1bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 2bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Copyright (C) 2014 The Android Open Source Project 3bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 4bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Licensed under the Apache License, Version 2.0 (the "License"); 5bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// you may not use this file except in compliance with the License. 6bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// You may obtain a copy of the License at 7bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 8bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// http://www.apache.org/licenses/LICENSE-2.0 9bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 10bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Unless required by applicable law or agreed to in writing, software 11bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// distributed under the License is distributed on an "AS IS" BASIS, 12bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// See the License for the specific language governing permissions and 14bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// limitations under the License. 15bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 16c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 17c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_ 18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_ 19c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h" 21c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 226537cf15412f04bda9fc1a80f7209d55c955c61fUtkarsh Sanghi#include <map> 23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string> 24b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn#include <vector> 25c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h> 272ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi#include <gtest/gtest_prod.h> 28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 29ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahn#include "trunks/trunks_export.h" 30ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahn 31c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks { 32c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 33c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate; 34c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory; 35c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 36c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility. 37ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahnclass TRUNKS_EXPORT TpmUtilityImpl : public TpmUtility { 38c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public: 39c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn explicit TpmUtilityImpl(const TrunksFactory& factory); 40295e851b66fb19c05a14401e834337962a58c493Darren Krahn ~TpmUtilityImpl() override; 41c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 42c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // TpmUtility methods. 4303d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn TPM_RC Startup() override; 44d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi TPM_RC Clear() override; 45e8b9a556d4561617747fed4ee5ced70fce9a4392Utkarsh Sanghi void Shutdown() override; 46c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC InitializeTpm() override; 47e7eb2bf306af6e8408cd77125861542d19e5ec6dUtkarsh Sanghi TPM_RC AllocatePCR(const std::string& platform_password) override; 482ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi TPM_RC TakeOwnership(const std::string& owner_password, 492ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi const std::string& endorsement_password, 502ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi const std::string& lockout_password) override; 518b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi TPM_RC StirRandom(const std::string& entropy_data, 525d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 5335af244e7cf856a02e46ec8f186f36c53582757dUtkarsh Sanghi TPM_RC GenerateRandom(size_t num_bytes, 545d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 55e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi std::string* random_data) override; 568b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi TPM_RC ExtendPCR(int pcr_index, 578b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi const std::string& extend_data, 585d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 59579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override; 60b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle, 61b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 629dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 63b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& plaintext, 645d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 65b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* ciphertext) override; 66b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle, 67b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 689dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 69b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& ciphertext, 705d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 71b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* plaintext) override; 72748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Sign(TPM_HANDLE key_handle, 73748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 74748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 75887ccbcc4db5fa0b5221018296aa49b86a5ac26fUtkarsh Sanghi const std::string& plaintext, 765d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 77748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi std::string* signature) override; 78748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Verify(TPM_HANDLE key_handle, 79748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 80748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 81887ccbcc4db5fa0b5221018296aa49b86a5ac26fUtkarsh Sanghi const std::string& plaintext, 826f68562edf5f66006c08de24d558732d6a389631Utkarsh Sanghi const std::string& signature, 836f68562edf5f66006c08de24d558732d6a389631Utkarsh Sanghi AuthorizationDelegate* delegate) override; 84fded77411da5ef66dff7389e49f40900c19d510cUtkarsh Sanghi TPM_RC CertifyCreation(TPM_HANDLE key_handle, 85fded77411da5ef66dff7389e49f40900c19d510cUtkarsh Sanghi const std::string& creation_blob) override; 8633ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle, 8733ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi const std::string& new_password, 885d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 8933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi std::string* key_blob) override; 9033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type, 9133ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi const std::string& modulus, 9233ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi uint32_t public_exponent, 9333ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi const std::string& prime_factor, 9433ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi const std::string& password, 955d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 9633ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi std::string* key_blob) override; 976465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type, 986465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi int modulus_bits, 996465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi uint32_t public_exponent, 1006465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi const std::string& password, 101fc942a5ffc967b7b2b206aee8b91b3bae1933382Utkarsh Sanghi const std::string& policy_digest, 1026ea135676cf391fac45b0051242ccac935c8bc62Utkarsh Sanghi bool use_only_policy_authorization, 1030ebbc58fe6d45378a5b502c33eb1c4289fd8b05bUtkarsh Sanghi int creation_pcr_index, 1045d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 105a5a2f2ea49e0085bf8d7f6f2b6e7cd624d710c01Utkarsh Sanghi std::string* key_blob, 106a5a2f2ea49e0085bf8d7f6f2b6e7cd624d710c01Utkarsh Sanghi std::string* creation_blob) override; 1076465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi TPM_RC LoadKey(const std::string& key_blob, 1085d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate, 1096465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi TPM_HANDLE* key_handle) override; 1106465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override; 1114dc4629c415e7ca90ff146d7bb75b5646ecd8b17Darren Krahn TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPMT_PUBLIC* public_data) override; 112a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi TPM_RC SealData(const std::string& data_to_seal, 113a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi const std::string& policy_digest, 114a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi AuthorizationDelegate* delegate, 115a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi std::string* sealed_data) override; 116a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi TPM_RC UnsealData(const std::string& sealed_data, 117a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi AuthorizationDelegate* delegate, 118a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi std::string* unsealed_data) override; 119a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi TPM_RC StartSession(HmacSession* session) override; 120a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi TPM_RC GetPolicyDigestForPcrValue(int pcr_index, 