Using an HMAC Session to Authorize a Single Command
The mechanics of a single command during an HMAC session are described in Figure 13-12.
Figure 13-12. HMAC session: single command. Note that this diagram assumes the use of the TSS SAPI layer. The TAB and resource manager layers are omitted for simplicity. Also, this diagram shows how HMAC sessions operate using the TSS SAPI Tss2_Sys_XXXX_Prepare and one-call interfaces
To use an HMAC session for authorizing commands, the steps are as follows (see Figure 13-12 while reading the example code):
1. The input parameters are marshalled and concatenated into a single sized byte buffer, cpParams. The Tss2_Sys_NV_Write_ Prepare call on lines 183–185 performs this task and puts the cpParams buffer into the sysContext structure.
2. The caller calculates the cpHash, a hash of the marshalled command parameters contained in the cpParams buffer. This is done in the ComputeCommandHmacs call on lines 202–205.
3. The caller calculates an HMAC for the command. The cpHash is one of the inputs to this calculation. This is done by the ComputeCommandHmacs call on lines 202–205.
4. The calculated HMAC is copied into the HMAC session's HMAC field. This is done automatically by the ComputeCommandHmacs call—-notice the pointer to nvCmdAuthsbeing passed in on lines 202–205.
5. The complete command including header, sessions, and parameters must be marshalled into a byte stream and sent to the TPM. This is done in the one-call function call at lines 211–214.
6. The response must be read from the TPM. This is also done in the one-call function on lines 211–214.
7. After receiving the response, the caller calculates the rpHash, a hash of the marshalled response parameters in the byte stream. This is done in the CheckResponseHmacs call on lines 224–226.
8. The caller calculates the expected response HMAC. The rpHash is one of the inputs to this calculation. This is also done by the CheckResponseHmacs call on lines 224–226.
9. The caller compares this calculated response HMAC to the HMAC field of the response's HMAC session. If they aren't the same, the response parameters have been corrupted and none of the data can be trusted. If they are the same, then the response parameters have been received correctly. This is performed by CheckResponseHmacs, lines 224–226. It calculates what the response HMAC should be and compares it to the HMAC returned in nvRspAuths.
10. If the response HMAC is correct, the response parameters can be unmarshalled into C structures for use by the caller; this is performed by the one-call function on lines 211–214. Note that for the one-call, the code assumes that the HMAC is correct and unmarshals the response parameters. Later, if the response HMAC is proven incorrect, the unmarshalled response parameters can be ignored.