tpm_utility_impl.h revision e8b9a556d4561617747fed4ee5ced70fce9a4392
1c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Copyright 2014 The Chromium OS Authors. All rights reserved. 2c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// Use of this source code is governed by a BSD-style license that can be 3c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// found in the LICENSE file. 4c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 5c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#ifndef TRUNKS_TPM_UTILITY_IMPL_H_ 6c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#define TRUNKS_TPM_UTILITY_IMPL_H_ 7c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 8c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include "trunks/tpm_utility.h" 9c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 10c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <string> 11c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 12c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <base/macros.h> 1352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn#include <base/memory/scoped_ptr.h> 14c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#include <chromeos/chromeos_export.h> 15c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 16c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnnamespace trunks { 17c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 18c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass AuthorizationDelegate; 1952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahnclass AuthorizationSession; 20c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass TrunksFactory; 21c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 22c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn// A default implementation of TpmUtility. 23c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahnclass CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility { 24c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn public: 25c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn explicit TpmUtilityImpl(const TrunksFactory& factory); 26c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn virtual ~TpmUtilityImpl(); 27c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 28c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // TpmUtility methods. 2903d54dfbcbdd04384e8c0419b7c45282664a2c1aDarren Krahn TPM_RC Startup() override; 30d75dcae8a010d1ced7554dd25a440bee350a2d06Utkarsh Sanghi TPM_RC Clear() override; 31e8b9a556d4561617747fed4ee5ced70fce9a4392Utkarsh Sanghi void Shutdown() override; 32c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC InitializeTpm() override; 33e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi TPM_RC StirRandom(const std::string& entropy_data) override; 3435af244e7cf856a02e46ec8f186f36c53582757dUtkarsh Sanghi TPM_RC GenerateRandom(size_t num_bytes, 35e31034f28641c9bc3e5576cab6d2c7d918bb427cUtkarsh Sanghi std::string* random_data) override; 36579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override; 37579dd8a934c684f2e2a34d9aa2f67953320428acUtkarsh Sanghi TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override; 3852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC TakeOwnership(const std::string& owner_password, 3952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& endorsement_password, 4052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& lockout_password) override; 4152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC CreateStorageRootKeys(const std::string& owner_password) override; 42b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle, 43b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 449dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 45b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& plaintext, 46b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* ciphertext) override; 47b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle, 48b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_ALG_ID scheme, 499dc77fecdb2446da134b9b2901173bb4dcf5e5e4Utkarsh Sanghi TPM_ALG_ID hash_alg, 50b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& password, 51b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi const std::string& ciphertext, 52b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi std::string* plaintext) override; 53748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Sign(TPM_HANDLE key_handle, 54748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 55748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 56748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& password, 57748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& digest, 58748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi std::string* signature) override; 59748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_RC Verify(TPM_HANDLE key_handle, 60748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID scheme, 61748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi TPM_ALG_ID hash_alg, 62748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& digest, 63748f7d68284813a78b883f9c05988f6de535fc8aUtkarsh Sanghi const std::string& signature) override; 6482b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi TPM_RC CreateRSAKey(AsymmetricKeyUsage key_type, 6582b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi const std::string& password, 6682b03cf80cbe7ab5d5edb2cb46d245721e993a68Utkarsh Sanghi TPM_HANDLE* key_handle) override; 67c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 68c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn private: 69c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn const TrunksFactory& factory_; 7052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn scoped_ptr<AuthorizationSession> session_; 71c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 7252e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // If session_ has not been initialized, creates an unbound and salted 7352e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // authorization session with encryption enabled and assigns it to session_. 7452e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // If session_ has already been initialized, this method has no effect. Call 7552e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // this method successfully before accessing session_. 7652e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC InitializeSession(); 7752e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn 7852e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn // Sets TPM |hierarchy| authorization to |password| using |authorization|. 7952e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy, 8052e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn const std::string& password, 8152e2a45f585fbe34032eae5b094a092afdf217caDarren Krahn AuthorizationDelegate* authorization); 82c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 83c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // Disables the TPM platform hierarchy until the next startup. This requires 84c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn // platform |authorization|. 85c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization); 86c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 87b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // This function sets |name| to the name of the object referenced by 88b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // |handle|. This function only works on Transient and Permanent objects. 89b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name); 90b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi 91b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi // This function returns the public area of a handle in the tpm. 92b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi TPM_RC GetKeyPublicArea(TPM_HANDLE handle, TPM2B_PUBLIC* public_data); 93b3ba5e0b579a5462c7137cf49b49cc9a78d87944Utkarsh Sanghi 94c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl); 95c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn}; 96c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 97c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn} // namespace trunks 98c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn 99c364caa9d091baae8eeb9144a6abf69e1fcabb39Darren Krahn#endif // TRUNKS_TPM_UTILITY_IMPL_H_ 100