trunks: Added PolicySession and SessionManager
Added SessionManager class to keep track of TPM
AuthorizationSessions.
Made HmacSession and PolicySession depend on SessionManager.
Removed the AuthorizationSession class.
BUG=chromium:472846
TEST=unit and trunks_client --regression_test
Change-Id: I9b9c4b012cf33a6fbc50d6c12b0edece85033dfb
Reviewed-on: https://chromium-review.googlesource.com/265472
Tested-by: Utkarsh Sanghi <usanghi@chromium.org>
Reviewed-by: Darren Krahn <dkrahn@chromium.org>
Commit-Queue: Utkarsh Sanghi <usanghi@chromium.org>
diff --git a/trunks/hmac_authorization_delegate.h b/trunks/hmac_authorization_delegate.h
index c06f022..a843366 100644
--- a/trunks/hmac_authorization_delegate.h
+++ b/trunks/hmac_authorization_delegate.h
@@ -21,32 +21,31 @@
const size_t kAesKeySize = 16; // 128 bits is minimum AES key size.
const size_t kHashDigestSize = 32; // 256 bits is SHA256 digest size.
-/* HmacAuthorizationDelegate is an implementation of the AuthorizationDelegate
- * interface. It provides the necessary Auth data for HMAC sessions.
- * This delegate also does parameter encryption on sessions that support it.
- *
- * Usage:
- * 1) After running the StartAuthSession command on the TPM2.0, we declare this
- * delegate using the constructor. We can specify if we want parameter
- * obfuscation enabled or not.
- * 2) We initialize the session using |InitSession|. We feed in the handle and
- * tpm_nonce returned by StartAuthSession. Additionally we inject the
- * caller_nonce, salt and auth_value of the bound entity we fed into
- * StartAuthSession.
- * 3) Pass a pointer to this delegate to any TPM command that needs
- * authorization using this delegate.
- *
- * Sample control flow:
- * TrunksProxy proxy;
- * proxy.Init();
- * Tpm tpm(&proxy);
- * tpm.StartAuthSession(...);
- * HmacAuthorizationDelegate hmac();
- * hmac.InitSession(...);
- * tpm.Create(..., &hmac);
- * hmac.set_entity_auth_value(...);
- * tpm.Load(..., &hmac);
- */
+// HmacAuthorizationDelegate is an implementation of the AuthorizationDelegate
+// interface. It provides the necessary Auth data for HMAC sessions.
+// This delegate also does parameter encryption on sessions that support it.
+
+// Usage:
+// 1) After running the StartAuthSession command on the TPM2.0, we declare this
+// delegate using the constructor. We can specify if we want parameter
+// obfuscation enabled or not.
+// 2) We initialize the session using |InitSession|. We feed in the handle and
+// tpm_nonce returned by StartAuthSession. Additionally we inject the
+// caller_nonce, salt and auth_value of the bound entity we fed into
+// StartAuthSession.
+// 3) Pass a pointer to this delegate to any TPM command that needs
+// authorization using this delegate.
+
+// Sample control flow:
+// TrunksProxy proxy;
+// proxy.Init();
+// Tpm tpm(&proxy);
+// tpm.StartAuthSession(...);
+// HmacAuthorizationDelegate hmac();
+// hmac.InitSession(...);
+// tpm.Create(..., &hmac);
+// hmac.set_entity_auth_value(...);
+// tpm.Load(..., &hmac);
class TRUNKS_EXPORT HmacAuthorizationDelegate: public AuthorizationDelegate {
public:
HmacAuthorizationDelegate();
diff --git a/trunks/hmac_authorization_session.h b/trunks/hmac_authorization_session.h
deleted file mode 100644
index dcccc44..0000000
--- a/trunks/hmac_authorization_session.h
+++ /dev/null
@@ -1,84 +0,0 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#ifndef TRUNKS_HMAC_AUTHORIZATION_SESSION_H_
-#define TRUNKS_HMAC_AUTHORIZATION_SESSION_H_
-
-#include "trunks/authorization_session.h"
-
-#include <string>
-
-#include <base/macros.h>
-
-#include "trunks/hmac_authorization_delegate.h"
-#include "trunks/password_authorization_delegate.h"
-#include "trunks/trunks_export.h"
-#include "trunks/trunks_factory.h"
-
-namespace trunks {
-
-/*
- * This class implements the AuthorizationSession interface. It is used for
- * keeping track of the HmacAuthorizationDelegate used for commands, and to
- * provide authorization for commands that need it. It is instantiated by
- * TpmUtilityImpl. If we need to use this class outside of TpmUtility, we
- * can use it as below:
- * TrunksFactoryImpl factory;
- * HmacAuthorizationSession session(factory);
- * session.StartBoundSession(bind_entity, bind_authorization, true);
- * session.SetEntityAuthorizationValue(entity_authorization);
- * factory.GetTpm()->RSA_EncrpytSync(_,_,_,_, session.GetDelegate());
- *
- * NOTE: StartBoundSession/StartUnboundSession should not be called before
- * TPM Ownership is taken. This is because starting a session uses the
- * SaltingKey, which is only created after ownership is taken.
- */
-class TRUNKS_EXPORT HmacAuthorizationSession: public AuthorizationSession {
- public:
- // The constructor for HmacAuthroizationSession needs a factory. In
- // producation code, this factory is used to access the TPM class to forward
- // commands to the TPM. In test code, this is used to mock out the TPM calls.
- explicit HmacAuthorizationSession(const TrunksFactory& factory);
- ~HmacAuthorizationSession() override;
-
- // AuthorizationSession methods.
- AuthorizationDelegate* GetDelegate() override;
- TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
- const std::string& bind_authorization_value,
- bool enable_encryption) override;
- TPM_RC StartUnboundSession(bool enable_encryption) override;
- void SetEntityAuthorizationValue(const std::string& value) override;
- void SetFutureAuthorizationValue(const std::string& value) override;
-
- private:
- // This function is used to encrypt a plaintext salt |salt|, using RSA
- // public encrypt with the SaltingKey PKCS1_OAEP padding. It follows the
- // specification defined in TPM2.0 Part 1 Architecture, Appendix B.10.2.
- // The encrypted salt is stored in the out parameter |encrypted_salt|.
- TPM_RC EncryptSalt(const std::string& salt, std::string* encrypted_salt);
-
- // This method tries to flush all TPM context associated with the current
- // AuthorizationSession.
- void CloseSession();
-
- // This factory is only set in the constructor and is used to instantiate
- // The TPM class to forward commands to the TPM chip.
- const TrunksFactory& factory_;
- // This delegate is what provides authorization to commands. It is what is
- // returned when the GetDelegate method is called.
- HmacAuthorizationDelegate hmac_delegate_;
- // This handle keeps track of the TPM session. It is issued by the TPM,
- // and is only modified when a new TPM session is started using
- // StartBoundSession or StartUnboundSession. We use this to keep track of
- // the session handle, so that we can clean it up when this class is
- // destroyed.
- TPM_HANDLE hmac_handle_;
-
- friend class HmacAuthorizationSessionTest;
- DISALLOW_COPY_AND_ASSIGN(HmacAuthorizationSession);
-};
-
-} // namespace trunks
-
-#endif // TRUNKS_HMAC_AUTHORIZATION_SESSION_H_
diff --git a/trunks/hmac_authorization_session_test.cc b/trunks/hmac_authorization_session_test.cc
deleted file mode 100644
index 51a56b6..0000000
--- a/trunks/hmac_authorization_session_test.cc
+++ /dev/null
@@ -1,162 +0,0 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "trunks/hmac_authorization_session.h"
-
-#include <vector>
-
-#include <base/logging.h>
-#include <base/strings/string_number_conversions.h>
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-
-#include "trunks/mock_tpm.h"
-#include "trunks/tpm_generated.h"
-#include "trunks/tpm_utility.h"
-#include "trunks/trunks_factory_for_test.h"
-
-using testing::_;
-using testing::DoAll;
-using testing::NiceMock;
-using testing::Return;
-using testing::SaveArg;
-using testing::SetArgPointee;
-
-namespace trunks {
-
-class HmacAuthorizationSessionTest : public testing::Test {
- public:
- HmacAuthorizationSessionTest() : session_(factory_) {}
- ~HmacAuthorizationSessionTest() override {}
-
- void SetUp() override {
- factory_.set_tpm(&mock_tpm_);
- }
-
- HmacAuthorizationDelegate* GetHmacDelegate(
- HmacAuthorizationSession* session) {
- return &(session->hmac_delegate_);
- }
-
- TPM2B_PUBLIC_KEY_RSA GetValidRSAPublicKey() {
- const char kValidModulus[] =
- "A1D50D088994000492B5F3ED8A9C5FC8772706219F4C063B2F6A8C6B74D3AD6B"
- "212A53D01DABB34A6261288540D420D3BA59ED279D859DE6227A7AB6BD88FADD"
- "FC3078D465F4DF97E03A52A587BD0165AE3B180FE7B255B7BEDC1BE81CB1383F"
- "E9E46F9312B1EF28F4025E7D332E33F4416525FEB8F0FC7B815E8FBB79CDABE6"
- "327B5A155FEF13F559A7086CB8A543D72AD6ECAEE2E704FF28824149D7F4E393"
- "D3C74E721ACA97F7ADBE2CCF7B4BCC165F7380F48065F2C8370F25F066091259"
- "D14EA362BAF236E3CD8771A94BDEDA3900577143A238AB92B6C55F11DEFAFB31"
- "7D1DC5B6AE210C52B008D87F2A7BFF6EB5C4FB32D6ECEC6505796173951A3167";
