/// <summary> /// Calculate the session-key from the nonces and salt/bound values (if present) /// </summary> public void CalcSessionKey() { if (Salt == SaltNeeded) { Globs.Throw("Unencrypted salt value must be provided for the session" + Handle.handle.ToString("X8")); } // Compute Handle.Auth in accordance with Part 1, 19.6.8. if (Salt == null && BindObject == TpmRh.Null) { SessionKey = new byte[0]; return; } byte[] auth = Globs.TrimTrailingZeros(BindObject.Auth); byte[] hmacKey = Globs.Concatenate(auth, Salt); SessionKey = KDF.KDFa(AuthHash, hmacKey, "ATH", NonceTpm, NonceCaller, TpmHash.DigestSize(AuthHash) * 8); }
/// <summary> /// Calculate the session-key from the nonces and salt/bound values (if present) /// </summary> internal void CalcSessionKey() { Debug.Assert(SessionKey == null, "Attempt to repeatedly calculate session key"); if (Salt == SaltNeeded) { Globs.Throw(string.Format("Unencrypted salt value must be provided for the session {0:x}", Handle.handle)); } // Compute Handle.Auth in accordance with Part 1, 19.6.8. if (Salt == null && BindObject == TpmRh.Null) { SessionKey = new byte[0]; return; } byte[] auth = Globs.TrimTrailingZeros(BindObject.Auth); byte[] hmacKey = Globs.Concatenate(auth, Salt); SessionKey = KDF.KDFa(AuthHash, hmacKey, "ATH", NonceTpm, NonceCaller, TpmHash.DigestSize(AuthHash) * 8); }