1 // Copyright 2023 The ChromiumOS Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "multiple_authorization_delegate.h"
6 
7 #include "authorization_delegate.h"
8 #include "tpm_generated.h"
9 
10 namespace trunks {
11 
AddAuthorizationDelegate(AuthorizationDelegate * delegate)12 void MultipleAuthorizations::AddAuthorizationDelegate(
13     AuthorizationDelegate* delegate) {
14   delegates_.push_back(delegate);
15 }
16 
GetCommandAuthorization(const std::string & command_hash,bool is_command_parameter_encryption_possible,bool is_response_parameter_encryption_possible,std::string * authorization)17 bool MultipleAuthorizations::GetCommandAuthorization(
18     const std::string& command_hash,
19     bool is_command_parameter_encryption_possible,
20     bool is_response_parameter_encryption_possible,
21     std::string* authorization) {
22   std::string combined_authorization;
23   for (auto delegate : delegates_) {
24     std::string authorization;
25     if (!delegate->GetCommandAuthorization(
26             command_hash, is_command_parameter_encryption_possible,
27             is_response_parameter_encryption_possible, &authorization)) {
28       return false;
29     }
30     combined_authorization += authorization;
31   }
32   *authorization = combined_authorization;
33   return true;
34 }
35 
CheckResponseAuthorization(const std::string & response_hash,const std::string & authorization)36 bool MultipleAuthorizations::CheckResponseAuthorization(
37     const std::string& response_hash, const std::string& authorization) {
38   std::string mutable_authorization = authorization;
39   for (auto delegate : delegates_) {
40     if (!delegate->CheckResponseAuthorization(
41             response_hash,
42             ExtractSingleAuthorizationResponse(&mutable_authorization))) {
43       return false;
44     }
45   }
46   return true;
47 }
48 
EncryptCommandParameter(std::string * parameter)49 bool MultipleAuthorizations::EncryptCommandParameter(std::string* parameter) {
50   for (auto delegate : delegates_) {
51     if (!delegate->EncryptCommandParameter(parameter)) {
52       return false;
53     }
54   }
55   return true;
56 }
57 
DecryptResponseParameter(std::string * parameter)58 bool MultipleAuthorizations::DecryptResponseParameter(std::string* parameter) {
59   for (auto delegate : delegates_) {
60     if (!delegate->DecryptResponseParameter(parameter)) {
61       return false;
62     }
63   }
64   return true;
65 }
66 
GetTpmNonce(std::string * nonce)67 bool MultipleAuthorizations::GetTpmNonce(std::string* nonce) { return false; }
68 
ExtractSingleAuthorizationResponse(std::string * all_responses)69 std::string MultipleAuthorizations::ExtractSingleAuthorizationResponse(
70     std::string* all_responses) {
71   std::string response;
72   trunks::TPMS_AUTH_RESPONSE not_used;
73   if (TPM_RC_SUCCESS !=
74       Parse_TPMS_AUTH_RESPONSE(all_responses, ¬_used, &response)) {
75     return std::string();
76   }
77   return response;
78 }
79 
80 }  // namespace trunks
81