- std::vector<uint8> bytes;
- CHECK(base::HexStringToBytes(kValidModulus, &bytes));
- CHECK_EQ(bytes.size(), 256u);
- TPM2B_PUBLIC_KEY_RSA rsa;
- rsa.size = bytes.size();
- memcpy(rsa.buffer, bytes.data(), bytes.size());
- return rsa;
- }
-
- protected:
- TrunksFactoryForTest factory_;
- NiceMock<MockTpm> mock_tpm_;
- HmacAuthorizationSession session_;
-};
-
-TEST_F(HmacAuthorizationSessionTest, StartUnboundSuccess) {
- TPM2B_PUBLIC public_data;
- public_data.public_area.unique.rsa = GetValidRSAPublicKey();
- EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
- .WillOnce(DoAll(SetArgPointee<2>(public_data),
- Return(TPM_RC_SUCCESS)));
- TPM_HANDLE session_handle = TPM_RH_NULL;
- TPM2B_NONCE nonce;
- nonce.size = 20;
- EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_,
- TPM_RH_NULL,
- _, _, _, _, _, _, _, _))
- .WillOnce(DoAll(SetArgPointee<7>(session_handle),
- SetArgPointee<8>(nonce),
- Return(TPM_RC_SUCCESS)));
- EXPECT_EQ(TPM_RC_SUCCESS, session_.StartUnboundSession(false));
- EXPECT_EQ(session_handle, GetHmacDelegate(&session_)->session_handle());
- EXPECT_CALL(mock_tpm_, FlushContextSync(session_handle, _))
- .WillOnce(Return(TPM_RC_SUCCESS));
-}
-
-TEST_F(HmacAuthorizationSessionTest, StartUnboundWithBadSaltingKey) {
- TPM2B_PUBLIC public_data;
- public_data.public_area.unique.rsa.size = 32;
- EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
- .WillOnce(DoAll(SetArgPointee<2>(public_data),
- Return(TPM_RC_SUCCESS)));
- EXPECT_EQ(TPM_RC_FAILURE, session_.StartUnboundSession(false));
-}
-
-TEST_F(HmacAuthorizationSessionTest, StartUnboundFail) {
- TPM2B_PUBLIC public_data;
- public_data.public_area.unique.rsa = GetValidRSAPublicKey();
- EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
- .WillOnce(DoAll(SetArgPointee<2>(public_data),
- Return(TPM_RC_SUCCESS)));
- EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_,
- TPM_RH_NULL,
- _, _, _, _, _, _, _, _))
- .WillOnce(Return(TPM_RC_FAILURE));
- EXPECT_EQ(TPM_RC_FAILURE, session_.StartUnboundSession(false));
-}
-
-TEST_F(HmacAuthorizationSessionTest, StartUnboundWithBadNonce) {
- TPM2B_PUBLIC public_data;
- public_data.public_area.unique.rsa = GetValidRSAPublicKey();
- EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
- .WillOnce(DoAll(SetArgPointee<2>(public_data),
- Return(TPM_RC_SUCCESS)));
- TPM2B_NONCE nonce;
- nonce.size = 0;
- EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_,
- TPM_RH_NULL,
- _, _, _, _, _, _, _, _))
- .WillOnce(DoAll(SetArgPointee<8>(nonce),
- Return(TPM_RC_SUCCESS)));
- EXPECT_EQ(TPM_RC_FAILURE, session_.StartUnboundSession(false));
-}
-
-TEST_F(HmacAuthorizationSessionTest, StartBoundSuccess) {
- TPM2B_PUBLIC public_data;
- public_data.public_area.unique.rsa = GetValidRSAPublicKey();
- EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
- .WillOnce(DoAll(SetArgPointee<2>(public_data),
- Return(TPM_RC_SUCCESS)));
- TPM_HANDLE session_handle = TPM_RH_NULL;
- TPM_HANDLE bind_handle = TPM_RH_FIRST;
- TPM2B_NONCE nonce;
- nonce.size = 20;
- EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_,
- bind_handle,
- _, _, _, _, _, _, _, _))
- .WillOnce(DoAll(SetArgPointee<7>(session_handle),
- SetArgPointee<8>(nonce),
- Return(TPM_RC_SUCCESS)));
- EXPECT_EQ(TPM_RC_SUCCESS, session_.StartBoundSession(bind_handle, "", false));
- EXPECT_EQ(session_handle, GetHmacDelegate(&session_)->session_handle());
-}
-
-TEST_F(HmacAuthorizationSessionTest, EntityAuthorizationForwardingTest) {
- std::string test_auth("test_auth");
- session_.SetEntityAuthorizationValue(test_auth);
- HmacAuthorizationDelegate* hmac_delegate = GetHmacDelegate(&session_);
- std::string entity_auth = hmac_delegate->entity_auth_value();
- EXPECT_EQ(0, test_auth.compare(entity_auth));
-}
-
-TEST_F(HmacAuthorizationSessionTest, FutureAuthorizationForwardingTest) {
- std::string test_auth("test_auth");
- session_.SetFutureAuthorizationValue(test_auth);
- HmacAuthorizationDelegate* hmac_delegate = GetHmacDelegate(&session_);
- std::string entity_auth = hmac_delegate->future_authorization_value();
- EXPECT_EQ(0, test_auth.compare(entity_auth));
-}
-
-} // namespace trunks
diff --git a/trunks/authorization_session.h b/trunks/hmac_session.h
similarity index 79%
rename from trunks/authorization_session.h
rename to trunks/hmac_session.h
index 2c29dda..c55583c 100644
--- a/trunks/authorization_session.h
+++ b/trunks/hmac_session.h
@@ -1,9 +1,9 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#ifndef TRUNKS_AUTHORIZATION_SESSION_H_
-#define TRUNKS_AUTHORIZATION_SESSION_H_
+#ifndef TRUNKS_HMAC_SESSION_H_
+#define TRUNKS_HMAC_SESSION_H_
#include <string>
@@ -15,12 +15,12 @@
class AuthorizationDelegate;
-// AuthorizationSession is an interface for managing sessions for authorization
-// and parameter encryption.
-class AuthorizationSession {
+// HmacSession is an interface for managing hmac backed sessions for
+// authorization and parameter encryption.
+class HmacSession {
public:
- AuthorizationSession() {}
- virtual ~AuthorizationSession() {}
+ HmacSession() {}
+ virtual ~HmacSession() {}
// Returns an authorization delegate for this session. Ownership of the
// delegate pointer is retained by the session.
@@ -51,9 +51,9 @@
virtual void SetFutureAuthorizationValue(const std::string& value) = 0;
private:
- DISALLOW_COPY_AND_ASSIGN(AuthorizationSession);
+ DISALLOW_COPY_AND_ASSIGN(HmacSession);
};
} // namespace trunks
-#endif // TRUNKS_AUTHORIZATION_SESSION_H_
+#endif // TRUNKS_HMAC_SESSION_H_
diff --git a/trunks/hmac_session_impl.cc b/trunks/hmac_session_impl.cc
new file mode 100644
index 0000000..ce43b2b
--- /dev/null
+++ b/trunks/hmac_session_impl.cc
@@ -0,0 +1,59 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/hmac_session_impl.h"
+
+#include <string>
+
+#include <base/logging.h>
+#include <base/macros.h>
+#include <base/stl_util.h>
+#include <openssl/rand.h>
+
+namespace trunks {
+
+HmacSessionImpl::HmacSessionImpl(const TrunksFactory& factory)
+ : factory_(factory) {
+ session_manager_ = factory_.GetSessionManager();
+}
+
+HmacSessionImpl::~HmacSessionImpl() {
+ session_manager_->CloseSession();
+}
+
+AuthorizationDelegate* HmacSessionImpl::GetDelegate() {
+ if (session_manager_->GetSessionHandle() == kUninitializedHandle) {
+ return NULL;
+ }
+ return &hmac_delegate_;
+}
+
+TPM_RC HmacSessionImpl::StartBoundSession(
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) {
+ return session_manager_->StartSession(TPM_SE_HMAC, bind_entity,
+ bind_authorization_value,
+ enable_encryption, &hmac_delegate_);
+}
+
+TPM_RC HmacSessionImpl::StartUnboundSession(bool enable_encryption) {
+ // Starting an unbound session is the same as starting a session bound to
+ // TPM_RH_NULL. In this case, the authorization is the zero length buffer.
+ // We can therefore simply call StartBoundSession with TPM_RH_NULL as the
+ // binding entity, and the empty string as the authorization.
+ return StartBoundSession(TPM_RH_NULL, "", enable_encryption);
+}
+
+void HmacSessionImpl::SetEntityAuthorizationValue(
+ const std::string& value) {
+ hmac_delegate_.set_entity_auth_value(value);
+}
+
+void HmacSessionImpl::SetFutureAuthorizationValue(
+ const std::string& value) {
+ hmac_delegate_.set_future_authorization_value(value);
+}
+
+} // namespace trunks
diff --git a/trunks/hmac_session_impl.h b/trunks/hmac_session_impl.h
new file mode 100644
index 0000000..b995aab
--- /dev/null
+++ b/trunks/hmac_session_impl.h
@@ -0,0 +1,69 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_HMAC_SESSION_IMPL_H_
+#define TRUNKS_HMAC_SESSION_IMPL_H_
+
+#include "trunks/hmac_session.h"
+
+#include <string>
+
+#include <base/macros.h>
+
+#include "trunks/hmac_authorization_delegate.h"
+#include "trunks/session_manager.h"
+#include "trunks/trunks_export.h"
+#include "trunks/trunks_factory.h"
+
+namespace trunks {
+
+
+// This class implements the HmacSession interface. It is used for
+// keeping track of the HmacAuthorizationDelegate used for commands, and to
+// provide authorization for commands that need it. It is instantiated by
+// TpmUtilityImpl. If we need to use this class outside of TpmUtility, we
+// can use it as below:
+// TrunksFactoryImpl factory;
+// HmacSessionImpl session(factory);
+// session.StartBoundSession(bind_entity, bind_authorization, true);
+// session.SetEntityAuthorizationValue(entity_authorization);
+// factory.GetTpm()->RSA_EncrpytSync(_,_,_,_, session.GetDelegate());
+// NOTE: StartBoundSession/StartUnboundSession should not be called before
+// TPM Ownership is taken. This is because starting a session uses the
+// SaltingKey, which is only created after ownership is taken.
