/// <summary>
/// This TBS returns a random handle value in the desired handle range (ugh).
/// </summary>
/// <param name="owner"></param>
/// <param name="tpmHandle"></param>
/// <returns></returns>
private uint GetFreeHandle(Tbs.TbsContext owner, TpmHandle tpmHandle)
{
Tbs.SlotType neededType = Tbs.SlotTypeFromHandle(tpmHandle);
if (neededType == Tbs.SlotType.NoSlot)
{
return(tpmHandle.handle);
}
int numTries = 0;
while (true)
{
Ht handleType = tpmHandle.GetType();
var randomPos = (uint)Globs.GetRandomInt((int)TpmHandle.GetRangeLength(tpmHandle.GetType()));
uint candidateHandle = ((uint)handleType << 24) + randomPos;
if (!OwnerHandleInUse(owner, candidateHandle))
{
return(candidateHandle);
}
numTries++;
if (numTries >= 1000)
{
break;
}
}
throw new Exception("Too many TBS contexts");
}
internal int NumFreeSlots(Tbs.SlotType neededSlot)
{
int numUsedSlotsOfType = ObjectContexts.Sum(item => (item.Loaded && (item.TheSlotType == neededSlot)) ? 1 : 0);
switch (neededSlot)
{
case Tbs.SlotType.ObjectSlot:
return NumObjectSlots - numUsedSlotsOfType;
case Tbs.SlotType.SessionSlot:
return NumSessionSlots - numUsedSlotsOfType;
default:
throw new Exception("NumFreeSlots: Should not be here");
}
}
internal ObjectContext GetContext(Tbs.TbsContext caller, TpmHandle callerHandle)
{
if (Tbs.SlotTypeFromHandle(callerHandle) == Tbs.SlotType.NoSlot)
{
// Indicates that this is a TPM resident object (NV-slot, primary-handle, PWAP-handle, etc.)
var temp = new ObjectContext {
TheTpmHandle = callerHandle
};
return(temp);
}
ObjectContext x = ObjectContexts.Find(item => (item.Owner == caller) && item.OwnerHandle.handle == callerHandle.handle);
// Note that x may be null
return(x);
}
internal ObjectContext CreateObjectContext(Tbs.TbsContext owner, TpmHandle tpmHandle)
{
Tbs.SlotType newSlotType = Tbs.SlotTypeFromHandle(tpmHandle);
if (newSlotType == Tbs.SlotType.NoSlot)
{
throw new Exception("should not be here");
}
// Make a new slot context of the requisite type
uint tbsHandle = GetFreeHandle(owner, tpmHandle);
var newContext = new ObjectContext {
OwnerHandle = new TpmHandle(tbsHandle),
TheTpmHandle = tpmHandle,
TheSlotType = newSlotType,
LastUseCount = GetUseCount(),
Loaded = true,
Owner = owner
};
ObjectContexts.Add(newContext);
return(newContext);
}
internal ObjectContext CreateObjectContext(Tbs.TbsContext owner, TpmHandle tpmHandle)
{
Tbs.SlotType newSlotType = Tbs.SlotTypeFromHandle(tpmHandle);
if (newSlotType == Tbs.SlotType.NoSlot)
{
throw new Exception("CreateObjectContext: Should not be here");
}
// Make a new slot context of the requisite type
uint tbsHandle = GetFreeHandle(owner, tpmHandle);
var newContext = new ObjectContext {
OwnerHandle = new TpmHandle(tbsHandle),
TheTpmHandle = tpmHandle,
TheSlotType = newSlotType,
LastUseCount = GetUseCount(),
Loaded = true,
Owner = owner
};
ObjectContexts.Add(newContext);
return newContext;
}
public TbsContext(Tbs associatedTbs)
{
Tbs = associatedTbs;
}
internal TbsContext(Tbs associatedTbs)
{
Tbs = associatedTbs;
}
internal TbsContext(Tbs associatedTbs)
{
Tbs = associatedTbs;
}
/// <summary>
/// Remove all contexts associated with a client (to support client disconnect).
/// </summary>
/// <param name="owner"></param>
public void RemoveAll(Tbs.TbsContext owner)
{
ObjectContexts.RemoveAll(item => item.Owner == owner);
}
/// <summary>
/// Gets the best eviction candidate for entities of given type. May return NULL.
