CODEWITHSUNDEEP
c#encryptionbitlocker
Rafael Carvalho
Rafael Carvalho

Reputation: 85

ProtectKeyWithTPM method of the Win32_EncryptableVolume class causes exception

I want to try encrypt a logical disk volume containing the OS's installation using the encrypt method of the Win32_EncryptableVolume class. Before I use this method, I have to create a key to protect this volume and for this I have several options, but if I want to encrypt the logical disk volume containing the OS's installation I have to use the ProtectKeyWithTPM method.

The problem happens when I try to call ProtectKeyWithTPM method, it returns to me the following stack trace:

System.Runtime.InteropServices.COMException (0x800706BE)
    em System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32 errorCode, IntPtr errorInfo)
    em System.Management.ManagementObject.InvokeMethod(String methodName, ManagementBaseObject inParameters, InvokeMethodOptions options)
    em ListDrivers.BitLocker.callMethod(String method, ManagementObject privateLateBoundObject, ManagementBaseObject inParams) na C:\Users\admin\documents\visual studio 2015\Projects\BitlockerTeste\BitlockerTeste\BitLocker.cs:linha 221
    em ListDrivers.BitLocker.defineTPM(String id, ArrayList drivers) na C:\Users\admin\documents\visual studio 2015\Projects\BitlockerTeste\BitlockerTeste\BitLocker.cs:linha 149
    em ListDrivers.Program.<TPMProtection>d__8.MoveNext() na C:\Users\admin\documents\visual studio 2015\Projects\BitlockerTeste\BitlockerTeste\Program.cs:linha 275
--- Fim do rastreamento de pilha do local anterior onde a exceção foi gerada ---
    em System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
    em System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
    em System.Runtime.CompilerServices.TaskAwaiter`1.GetResult()
    em ListDrivers.Program.<encryptMenu>d__7.MoveNext() na C:\Users\admin\documents\visual studio 2015\Projects\BitlockerTeste\BitlockerTeste\Program.cs:linha 241

This error only happens on this method, all other Win32_EncryptableVolume methods works normally, I've searched in many sites a solution for this, but I didn't find nothing to help.

My question is, why this happens when I try to protect the volume with TPM. Why all other protection methods that don't use TPM works normally.

Edit:

defineTPM method:

public static UInt32 defineTPM(string id, ArrayList drivers)
{
   String deviceId = findByDriverLetter(id, drivers);
   if (deviceId != null)
   {
       ManagementObject privateLateBoundObject = returnManagementObjectForDevice(deviceId);
       ManagementBaseObject inParams = null;
       return callMethod("ProtectKeyWithTPMandStartupKey", privateLateBoundObject, inParams);
   }
   return Convert.ToUInt32(2147942487);
}

callMethod method:

private static UInt32 callMethod(String method, ManagementObject privateLateBoundObject, ManagementBaseObject inParams)
{
    ManagementBaseObject outParams = privateLateBoundObject.InvokeMethod(method, inParams, null);
    return Convert.ToUInt32(outParams.Properties["ReturnValue"].Value);
}

Upvotes: 0

Views: 734

Answers (1)

Lu&#237;s Rigoni
Lu&#237;s Rigoni

Reputation: 374

As sugested in comments of you question, you MUST explicitly declare the inParams, even if you are not passing any value. 

ManagementBaseObject inParams;
inParams = PrivateLateBoundObject.GetMethodParameters("ProtectKeyWithTPM");

For a complete mapping of Win32_EncryptableVolume class take a look at https://github.com/Internet2/incert/blob/baf2ab60299df1dcd93192da7600342dda2497ad/Windows/Engine/NativeCode/Wmi/EncryptableVolume.cs

Upvotes: 1

Related Questions