+class TRUNKS_EXPORT HmacSessionImpl: public HmacSession {
+ public:
+ // The constructor for HmacAuthroizationSession needs a factory. In
+ // producation code, this factory is used to access the TPM class to forward
+ // commands to the TPM. In test code, this is used to mock out the TPM calls.
+ explicit HmacSessionImpl(const TrunksFactory& factory);
+ ~HmacSessionImpl() override;
+
+ // HmacSession methods.
+ AuthorizationDelegate* GetDelegate() override;
+ TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) override;
+ TPM_RC StartUnboundSession(bool enable_encryption) override;
+ void SetEntityAuthorizationValue(const std::string& value) override;
+ void SetFutureAuthorizationValue(const std::string& value) override;
+
+ private:
+ // This factory is only set in the constructor and is used to instantiate
+ // The TPM class to forward commands to the TPM chip.
+ const TrunksFactory& factory_;
+ // This delegate is what provides authorization to commands. It is what is
+ // returned when the GetDelegate method is called.
+ HmacAuthorizationDelegate hmac_delegate_;
+ // This object is used to manage the TPM session associated with this
+ // HmacSession.
+ scoped_ptr<SessionManager> session_manager_;
+
+ friend class HmacSessionTest;
+ DISALLOW_COPY_AND_ASSIGN(HmacSessionImpl);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_HMAC_SESSION_IMPL_H_
diff --git a/trunks/hmac_session_test.cc b/trunks/hmac_session_test.cc
new file mode 100644
index 0000000..1b7ce25
--- /dev/null
+++ b/trunks/hmac_session_test.cc
@@ -0,0 +1,95 @@
+// Copyright 2014 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/hmac_session_impl.h"
+
+#include <base/logging.h>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "trunks/mock_session_manager.h"
+#include "trunks/mock_tpm.h"
+#include "trunks/tpm_generated.h"
+#include "trunks/trunks_factory_for_test.h"
+
+using testing::_;
+using testing::DoAll;
+using testing::NiceMock;
+using testing::Return;
+using testing::SaveArg;
+using testing::SetArgPointee;
+
+namespace trunks {
+
+class HmacSessionTest : public testing::Test {
+ public:
+ HmacSessionTest() {}
+ ~HmacSessionTest() override {}
+
+ void SetUp() override {
+ factory_.set_tpm(&mock_tpm_);
+ factory_.set_session_manager(&mock_session_manager_);
+ }
+
+ HmacAuthorizationDelegate* GetHmacDelegate(HmacSessionImpl* session) {
+ return &(session->hmac_delegate_);
+ }
+
+ protected:
+ TrunksFactoryForTest factory_;
+ NiceMock<MockTpm> mock_tpm_;
+ NiceMock<MockSessionManager> mock_session_manager_;
+};
+
+TEST_F(HmacSessionTest, GetDelegateUninitialized) {
+ HmacSessionImpl session(factory_);
+ EXPECT_CALL(mock_session_manager_, GetSessionHandle())
+ .WillRepeatedly(Return(kUninitializedHandle));
+ EXPECT_EQ(NULL, session.GetDelegate());
+}
+
+TEST_F(HmacSessionTest, GetDelegateSuccess) {
+ HmacSessionImpl session(factory_);
+ EXPECT_CALL(mock_session_manager_, GetSessionHandle())
+ .WillRepeatedly(Return(TPM_RH_FIRST));
+ EXPECT_EQ(GetHmacDelegate(&session), session.GetDelegate());
+}
+
+TEST_F(HmacSessionTest, StartBoundSessionSuccess) {
+ HmacSessionImpl session(factory_);
+ TPM_HANDLE bind_entity = TPM_RH_FIRST;
+ EXPECT_CALL(mock_session_manager_, StartSession(TPM_SE_HMAC, bind_entity,
+ _, true, _))
+ .WillOnce(Return(TPM_RC_SUCCESS));
+ EXPECT_EQ(TPM_RC_SUCCESS, session.StartBoundSession(bind_entity, "", true));
+}
+
+TEST_F(HmacSessionTest, StartBoundSessionFailure) {
+ HmacSessionImpl session(factory_);
+ TPM_HANDLE bind_entity = TPM_RH_FIRST;
+ EXPECT_CALL(mock_session_manager_, StartSession(TPM_SE_HMAC, bind_entity,
+ _, true, _))
+ .WillOnce(Return(TPM_RC_FAILURE));
+ EXPECT_EQ(TPM_RC_FAILURE, session.StartBoundSession(bind_entity, "", true));
+}
+
+TEST_F(HmacSessionTest, EntityAuthorizationForwardingTest) {
+ HmacSessionImpl session(factory_);
+ std::string test_auth("test_auth");
+ session.SetEntityAuthorizationValue(test_auth);
+ HmacAuthorizationDelegate* hmac_delegate = GetHmacDelegate(&session);
+ std::string entity_auth = hmac_delegate->entity_auth_value();
+ EXPECT_EQ(0, test_auth.compare(entity_auth));
+}
+
+TEST_F(HmacSessionTest, FutureAuthorizationForwardingTest) {
+ HmacSessionImpl session(factory_);
+ std::string test_auth("test_auth");
+ session.SetFutureAuthorizationValue(test_auth);
+ HmacAuthorizationDelegate* hmac_delegate = GetHmacDelegate(&session);
+ std::string entity_auth = hmac_delegate->future_authorization_value();
+ EXPECT_EQ(0, test_auth.compare(entity_auth));
+}
+
+} // namespace trunks
diff --git a/trunks/mock_authorization_session.cc b/trunks/mock_authorization_session.cc
deleted file mode 100644
index e9f2469..0000000
--- a/trunks/mock_authorization_session.cc
+++ /dev/null
@@ -1,12 +0,0 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "trunks/mock_authorization_session.h"
-
-namespace trunks {
-
-MockAuthorizationSession::MockAuthorizationSession() {}
-MockAuthorizationSession::~MockAuthorizationSession() {}
-
-} // namespace trunks
diff --git a/trunks/mock_hmac_session.cc b/trunks/mock_hmac_session.cc
new file mode 100644
index 0000000..66667fb
--- /dev/null
+++ b/trunks/mock_hmac_session.cc
@@ -0,0 +1,12 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/mock_hmac_session.h"
+
+namespace trunks {
+
+MockHmacSession::MockHmacSession() {}
+MockHmacSession::~MockHmacSession() {}
+
+} // namespace trunks
diff --git a/trunks/mock_authorization_session.h b/trunks/mock_hmac_session.h
similarity index 60%
rename from trunks/mock_authorization_session.h
rename to trunks/mock_hmac_session.h
index 65e30ec..b60bf53 100644
--- a/trunks/mock_authorization_session.h
+++ b/trunks/mock_hmac_session.h
@@ -1,11 +1,11 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#ifndef TRUNKS_MOCK_AUTHORIZATION_SESSION_H_
-#define TRUNKS_MOCK_AUTHORIZATION_SESSION_H_
+#ifndef TRUNKS_MOCK_HMAC_SESSION_H_
+#define TRUNKS_MOCK_HMAC_SESSION_H_
-#include "trunks/authorization_session.h"
+#include "trunks/hmac_session.h"
#include <string>
@@ -13,10 +13,10 @@
namespace trunks {
-class MockAuthorizationSession : public AuthorizationSession {
+class MockHmacSession : public HmacSession {
public:
- MockAuthorizationSession();
- ~MockAuthorizationSession() override;
+ MockHmacSession();
+ ~MockHmacSession() override;
MOCK_METHOD0(GetDelegate, AuthorizationDelegate*());
MOCK_METHOD3(StartBoundSession, TPM_RC(
@@ -28,9 +28,9 @@
MOCK_METHOD1(SetFutureAuthorizationValue, void(const std::string& value));
private:
- DISALLOW_COPY_AND_ASSIGN(MockAuthorizationSession);
+ DISALLOW_COPY_AND_ASSIGN(MockHmacSession);
};
} // namespace trunks
-#endif // TRUNKS_MOCK_AUTHORIZATION_SESSION_H_
+#endif // TRUNKS_MOCK_HMAC_SESSION_H_
diff --git a/trunks/mock_policy_session.cc b/trunks/mock_policy_session.cc
new file mode 100644
index 0000000..439247d
--- /dev/null
+++ b/trunks/mock_policy_session.cc
@@ -0,0 +1,12 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/mock_policy_session.h"
+
+namespace trunks {
+
+MockPolicySession::MockPolicySession() {}
+MockPolicySession::~MockPolicySession() {}
+
+} // namespace trunks
diff --git a/trunks/mock_policy_session.h b/trunks/mock_policy_session.h
new file mode 100644
index 0000000..f87e743
--- /dev/null
+++ b/trunks/mock_policy_session.h
@@ -0,0 +1,34 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_MOCK_POLICY_SESSION_H_
+#define TRUNKS_MOCK_POLICY_SESSION_H_
+
+#include "trunks/policy_session.h"
+
+#include <string>
+
+#include <gmock/gmock.h>
+
+namespace trunks {
+
+class MockPolicySession : public PolicySession {
+ public:
+ MockPolicySession();
+ ~MockPolicySession() override;
+
+ MOCK_METHOD0(GetDelegate, AuthorizationDelegate*());
+ MOCK_METHOD3(StartBoundSession, TPM_RC(
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption));
+ MOCK_METHOD1(StartUnboundSession, TPM_RC(bool enable_encryption));
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(MockPolicySession);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_MOCK_POLICY_SESSION_H_
diff --git a/trunks/mock_session_manager.cc b/trunks/mock_session_manager.cc
new file mode 100644
index 0000000..b36ff99
--- /dev/null
+++ b/trunks/mock_session_manager.cc
@@ -0,0 +1,12 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/mock_session_manager.h"
+
+namespace trunks {
+
+MockSessionManager::MockSessionManager() {}
+MockSessionManager::~MockSessionManager() {}
+
+} // namespace trunks
diff --git a/trunks/mock_session_manager.h b/trunks/mock_session_manager.h
new file mode 100644
index 0000000..ab04461
--- /dev/null
+++ b/trunks/mock_session_manager.h
@@ -0,0 +1,35 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_MOCK_SESSION_MANAGER_H_
+#define TRUNKS_MOCK_SESSION_MANAGER_H_
+
+#include "trunks/session_manager.h"
+
+#include <string>
+
+#include <gmock/gmock.h>
+
+namespace trunks {
+
+class MockSessionManager : public SessionManager {
+ public:
+ MockSessionManager();
+ ~MockSessionManager() override;
+
+ MOCK_CONST_METHOD0(GetSessionHandle, TPM_HANDLE());
+ MOCK_METHOD0(CloseSession, void());
+ MOCK_METHOD5(StartSession, TPM_RC(TPM_SE,
+ TPMI_DH_ENTITY,
+ const std::string&,
+ bool,
+ HmacAuthorizationDelegate*));
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(MockSessionManager);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_MOCK_SESSION_MANAGER_H_
diff --git a/trunks/policy_session.h b/trunks/policy_session.h
new file mode 100644
index 0000000..bd50c8d
--- /dev/null
+++ b/trunks/policy_session.h
@@ -0,0 +1,49 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_POLICY_SESSION_H_
+#define TRUNKS_POLICY_SESSION_H_
+
+#include <string>
+
+#include <base/macros.h>
+
+#include "trunks/tpm_generated.h"
+
+namespace trunks {
+
+class AuthorizationDelegate;
+
+// PolicySession is an interface for managing policy backed sessions for
+// authorization and parameter encryption.
