tpm_utility_impl.h revision 8b2bf63478b292937f85b3b0e215882af461a999 
1c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Copyright 2014 The Chromium OS Authors. All rights reserved.
2c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Use of this source code is governed by a BSD-style license that can be
3c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// found in the LICENSE file.
4c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
5c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_
6c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_
7c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
8c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h"
9c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
10c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string>
11c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
12c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h>
1352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn#include <base/memory/scoped_ptr.h>
142ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi#include <gtest/gtest_prod.h>
15c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
16ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahn#include "trunks/trunks_export.h"
17ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahn
18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks {
19c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate;
2152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahnclass AuthorizationSession;
22c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory;
23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
24c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility.
25ef87f3e63b93ff722a8cbcee9c54d55d085221a3Darren Krahnclass TRUNKS_EXPORT TpmUtilityImpl : public TpmUtility {
26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public:
27c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  explicit TpmUtilityImpl(const TrunksFactory& factory);
28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  virtual ~TpmUtilityImpl();
29c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
30c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // TpmUtility methods.
3103d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn  TPM_RC Startup() override;
32d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi  TPM_RC Clear() override;
33e8b9a556d4561617747fed4ee5ced70fce9a4392Utkarsh Sanghi  void Shutdown() override;
34c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC InitializeTpm() override;
352ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  TPM_RC TakeOwnership(const std::string& owner_password,
362ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi                       const std::string& endorsement_password,
372ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi                       const std::string& lockout_password) override;
388b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi  TPM_RC StirRandom(const std::string& entropy_data,
398b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                    AuthorizationSession* session) override;
4035af244e7cf856a02e46ec8f186f36c53582757dUtkarsh Sanghi  TPM_RC GenerateRandom(size_t num_bytes,
418b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                        AuthorizationSession* session,
42e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi                        std::string* random_data) override;
438b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi  TPM_RC ExtendPCR(int pcr_index,
448b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                   const std::string& extend_data,
458b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                   AuthorizationSession* session) override;
46579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi  TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
47b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
48b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
499dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
50b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& plaintext,
518b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                           AuthorizationSession* session,
52b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* ciphertext) override;
53b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
54b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
559dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
56b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& ciphertext,
572ff7e22ba2ef3bb7ce2747b1b9706dd242ef9284Utkarsh Sanghi                           AuthorizationSession* session,
58b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* plaintext) override;
59748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Sign(TPM_HANDLE key_handle,
60748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID scheme,
61748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID hash_alg,
62887ccbcc4db5fa0b5221018296aa49b86a5ac26fUtkarsh Sanghi              const std::string& plaintext,
632ff7e22ba2ef3bb7ce2747b1b9706dd242ef9284Utkarsh Sanghi              AuthorizationSession* session,
64748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              std::string* signature) override;
65748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Verify(TPM_HANDLE key_handle,
66748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID scheme,
67748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID hash_alg,
68887ccbcc4db5fa0b5221018296aa49b86a5ac26fUtkarsh Sanghi                const std::string& plaintext,
69748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                const std::string& signature) override;
7033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle,
7133ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                                    const std::string& new_password,
7233ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                                    AuthorizationSession* session,
7333ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                                    std::string* key_blob) override;
7433ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type,
7533ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      const std::string& modulus,
7633ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      uint32_t public_exponent,
7733ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      const std::string& prime_factor,
7833ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      const std::string& password,
7933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      AuthorizationSession* session,
8033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                      std::string* key_blob) override;
816465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC CreateAndLoadRSAKey(AsymmetricKeyUsage key_type,
826465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                             const std::string& password,
832ff7e22ba2ef3bb7ce2747b1b9706dd242ef9284Utkarsh Sanghi                             AuthorizationSession* session,
846465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                             TPM_HANDLE* key_handle,
856465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                             std::string* key_blob) override;
866465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type,
876465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                          int modulus_bits,
886465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                          uint32_t public_exponent,
896465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                          const std::string& password,
902ff7e22ba2ef3bb7ce2747b1b9706dd242ef9284Utkarsh Sanghi                          AuthorizationSession* session,
916465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                          std::string* key_blob) override;
926465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC LoadKey(const std::string& key_blob,
932ff7e22ba2ef3bb7ce2747b1b9706dd242ef9284Utkarsh Sanghi                 AuthorizationSession* session,
946465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                 TPM_HANDLE* key_handle) override;
956465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override;
966465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC GetKeyPublicArea(TPM_HANDLE handle,
978b2bf63478b292937f85b3b0e215882af461a999Utkarsh Sanghi                          TPMT_PUBLIC* public_data) override;
9839dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC DefineNVSpace(uint32_t index,
9939dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                       size_t num_bytes,
10039dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                       AuthorizationSession* session) override;
10139dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC DestroyNVSpace(uint32_t index, AuthorizationSession* session) override;
10239dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC LockNVSpace(uint32_t index, AuthorizationSession* session) override;
10339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC WriteNVSpace(uint32_t index,
10439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                      uint32_t offset,
10539dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                      const std::string& nvram_data,
10639dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                      AuthorizationSession* session) override;
10739dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC ReadNVSpace(uint32_t index,
10839dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                     uint32_t offset,
10939dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                     size_t num_bytes,
11039dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                     std::string* nvram_data,
11139dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                     AuthorizationSession* session) override;
11239dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override;
11339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC GetNVSpacePublicArea(uint32_t index,
11439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                              TPMS_NV_PUBLIC* public_data) override;
1151c4ff198686b6330dd863f872f52e8efd1a94e3dUtkarsh Sanghi
11680c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  // Creates a well-formed response with the given |error_code|.
