Google Git
Sign in
cos / mirrors / cros / chromiumos / platform2 / HEAD / . / tpm_manager / server / local_data_migration.h
blob: 10f9fe5b67281b57781ef35aceb393843e752509 [file] [log] [blame]
// Copyright 2019 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef TPM_MANAGER_SERVER_LOCAL_DATA_MIGRATION_H_
#define TPM_MANAGER_SERVER_LOCAL_DATA_MIGRATION_H_
#include <base/files/file_path.h>
#include <base/logging.h>
#include <brillo/secure_blob.h>
#include <libtpmcrypto/tpm.h>
#include <stdint.h>
#include <string>
#include <vector>
#include "tpm_manager/proto_bindings/tpm_manager.pb.h"
#include "tpm_manager/server/legacy_local_data.pb.h"
// This header defines the utilities to migrate the database from
// |cryptohome| to |tpm_manager|. In principle, the normal functions here don't
// handle the file access but only deal with the operations on in-memory
// protobuf messages, while the file I/O operations are included as member
// functions of |LocalDataMigrator|.
//
// Though the migration logic is TPM-version independent, it is meant to be
// used for TPM1.2 device.
//
// See b/131645437.
namespace tpm_manager {
// Unseals, parses, and then migrates delegate information from
// |sealed_database| and stores into |delegate|.
// Returns |true| iff the operation succeeds. Requires non-null |tpm| to unseal
// |sealed_database| and non-null |delegate| to store the output.
bool MigrateAuthDelegate(const brillo::SecureBlob& sealed_database,
tpmcrypto::Tpm* tpm,
AuthDelegate* delegate);
// Parses a |LegacyTpmStatus| from |serialized_tpm_status| and then stores owner
// password inside into |owner_password|. Returns |true| iff the operation
// succeeds. Requires non-null |owner_password| to store the output and non-null
// |tpm| to unseal the owner password.
bool UnsealOwnerPasswordFromSerializedTpmStatus(
const brillo::SecureBlob& serialized_tpm_status,
tpmcrypto::Tpm* tpm,
brillo::SecureBlob* owner_password);
// |LocalDataMigrator| performs the high-level operations with virtualized file
// operations.
class LocalDataMigrator {
public:
LocalDataMigrator() = default;
virtual ~LocalDataMigrator() = default;
// Reads the sealed database from |database_path| and migrates the auth
// delegate into |local_data|. It uses |tpm| to perform unsealing operation.
// Failure of reading content from |database_path| or any error during the
// migration casues it to return |false|. Performs no-ops and returns |true|
// if the database doesn't have the auth delegate, |database_path| doesn't
// exists, or |local_data| has the auth delegate already. Upon returning
// |true|, |has_migrated| indicates if the legacy data has been migrated to
// |local_data|.
bool MigrateAuthDelegateIfNeeded(const base::FilePath& database_path,
tpmcrypto::Tpm* tpm,
LocalData* local_data,
bool* has_migrated);
// Reads the tpm status from |tpm_status_path| and migrates the owner password
// into |local_data|. Failure of reading content from |tpm_status_path| or any
// error during the migration casues it to return |false|. Performs no-ops and
// returns |true| if the tpm status doesn't have the owner password,
// |tpm_status_path| doesn't exists, or |local_data| has owner password
// already. Upon returning |true|, |has_migrated| indicates if the legacy data
// has been migrated to |local_data|.
bool MigrateOwnerPasswordIfNeeded(const base::FilePath& tpm_status_path,
tpmcrypto::Tpm* tpm,
LocalData* local_data,
bool* has_migrated);
protected:
// The set of functions below performs file-related operations. They are
// protected so they can hide from users of this class, and virtualized so
// they are able to be overriden for testing purpose.
// Checks if the file at |path| exists.
virtual bool PathExists(const base::FilePath& path);
// Reads the file content from |path| and stores to |content|.
virtual bool ReadFileToString(const base::FilePath& path,
std::string* content);
};
} // namespace tpm_manager
#endif // TPM_MANAGER_SERVER_LOCAL_DATA_MIGRATION_H_