+class PolicySession {
+ public:
+ PolicySession() {}
+ virtual ~PolicySession() {}
+
+ // Returns an authorization delegate for this session. Ownership of the
+ // delegate pointer is retained by the session.
+ virtual AuthorizationDelegate* GetDelegate() = 0;
+
+ // Starts a salted session which is bound to |bind_entity| with
+ // |bind_authorization_value|. Encryption is enabled if |enable_encryption| is
+ // true. The session remains active until this object is destroyed or another
+ // session is started with a call to Start*Session.
+ virtual TPM_RC StartBoundSession(
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) = 0;
+
+ // Starts a salted, unbound session. Encryption is enabled if
+ // |enable_encryption| is true. The session remains active until this object
+ // is destroyed or another session is started with a call to Start*Session.
+ virtual TPM_RC StartUnboundSession(bool enable_encryption) = 0;
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(PolicySession);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_POLICY_SESSION_H_
diff --git a/trunks/policy_session_impl.cc b/trunks/policy_session_impl.cc
new file mode 100644
index 0000000..4176b5f
--- /dev/null
+++ b/trunks/policy_session_impl.cc
@@ -0,0 +1,51 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/policy_session_impl.h"
+
+#include <string>
+
+#include <base/logging.h>
+#include <base/macros.h>
+#include <base/stl_util.h>
+#include <openssl/rand.h>
+
+
+#include "trunks/tpm_generated.h"
+
+namespace trunks {
+
+PolicySessionImpl::PolicySessionImpl(const TrunksFactory& factory)
+ : factory_(factory) {
+ session_manager_ = factory_.GetSessionManager();
+}
+
+PolicySessionImpl::~PolicySessionImpl() {
+ session_manager_->CloseSession();
+}
+
+AuthorizationDelegate* PolicySessionImpl::GetDelegate() {
+ if (session_manager_->GetSessionHandle() == kUninitializedHandle) {
+ return NULL;
+ }
+ return &hmac_delegate_;
+}
+
+TPM_RC PolicySessionImpl::StartBoundSession(
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) {
+ return session_manager_->StartSession(TPM_SE_POLICY, bind_entity,
+ bind_authorization_value,
+ enable_encryption, &hmac_delegate_);
+}
+
+TPM_RC PolicySessionImpl::StartUnboundSession(
+ bool enable_encryption) {
+ // Just like a HmacAuthorizationSession, an unbound policy session is just
+ // a session bound to TPM_RH_NULL.
+ return StartBoundSession(TPM_RH_NULL, "", enable_encryption);
+}
+
+} // namespace trunks
diff --git a/trunks/policy_session_impl.h b/trunks/policy_session_impl.h
new file mode 100644
index 0000000..200b433
--- /dev/null
+++ b/trunks/policy_session_impl.h
@@ -0,0 +1,59 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_POLICY_SESSION_IMPL_H_
+#define TRUNKS_POLICY_SESSION_IMPL_H_
+
+#include "trunks/policy_session.h"
+
+#include <string>
+
+#include "trunks/hmac_authorization_delegate.h"
+#include "trunks/session_manager.h"
+#include "trunks/trunks_factory.h"
+
+namespace trunks {
+
+// This class implements the PolicySession interface. It is used for
+// keeping track of the HmacAuthorizationDelegate used for commands, and to
+// provide authorization for commands that need it. It can also be used to
+// create custom policies to restrict the usage of keys.
+// TrunksFactoryImpl factory;
+// PolicySessionImpl session(factory);
+// session.StartBoundSession(bind_entity, bind_authorization, true);
+// session.PolicyPCR(pcr_index, pcr_value);
+// factory.GetTpm()->RSA_EncrpytSync(_,_,_,_, session.GetDelegate());
+// NOTE: StartBoundSession/StartUnboundSession should not be called before
+// TPM Ownership is taken. This is because starting a session uses the
+// SaltingKey, which is only created after ownership is taken.
+class TRUNKS_EXPORT PolicySessionImpl: public PolicySession {
+ public:
+ explicit PolicySessionImpl(const TrunksFactory& factory);
+ ~PolicySessionImpl() override;
+
+ // PolicySession methods
+ AuthorizationDelegate* GetDelegate() override;
+ TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) override;
+ TPM_RC StartUnboundSession(bool enable_encryption) override;
+
+ private:
+ // This factory is only set in the constructor and is used to instantiate
+ // The TPM class to forward commands to the TPM chip.
+ const TrunksFactory& factory_;
+ // This delegate is what provides authorization to commands. It is what is
+ // returned when the GetDelegate method is called.
+ HmacAuthorizationDelegate hmac_delegate_;
+ // This object is used to manage the TPM session associated with this
+ // AuthorizationSession.
+ scoped_ptr<SessionManager> session_manager_;
+
+ friend class PolicySessionTest;
+ DISALLOW_COPY_AND_ASSIGN(PolicySessionImpl);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_POLICY_SESSION_IMPL_H_
diff --git a/trunks/policy_session_test.cc b/trunks/policy_session_test.cc
new file mode 100644
index 0000000..a599454
--- /dev/null
+++ b/trunks/policy_session_test.cc
@@ -0,0 +1,82 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/policy_session_impl.h"
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "trunks/mock_session_manager.h"
+#include "trunks/mock_tpm.h"
+#include "trunks/trunks_factory_for_test.h"
+
+using testing::_;
+using testing::NiceMock;
+using testing::Return;
+
+namespace trunks {
+
+class PolicySessionTest : public testing::Test {
+ public:
+ PolicySessionTest() {}
+ ~PolicySessionTest() override {}
+
+ void SetUp() override {
+ factory_.set_session_manager(&mock_session_manager_);
+ factory_.set_tpm(&mock_tpm_);
+ }
+
+ HmacAuthorizationDelegate* GetHmacDelegate(PolicySessionImpl* session) {
+ return &(session->hmac_delegate_);
+ }
+
+ protected:
+ TrunksFactoryForTest factory_;
+ NiceMock<MockSessionManager> mock_session_manager_;
+ NiceMock<MockTpm> mock_tpm_;
+};
+
+TEST_F(PolicySessionTest, GetDelegateUninitialized) {
+ PolicySessionImpl session(factory_);
+ EXPECT_CALL(mock_session_manager_, GetSessionHandle())
+ .WillRepeatedly(Return(kUninitializedHandle));
+ EXPECT_EQ(NULL, session.GetDelegate());
+}
+
+TEST_F(PolicySessionTest, GetDelegateSuccess) {
+ PolicySessionImpl session(factory_);
+ EXPECT_CALL(mock_session_manager_, GetSessionHandle())
+ .WillRepeatedly(Return(TPM_RH_FIRST));
+ EXPECT_EQ(GetHmacDelegate(&session), session.GetDelegate());
+}
+
+TEST_F(PolicySessionTest, StartBoundSessionSuccess) {
+ PolicySessionImpl session(factory_);
+ EXPECT_EQ(TPM_RC_SUCCESS,
+ session.StartBoundSession(TPM_RH_FIRST, "auth", true));
+}
+
+TEST_F(PolicySessionTest, StartBoundSessionFailure) {
+ PolicySessionImpl session(factory_);
+ TPM_HANDLE handle = TPM_RH_FIRST;
+ EXPECT_CALL(mock_session_manager_, StartSession(TPM_SE_POLICY, handle,
+ _, true, _))
+ .WillRepeatedly(Return(TPM_RC_FAILURE));
+ EXPECT_EQ(TPM_RC_FAILURE, session.StartBoundSession(handle, "auth", true));
+}
+
+TEST_F(PolicySessionTest, StartUnboundSessionSuccess) {
+ PolicySessionImpl session(factory_);
+ EXPECT_EQ(TPM_RC_SUCCESS, session.StartUnboundSession(true));
+}
+
+TEST_F(PolicySessionTest, StartUnboundSessionFailure) {
+ PolicySessionImpl session(factory_);
+ EXPECT_CALL(mock_session_manager_, StartSession(TPM_SE_POLICY, TPM_RH_NULL,
+ _, true, _))
+ .WillRepeatedly(Return(TPM_RC_FAILURE));
+ EXPECT_EQ(TPM_RC_FAILURE, session.StartUnboundSession(true));
+}
+
+} // namespace trunks
diff --git a/trunks/scoped_key_handle.h b/trunks/scoped_key_handle.h
index 0ca72ff..4993435 100644
--- a/trunks/scoped_key_handle.h
+++ b/trunks/scoped_key_handle.h
@@ -11,11 +11,9 @@
namespace trunks {
-/*
- * This class is used to wrap a Key or NV ram handle given by the TPM.
