d79f3af544f17b5de3ab79c9a4868a818ffc1a11bdcaf492b4c5196657886d : luti.json
9b40eac89c5febfd1fbe7c4df39aeed126812d9042adaa267e4aea66d19b48e1 : setup.py