1 // 2 // Copyright (C) 2015 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #ifndef TRUNKS_HMAC_SESSION_IMPL_H_ 18 #define TRUNKS_HMAC_SESSION_IMPL_H_ 19 20 #include "trunks/hmac_session.h" 21 22 #include <string> 23 24 #include <base/macros.h> 25 26 #include "trunks/hmac_authorization_delegate.h" 27 #include "trunks/session_manager.h" 28 #include "trunks/trunks_export.h" 29 #include "trunks/trunks_factory.h" 30 31 namespace trunks { 32 33 34 // This class implements the HmacSession interface. It is used for 35 // keeping track of the HmacAuthorizationDelegate used for commands, and to 36 // provide authorization for commands that need it. It is instantiated by 37 // TpmUtilityImpl. If we need to use this class outside of TpmUtility, we 38 // can use it as below: 39 // TrunksFactoryImpl factory; 40 // HmacSessionImpl session(factory); 41 // session.StartBoundSession(bind_entity, bind_authorization, true); 42 // session.SetEntityAuthorizationValue(entity_authorization); 43 // factory.GetTpm()->RSA_EncrpytSync(_,_,_,_, session.GetDelegate()); 44 // NOTE: StartBoundSession/StartUnboundSession should not be called before 45 // TPM Ownership is taken. This is because starting a session uses the 46 // SaltingKey, which is only created after ownership is taken. 47 class TRUNKS_EXPORT HmacSessionImpl: public HmacSession { 48 public: 49 // The constructor for HmacAuthroizationSession needs a factory. In 50 // producation code, this factory is used to access the TPM class to forward 51 // commands to the TPM. In test code, this is used to mock out the TPM calls. 52 explicit HmacSessionImpl(const TrunksFactory& factory); 53 ~HmacSessionImpl() override; 54 55 // HmacSession methods. 56 AuthorizationDelegate* GetDelegate() override; 57 TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity, 58 const std::string& bind_authorization_value, 59 bool enable_encryption) override; 60 TPM_RC StartUnboundSession(bool enable_encryption) override; 61 void SetEntityAuthorizationValue(const std::string& value) override; 62 void SetFutureAuthorizationValue(const std::string& value) override; 63 64 private: 65 // This factory is only set in the constructor and is used to instantiate 66 // The TPM class to forward commands to the TPM chip. 67 const TrunksFactory& factory_; 68 // This delegate is what provides authorization to commands. It is what is 69 // returned when the GetDelegate method is called. 70 HmacAuthorizationDelegate hmac_delegate_; 71 // This object is used to manage the TPM session associated with this 72 // HmacSession. 73 scoped_ptr<SessionManager> session_manager_; 74 75 friend class HmacSessionTest; 76 DISALLOW_COPY_AND_ASSIGN(HmacSessionImpl); 77 }; 78 79 } // namespace trunks 80 81 #endif // TRUNKS_HMAC_SESSION_IMPL_H_ 82