- * It provides a destructor that cleans up TPM resources associated with
- * that handle.
- */
+// This class is used to wrap a Key or NV ram handle given by the TPM.
+// It provides a destructor that cleans up TPM resources associated with
+// that handle.
class TRUNKS_EXPORT ScopedKeyHandle {
public:
// We provide a factory to the constructor so that we can later free
diff --git a/trunks/session_manager.h b/trunks/session_manager.h
new file mode 100644
index 0000000..7467892
--- /dev/null
+++ b/trunks/session_manager.h
@@ -0,0 +1,61 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_SESSION_MANAGER_H_
+#define TRUNKS_SESSION_MANAGER_H_
+
+#include <string>
+
+#include "trunks/hmac_authorization_delegate.h"
+#include "trunks/tpm_generated.h"
+#include "trunks/trunks_export.h"
+#include "trunks/trunks_factory.h"
+
+namespace trunks {
+
+const trunks::TPM_HANDLE kUninitializedHandle = 0;
+
+// This class is used to keep track of a TPM session. Each instance of this
+// class is used to account for one instance of a TPM session. Currently
+// this class is used by AuthorizationSession instances to keep track of TPM
+// sessions.
+// Note: This class is not intended to be used independently. However clients
+// who want to manually manage their sessions can use this class to Start and
+// Close TPM backed Sessions. Example usage:
+// trunks::TrunksFactoryImpl factory;
+// scoped_ptr<SessionManager> session_manager = factory.GetSessionManager();
+// session_manager->StartSession(...);
+// TPM_HANDLE session_handle = session_manager->GetSessionHandle();
+class TRUNKS_EXPORT SessionManager {
+ public:
+ SessionManager() {}
+ virtual ~SessionManager() {}
+
+ // This method is used get the handle to the AuthorizationSession managed by
+ // this instance.
+ virtual TPM_HANDLE GetSessionHandle() const = 0;
+
+ // This method is used to flush all TPM context associated with the current
+ // session
+ virtual void CloseSession() = 0;
+
+ // This method is used to start a new AuthorizationSession. Once started,
+ // GetSessionHandle() can be used to access the handle to the TPM session.
+ // Since the sessions are salted, we need to ensure that TPM ownership is
+ // taken and the salting key created before this method is called.
+ // Returns TPM_RC_SUCCESS and returns the nonces used to create the session
+ // on success.
+ virtual TPM_RC StartSession(TPM_SE session_type,
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption,
+ HmacAuthorizationDelegate* delegate) = 0;
+
+ private:
+ DISALLOW_COPY_AND_ASSIGN(SessionManager);
+};
+
+} // namespace trunks
+
+#endif // TRUNKS_SESSION_MANAGER_H_
diff --git a/trunks/hmac_authorization_session.cc b/trunks/session_manager_impl.cc
similarity index 70%
rename from trunks/hmac_authorization_session.cc
rename to trunks/session_manager_impl.cc
index 96b65e0..f885d24 100644
--- a/trunks/hmac_authorization_session.cc
+++ b/trunks/session_manager_impl.cc
@@ -1,13 +1,12 @@
-// Copyright 2014 The Chromium OS Authors. All rights reserved.
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-#include "trunks/hmac_authorization_session.h"
+#include "trunks/session_manager_impl.h"
#include <string>
#include <base/logging.h>
-#include <base/macros.h>
#include <base/stl_util.h>
#include <crypto/scoped_openssl_types.h>
#include <openssl/err.h>
@@ -19,69 +18,74 @@
#include "trunks/tpm_utility.h"
namespace {
-
const size_t kWellKnownExponent = 0x10001;
-const trunks::TPM_HANDLE kUninitializedHandle = 0;
-
} // namespace
namespace trunks {
-HmacAuthorizationSession::HmacAuthorizationSession(
- const TrunksFactory& factory)
+SessionManagerImpl::SessionManagerImpl(const TrunksFactory& factory)
: factory_(factory),
- hmac_handle_(kUninitializedHandle) {}
+ session_handle_(kUninitializedHandle) {}
-HmacAuthorizationSession::~HmacAuthorizationSession() {
+SessionManagerImpl::~SessionManagerImpl() {
CloseSession();
}
-AuthorizationDelegate* HmacAuthorizationSession::GetDelegate() {
- if (hmac_handle_ == kUninitializedHandle) {
- return NULL;
+void SessionManagerImpl::CloseSession() {
+ if (session_handle_ == kUninitializedHandle) {
+ return;
}
- return &hmac_delegate_;
+ TPM_RC result = factory_.GetTpm()->FlushContextSync(session_handle_, NULL);
+ if (result != TPM_RC_SUCCESS) {
+ LOG(WARNING) << "Error closing tpm session: " << GetErrorString(result);
+ }
+ session_handle_ = kUninitializedHandle;
}
-TPM_RC HmacAuthorizationSession::StartBoundSession(
+TPM_RC SessionManagerImpl::StartSession(
+ TPM_SE session_type,
TPMI_DH_ENTITY bind_entity,
const std::string& bind_authorization_value,
- bool enable_encryption) {
+ bool enable_encryption,
+ HmacAuthorizationDelegate* delegate) {
+ CHECK(delegate);
// If we already have an active session, close it.
CloseSession();
- // First we generate a cryptographically secure salt and encrypt it using
- // PKCS1_OAEP padded RSA public key encryption. This is specified in TPM2.0
- // Part1 Architecture, Appendix B.10.2.
+
std::string salt(SHA1_DIGEST_SIZE, 0);
unsigned char* salt_buffer =
reinterpret_cast<unsigned char*>(string_as_array(&salt));
CHECK_EQ(RAND_bytes(salt_buffer, salt.size()), 1)
<< "Error generating a cryptographically random salt.";
+ // First we enccrypt the cryptographically secure salt using PKCS1_OAEP
+ // padded RSA public key encryption. This is specified in TPM2.0
+ // Part1 Architecture, Appendix B.10.2.
std::string encrypted_salt;
TPM_RC salt_result = EncryptSalt(salt, &encrypted_salt);
if (salt_result != TPM_RC_SUCCESS) {
LOG(ERROR) << "Error encrypting salt.";
return salt_result;
}
+
TPM2B_ENCRYPTED_SECRET encrypted_secret =
Make_TPM2B_ENCRYPTED_SECRET(encrypted_salt);
// Then we use TPM2_StartAuthSession to start a HMAC session with the TPM.
// The tpm returns the tpm_nonce and the session_handle referencing the
// created session.
- TPM_HANDLE session_handle;
- TPM2B_NONCE nonce_tpm;
- TPM_SE session_type = TPM_SE_HMAC;
TPMI_ALG_HASH hash_algorithm = TPM_ALG_SHA256;
TPMT_SYM_DEF symmetric_algorithm;
symmetric_algorithm.algorithm = TPM_ALG_AES;
symmetric_algorithm.key_bits.aes = 128;
symmetric_algorithm.mode.aes = TPM_ALG_CFB;
+
TPM2B_NONCE nonce_caller;
+ TPM2B_NONCE nonce_tpm;
// We use sha1_digest_size here because that is the minimum length
// needed for the nonce.
nonce_caller.size = SHA1_DIGEST_SIZE;
CHECK_EQ(RAND_bytes(nonce_caller.buffer, nonce_caller.size), 1)
<< "Error generating a cryptographically random nonce.";
+
Tpm* tpm = factory_.GetTpm();
// The TPM2 command below needs no authorization. This is why we can use
// the empty string "", when referring to the handle names for the salting
@@ -95,7 +99,7 @@
session_type,
symmetric_algorithm,
hash_algorithm,
- &session_handle,
+ &session_handle_,
&nonce_tpm,
NULL); // No Authorization.
if (tpm_result) {
@@ -103,42 +107,22 @@
<< GetErrorString(tpm_result);
return tpm_result;
}
- // Using the salt we generated and encrypted, and the data we got from the
- // TPM, we can initialize a HmacAuthorizationDelegate class.
- bool hmac_result = hmac_delegate_.InitSession(session_handle,
- nonce_tpm,
- nonce_caller,
- salt,
- bind_authorization_value,
- enable_encryption);
+ bool hmac_result = delegate->InitSession(
+ session_handle_,
+ nonce_tpm,
+ nonce_caller,
+ salt,
+ bind_authorization_value,
+ enable_encryption);
if (!hmac_result) {
LOG(ERROR) << "Failed to initialize an authorization session delegate.";
return TPM_RC_FAILURE;
}
- hmac_handle_ = session_handle;
return TPM_RC_SUCCESS;
}
-TPM_RC HmacAuthorizationSession::StartUnboundSession(bool enable_encryption) {
- // Starting an unbound session is the same as starting a session bound to
- // TPM_RH_NULL. In this case, the authorization is the zero length buffer.
- // We can therefore simply call StartBoundSession with TPM_RH_NULL as the
- // binding entity, and the empty string as the authorization.
