trunks/tpm_utility_impl.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright 2014 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef TRUNKS_TPM_UTILITY_IMPL_H_
 #define TRUNKS_TPM_UTILITY_IMPL_H_

 #include "trunks/tpm_utility.h"

 #include <string>

 #include <base/macros.h>
 #include <base/memory/scoped_ptr.h>
 #include <chromeos/chromeos_export.h>

 #include "trunks/null_authorization_delegate.h"

 namespace trunks {

 class AuthorizationDelegate;
 class AuthorizationSession;
 class TrunksFactory;

 // A default implementation of TpmUtility.
 class CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility {
  public:
   explicit TpmUtilityImpl(const TrunksFactory& factory);
   virtual ~TpmUtilityImpl();

   // TpmUtility methods.
   TPM_RC Startup() override;
   TPM_RC InitializeTpm() override;
   TPM_RC StirRandom(const std::string& entropy_data) override;
   TPM_RC GenerateRandom(int num_bytes,
                         std::string* random_data) override;
   TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override;
   TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
   TPM_RC TakeOwnership(const std::string& owner_password,
                        const std::string& endorsement_password,
                        const std::string& lockout_password) override;
   TPM_RC CreateStorageRootKeys(const std::string& owner_password) override;

  private:
   const TrunksFactory& factory_;
   scoped_ptr<AuthorizationSession> session_;

   // If session_ has not been initialized, creates an unbound and salted
   // authorization session with encryption enabled and assigns it to session_.
   // If session_ has already been initialized, this method has no effect. Call
   // this method successfully before accessing session_.
   TPM_RC InitializeSession();

   // Sets TPM |hierarchy| authorization to |password| using |authorization|.
   TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
                                    const std::string& password,
                                    AuthorizationDelegate* authorization);

   // Disables the TPM platform hierarchy until the next startup. This requires
   // platform |authorization|.
   TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);

   DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
 };

 }  // namespace trunks

 #endif  // TRUNKS_TPM_UTILITY_IMPL_H_
	// Copyright 2014 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef TRUNKS_TPM_UTILITY_IMPL_H_
	#define TRUNKS_TPM_UTILITY_IMPL_H_

	#include "trunks/tpm_utility.h"

	#include <string>

	#include <base/macros.h>
	#include <base/memory/scoped_ptr.h>
	#include <chromeos/chromeos_export.h>

	#include "trunks/null_authorization_delegate.h"

	namespace trunks {

	class AuthorizationDelegate;
	class AuthorizationSession;
	class TrunksFactory;

	// A default implementation of TpmUtility.
	class CHROMEOS_EXPORT TpmUtilityImpl : public TpmUtility {
	public:
	explicit TpmUtilityImpl(const TrunksFactory& factory);
	virtual ~TpmUtilityImpl();

	// TpmUtility methods.
	TPM_RC Startup() override;
	TPM_RC InitializeTpm() override;
	TPM_RC StirRandom(const std::string& entropy_data) override;
	TPM_RC GenerateRandom(int num_bytes,
	std::string* random_data) override;
	TPM_RC ExtendPCR(int pcr_index, const std::string& extend_data) override;
	TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override;
	TPM_RC TakeOwnership(const std::string& owner_password,
	const std::string& endorsement_password,
	const std::string& lockout_password) override;
	TPM_RC CreateStorageRootKeys(const std::string& owner_password) override;

	private:
	const TrunksFactory& factory_;
	scoped_ptr<AuthorizationSession> session_;

	// If session_ has not been initialized, creates an unbound and salted
	// authorization session with encryption enabled and assigns it to session_.
	// If session_ has already been initialized, this method has no effect. Call
	// this method successfully before accessing session_.
	TPM_RC InitializeSession();

	// Sets TPM \|hierarchy\| authorization to \|password\| using \|authorization\|.
	TPM_RC SetHierarchyAuthorization(TPMI_RH_HIERARCHY_AUTH hierarchy,
	const std::string& password,
	AuthorizationDelegate* authorization);

	// Disables the TPM platform hierarchy until the next startup. This requires
	// platform \|authorization\|.
	TPM_RC DisablePlatformHierarchy(AuthorizationDelegate* authorization);

	DISALLOW_COPY_AND_ASSIGN(TpmUtilityImpl);
	};

	} // namespace trunks

	#endif // TRUNKS_TPM_UTILITY_IMPL_H_