Home | History | Annotate | Download | only in tpm2

Lines Matching full:session

63 //     This function initializes the session subsystem on TPM2_Startup().
71 // Initialize session slots. At startup, all the in-memory session slots
74 s_sessions[i].occupied = FALSE; // session slot is not occupied
75 // The free session slots the number of maximum allowed loaded sessions
78 // scan the saved array of session context counts, and clear any entry that
79 // references a session that was in memory during the state save since that
87 // If the array value is unused or references a loaded session then
88 // that loaded session context is lost and the array entry is
93 // Find the oldest session in context ID data and set it in
105 // Initialize oldest saved session
116 // This function test a session handle references a loaded session. The handle must have previously been
117 // checked to make sure that it is a valid handle for an authorization session.
119 // NOTE: A PWAP authorization does not have a session.
124 // TRUE if session is loaded
129 TPM_HANDLE handle // IN: session handle
135 // if out of range of possible active session, or not assigned to a loaded
136 // session return false
148 // This function test a session handle references a saved session. The handle must have previously been
149 // checked to make sure that it is a valid handle for an authorization session.
151 // NOTE: An password authorization does not have a session.
153 // This function requires that the handle be a valid session handle.
158 // TRUE if session is saved
163 TPM_HANDLE handle // IN: session handle
169 // if out of range of possible active session, or not assigned, or
170 // assigned to a loaded session, return false
183 // a policy session.
184 // This function requires the session is loaded.
193 TPMI_SH_POLICY handle // IN: session handle
196 SESSION *session;
198 session = SessionGet(handle);
199 if( session->pcrCounter != 0
200 && session->pcrCounter != gr.pcrCounter
210 // This function returns a pointer to the session object associated with a session handle.
211 // The function requires that the session is loaded.
213 SESSION *
215 TPM_HANDLE handle // IN: session handle
223 // get the contents of the session array. Because session is loaded, we
227 return &s_sessions[sessionIndex].session;
235 // This function is called when a session is created. It will check to see if the current gap would prevent a
238 // This routine requires that the caller has determined the session array index for the session.
243 // TPM_RC_CONTEXT_GAP can't assign a new contextID until the oldest saved session context is
246 // session context
253 // session created
254 UINT32 sessionIndex // IN: The session context array entry that will
255 // be occupied by the created session
260 // Is this going to be an assignment for the last session context
280 // indicate that the session associated with this handle
281 // references a loaded session
292 // This function does the detailed work for starting an authorization session. This is done in a support
293 // routine rather than in the action code because the session management may differ in implementations.
300 // TPM_RC_SESSION_HANDLE active session space is full
301 // TPM_RC_SESSION_MEMORY loaded session space is full
305 TPM_SE sessionType, // IN: the session type
311 TPM_HANDLE *sessionHandle // OUT: the session handle
316 SESSION *session = NULL;
320 // If there are no open spots in the session array, then no point in searching
323 // Find a space for loading a session
329 session = &s_sessions[slotIndex].session;
341 // Can now indicate that the session array entry is occupied.
344 // Initialize the session data
345 MemorySet(session, 0, sizeof(SESSION));
346 // Initialize internal session data
347 session->authHashAlg = authHash;
348 // Initialize session type
357 session->attributes.isPolicy = SET;
359 session->attributes.isTrialPolicy = SET;
360 // Initialize policy session data
361 SessionInitPolicyData(session);
363 // Create initial session nonce
364 session->nonceTPM.t.size = nonceCaller->t.size;
365 CryptGenerateRandom(session->nonceTPM.t.size, session->nonceTPM.t.buffer);
366 // Set up session parameter encryption algorithm
367 session->symmetric = *symmetric;
368 // If there is a bind object or a session secret, then need to compute
379 // session crated by this command
381 // associated with HMAC session
383 hashSize = CryptGetHashDigestSize(session->authHashAlg);
390 session->sessionKey.t.size = hashSize;
391 // Compute the session key
392 KDFa(session->authHashAlg, &key.b, "ATH", &session->nonceTPM.b,
393 &nonceCaller->b, hashSize * 8, session->sessionKey.t.buffer, NULL);
395 // Copy the name of the entity that the HMAC session is bound to
396 // Policy session is not bound to an entity
399 session->attributes.isBound = SET;
400 SessionComputeBoundEntity(bind, &session->u1.boundEntity);
402 // If there is a bind object and it is subject to DA, then use of this session
404 session->attributes.isDaBound = (bind != TPM_RH_NULL)
406 // If the session is bound, then check to see if it is bound to lockoutAuth
407 session->attributes.isLockoutBound = (session
415 // This function is called when a session context is to be saved. The contextID of the saved session is
417 // function completes normally, the session slot will be freed.
