Desktop version

Home arrow Computer Science arrow A Practical Guide to TPM 2.0

TPM Context-Management Commands

The TPM commands that enable transient entity management are TPM2_ContextSave, TPM2_ContextLoad, and TPM2_FlushContext. These commands have different effects depending on the type of transient entity being operated on.

TPM2_ContextSave saves the context of a transient entity and returns the entity's context. The returned context is encrypted and integrity protected. This is done in a manner that only allows the context to be loaded on the exact same TPM that saved it; a saved context can't be loaded into a different TPM. It is important to note that saving the context saves it into system memory, which may be volatile. Some other mechanism is required if the saved context needs to preserved across events that might erase memory contents, such as hibernation or sleep. For the PC, in the case of hibernation, the system saves all memory contents to some form of nonvolatile storage, such as a disk drive; for a sleep event, the memory remains powered on, which preserves the memory contents.

After the context is saved, if the entity is an object or a sequence, the entity still resides in the TPM and has the same handle. The saved context is a new copy of the object or sequence context.

A session, however, is handled differently. When a session's context is saved by the TPM2_ContextSave command, it is evicted from TPM memory. A session's context handling is unique: the context can either be evicted and in system memory, or it can be loaded on the TPM, but not both. Regardless of where the session's context resides, it always has the same handle and it's always “active” until its context is flushed by the TPM2_FlushContext command or a command is sent using the session with the continueSession flag cleared.

The reason for this special handling of sessions' handles is to prevent multiple copies of sessions and, hence, session replay attacks. A small piece of session context is retained inside the TPM after the context is saved.

For objects, sequences, and sessions, TPM2_FlushContext removes all of the transient entity's context from the TPM. In the case of an object or a sequence, the object—which still resides in the TPM after the TPM2_ContextSave command—is completely removed, but the saved context can still be reloaded. In the case of a session, the remaining session context is removed, which means the session is no longer active, the session context cannot be reloaded, and the session handle is freed for use by another session.

TPM2_ContextLoad is used to reload a saved context into the TPM. [1]

For an object or sequence, the context is loaded and a new handle is created for the object. An object or sequence context can be reloaded multiple times, returning a new handle each time. This means multiple copies of an object or sequence can reside in the TPM at any given time. [2]

For a session, the TPM2_ContextLoad command reloads the session and returns the same session handle. Also, a session's context can only be reloaded once after its context was saved in order to prevent session replay attacks.

  • [1] It should be noted that although the names are similar, the TPM2_Load and TPM2_ContextLoad commands are quite different. TPM2_Load performs the initial load of an object after creation by TPM2_Create. This load command can't be used for sessions, nor can it be used to load an object's or sequence's saved context. TPM2_ContextLoad loads a transient entity after its context has been saved by the TPM2_ContextSave command. The similar names and overlap in functionality (in the case of objects) has tripped up many an unwary developer, including me at times.
  • [2] Having multiple copies of an object or a sequence loaded in the TPM serves no useful purpose and uses up more of the limited slots available in the TPM. The quote by David Wooten at the beginning of this chapter resulted from a discussion about this. Even though it serves no useful purpose, it doesn't pose a security risk, so the TPM allows it in the interest of internal TPM firmware simplicity.
 
< Prev   CONTENTS   Next >

Related topics