iaik.tc.tss.impl.java.tcs.authmgr
Class TcTcsAuthCache

java.lang.Object
  extended by iaik.tc.tss.impl.java.tcs.authmgr.TcTcsAuthCache
Direct Known Subclasses:
TcTcsAuthCacheTpm11, TcTcsAuthCacheTpm11NoSwap, TcTcsAuthCacheTpm12, TcTcsAuthCacheVista

public abstract class TcTcsAuthCache
extends java.lang.Object


Method Summary
 void addActiveAuthSession(long authHandle, TcTpmNonce nonceEven)
          This method is called if a new auth session was established.
abstract  java.lang.String cachedAuthSessionsToString()
          This method is intended for debugging.
abstract  void ensureAuthsAreLoadedInTpm(TcTcsAuth[] auths)
          This method is called by TCSI methods that use auth sessions.
abstract  void evictAllAuthSessions()
          This method evicts all auth sessions from the TPM.
static TcTcsAuthCache getInstance()
          This class can only be instantiated once (Singleton).
 void removeActiveAuthSession(TcTcsAuth auth)
          This method is called if an auth session is no longer active (terminated intentionally or because of an error).
abstract  void swapOutAuth(long[] keepHandles)
          This method swaps out an auth sessions from the TPM.
 void trackActiveAuthSession(TcTcsAuth inAuth, TcTcsAuth outAuth)
          This method is called if an auth is used to authorize more than one TPM command.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

getInstance

public static TcTcsAuthCache getInstance()
                                  throws TcTddlException,
                                         TcTpmException,
                                         TcTcsException
This class can only be instantiated once (Singleton).

Throws:
TcTddlException
TcTpmException
TcTcsException

evictAllAuthSessions

public abstract void evictAllAuthSessions()
                                   throws TcTddlException,
                                          TcTpmException
This method evicts all auth sessions from the TPM. The TSS is supposed to have full control of the TPM. No other entity than the TSS is responsible for managing sessions. Consequently, the TSS flushes all existing auth sessions before taking control of the saved context slots. Note: This method is specific to 1.2 TPMs.

Note: This functionality is also implemented in TcTddl. Changes here should be applied in TcTddl too.

Throws:
TcTddlException
TcTpmException

swapOutAuth

public abstract void swapOutAuth(long[] keepHandles)
                          throws TcTddlException,
                                 TcTpmException,
                                 TcTcsException
This method swaps out an auth sessions from the TPM.

Parameters:
keepHandles - When swapping out an auth session, this method avoids to swap out the sessions with the handles specified by notHandles. If it does not matter which session to swap out, simply pass an empty array.
Throws:
TcTddlException
TcTpmException
TcTcsException

ensureAuthsAreLoadedInTpm

public abstract void ensureAuthsAreLoadedInTpm(TcTcsAuth[] auths)
                                        throws TcTddlException,
                                               TcTpmException,
                                               TcTcsException
This method is called by TCSI methods that use auth sessions. By calling this method, it is ensured that the required auth sessions are loaded in the TPM. In cases the auth sessions were swapped out, they are re-loaded into the TPM. Should re-loading be required, the TPM might assign a new auth handles to the sessions. In such a case, the authHandles of the auth parameter are modified accordingly.

Parameters:
auths - The auth sessions that have to be present in the TPM.
Throws:
TcTddlException
TcTpmException
TcTcsException

cachedAuthSessionsToString

public abstract java.lang.String cachedAuthSessionsToString()
                                                     throws TcTddlException,
                                                            TcTpmException
This method is intended for debugging. It returns a string of auth handles currently loaded in the TPM.

Throws:
TcTddlException
TcTpmException

addActiveAuthSession

public void addActiveAuthSession(long authHandle,
                                 TcTpmNonce nonceEven)
This method is called if a new auth session was established.

Parameters:
authHandle - The new auth session.
nonceEven - The even nonce generated by the TPM.

removeActiveAuthSession

public void removeActiveAuthSession(TcTcsAuth auth)
This method is called if an auth session is no longer active (terminated intentionally or because of an error). The auth session is removed from the list of activeAuth sessions.

Parameters:
auth - The auth session to be removed.

trackActiveAuthSession

public void trackActiveAuthSession(TcTcsAuth inAuth,
                                   TcTcsAuth outAuth)
This method is called if an auth is used to authorize more than one TPM command. In such a case, the TPM generates a new nonceEven and consequently the unique identifier we use for auth sessions changes as well. Therefore, this method updates the identifier of the auth session in the list of active auth sessions.