11780c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  static std::string CreateErrorResponse(TPM_RC error_code);
11880c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn
11980c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  // Parses a |message| which may be a command or a response and provides
12080c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  // whether the message |has_sessions|, the message |size|, and the command or
12180c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  // response |code| for the message. Returns false if the message is not
12280c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  // well-formed.
12380c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn  static bool ParseHeader(const std::string& message,
12480c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn                          bool* has_sessions,
12580c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn                          uint32_t* size,
12680c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn                          uint32_t* code);
12780c739e10fd606b24e2656cad6e566c66bb218d4Darren Krahn
1282ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi protected:
12933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, ImportRSAKeySuccess);
1302ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, RootKeysSuccess);
1312ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, RootKeysHandleConsistency);
1322ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, RootKeysCreateFailure);
1332ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, RootKeysPersistFailure);
1342ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, SaltingKeySuccess);
1352ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, SaltingKeyConsistency);
1362ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, SaltingKeyCreateFailure);
1372ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, SaltingKeyLoadFailure);
1382ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  FRIEND_TEST(TpmUtilityTest, SaltingKeyPersistFailure);
1392ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi
140c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private:
141c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  const TrunksFactory& factory_;
142c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
1432ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // Synchronously derives storage root keys for RSA and ECC and persists the
1442ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // keys in the TPM. This operation must be authorized by the |owner_password|
1452ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // and, on success, KRSAStorageRootKey and kECCStorageRootKey can be used
1462ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // with an empty authorization value until the TPM is cleared.
1472ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  TPM_RC CreateStorageRootKeys(const std::string& owner_password);
1482ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi
1492ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // This method creates an RSA decryption key to be used for salting sessions.
1502ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // This method also makes the salting key permanent under the storage
1512ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  // hierarchy.
1522ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi  TPM_RC CreateSaltingKey(const std::string& owner_password);
1532ee32a9d61896f544d87ecee24dc25cc33c9ebb3Utkarsh Sanghi
1546465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  // This method returns a partially filled TPMT_PUBLIC strucutre,
1556465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  // which can then be modified by other methods to create the public
1566465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  // template for a key. It takes a valid |key_type| tp construct the
1576465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  // parameters.
1586465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPMT_PUBLIC CreateDefaultPublicArea(TPM_ALG_ID key_alg);
1596465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi
16052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // Sets TPM |hierarchy| authorization to |password| using |authorization|.
16152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
16252e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   const std::string& password,
16352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   AuthorizationDelegate* authorization);
164c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
165c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // Disables the TPM platform hierarchy until the next startup. This requires
166c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // platform |authorization|.
167c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);
168c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
1696465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC StringToKeyData(const std::string& key_blob,
1706465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                         TPM2B_PUBLIC* public_info,
1716465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                         TPM2B_PRIVATE* private_info);
1726465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi
1736465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi  TPM_RC KeyDataToString(const TPM2B_PUBLIC& public_info,
1746465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                         const TPM2B_PRIVATE& private_info,
1756465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi                         std::string* key_blob);
1766465502c740d2599d95e09232c744f6d2ed54505Utkarsh Sanghi
17733ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  // Given a public area, this method computes the object name. Following
17833ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  // TPM2.0 Specification Part 1 section 16,
17933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  // object_name = HashAlg || Hash(public_area);
18033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  TPM_RC ComputeKeyName(const TPMT_PUBLIC& public_area,
18133ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                        std::string* object_name);
18233ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi
18339dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  // Given a public area, this method computers the NVSpace's name.
18439dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  // It follows TPM2.0 Specification Part 1 section 16,
18539dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  // nv_name = HashAlg || Hash(nv_public_area);
18639dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi  TPM_RC ComputeNVSpaceName(const TPMS_NV_PUBLIC& nv_public_area,
18739dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi                            std::string* nv_name);
18839dd58452d7fe3ebe93490a6239a76b385bd676dUtkarsh Sanghi
18933ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  // This encrypts the |sensitive_data| struct according to the specification
19033ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  // defined in TPM2.0 spec Part 1: Figure 19.
19133ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi  TPM_RC EncryptPrivateData(const TPMT_SENSITIVE& sensitive_area,
19233ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                            const TPMT_PUBLIC& public_area,
19333ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                            TPM2B_PRIVATE* encrypted_private_data,
19433ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi                            TPM2B_DATA* encryption_key);
19533ca033c9665b8496f3491037403ae1574a54227Utkarsh Sanghi
196c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
197c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn};
198c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
199c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}  // namespace trunks
200c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
201c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif  // TRUNKS_TPM_UTILITY_IMPL_H_
202