- return StartBoundSession(TPM_RH_NULL, "", enable_encryption);
-}
-
-void HmacAuthorizationSession::SetEntityAuthorizationValue(
- const std::string& value) {
- hmac_delegate_.set_entity_auth_value(value);
-}
-
-void HmacAuthorizationSession::SetFutureAuthorizationValue(
- const std::string& value) {
- hmac_delegate_.set_future_authorization_value(value);
-}
-
-TPM_RC HmacAuthorizationSession::EncryptSalt(const std::string& salt,
- std::string* encrypted_salt) {
+TPM_RC SessionManagerImpl::EncryptSalt(const std::string& salt,
+ std::string* encrypted_salt) {
TPM2B_NAME out_name;
TPM2B_NAME qualified_name;
TPM2B_PUBLIC public_data;
@@ -211,16 +195,4 @@
return TPM_RC_SUCCESS;
}
-void HmacAuthorizationSession::CloseSession() {
- if (hmac_handle_ == kUninitializedHandle) {
- return;
- }
- TPM_RC result = factory_.GetTpm()->FlushContextSync(hmac_handle_, NULL);
- if (result != TPM_RC_SUCCESS) {
- LOG(WARNING) << "Error closing authorization session: "
- << GetErrorString(result);
- }
- hmac_handle_ = kUninitializedHandle;
-}
-
} // namespace trunks
diff --git a/trunks/session_manager_impl.h b/trunks/session_manager_impl.h
new file mode 100644
index 0000000..d9afbb0
--- /dev/null
+++ b/trunks/session_manager_impl.h
@@ -0,0 +1,60 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef TRUNKS_SESSION_MANAGER_IMPL_H_
+#define TRUNKS_SESSION_MANAGER_IMPL_H_
+
+#include "trunks/session_manager.h"
+
+#include <string>
+
+#include <gtest/gtest_prod.h>
+
+#include "trunks/tpm_generated.h"
+#include "trunks/trunks_factory.h"
+
+namespace trunks {
+
+// This class is used to keep track of a TPM session. Each instance of this
+// class is used to account for one instance of a TPM session. Currently
+// this class is used by AuthorizationSession instances to keep track of TPM
+// sessions.
+class TRUNKS_EXPORT SessionManagerImpl : public SessionManager {
+ public:
+ explicit SessionManagerImpl(const TrunksFactory& factory);
+ ~SessionManagerImpl() override;
+
+ TPM_HANDLE GetSessionHandle() const override { return session_handle_; }
+ void CloseSession() override;
+ TPM_RC StartSession(TPM_SE session_type,
+ TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption,
+ HmacAuthorizationDelegate* delegate) override;
+
+ private:
+ // This function is used to encrypt a plaintext salt |salt|, using RSA
+ // public encrypt with the SaltingKey PKCS1_OAEP padding. It follows the
+ // specification defined in TPM2.0 Part 1 Architecture, Appendix B.10.2.
+ // The encrypted salt is stored in the out parameter |encrypted_salt|.
+ TPM_RC EncryptSalt(const std::string& salt, std::string* encrypted_salt);
+
+ // This factory is only set in the constructor and is used to instantiate
+ // The TPM class to forward commands to the TPM chip.
+ const TrunksFactory& factory_;
+ // This handle keeps track of the TPM session. It is issued by the TPM,
+ // and is only modified when a new TPM session is started using
+ // StartBoundSession or StartUnboundSession. We use this to keep track of
+ // the session handle, so that we can clean it up when this class is
+ // destroyed.
+ TPM_HANDLE session_handle_;
+
+ friend class SessionManagerTest;
+ DISALLOW_COPY_AND_ASSIGN(SessionManagerImpl);
+};
+
+} // namespace trunks
+
+
+#endif // TRUNKS_SESSION_MANAGER_IMPL_H_
diff --git a/trunks/session_manager_test.cc b/trunks/session_manager_test.cc
new file mode 100644
index 0000000..9e85934
--- /dev/null
+++ b/trunks/session_manager_test.cc
@@ -0,0 +1,157 @@
+// Copyright 2015 The Chromium OS Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "trunks/session_manager_impl.h"
+
+#include <vector>
+
+#include <base/strings/string_number_conversions.h>
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include "trunks/mock_tpm.h"
+#include "trunks/tpm_generated.h"
+#include "trunks/tpm_utility.h"
+#include "trunks/trunks_factory_for_test.h"
+
+using testing::_;
+using testing::DoAll;
+using testing::NiceMock;
+using testing::Return;
+using testing::SetArgPointee;
+
+namespace trunks {
+
+class SessionManagerTest : public testing::Test {
+ public:
+ SessionManagerTest() : session_manager_(factory_) {
+ delegate_ = new HmacAuthorizationDelegate();
+ }
+ ~SessionManagerTest() override {}
+
+ void SetUp() override {
+ factory_.set_tpm(&mock_tpm_);
+ }
+
+ void SetHandle(TPM_HANDLE handle) {
+ session_manager_.session_handle_ = handle;
+ }
+
+ TPM2B_PUBLIC_KEY_RSA GetValidRSAPublicKey() {
+ const char kValidModulus[] =
+ "A1D50D088994000492B5F3ED8A9C5FC8772706219F4C063B2F6A8C6B74D3AD6B"
+ "212A53D01DABB34A6261288540D420D3BA59ED279D859DE6227A7AB6BD88FADD"
+ "FC3078D465F4DF97E03A52A587BD0165AE3B180FE7B255B7BEDC1BE81CB1383F"
+ "E9E46F9312B1EF28F4025E7D332E33F4416525FEB8F0FC7B815E8FBB79CDABE6"
+ "327B5A155FEF13F559A7086CB8A543D72AD6ECAEE2E704FF28824149D7F4E393"
+ "D3C74E721ACA97F7ADBE2CCF7B4BCC165F7380F48065F2C8370F25F066091259"
+ "D14EA362BAF236E3CD8771A94BDEDA3900577143A238AB92B6C55F11DEFAFB31"
+ "7D1DC5B6AE210C52B008D87F2A7BFF6EB5C4FB32D6ECEC6505796173951A3167";
+ std::vector<uint8> bytes;
+ CHECK(base::HexStringToBytes(kValidModulus, &bytes));
+ CHECK_EQ(bytes.size(), 256u);
+ TPM2B_PUBLIC_KEY_RSA rsa;
+ rsa.size = bytes.size();
+ memcpy(rsa.buffer, bytes.data(), bytes.size());
+ return rsa;
+ }
+
+ protected:
+ TrunksFactoryForTest factory_;
+ NiceMock<MockTpm> mock_tpm_;
+ HmacAuthorizationDelegate* delegate_;
+ SessionManagerImpl session_manager_;
+};
+
+TEST_F(SessionManagerTest, CloseSessionSuccess) {
+ TPM_HANDLE handle = TPM_RH_FIRST;
+ SetHandle(handle);
+ EXPECT_CALL(mock_tpm_, FlushContextSync(handle, NULL))
+ .WillOnce(Return(TPM_RC_SUCCESS));
+ session_manager_.CloseSession();
+}
+
+TEST_F(SessionManagerTest, CloseSessionNoHandle) {
+ TPM_HANDLE handle = kUninitializedHandle;
+ SetHandle(handle);
+ EXPECT_CALL(mock_tpm_, FlushContextSync(handle, NULL))
+ .Times(0);
+ session_manager_.CloseSession();
+}
+
+TEST_F(SessionManagerTest, GetSessionHandleTest) {
+ TPM_HANDLE handle = TPM_RH_FIRST;
+ EXPECT_EQ(kUninitializedHandle, session_manager_.GetSessionHandle());
+ SetHandle(handle);
+ EXPECT_EQ(handle, session_manager_.GetSessionHandle());
+}
+
+
+TEST_F(SessionManagerTest, StartSessionSuccess) {
+ TPM_SE session_type = TPM_SE_TRIAL;
+ TPM2B_PUBLIC public_data;
+ public_data.public_area.unique.rsa = GetValidRSAPublicKey();
+ EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
+ .WillOnce(DoAll(SetArgPointee<2>(public_data),
+ Return(TPM_RC_SUCCESS)));
+ TPM_HANDLE handle = TPM_RH_FIRST;
+ TPM2B_NONCE nonce;
+ nonce.size = 20;
+ EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle,
+ _, _, session_type, _, _,
+ _, _, _))
+ .WillOnce(DoAll(SetArgPointee<8>(nonce),
+ Return(TPM_RC_SUCCESS)));
+ EXPECT_EQ(TPM_RC_SUCCESS, session_manager_.StartSession(session_type,
+ handle, "", false,
+ delegate_));
+}
+
+TEST_F(SessionManagerTest, StartSessionBadSaltingKey) {
+ TPM2B_PUBLIC public_data;
+ public_data.public_area.unique.rsa.size = 32;
+ EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
+ .WillOnce(DoAll(SetArgPointee<2>(public_data),
+ Return(TPM_RC_SUCCESS)));
+ EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession(TPM_SE_TRIAL,
+ TPM_RH_NULL, "",
+ false, delegate_));
+}
+
+TEST_F(SessionManagerTest, StartSessionFailure) {
+ TPM2B_PUBLIC public_data;
+ public_data.public_area.unique.rsa = GetValidRSAPublicKey();
+ EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
+ .WillOnce(DoAll(SetArgPointee<2>(public_data),
+ Return(TPM_RC_SUCCESS)));
+ EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_,
+ TPM_RH_NULL,
+ _, _, _, _, _, _, _, _))
+ .WillOnce(Return(TPM_RC_FAILURE));
+ EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession(TPM_SE_TRIAL,
+ TPM_RH_NULL, "",
+ false, delegate_));
+}
+
+TEST_F(SessionManagerTest, StartSessionBadNonce) {
+ TPM_SE session_type = TPM_SE_TRIAL;
+ TPM2B_PUBLIC public_data;
+ public_data.public_area.unique.rsa = GetValidRSAPublicKey();
+ EXPECT_CALL(mock_tpm_, ReadPublicSync(kSaltingKey, _, _, _, _, NULL))
+ .WillOnce(DoAll(SetArgPointee<2>(public_data),
+ Return(TPM_RC_SUCCESS)));
+ TPM_HANDLE handle = TPM_RH_FIRST;
+ TPM2B_NONCE nonce;
+ nonce.size = 0;
+ EXPECT_CALL(mock_tpm_, StartAuthSessionSyncShort(_, handle,
+ _, _, session_type, _, _,
+ _, _, _))
+ .WillOnce(DoAll(SetArgPointee<8>(nonce),
+ Return(TPM_RC_SUCCESS)));
+ EXPECT_EQ(TPM_RC_FAILURE, session_manager_.StartSession(session_type,
+ handle, "", false,
+ delegate_));
+}
