1//
2// Copyright (C) 2014 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8//      http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15//
16
17#ifndef TRUNKS_TPM_UTILITY_IMPL_H_
18#define TRUNKS_TPM_UTILITY_IMPL_H_
19
20#include "trunks/tpm_utility.h"
21
22#include <map>
23#include <string>
24#include <vector>
25
26#include <base/macros.h>
27#include <gtest/gtest_prod.h>
28
29#include "trunks/trunks_export.h"
30
31namespace trunks {
32
33class AuthorizationDelegate;
34class TrunksFactory;
35
36// A default implementation of TpmUtility.
37class TRUNKS_EXPORT TpmUtilityImpl : public TpmUtility {
38 public:
39  explicit TpmUtilityImpl(const TrunksFactory& factory);
40  ~TpmUtilityImpl() override;
41
42  // TpmUtility methods.
43  TPM_RC Startup() override;
44  TPM_RC Clear() override;
45  void Shutdown() override;
46  TPM_RC InitializeTpm() override;
47  TPM_RC AllocatePCR(const std::string& platform_password) override;
48  TPM_RC TakeOwnership(const std::string& owner_password,
49                       const std::string& endorsement_password,
50                       const std::string& lockout_password) override;
51  TPM_RC StirRandom(const std::string& entropy_data,
52                    AuthorizationDelegate* delegate) override;
53  TPM_RC GenerateRandom(size_t num_bytes,
54                        AuthorizationDelegate* delegate,
55                        std::string* random_data) override;
56  TPM_RC ExtendPCR(int pcr_index,
57                   const std::string& extend_data,
58                   AuthorizationDelegate* delegate) override;
59  TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
60  TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
61                           TPM_ALG_ID scheme,
62                           TPM_ALG_ID hash_alg,
63                           const std::string& plaintext,
64                           AuthorizationDelegate* delegate,
65                           std::string* ciphertext) override;
66  TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
67                           TPM_ALG_ID scheme,
68                           TPM_ALG_ID hash_alg,
69                           const std::string& ciphertext,
70                           AuthorizationDelegate* delegate,
71                           std::string* plaintext) override;
72  TPM_RC Sign(TPM_HANDLE key_handle,
73              TPM_ALG_ID scheme,
74              TPM_ALG_ID hash_alg,
75              const std::string& plaintext,
76              AuthorizationDelegate* delegate,
77              std::string* signature) override;
78  TPM_RC Verify(TPM_HANDLE key_handle,
79                TPM_ALG_ID scheme,
80                TPM_ALG_ID hash_alg,
81                const std::string& plaintext,
82                const std::string& signature,
83                AuthorizationDelegate* delegate) override;
84  TPM_RC CertifyCreation(TPM_HANDLE key_handle,
85                         const std::string& creation_blob) override;
86  TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle,
87                                    const std::string& new_password,
88                                    AuthorizationDelegate* delegate,
89                                    std::string* key_blob) override;
90  TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type,
91                      const std::string& modulus,
92                      uint32_t public_exponent,
93                      const std::string& prime_factor,
94                      const std::string& password,
95                      AuthorizationDelegate* delegate,
96                      std::string* key_blob) override;
97  TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type,
98                          int modulus_bits,
99                          uint32_t public_exponent,
100                          const std::string& password,
101                          const std::string& policy_digest,
102                          bool use_only_policy_authorization,
103                          int creation_pcr_index,
104                          AuthorizationDelegate* delegate,
105                          std::string* key_blob,
106                          std::string* creation_blob) override;
107  TPM_RC LoadKey(const std::string& key_blob,
108                 AuthorizationDelegate* delegate,
109                 TPM_HANDLE* key_handle) override;
110  TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override;
111  TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPMT_PUBLIC* public_data) override;
112  TPM_RC SealData(const std::string& data_to_seal,
113                  const std::string& policy_digest,
114                  AuthorizationDelegate* delegate,
115                  std::string* sealed_data) override;
116  TPM_RC UnsealData(const std::string& sealed_data,
117                    AuthorizationDelegate* delegate,
118                    std::string* unsealed_data) override;
119  TPM_RC StartSession(HmacSession* session) override;
120  TPM_RC GetPolicyDigestForPcrValue(int pcr_index,