418 // This function requires that handle references a loaded session. Otherwise, it should not be called at the
428 TPM_HANDLE handle, // IN: session handle
436 // Need to have a saved session
438 // if the oldest saved session has the same value as the low bits
447 // Extract the session slot number referenced by the contextArray
464 // the values used to indicate that a session is loaded
470 // Mark the session slot as unoccupied
480 // This function is used to load a session from saved context. The session handle must be for a saved
482 // If the gap is at a maximum, then the only session that can be loaded is the oldest session, otherwise
484 // This function requires that handle references a valid saved session.
490 // TPM_RC_SESSION_MEMORY no free session slots
495 SESSION *session, // IN: session structure from saved context
496 TPM_HANDLE *handle // IN/OUT: session handle
506 // Find a free session slot to load the session
512 // If there is only one slot left, and the gap is at maximum, the only session
521 // set the contextArray value to point to the session slot where
527 // Copy session data to session slot
528 s_sessions[slotIndex].session = *session;
529 // Set session slot as occupied
540 // This function is used to flush a session referenced by its handle. If the session associated with handle is
541 // loaded, the session array entry is marked as available.
542 // This function requires that handle be a valid active session.
546 TPM_HANDLE handle // IN: loaded or saved session handle
556 // Flush context ID of this session
564 // Is this a saved session being flushed
567 // Flushing the oldest session?
574 // Adjust slot index to point to session array index
576 // Free session array index
586 // This function computes the binding value for a session. The binding value for a reserved handle is the
636 // This function initializes the portions of the session policy data that are not set by the allocation of a
637 // session.
641 SESSION *session // IN: session handle
645 session->startTime = go.clock;
647 // session algorithm digest size. Since the policy already contains all zeros
649 session->u2.policyDigest.t.size = CryptGetHashDigestSize(session->authHashAlg);
656 // This function is used to reset the policy data without changing the nonce or the start time of the session.
660 SESSION *session // IN: the session to reset
663 session->commandCode = 0; // No command
665 MemorySet(&session->commandLocality, 0, sizeof(session->commandLocality));
667 session->u1.cpHash.b.size = 0;
669 session->timeOut = 0;
671 session->pcrCounter = 0;
673 MemorySet(&session->u2.policyDigest.t.buffer, 0,
674 session->u2.policyDigest.t.size);
675 // Reset the session attributes
676 MemorySet(&session->attributes, 0, sizeof(SESSION_ATTRIBUTES));
678 session->attributes.isPolicy = SET;
684 // This function returns a list of handles of loaded session, started from input handle
685 // Handle must be in valid loaded session handle range, but does not have to point to a loaded session.
706 // Iterate session context ID slots to get loaded session handles
709 // If session is active
712 // If session is loaded
717 SESSION *session;
719 // session handle to it
720 // assume that this is going to be an HMAC session
722 session = SessionGet(handle);
723 if(session->attributes.isPolicy)
744 // This function returns a list of handles for saved session, starting at handle.
745 // Handle must be in a valid handle range, but does not have to point to a saved session
766 // Iterate session context ID slots to get loaded session handles
769 // If session is active
772 // If session is saved
778 // session handle to it
815 // one or more, then at least one session must be loadable.