+
+} // namespace trunks
diff --git a/trunks/tpm_utility.h b/trunks/tpm_utility.h
index 4270d4b..ac82698 100644
--- a/trunks/tpm_utility.h
+++ b/trunks/tpm_utility.h
@@ -9,7 +9,6 @@
#include <base/macros.h>
-#include "trunks/authorization_session.h"
#include "trunks/tpm_generated.h"
#include "trunks/trunks_export.h"
diff --git a/trunks/tpm_utility_impl.cc b/trunks/tpm_utility_impl.cc
index 437dd97..6103246 100644
--- a/trunks/tpm_utility_impl.cc
+++ b/trunks/tpm_utility_impl.cc
@@ -14,9 +14,9 @@
#include <openssl/rand.h>
#include "trunks/authorization_delegate.h"
-#include "trunks/authorization_session.h"
#include "trunks/error_codes.h"
#include "trunks/hmac_authorization_delegate.h"
+#include "trunks/hmac_session.h"
#include "trunks/scoped_key_handle.h"
#include "trunks/tpm_constants.h"
#include "trunks/tpm_state.h"
@@ -182,8 +182,7 @@
return result;
}
- scoped_ptr<AuthorizationSession> session(
- factory_.GetHmacAuthorizationSession());
+ scoped_ptr<HmacSession> session = factory_.GetHmacSession();
result = session->StartUnboundSession(true);
if (result != TPM_RC_SUCCESS) {
LOG(ERROR) << "Error initializing AuthorizationSession: "
diff --git a/trunks/tpm_utility_test.cc b/trunks/tpm_utility_test.cc
index eb4ca1f..1f4c432 100644
--- a/trunks/tpm_utility_test.cc
+++ b/trunks/tpm_utility_test.cc
@@ -11,7 +11,7 @@
#include "trunks/error_codes.h"
#include "trunks/hmac_authorization_delegate.h"
#include "trunks/mock_authorization_delegate.h"
-#include "trunks/mock_authorization_session.h"
+#include "trunks/mock_hmac_session.h"
#include "trunks/mock_tpm.h"
#include "trunks/mock_tpm_state.h"
#include "trunks/tpm_constants.h"
@@ -35,7 +35,7 @@
void SetUp() override {
factory_.set_tpm_state(&mock_tpm_state_);
factory_.set_tpm(&mock_tpm_);
- factory_.set_authorization_session(&mock_authorization_session_);
+ factory_.set_hmac_session(&mock_hmac_session_);
}
TPM_RC ComputeKeyName(const TPMT_PUBLIC& public_area,
@@ -75,7 +75,7 @@
NiceMock<MockTpmState> mock_tpm_state_;
NiceMock<MockTpm> mock_tpm_;
NiceMock<MockAuthorizationDelegate> mock_authorization_delegate_;
- NiceMock<MockAuthorizationSession> mock_authorization_session_;
+ NiceMock<MockHmacSession> mock_hmac_session_;
TpmUtilityImpl utility_;
};
@@ -182,7 +182,7 @@
}
TEST_F(TpmUtilityTest, TakeOwnershipBadSession) {
- EXPECT_CALL(mock_authorization_session_, StartUnboundSession(true))
+ EXPECT_CALL(mock_hmac_session_, StartUnboundSession(true))
.WillRepeatedly(Return(TPM_RC_FAILURE));
EXPECT_EQ(TPM_RC_FAILURE, utility_.TakeOwnership("owner",
"endorsement",
diff --git a/trunks/trunks.gyp b/trunks/trunks.gyp
index 82ba5c5..3410770 100644
--- a/trunks/trunks.gyp
+++ b/trunks/trunks.gyp
@@ -31,10 +31,12 @@
'target_name': 'trunks',
'type': 'shared_library',
'sources': [
- 'hmac_authorization_session.cc',
'error_codes.cc',
'hmac_authorization_delegate.cc',
+ 'hmac_session_impl.cc',
'password_authorization_delegate.cc',
+ 'policy_session_impl.cc',
+ 'session_manager_impl.cc',
'scoped_key_handle.cc',
'tpm_generated.cc',
'tpm_state_impl.cc',
@@ -94,14 +96,18 @@
'sources': [
'background_command_transceiver_test.cc',
'hmac_authorization_delegate_unittest.cc',
- 'hmac_authorization_session_test.cc',
+ 'hmac_session_test.cc',
'mock_authorization_delegate.cc',
- 'mock_authorization_session.cc',
'mock_command_transceiver.cc',
+ 'mock_hmac_session.cc',
+ 'mock_policy_session.cc',
+ 'mock_session_manager.cc',
'mock_tpm.cc',
'mock_tpm_state.cc',
'mock_tpm_utility.cc',
'password_authorization_delegate_unittest.cc',
+ 'policy_session_test.cc',
+ 'session_manager_test.cc',
'scoped_key_handle_test.cc',
'tpm_generated_test.cc',
'tpm_state_test.cc',
diff --git a/trunks/trunks_client.cc b/trunks/trunks_client.cc
index 0a8b60d..ab0628b 100644
--- a/trunks/trunks_client.cc
+++ b/trunks/trunks_client.cc
@@ -17,6 +17,7 @@
#include <openssl/rsa.h>
#include "trunks/error_codes.h"
+#include "trunks/hmac_session.h"
#include "trunks/password_authorization_delegate.h"
#include "trunks/scoped_key_handle.h"
#include "trunks/tpm_state.h"
@@ -71,8 +72,7 @@
int RNGTest() {
trunks::TrunksFactoryImpl factory;
scoped_ptr<trunks::TpmUtility> utility = factory.GetTpmUtility();
- scoped_ptr<trunks::AuthorizationSession> session =
- factory.GetHmacAuthorizationSession();
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
std::string entropy_data("entropy_data");
std::string random_data;
size_t num_bytes = 70;
@@ -110,8 +110,7 @@
trunks::TPM_HANDLE signing_key;
trunks::TPM_RC rc;
scoped_ptr<trunks::TpmUtility> utility = factory.GetTpmUtility();
- scoped_ptr<trunks::AuthorizationSession> session(
- factory.GetHmacAuthorizationSession());
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
rc = session->StartUnboundSession(true /* enable encryption */);
if (rc) {
LOG(ERROR) << "Error starting authorization session: "
@@ -159,8 +158,7 @@
trunks::TrunksFactoryImpl factory;
trunks::TPM_HANDLE decrypt_key;
trunks::TPM_RC rc;
- scoped_ptr<trunks::AuthorizationSession> session(
- factory.GetHmacAuthorizationSession());
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
rc = session->StartUnboundSession(true /* enable encryption */);
if (rc) {
LOG(ERROR) << "Error starting authorization session: "
@@ -214,8 +212,7 @@
scoped_ptr<trunks::TpmUtility> utility = factory.GetTpmUtility();
trunks::TPM_RC rc;
std::string key_blob;
- scoped_ptr<trunks::AuthorizationSession> session(
- factory.GetHmacAuthorizationSession());
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
rc = session->StartUnboundSession(true /* enable encryption */);
if (rc) {
LOG(ERROR) << "Error starting authorization session: "
@@ -283,8 +280,7 @@
trunks::TrunksFactoryImpl factory;
scoped_ptr<trunks::TpmUtility> utility = factory.GetTpmUtility();
trunks::TPM_RC rc;
- scoped_ptr<trunks::AuthorizationSession> session(
- factory.GetHmacAuthorizationSession());
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
rc = session->StartUnboundSession(true /* enable encryption */);
if (rc) {
LOG(ERROR) << "Error starting authorization session: "
@@ -361,8 +357,7 @@
trunks::TrunksFactoryImpl factory;
scoped_ptr<trunks::TpmUtility> utility = factory.GetTpmUtility();
trunks::TPM_RC rc;
- scoped_ptr<trunks::AuthorizationSession> session(
- factory.GetHmacAuthorizationSession());
+ scoped_ptr<trunks::HmacSession> session = factory.GetHmacSession();
rc = session->StartUnboundSession(true /* enable encryption */);
if (rc) {
LOG(ERROR) << "Error starting authorization session: "
diff --git a/trunks/trunks_factory.h b/trunks/trunks_factory.h
index 21e87ef..592e406 100644
--- a/trunks/trunks_factory.h
+++ b/trunks/trunks_factory.h
@@ -15,7 +15,9 @@
namespace trunks {
class AuthorizationDelegate;
-class AuthorizationSession;
+class HmacSession;
+class PolicySession;
+class SessionManager;
class Tpm;
class TpmState;
class TpmUtility;
@@ -42,9 +44,14 @@
virtual scoped_ptr<AuthorizationDelegate> GetPasswordAuthorization(
const std::string& password) const = 0;
- // Returns an AuthorizationSession instance. The caller takes ownership.
- virtual scoped_ptr<AuthorizationSession>
- GetHmacAuthorizationSession() const = 0;
+ // Returns a SessionManager instance. The caller takes ownership.
+ virtual scoped_ptr<SessionManager> GetSessionManager() const = 0;
+
+ // Returns a HmacSession instance. The caller takes ownership.
+ virtual scoped_ptr<HmacSession> GetHmacSession() const = 0;
+
+ // Returns a PolicySession instance. The caller takes ownership.
+ virtual scoped_ptr<PolicySession> GetPolicySession() const = 0;
private:
DISALLOW_COPY_AND_ASSIGN(TrunksFactory);
diff --git a/trunks/trunks_factory_for_test.cc b/trunks/trunks_factory_for_test.cc
index 559acbb..73f9e36 100644
--- a/trunks/trunks_factory_for_test.cc
+++ b/trunks/trunks_factory_for_test.cc
@@ -7,11 +7,15 @@
#include <gmock/gmock.h>
#include "trunks/authorization_delegate.h"
-#include "trunks/authorization_session.h"
-#include "trunks/mock_authorization_session.h"
+#include "trunks/hmac_session.h"
+#include "trunks/mock_hmac_session.h"
+#include "trunks/mock_policy_session.h"
+#include "trunks/mock_session_manager.h"
#include "trunks/mock_tpm.h"
#include "trunks/mock_tpm_state.h"
#include "trunks/mock_tpm_utility.h"
+#include "trunks/policy_session.h"
+#include "trunks/session_manager.h"
#include "trunks/tpm_generated.h"
#include "trunks/tpm_state.h"
#include "trunks/tpm_utility.h"
@@ -302,20 +306,45 @@
};
// Forwards all calls to a target instance.
