tpm_utility_impl.h revision e8b9a556d4561617747fed4ee5ced70fce9a4392 
1c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Copyright 2014 The Chromium OS Authors. All rights reserved.
2c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Use of this source code is governed by a BSD-style license that can be
3c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// found in the LICENSE file.
4c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
5c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_
6c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_
7c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
8c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h"
9c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
10c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string>
11c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
12c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h>
1352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn#include <base/memory/scoped_ptr.h>
14c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <chromeos/chromeos_export.h>
15c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
16c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks {
17c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate;
1952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahnclass AuthorizationSession;
20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory;
21c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
22c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility.
23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility {
24c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public:
25c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  explicit TpmUtilityImpl(const TrunksFactory& factory);
26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  virtual ~TpmUtilityImpl();
27c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // TpmUtility methods.
2903d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn  TPM_RC Startup() override;
30d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi  TPM_RC Clear() override;
31e8b9a556d4561617747fed4ee5ced70fce9a4392Utkarsh Sanghi  void Shutdown() override;
32c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC InitializeTpm() override;
33e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi  TPM_RC StirRandom(const std::string& entropy_data) override;
3435af244e7cf856a02e46ec8f186f36c53582757dUtkarsh Sanghi  TPM_RC GenerateRandom(size_t num_bytes,
35e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi                        std::string* random_data) override;
36579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi  TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override;
37579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi  TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
3852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC TakeOwnership(const std::string& owner_password,
3952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                       const std::string& endorsement_password,
4052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                       const std::string& lockout_password) override;
4152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC CreateStorageRootKeys(const std::string& owner_password) override;
42b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
43b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
449dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
45b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& plaintext,
46b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* ciphertext) override;
47b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
48b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           TPM_ALG_ID scheme,
499dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi                           TPM_ALG_ID hash_alg,
50b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& password,
51b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           const std::string& ciphertext,
52b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi                           std::string* plaintext) override;
53748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Sign(TPM_HANDLE key_handle,
54748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID scheme,
55748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              TPM_ALG_ID hash_alg,
56748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              const std::string& password,
57748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              const std::string& digest,
58748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi              std::string* signature) override;
59748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi  TPM_RC Verify(TPM_HANDLE key_handle,
60748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID scheme,
61748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                TPM_ALG_ID hash_alg,
62748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                const std::string& digest,
63748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi                const std::string& signature) override;
6482b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi  TPM_RC CreateRSAKey(AsymmetricKeyUsage key_type,
6582b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi                      const std::string& password,
6682b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi                      TPM_HANDLE* key_handle) override;
67c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
68c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private:
69c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  const TrunksFactory& factory_;
7052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  scoped_ptr<AuthorizationSession> session_;
71c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
7252e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // If session_ has not been initialized, creates an unbound and salted
7352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // authorization session with encryption enabled and assigns it to session_.
7452e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // If session_ has already been initialized, this method has no effect. Call
7552e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // this method successfully before accessing session_.
7652e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC InitializeSession();
7752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn
7852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  // Sets TPM |hierarchy| authorization to |password| using |authorization|.
7952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn  TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
8052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   const std::string& password,
8152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn                                   AuthorizationDelegate* authorization);
82c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
83c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // Disables the TPM platform hierarchy until the next startup. This requires
84c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  // platform |authorization|.
85c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);
86c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
87b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // This function sets |name| to the name of the object referenced by
88b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // |handle|. This function only works on Transient and Permanent objects.
89b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name);
90b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi
91b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  // This function returns the public area of a handle in the tpm.
92b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi  TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPM2B_PUBLIC* public_data);
93b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi
94c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn  DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
95c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn};
96c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
97c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}  // namespace trunks
98c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn
99c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif  // TRUNKS_TPM_UTILITY_IMPL_H_
100