121a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi const std::string& pcr_value, 122a6e332ee7f5fe52c1291d961dbeda975c8272044Utkarsh Sanghi std::string* policy_digest) override; 12339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC DefineNVSpace(uint32_t index, 12439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi size_t num_bytes, 125b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn TPMA_NV attributes, 126b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn const std::string& authorization_value, 127b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn const std::string& policy_digest, 1285d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 1295d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi TPM_RC DestroyNVSpace(uint32_t index, 1305d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 131b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn TPM_RC LockNVSpace(uint32_t index, 132b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool lock_read, 133b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool lock_write, 134b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool using_owner_authorization, 135b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn AuthorizationDelegate* delegate) override; 13639dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC WriteNVSpace(uint32_t index, 13739dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi uint32_t offset, 13839dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi const std::string& nvram_data, 139b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool using_owner_authorization, 140b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool extend, 1415d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 14239dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC ReadNVSpace(uint32_t index, 14339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi uint32_t offset, 14439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi size_t num_bytes, 145b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn bool using_owner_authorization, 14639dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi std::string* nvram_data, 1475d3b9451ae2e912aefed0669dd50b2a777ea0ab2Utkarsh Sanghi AuthorizationDelegate* delegate) override; 14839dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override; 14939dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC GetNVSpacePublicArea(uint32_t index, 15039dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPMS_NV_PUBLIC* public_data) override; 151b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn TPM_RC ListNVSpaces(std::vector<uint32_t>* index_list) override; 152b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn TPM_RC SetDictionaryAttackParameters( 153b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn uint32_t max_tries, 154b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn uint32_t recovery_time, 155b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn uint32_t lockout_recovery, 156b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn AuthorizationDelegate* delegate) override; 157b180754b429c078cbc99175a6059a8b5d0491002Darren Krahn TPM_RC ResetDictionaryAttackLock(AuthorizationDelegate* delegate) override; 1581c4ff198686b6330dd863f872f52e8efd1a94e3dUtkarsh Sanghi 159c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private: 1606537cf15412f04bda9fc1a80f7209d55c955c61fUtkarsh Sanghi friend class TpmUtilityTest; 1616537cf15412f04bda9fc1a80f7209d55c955c61fUtkarsh Sanghi 162c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn const TrunksFactory& factory_; 1636537cf15412f04bda9fc1a80f7209d55c955c61fUtkarsh Sanghi std::map<uint32_t, TPMS_NV_PUBLIC> nvram_public_area_map_; 164c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 16566d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // This method sets a known owner password in the TPM_RH_OWNER hierarchy. 16666d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi TPM_RC SetKnownOwnerPassword(const std::string& known_owner_password); 16766d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi 16866d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // Synchronously derives storage root keys for RSA and ECC and persists the 16966d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // keys in the TPM. This operation must be authorized by the |owner_password| 17066d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // and, on success, KRSAStorageRootKey and kECCStorageRootKey can be used 17166d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // with an empty authorization value until the TPM is cleared. 17266d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi TPM_RC CreateStorageRootKeys(const std::string& owner_password); 17366d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi 17466d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // This method creates an RSA decryption key to be used for salting sessions. 17566d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // This method also makes the salting key permanent under the storage 17666d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi // hierarchy. 17766d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi TPM_RC CreateSaltingKey(const std::string& owner_password); 17866d0d268e571647ca99a2bdf4835d967449d7ddeUtkarsh Sanghi 1796465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi // This method returns a partially filled TPMT_PUBLIC strucutre, 1806465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi // which can then be modified by other methods to create the public 1816465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi // template for a key. It takes a valid |key_type| tp construct the 1826465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi // parameters. 1836465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi TPMT_PUBLIC CreateDefaultPublicArea(TPM_ALG_ID key_alg); 1846465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi 18552e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // Sets TPM |hierarchy| authorization to |password| using |authorization|. 18652e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy, 18752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& password, 18852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn AuthorizationDelegate* authorization); 189c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 190c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // Disables the TPM platform hierarchy until the next startup. This requires 191c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // platform |authorization|. 192c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization); 193c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 19433ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi // Given a public area, this method computes the object name. Following 19533ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi // TPM2.0 Specification Part 1 section 16, 19633ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi // object_name = HashAlg || Hash(public_area); 19733ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM_RC ComputeKeyName(const TPMT_PUBLIC& public_area, 19833ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi std::string* object_name); 19933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi 20039dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi // Given a public area, this method computers the NVSpace's name. 20139dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi // It follows TPM2.0 Specification Part 1 section 16, 20239dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi // nv_name = HashAlg || Hash(nv_public_area); 20339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi TPM_RC ComputeNVSpaceName(const TPMS_NV_PUBLIC& nv_public_area, 20439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi std::string* nv_name); 20539dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi 20633ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi // This encrypts the |sensitive_data| struct according to the specification 20733ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi // defined in TPM2.0 spec Part 1: Figure 19. 20833ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM_RC EncryptPrivateData(const TPMT_SENSITIVE& sensitive_area, 20933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi const TPMT_PUBLIC& public_area, 21033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM2B_PRIVATE* encrypted_private_data, 21133ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi TPM2B_DATA* encryption_key); 21233ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi 21387b642d428ca28ff81b97ab0617f2c04d8605683Darren Krahn // Looks for a given persistent |key_handle| and outputs whether or not it 21487b642d428ca28ff81b97ab0617f2c04d8605683Darren Krahn // |exists|. Returns TPM_RC_SUCCESS on success. 21587b642d428ca28ff81b97ab0617f2c04d8605683Darren Krahn TPM_RC DoesPersistentKeyExist(TPMI_DH_PERSISTENT key_handle, bool* exists); 21687b642d428ca28ff81b97ab0617f2c04d8605683Darren Krahn 217c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl); 218c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}; 219c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 220c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn} // namespace trunks 221c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 222c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif // TRUNKS_TPM_UTILITY_IMPL_H_ 223