-class AuthorizationSessionForwarder : public AuthorizationSession {
+class SessionManagerForwarder : public SessionManager {
public:
- explicit AuthorizationSessionForwarder(AuthorizationSession* target)
- : target_(target) {}
- ~AuthorizationSessionForwarder() override {}
+ explicit SessionManagerForwarder(SessionManager* target) : target_(target) {}
+ ~SessionManagerForwarder() override {}
+
+ TPM_HANDLE GetSessionHandle() const override {
+ return target_->GetSessionHandle();
+ }
+
+ void CloseSession() override {
+ return target_->CloseSession();
+ }
+
+ TPM_RC StartSession(TPM_SE session_type, TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption,
+ HmacAuthorizationDelegate* delegate) override {
+ return target_->StartSession(session_type, bind_entity,
+ bind_authorization_value,
+ enable_encryption, delegate);
+ }
+
+ private:
+ SessionManager* target_;
+};
+
+// Forwards all calls to a target instance.
+class HmacSessionForwarder : public HmacSession {
+ public:
+ explicit HmacSessionForwarder(HmacSession* target): target_(target) {}
+ ~HmacSessionForwarder() override {}
AuthorizationDelegate* GetDelegate() override {
return target_->GetDelegate();
}
- TPM_RC StartBoundSession(
- TPMI_DH_ENTITY bind_entity,
- const std::string& bind_authorization_value,
- bool enable_encryption) override {
+ TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) override {
return target_->StartBoundSession(bind_entity,
bind_authorization_value,
enable_encryption);
@@ -334,7 +363,34 @@
}
private:
- AuthorizationSession* target_;
+ HmacSession* target_;
+};
+
+
+// Forwards all calls to a target instance.
+class PolicySessionForwarder : public PolicySession {
+ public:
+ explicit PolicySessionForwarder(PolicySession* target): target_(target) {}
+ ~PolicySessionForwarder() override {}
+
+ AuthorizationDelegate* GetDelegate() override {
+ return target_->GetDelegate();
+ }
+
+ TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
+ const std::string& bind_authorization_value,
+ bool enable_encryption) override {
+ return target_->StartBoundSession(bind_entity,
+ bind_authorization_value,
+ enable_encryption);
+ }
+
+ TPM_RC StartUnboundSession(bool enable_encryption) override {
+ return target_->StartUnboundSession(enable_encryption);
+ }
+
+ private:
+ PolicySession* target_;
};
TrunksFactoryForTest::TrunksFactoryForTest()
@@ -346,12 +402,15 @@
tpm_utility_(default_tpm_utility_.get()),
default_authorization_delegate_(new PasswordAuthorizationDelegate("")),
password_authorization_delegate_(default_authorization_delegate_.get()),
- default_authorization_session_(new NiceMock<MockAuthorizationSession>()),
- authorization_session_(default_authorization_session_.get()) {
+ default_session_manager_(new NiceMock<MockSessionManager>()),
+ session_manager_(default_session_manager_.get()),
+ default_hmac_session_(new NiceMock<MockHmacSession>()),
+ hmac_session_(default_hmac_session_.get()),
+ default_policy_session_(new NiceMock<MockPolicySession>()),
+ policy_session_(default_policy_session_.get()) {
}
-TrunksFactoryForTest::~TrunksFactoryForTest() {
-}
+TrunksFactoryForTest::~TrunksFactoryForTest() {}
Tpm* TrunksFactoryForTest::GetTpm() const {
return tpm_;
@@ -372,10 +431,17 @@
new AuthorizationDelegateForwarder(password_authorization_delegate_));
}
-scoped_ptr<AuthorizationSession>
- TrunksFactoryForTest::GetHmacAuthorizationSession() const {
- return scoped_ptr<AuthorizationSession>(
- new AuthorizationSessionForwarder(authorization_session_));
+scoped_ptr<SessionManager> TrunksFactoryForTest::GetSessionManager() const {
+ return scoped_ptr<SessionManager>(
+ new SessionManagerForwarder(session_manager_));
+}
+
+scoped_ptr<HmacSession> TrunksFactoryForTest::GetHmacSession() const {
+ return scoped_ptr<HmacSession>(new HmacSessionForwarder(hmac_session_));
+}
+
+scoped_ptr<PolicySession> TrunksFactoryForTest::GetPolicySession() const {
+ return scoped_ptr<PolicySession>(new PolicySessionForwarder(policy_session_));
}
} // namespace trunks
diff --git a/trunks/trunks_factory_for_test.h b/trunks/trunks_factory_for_test.h
index 05a22ac..43e1e71 100644
--- a/trunks/trunks_factory_for_test.h
+++ b/trunks/trunks_factory_for_test.h
@@ -18,12 +18,16 @@
namespace trunks {
class AuthorizationDelegate;
-class AuthorizationSession;
-class MockAuthorizationSession;
+class MockHmacSession;
+class MockPolicySession;
+class MockSessionManager;
class MockTpm;
class MockTpmState;
class MockTpmUtility;
+class HmacSession;
class PasswordAuthorizationDelegate;
+class PolicySession;
+class SessionManager;
class Tpm;
class TpmState;
class TpmUtility;
@@ -49,7 +53,9 @@
scoped_ptr<TpmUtility> GetTpmUtility() const override;
scoped_ptr<AuthorizationDelegate> GetPasswordAuthorization(
const std::string& password) const override;
- scoped_ptr<AuthorizationSession> GetHmacAuthorizationSession() const override;
+ scoped_ptr<SessionManager> GetSessionManager() const override;
+ scoped_ptr<HmacSession> GetHmacSession() const override;
+ scoped_ptr<PolicySession> GetPolicySession() const override;
// Mutators to inject custom mocks.
void set_tpm(Tpm* tpm) {
@@ -68,8 +74,16 @@
password_authorization_delegate_ = delegate;
}
- void set_authorization_session(AuthorizationSession* session) {
- authorization_session_ = session;
+ void set_session_manager(SessionManager* session_manager) {
+ session_manager_ = session_manager;
+ }
+
+ void set_hmac_session(HmacSession* hmac_session) {
+ hmac_session_ = hmac_session;
+ }
+
+ void set_policy_session(PolicySession* policy_session) {
+ policy_session_ = policy_session;
}
private:
@@ -81,8 +95,12 @@
TpmUtility* tpm_utility_;
scoped_ptr<PasswordAuthorizationDelegate> default_authorization_delegate_;
AuthorizationDelegate* password_authorization_delegate_;
- scoped_ptr<MockAuthorizationSession> default_authorization_session_;
- AuthorizationSession* authorization_session_;
+ scoped_ptr<MockSessionManager> default_session_manager_;
+ SessionManager* session_manager_;
+ scoped_ptr<MockHmacSession> default_hmac_session_;
+ HmacSession* hmac_session_;
+ scoped_ptr<MockPolicySession> default_policy_session_;
+ PolicySession* policy_session_;
DISALLOW_COPY_AND_ASSIGN(TrunksFactoryForTest);
};
diff --git a/trunks/trunks_factory_impl.cc b/trunks/trunks_factory_impl.cc
index ae16679..ca60d61 100644
--- a/trunks/trunks_factory_impl.cc
+++ b/trunks/trunks_factory_impl.cc
@@ -4,9 +4,10 @@
#include "trunks/trunks_factory_impl.h"
-#include "trunks/authorization_session.h"
-#include "trunks/hmac_authorization_session.h"
+#include "trunks/hmac_session_impl.h"
#include "trunks/password_authorization_delegate.h"
+#include "trunks/policy_session_impl.h"
+#include "trunks/session_manager_impl.h"
#include "trunks/tpm_generated.h"
#include "trunks/tpm_state_impl.h"
#include "trunks/tpm_utility_impl.h"
@@ -45,9 +46,16 @@
new PasswordAuthorizationDelegate(password));
}
-scoped_ptr<AuthorizationSession>
- TrunksFactoryImpl::GetHmacAuthorizationSession() const {
- return scoped_ptr<AuthorizationSession>(new HmacAuthorizationSession(*this));
+scoped_ptr<SessionManager> TrunksFactoryImpl::GetSessionManager() const {
+ return scoped_ptr<SessionManager>(new SessionManagerImpl(*this));
+}
+
+scoped_ptr<HmacSession> TrunksFactoryImpl::GetHmacSession() const {
+ return scoped_ptr<HmacSession>(new HmacSessionImpl(*this));
+}
+
+scoped_ptr<PolicySession> TrunksFactoryImpl::GetPolicySession() const {
+ return scoped_ptr<PolicySession>(new PolicySessionImpl(*this));
}
} // namespace trunks
diff --git a/trunks/trunks_factory_impl.h b/trunks/trunks_factory_impl.h
index 020442a..5a8f155 100644
--- a/trunks/trunks_factory_impl.h
+++ b/trunks/trunks_factory_impl.h
@@ -36,7 +36,9 @@
scoped_ptr<TpmUtility> GetTpmUtility() const override;
scoped_ptr<AuthorizationDelegate> GetPasswordAuthorization(
const std::string& password) const override;
- scoped_ptr<AuthorizationSession> GetHmacAuthorizationSession() const override;
+ scoped_ptr<SessionManager> GetSessionManager() const override;
+ scoped_ptr<HmacSession> GetHmacSession() const override;
+ scoped_ptr<PolicySession> GetPolicySession() const override;
private:
scoped_ptr<TrunksProxy> proxy_;
