hmac_session_impl.h revision 4dc4629c415e7ca90ff146d7bb75b5646ecd8b17
1// 2// Copyright (C) 2015 The Android Open Source Project 3// 4// Licensed under the Apache License, Version 2.0 (the "License"); 5// you may not use this file except in compliance with the License. 6// You may obtain a copy of the License at 7// 8// http://www.apache.org/licenses/LICENSE-2.0 9// 10// Unless required by applicable law or agreed to in writing, software 11// distributed under the License is distributed on an "AS IS" BASIS, 12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13// See the License for the specific language governing permissions and 14// limitations under the License. 15// 16 17#ifndef TRUNKS_HMAC_SESSION_IMPL_H_ 18#define TRUNKS_HMAC_SESSION_IMPL_H_ 19 20#include "trunks/hmac_session.h" 21 22#include <string> 23 24#include <base/macros.h> 25 26#include "trunks/hmac_authorization_delegate.h" 27#include "trunks/session_manager.h" 28#include "trunks/trunks_export.h" 29#include "trunks/trunks_factory.h" 30 31namespace trunks { 32 33// This class implements the HmacSession interface. It is used for 34// keeping track of the HmacAuthorizationDelegate used for commands, and to 35// provide authorization for commands that need it. It is instantiated by 36// TpmUtilityImpl. If we need to use this class outside of TpmUtility, we 37// can use it as below: 38// TrunksFactoryImpl factory; 39// HmacSessionImpl session(factory); 40// session.StartBoundSession(bind_entity, bind_authorization, true); 41// session.SetEntityAuthorizationValue(entity_authorization); 42// factory.GetTpm()->RSA_EncrpytSync(_,_,_,_, session.GetDelegate()); 43// NOTE: StartBoundSession/StartUnboundSession should not be called before 44// TPM Ownership is taken. This is because starting a session uses the 45// SaltingKey, which is only created after ownership is taken. 46class TRUNKS_EXPORT HmacSessionImpl : public HmacSession { 47 public: 48 // The constructor for HmacAuthroizationSession needs a factory. In 49 // producation code, this factory is used to access the TPM class to forward 50 // commands to the TPM. In test code, this is used to mock out the TPM calls. 51 explicit HmacSessionImpl(const TrunksFactory& factory); 52 ~HmacSessionImpl() override; 53 54 // HmacSession methods. 55 AuthorizationDelegate* GetDelegate() override; 56 TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity, 57 const std::string& bind_authorization_value, 58 bool enable_encryption) override; 59 TPM_RC StartUnboundSession(bool enable_encryption) override; 60 void SetEntityAuthorizationValue(const std::string& value) override; 61 void SetFutureAuthorizationValue(const std::string& value) override; 62 63 private: 64 // This factory is only set in the constructor and is used to instantiate 65 // The TPM class to forward commands to the TPM chip. 66 const TrunksFactory& factory_; 67 // This delegate is what provides authorization to commands. It is what is 68 // returned when the GetDelegate method is called. 69 HmacAuthorizationDelegate hmac_delegate_; 70 // This object is used to manage the TPM session associated with this 71 // HmacSession. 72 scoped_ptr<SessionManager> session_manager_; 73 74 friend class HmacSessionTest; 75 DISALLOW_COPY_AND_ASSIGN(HmacSessionImpl); 76}; 77 78} // namespace trunks 79 80#endif // TRUNKS_HMAC_SESSION_IMPL_H_ 81