tpm_utility_impl.h revision d75dcae8a010d1ced7554dd25a440bee350a2d06 
1c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Copyright 2014 The Chromium OS Authors. All rights reserved.
2c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Use of this source code is governed by a BSD-style license that can be
3c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// found in the LICENSE file.
4c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
5c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_
6c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_
7c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
8c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h"
9c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
10c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string>
11c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
12c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h>
1352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn#include <base/memory/scoped_ptr.h>
14c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <chromeos/chromeos_export.h>
15c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
16c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks {
17c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate;
1952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahnclass AuthorizationSession;
20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory;
21c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
22c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility.
23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility {
24c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public:
25c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  explicit TpmUtilityImpl(const TrunksFactory& factory);
26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  virtual ~TpmUtilityImpl();
27c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // TpmUtility methods.
2903d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn  TPM_RC Startup() override;
30d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi  TPM_RC Clear() override;
31c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC InitializeTpm() override;
32e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi  TPM_RC StirRandom(const std::string& entropy_data) override;
33e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi  TPM_RC GenerateRandom(int num_bytes,
34e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi                        std::string* random_data) override;
35579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi  TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override;
36579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi  TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
3752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC TakeOwnership(const std::string& owner_password,
3852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                       const std::string& endorsement_password,
3952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                       const std::string& lockout_password) override;
4052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC CreateStorageRootKeys(const std::string& owner_password) override;
41b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
42b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
439dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
44b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& plaintext,
45b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* ciphertext) override;
46b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
47b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
489dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
49b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& password,
50b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& ciphertext,
51b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* plaintext) override;
52748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Sign(TPM_HANDLE key_handle,
53748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID scheme,
54748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID hash_alg,
55748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              const std::string& password,
56748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              const std::string& digest,
57748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              std::string* signature) override;
58748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Verify(TPM_HANDLE key_handle,
59748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID scheme,
60748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID hash_alg,
61748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                const std::string& digest,
62748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                const std::string& signature) override;
6382b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi  TPM_RC CreateRSAKey(AsymmetricKeyUsage key_type,
6482b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi                      const std::string& password,
6582b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi                      TPM_HANDLE* key_handle) override;
66c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
67c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private:
68c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  const TrunksFactory& factory_;
6952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  scoped_ptr<AuthorizationSession> session_;
70c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
7152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // If session_ has not been initialized, creates an unbound and salted
7252e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // authorization session with encryption enabled and assigns it to session_.
7352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // If session_ has already been initialized, this method has no effect. Call
7452e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // this method successfully before accessing session_.
7552e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC InitializeSession();
7652e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn
7752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // Sets TPM |hierarchy| authorization to |password| using |authorization|.
7852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
7952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   const std::string& password,
8052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   AuthorizationDelegate* authorization);
81c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
82c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // Disables the TPM platform hierarchy until the next startup. This requires
83c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // platform |authorization|.
84c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);
85c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
86b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // This function sets |name| to the name of the object referenced by
87b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // |handle|. This function only works on Transient and Permanent objects.
88b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name);
89b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi
90b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // This function returns the public area of a handle in the tpm.
91b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPM2B_PUBLIC* public_data);
92b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi
93c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
94c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn};
95c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
96c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}  // namespace trunks
97c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
98c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif  // TRUNKS_TPM_UTILITY_IMPL_H_
99