1bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 2bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Copyright (C) 2015 The Android Open Source Project 3bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 4bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Licensed under the Apache License, Version 2.0 (the "License"); 5bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// you may not use this file except in compliance with the License. 6bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// You may obtain a copy of the License at 7bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 8bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// http://www.apache.org/licenses/LICENSE-2.0 9bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 10bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// Unless required by applicable law or agreed to in writing, software 11bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// distributed under the License is distributed on an "AS IS" BASIS, 12bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// See the License for the specific language governing permissions and 14bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// limitations under the License. 15bbef5dff2b94fef72012e721cd6124cd87621af4Utkarsh Sanghi// 16ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 17ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#ifndef TRUNKS_SESSION_MANAGER_IMPL_H_ 18ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#define TRUNKS_SESSION_MANAGER_IMPL_H_ 19ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 20ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#include "trunks/session_manager.h" 21ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 22ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#include <string> 23ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 24ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#include <gtest/gtest_prod.h> 25ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 26ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#include "trunks/tpm_generated.h" 27ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#include "trunks/trunks_factory.h" 28ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 29ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghinamespace trunks { 30ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 31ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi// This class is used to keep track of a TPM session. Each instance of this 32ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi// class is used to account for one instance of a TPM session. Currently 33ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi// this class is used by AuthorizationSession instances to keep track of TPM 34ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi// sessions. 35ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghiclass TRUNKS_EXPORT SessionManagerImpl : public SessionManager { 36ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi public: 37ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi explicit SessionManagerImpl(const TrunksFactory& factory); 38ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi ~SessionManagerImpl() override; 39ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 40ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi TPM_HANDLE GetSessionHandle() const override { return session_handle_; } 41ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi void CloseSession() override; 42ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi TPM_RC StartSession(TPM_SE session_type, 43ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi TPMI_DH_ENTITY bind_entity, 44ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi const std::string& bind_authorization_value, 45ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi bool enable_encryption, 46ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi HmacAuthorizationDelegate* delegate) override; 47ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 48ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi private: 49ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // This function is used to encrypt a plaintext salt |salt|, using RSA 50ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // public encrypt with the SaltingKey PKCS1_OAEP padding. It follows the 51ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // specification defined in TPM2.0 Part 1 Architecture, Appendix B.10.2. 52ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // The encrypted salt is stored in the out parameter |encrypted_salt|. 53ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi TPM_RC EncryptSalt(const std::string& salt, std::string* encrypted_salt); 54ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 55ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // This factory is only set in the constructor and is used to instantiate 56ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // The TPM class to forward commands to the TPM chip. 57ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi const TrunksFactory& factory_; 58ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // This handle keeps track of the TPM session. It is issued by the TPM, 59ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // and is only modified when a new TPM session is started using 60ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // StartBoundSession or StartUnboundSession. We use this to keep track of 61ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // the session handle, so that we can clean it up when this class is 62ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi // destroyed. 63ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi TPM_HANDLE session_handle_; 64ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 65ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi friend class SessionManagerTest; 66ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi DISALLOW_COPY_AND_ASSIGN(SessionManagerImpl); 67ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi}; 68ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 69ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi} // namespace trunks 70ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi 71ff7f2da556b21253a52abbc82e7cf7bee54a850eUtkarsh Sanghi#endif // TRUNKS_SESSION_MANAGER_IMPL_H_ 72