1// 2// Copyright (C) 2014 The Android Open Source Project 3// 4// Licensed under the Apache License, Version 2.0 (the "License"); 5// you may not use this file except in compliance with the License. 6// You may obtain a copy of the License at 7// 8// http://www.apache.org/licenses/LICENSE-2.0 9// 10// Unless required by applicable law or agreed to in writing, software 11// distributed under the License is distributed on an "AS IS" BASIS, 12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13// See the License for the specific language governing permissions and 14// limitations under the License. 15// 16 17#ifndef TRUNKS_PASSWORD_AUTHORIZATION_DELEGATE_H_ 18#define TRUNKS_PASSWORD_AUTHORIZATION_DELEGATE_H_ 19 20#include <string> 21 22#include <base/gtest_prod_util.h> 23 24#include "trunks/authorization_delegate.h" 25#include "trunks/tpm_generated.h" 26#include "trunks/trunks_export.h" 27 28namespace trunks { 29 30// PasswdAuthorizationDelegate is an implementation of the AuthorizationDelegate 31// interface. This delegate is used for password based authorization. Upon 32// initialization of this delegate, we feed in the plaintext password. This 33// password is then used to authorize the commands issued with this delegate. 34// This delegate performs no parameter encryption. 35class TRUNKS_EXPORT PasswordAuthorizationDelegate 36 : public AuthorizationDelegate { 37 public: 38 explicit PasswordAuthorizationDelegate(const std::string& password); 39 ~PasswordAuthorizationDelegate() override; 40 // AuthorizationDelegate methods. 41 bool GetCommandAuthorization(const std::string& command_hash, 42 bool is_command_parameter_encryption_possible, 43 bool is_response_parameter_encryption_possible, 44 std::string* authorization) override; 45 bool CheckResponseAuthorization(const std::string& response_hash, 46 const std::string& authorization) override; 47 bool EncryptCommandParameter(std::string* parameter) override; 48 bool DecryptResponseParameter(std::string* parameter) override; 49 50 protected: 51 FRIEND_TEST(PasswordAuthorizationDelegateTest, NullInitialization); 52 53 private: 54 TPM2B_AUTH password_; 55 56 DISALLOW_COPY_AND_ASSIGN(PasswordAuthorizationDelegate); 57}; 58 59} // namespace trunks 60 61#endif // TRUNKS_PASSWORD_AUTHORIZATION_DELEGATE_H_ 62