hmac_authorization_delegate.h revision a19238f46d4341489fd1d3140df1bb09bdbd8f01
14261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi// Copyright 2014 The Chromium OS Authors. All rights reserved. 24261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi// Use of this source code is governed by a BSD-style license that can be 34261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi// found in the LICENSE file. 44261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 5a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn#ifndef TRUNKS_HMAC_AUTHORIZATION_DELEGATE_H_ 6a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn#define TRUNKS_HMAC_AUTHORIZATION_DELEGATE_H_ 74261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 84261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include <string> 94261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 104261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include <base/gtest_prod_util.h> 114261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include <chromeos/chromeos_export.h> 124261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include <crypto/secure_hash.h> 134261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 144261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include "trunks/authorization_delegate.h" 154261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi#include "trunks/tpm_generated.h" 164261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 174261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghinamespace trunks { 184261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 194261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghiconst uint8_t kContinueSession = 1; 204261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghiconst uint16_t kAesKeySize = 16; // 128 bits is minimum AES key size. 214261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghiconst uint32_t kHashDigestSize = 32; // 256 bits is SHA256 digest size. 224261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 23a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn/* HmacAuthorizationDelegate is an implementation of the AuthorizationDelegate 244261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * interface. It provides the necessary Auth data for HMAC sessions. 254261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * This delegate also does parameter encryption on sessions that support it. 264261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * 274261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * Usage: 284261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * 1) After running the StartAuthSession command on the TPM2.0, we declare this 294261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * delegate using the constructor. We can specify if we want parameter 304261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * obfuscation enabled or not. 314261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * 2) We initialize the session using |InitSession|. We feed in the handle and 324261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * tpm_nonce returned by StartAuthSession. Additionally we inject the 334261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * caller_nonce, salt and auth_value of the bound entity we fed into 344261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * StartAuthSession. 354261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * 3) Pass a pointer to this delegate to any TPM command that needs 364261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * authorization using this delegate. 374261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * 384261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * Sample control flow: 394261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * TrunksProxy proxy; 404261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * proxy.Init(); 414261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * Tpm tpm(&proxy); 42a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn * NullAuthorizationDelegate null; 434261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * tpm.StartAuthSession(..., &null); 44a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn * HmacAuthorizationDelegate hmac(false); 454261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * hmac.InitSession(...); 464261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * tpm.Create(..., &hmac); 474261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * hmac.set_entity_auth_value(...); 484261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi * tpm.Load(..., &hmac); 494261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi */ 50a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahnclass CHROMEOS_EXPORT HmacAuthorizationDelegate: public AuthorizationDelegate { 514261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi public: 52a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn // This constructor for the HmacAuthorizationDelegate takes a boolean value 53a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn // which specifies if parameter encryption/decryption is enabled in this 54a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn // delegate. 55a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn explicit HmacAuthorizationDelegate(bool parameter_encryption); 56a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn virtual ~HmacAuthorizationDelegate(); 574261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // AuthorizationDelegate methods. 584261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual bool GetCommandAuthorization(const std::string& command_hash, 594261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi std::string* authorization); 604261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual bool CheckResponseAuthorization(const std::string& response_hash, 614261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const std::string& authorization); 624261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual bool EncryptCommandParameter(std::string* parameter); 634261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual bool DecryptResponseParameter(std::string* parameter); 644261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 654261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This function is called with the return data of |StartAuthSession|. It 664261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // will initialize the session to start providing auth information. It can 674261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // only be called once per delegate, and must be called before the delegate 684261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // is used for any operation. 694261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual bool InitSession(TPM_HANDLE session_handle, 704261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const TPM2B_NONCE& tpm_nonce, 714261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const TPM2B_NONCE& caller_nonce, 724261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const std::string& salt, 734261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const std::string& bind_auth_value); 744261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This method is used to inject an auth_value associated with an entity. 754261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This auth_value is then used when generating HMACs. 764261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // Note: after providing authorization for an entity this needs to be, 774261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // explicitly reset to the null string. 784261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual void set_entity_auth_value(const std::string& auth_value); 794261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 804261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi protected: 81a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn FRIEND_TEST(HmacAuthorizationDelegateTest, SessionKeyTest); 824261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 834261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi private: 844261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This method implements the key derivation function used in the TPM. 854261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // NOTE: It only returns 32 byte keys. 864261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual std::string CreateKey(const std::string& hmac_key, 874261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const std::string& label, 884261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const TPM2B_NONCE& nonce_newer, 894261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const TPM2B_NONCE& nonce_older); 904261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This method performs a FIPS198 HMAC operation on |data| using |key| 914261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual std::string HmacSha256(const std::string& key, 924261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi const std::string& data); 9302135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi // This method performs an AES operation using a 128 bit key. 9402135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi // |operation_type| can be either AES_ENCRYPT or AES_DECRYPT and it 9502135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi // determines if the operation is an encryption or decryption. 9602135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi virtual void AesOperation(std::string* parameter, 9702135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi const TPM2B_NONCE& nonce_newer, 9802135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi const TPM2B_NONCE& nonce_older, 9902135c88d5400e674ba2835ac60a54ec01c5e90fUtkarsh Sanghi int operation_type); 1004261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // This method regenerates the caller nonce. The new nonce is the same 1014261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // length as the previous nonce. The buffer is filled with random data using 1024261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // openssl's |RAND_bytes| function. 1034261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi // NOTE: This operation is DESTRUCTIVE, and rewrites the caller_nonce_ field. 1044261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi virtual void RegenerateCallerNonce(); 1054261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 1064261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi TPM_HANDLE session_handle_; 1074261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi TPM2B_NONCE caller_nonce_; 1084261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi TPM2B_NONCE tpm_nonce_; 1094261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi TPMA_SESSION attributes_; 1104261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi std::string session_key_; 1114261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi std::string entity_auth_value_; 1124261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 113a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn DISALLOW_COPY_AND_ASSIGN(HmacAuthorizationDelegate); 1144261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi}; 1154261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 1164261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi} // namespace trunks 1174261114797a2793bae83fbabe0459cc465203dd2Utkarsh Sanghi 118a19238f46d4341489fd1d3140df1bb09bdbd8f01Darren Krahn#endif // TRUNKS_HMAC_AUTHORIZATION_DELEGATE_H_ 119