internal void CalcSessionKey()
{
Debug.Assert(SessionKey == null, "Attempt to repeatedly calculate session key");
if (Salt == SaltNeeded)
{
Globs.Throw(string.Format("Unencrypted salt value must be provided for the session {0:x}", Handle.handle));
}
// Compute Handle.Auth in accordance with Part 1, 19.6.8.
if (Salt == null && BindObject == TpmRh.Null)
{
SessionKey = new byte[0];
return;
}
byte[] auth = Globs.TrimTrailingZeros(BindObject.Auth);
byte[] hmacKey = Globs.Concatenate(auth, Salt);
SessionKey = KDF.KDFa(AuthHash, hmacKey, "ATH", NonceTpm, NonceCaller,
TpmHash.DigestSize(AuthHash) * 8);
}