tpm_utility_impl.h revision d75dcae8a010d1ced7554dd25a440bee350a2d06
1c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Copyright 2014 The Chromium OS Authors. All rights reserved. 2c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Use of this source code is governed by a BSD-style license that can be 3c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// found in the LICENSE file. 4c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 5c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_ 6c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_ 7c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 8c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h" 9c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 10c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string> 11c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 12c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h> 1352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn#include <base/memory/scoped_ptr.h> 14c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <chromeos/chromeos_export.h> 15c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 16c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks { 17c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate; 1952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahnclass AuthorizationSession; 20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory; 21c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 22c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility. 23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility { 24c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public: 25c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn explicit TpmUtilityImpl(const TrunksFactory& factory); 26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn virtual ~TpmUtilityImpl(); 27c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // TpmUtility methods. 2903d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn TPM_RC Startup() override; 30d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi TPM_RC Clear() override; 31c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC InitializeTpm() override; 32e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi TPM_RC StirRandom(const std::string& entropy_data) override; 33e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi TPM_RC GenerateRandom(int num_bytes, 34e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi std::string* random_data) override; 35579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override; 36579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override; 3752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC TakeOwnership(const std::string& owner_password, 3852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& endorsement_password, 3952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& lockout_password) override; 4052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC CreateStorageRootKeys(const std::string& owner_password) override; 41b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle, 42b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 439dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 44b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& plaintext, 45b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* ciphertext) override; 46b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle, 47b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 489dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 49b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& password, 50b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& ciphertext, 51b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* plaintext) override; 52748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Sign(TPM_HANDLE key_handle, 53748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 54748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 55748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& password, 56748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& digest, 57748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi std::string* signature) override; 58748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Verify(TPM_HANDLE key_handle, 59748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 60748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 61748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& digest, 62748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& signature) override; 6382b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi TPM_RC CreateRSAKey(AsymmetricKeyUsage key_type, 6482b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi const std::string& password, 6582b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi TPM_HANDLE* key_handle) override; 66c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 67c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private: 68c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn const TrunksFactory& factory_; 6952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn scoped_ptr<AuthorizationSession> session_; 70c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 7152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // If session_ has not been initialized, creates an unbound and salted 7252e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // authorization session with encryption enabled and assigns it to session_. 7352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // If session_ has already been initialized, this method has no effect. Call 7452e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // this method successfully before accessing session_. 7552e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC InitializeSession(); 7652e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn 7752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // Sets TPM |hierarchy| authorization to |password| using |authorization|. 7852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy, 7952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& password, 8052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn AuthorizationDelegate* authorization); 81c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 82c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // Disables the TPM platform hierarchy until the next startup. This requires 83c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // platform |authorization|. 84c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization); 85c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 86b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // This function sets |name| to the name of the object referenced by 87b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // |handle|. This function only works on Transient and Permanent objects. 88b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name); 89b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi 90b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // This function returns the public area of a handle in the tpm. 91b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPM2B_PUBLIC* public_data); 92b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi 93c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl); 94c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}; 95c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 96c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn} // namespace trunks 97c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 98c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif // TRUNKS_TPM_UTILITY_IMPL_H_ 99