tpm_softclear_utils/tpm2_impl.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2019 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_
 #define TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_

 #include "tpm_softclear_utils/tpm.h"

 #include <string>

 #include <base/files/file_path.h>
 #include <base/files/file_util.h>
 #include <base/macros.h>
 #include <base/optional.h>
 #include <trunks/trunks_factory.h>
 #include <trunks/trunks_factory_impl.h>

 namespace tpm_softclear_utils {

 constexpr char kTpmLocalDataFile[] = "/var/lib/tpm_manager/local_tpm_data";
 constexpr char kDefaultLockoutPassword[] = "";

 // Length of the lockout password set when TPM ownership is being taken.
 constexpr size_t kLockoutPasswordSize = 20;

 // Utility class for soft-clearing TPM 2.0.
 class Tpm2Impl : public Tpm {
  public:
   Tpm2Impl() = default;
   ~Tpm2Impl() override = default;

   // Initializes trunks factory. Returns if the initialization succeeded.
   bool Initialize() override;

   // Gets the lockout password from tpm_manager's DB and returns it. In case of
   // an error, returns an empty Optional object.
   //
   // Note: Initialize() should be called before calling this function.
   base::Optional<std::string> GetAuthForOwnerReset() override;

   // Clears the TPM ownership, including resetting the owner hierarchy and
   // endorsement hierarchy, using the lockout password in
   // |auth_for_owner_reset|.
   //
   // Note: Initialize() should be called before calling this function.
   //
   // Returns if the TPM is soft-cleared successfully.
   bool SoftClearOwner(const std::string& auth_for_owner_reset) override;

   // Overrides current trunks factory. This function should be called by tests
   // only.
   void set_trunks_factory(trunks::TrunksFactory* factory) {
     trunks_factory_ = factory;
   }

  protected:
   // Reads the contents of |path| and stores the contents in |data|. This
   // function can be overridden for testing purposes.
   //
   // TODO(garryxiao): move cryptohome::Platform to a common place, use Platform
   // to read file, and unit-test with its mock instead.
   virtual bool ReadFileToString(const base::FilePath& path, std::string* data) {
     return base::ReadFileToString(path, data);
   }

  private:
   trunks::TrunksFactoryImpl default_trunks_factory_;
   trunks::TrunksFactory* trunks_factory_ = nullptr;

   const base::FilePath local_data_path_{kTpmLocalDataFile};

   DISALLOW_COPY_AND_ASSIGN(Tpm2Impl);
 };

 }  // namespace tpm_softclear_utils

 #endif  // TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_
	// Copyright 2019 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_
	#define TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_

	#include "tpm_softclear_utils/tpm.h"

	#include <string>

	#include <base/files/file_path.h>
	#include <base/files/file_util.h>
	#include <base/macros.h>
	#include <base/optional.h>
	#include <trunks/trunks_factory.h>
	#include <trunks/trunks_factory_impl.h>

	namespace tpm_softclear_utils {

	constexpr char kTpmLocalDataFile[] = "/var/lib/tpm_manager/local_tpm_data";
	constexpr char kDefaultLockoutPassword[] = "";

	// Length of the lockout password set when TPM ownership is being taken.
	constexpr size_t kLockoutPasswordSize = 20;

	// Utility class for soft-clearing TPM 2.0.
	class Tpm2Impl : public Tpm {
	public:
	Tpm2Impl() = default;
	~Tpm2Impl() override = default;

	// Initializes trunks factory. Returns if the initialization succeeded.
	bool Initialize() override;

	// Gets the lockout password from tpm_manager's DB and returns it. In case of
	// an error, returns an empty Optional object.
	//
	// Note: Initialize() should be called before calling this function.
	base::Optional<std::string> GetAuthForOwnerReset() override;

	// Clears the TPM ownership, including resetting the owner hierarchy and
	// endorsement hierarchy, using the lockout password in
	// \|auth_for_owner_reset\|.
	//
	// Note: Initialize() should be called before calling this function.
	//
	// Returns if the TPM is soft-cleared successfully.
	bool SoftClearOwner(const std::string& auth_for_owner_reset) override;

	// Overrides current trunks factory. This function should be called by tests
	// only.
	void set_trunks_factory(trunks::TrunksFactory* factory) {
	trunks_factory_ = factory;
	}

	protected:
	// Reads the contents of \|path\| and stores the contents in \|data\|. This
	// function can be overridden for testing purposes.
	//
	// TODO(garryxiao): move cryptohome::Platform to a common place, use Platform
	// to read file, and unit-test with its mock instead.
	virtual bool ReadFileToString(const base::FilePath& path, std::string* data) {
	return base::ReadFileToString(path, data);
	}

	private:
	trunks::TrunksFactoryImpl default_trunks_factory_;
	trunks::TrunksFactory* trunks_factory_ = nullptr;

	const base::FilePath local_data_path_{kTpmLocalDataFile};

	DISALLOW_COPY_AND_ASSIGN(Tpm2Impl);
	};

	} // namespace tpm_softclear_utils

	#endif // TPM_SOFTCLEAR_UTILS_TPM2_IMPL_H_