121                                    const std::string& pcr_value,
122                                    std::string* policy_digest) override;
123  TPM_RC DefineNVSpace(uint32_t index,
124                       size_t num_bytes,
125                       TPMA_NV attributes,
126                       const std::string& authorization_value,
127                       const std::string& policy_digest,
128                       AuthorizationDelegate* delegate) override;
129  TPM_RC DestroyNVSpace(uint32_t index,
130                        AuthorizationDelegate* delegate) override;
131  TPM_RC LockNVSpace(uint32_t index,
132                     bool lock_read,
133                     bool lock_write,
134                     bool using_owner_authorization,
135                     AuthorizationDelegate* delegate) override;
136  TPM_RC WriteNVSpace(uint32_t index,
137                      uint32_t offset,
138                      const std::string& nvram_data,
139                      bool using_owner_authorization,
140                      bool extend,
141                      AuthorizationDelegate* delegate) override;
142  TPM_RC ReadNVSpace(uint32_t index,
143                     uint32_t offset,
144                     size_t num_bytes,
145                     bool using_owner_authorization,
146                     std::string* nvram_data,
147                     AuthorizationDelegate* delegate) override;
148  TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override;
149  TPM_RC GetNVSpacePublicArea(uint32_t index,
150                              TPMS_NV_PUBLIC* public_data) override;
151  TPM_RC ListNVSpaces(std::vector<uint32_t>* index_list) override;
152  TPM_RC SetDictionaryAttackParameters(
153      uint32_t max_tries,
154      uint32_t recovery_time,
155      uint32_t lockout_recovery,
156      AuthorizationDelegate* delegate) override;
157  TPM_RC ResetDictionaryAttackLock(AuthorizationDelegate* delegate) override;
158
159 private:
160  friend class TpmUtilityTest;
161
162  const TrunksFactory& factory_;
163  std::map<uint32_t, TPMS_NV_PUBLIC> nvram_public_area_map_;
164
165  // This method sets a known owner password in the TPM_RH_OWNER hierarchy.
166  TPM_RC SetKnownOwnerPassword(const std::string& known_owner_password);
167
168  // Synchronously derives storage root keys for RSA and ECC and persists the
169  // keys in the TPM. This operation must be authorized by the |owner_password|
170  // and, on success, KRSAStorageRootKey and kECCStorageRootKey can be used
171  // with an empty authorization value until the TPM is cleared.
172  TPM_RC CreateStorageRootKeys(const std::string& owner_password);
173
174  // This method creates an RSA decryption key to be used for salting sessions.
175  // This method also makes the salting key permanent under the storage
176  // hierarchy.
177  TPM_RC CreateSaltingKey(const std::string& owner_password);
178
179  // This method returns a partially filled TPMT_PUBLIC strucutre,
180  // which can then be modified by other methods to create the public
181  // template for a key. It takes a valid |key_type| tp construct the
182  // parameters.
183  TPMT_PUBLIC CreateDefaultPublicArea(TPM_ALG_ID key_alg);
184
185  // Sets TPM |hierarchy| authorization to |password| using |authorization|.
186  TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
187                                   const std::string& password,
188                                   AuthorizationDelegate* authorization);
189
190  // Disables the TPM platform hierarchy until the next startup. This requires
191  // platform |authorization|.
192  TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);
193
194  // Given a public area, this method computes the object name. Following
195  // TPM2.0 Specification Part 1 section 16,
196  // object_name = HashAlg || Hash(public_area);
197  TPM_RC ComputeKeyName(const TPMT_PUBLIC& public_area,
198                        std::string* object_name);
199
200  // Given a public area, this method computers the NVSpace's name.
201  // It follows TPM2.0 Specification Part 1 section 16,
202  // nv_name = HashAlg || Hash(nv_public_area);
203  TPM_RC ComputeNVSpaceName(const TPMS_NV_PUBLIC& nv_public_area,
204                            std::string* nv_name);
205
206  // This encrypts the |sensitive_data| struct according to the specification
207  // defined in TPM2.0 spec Part 1: Figure 19.
208  TPM_RC EncryptPrivateData(const TPMT_SENSITIVE& sensitive_area,
209                            const TPMT_PUBLIC& public_area,
210                            TPM2B_PRIVATE* encrypted_private_data,
211                            TPM2B_DATA* encryption_key);
212
213  // Looks for a given persistent |key_handle| and outputs whether or not it
214  // |exists|. Returns TPM_RC_SUCCESS on success.
215  TPM_RC DoesPersistentKeyExist(TPMI_DH_PERSISTENT key_handle, bool* exists);
216
217  DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
218};
219
220}  // namespace trunks
221
222#endif  // TRUNKS_TPM_UTILITY_IMPL_H_
223