/// </summary>
/// <param name="neededSlot"></param>
/// <param name="neededEntities"></param>
/// <returns></returns>
internal ObjectContext GetBestEvictionCandidate(Tbs.SlotType neededSlot, ObjectContext[] neededEntities)
{
ObjectContext candidate = null;
foreach (ObjectContext c in ObjectContexts)
{
// See if this context is a candidate for eviction
if (!c.Loaded)
{
continue;
}
if (c.TheSlotType != neededSlot)
{
continue;
}
// Currently loaded entity of correct type, but is it referenced in this operation?
if (neededEntities.Contains(c))
{
continue;
}
// ObjectContext c is a candidate for removal. If we don't already
// have a candidate then see if the new candidate is staler than the old.
if (candidate == null)
{
candidate = c;
}
else
{
if (c.LastUseCount < candidate.LastUseCount)
{
candidate = c;
}
}
}
return candidate;
}
internal ObjectContext GetContext(Tbs.TbsContext caller, TpmHandle callerHandle)
{
if (Tbs.SlotTypeFromHandle(callerHandle) == Tbs.SlotType.NoSlot)
{
// Indicates that this is a TPM resident object (NV-slot, primary-handle, PWAP-handle, etc.)
var temp = new ObjectContext {TheTpmHandle = callerHandle};
return temp;
}
ObjectContext x = ObjectContexts.Find(item => (item.Owner == caller) && item.OwnerHandle.handle == callerHandle.handle);
// Note that x may be null
return x;
}
private bool OwnerHandleInUse(Tbs.TbsContext owner, uint ownerHandle)
{
return ObjectContexts.Find(item => (item.Owner == owner && item.OwnerHandle.handle == ownerHandle)) != null;
}
/// <summary>
/// This TBS returns a random handle value in the desired handle range (ugh).
/// </summary>
/// <param name="owner"></param>
/// <param name="tpmHandle"></param>
/// <returns></returns>
private uint GetFreeHandle(Tbs.TbsContext owner, TpmHandle tpmHandle)
{
Tbs.SlotType neededType = Tbs.SlotTypeFromHandle(tpmHandle);
if (neededType == Tbs.SlotType.NoSlot)
{
return tpmHandle.handle;
}
int numTries = 0;
while (true)
{
Ht handleType = tpmHandle.GetType();
var randomPos = (uint)Globs.GetRandomInt((int)TpmHandle.GetRangeLength(tpmHandle.GetType()));
uint candidateHandle = ((uint)handleType << 24) + randomPos;
if (!OwnerHandleInUse(owner, candidateHandle))
{
return candidateHandle;
}
numTries++;
if (numTries >= 1000)
{
break;
}
}
throw new Exception("Too many TBS contexts");
}
/// <summary>
/// This sample illustrates the use of the resource manager built into
/// Tpm2Lib. Using the resource manager relieves the programmer of the
/// (sometimes burdensome) chore of juggling a small number of TPM slots
/// </summary>
/// <param name="tpm">Reference to the TPM object.</param>
static void ResourceManager(Tpm2 tpm)
{
//
// The Tbs device class has a built-in resource manager. We create an
// instance of the Tbs device class, but hook it up to the TCP device
// created above. We also tell the Tbs device class to clean the TPM
// before we start using it.
// This sample won't work on top of the default Windows resource manager
// (TBS).
//
var tbs = new Tbs(tpm._GetUnderlyingDevice(), false);
var tbsTpm = new Tpm2(tbs.CreateTbsContext());
//
// Make more sessions than the TPM has room for
//
const int count = 32;
var sessions = new AuthSession[count];
for (int j = 0; j < count; j++)
{
sessions[j] = tbsTpm.StartAuthSessionEx(TpmSe.Policy, TpmAlgId.Sha1);
}
Console.WriteLine("Created {0} sessions.", count);
//
// And now use them. The resource manager will use ContextLoad and
// ContextSave to bring them into the TPM
//
for (int j = 0; j < count; j++)
{
tbsTpm.PolicyAuthValue(sessions[j].Handle);
}
Console.WriteLine("Used {0} sessions.", count);
//
// And now clean up
//
for (int j = 0; j < count; j++)
{
tbsTpm.FlushContext(sessions[j].Handle);
}
Console.WriteLine("Cleaned up.");
//
// Dispose of the Tbs device object.
//
tbsTpm.Dispose();
}
