• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 //
2 // Copyright (C) 2015 The Android Open Source Project
3 //
4 // Licensed under the Apache License, Version 2.0 (the "License");
5 // you may not use this file except in compliance with the License.
6 // You may obtain a copy of the License at
7 //
8 //      http://www.apache.org/licenses/LICENSE-2.0
9 //
10 // Unless required by applicable law or agreed to in writing, software
11 // distributed under the License is distributed on an "AS IS" BASIS,
12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 // See the License for the specific language governing permissions and
14 // limitations under the License.
15 //
16 
17 #ifndef TPM_MANAGER_SERVER_TPM2_INITIALIZER_IMPL_H_
18 #define TPM_MANAGER_SERVER_TPM2_INITIALIZER_IMPL_H_
19 
20 #include "tpm_manager/server/tpm_initializer.h"
21 
22 #include <string>
23 #include <memory>
24 
25 #include <base/macros.h>
26 #include <trunks/trunks_factory.h>
27 
28 #include "tpm_manager/server/local_data_store.h"
29 #include "tpm_manager/server/openssl_crypto_util.h"
30 #include "tpm_manager/server/tpm_status.h"
31 
32 namespace tpm_manager {
33 
34 // This class initializes a Tpm2.0 chip by taking ownership. Example use of
35 // this class is:
36 // LocalDataStore data_store;
37 // Tpm2StatusImpl status;
38 // Tpm2InitializerImpl initializer(&data_store, &status);
39 // initializer.InitializeTpm();
40 // If the tpm is unowned, InitializeTpm injects random owner, endorsement and
41 // lockout passwords, intializes the SRK with empty authorization, and persists
42 // the passwords to disk until all the owner dependencies are satisfied.
43 class Tpm2InitializerImpl : public TpmInitializer {
44  public:
45   // Does not take ownership of |local_data_store| or |tpm_status|.
46   Tpm2InitializerImpl(LocalDataStore* local_data_store,
47                       TpmStatus* tpm_status);
48   // Does not take ownership of |openssl_util|, |local_data_store| or
49   // |tpm_status|. Takes ownership of |factory|.
50   Tpm2InitializerImpl(trunks::TrunksFactory* factory,
51                       OpensslCryptoUtil* openssl_util,
52                       LocalDataStore* local_data_store,
53                       TpmStatus* tpm_status);
54   ~Tpm2InitializerImpl() override = default;
55 
56   // TpmInitializer methods.
57   bool InitializeTpm() override;
58 
59  private:
60   // Seeds the onboard Tpm random number generator with random bytes from
61   // Openssl, if the Tpm RNG has not been seeded yet. Returns true on success.
62   bool SeedTpmRng();
63 
64   // Gets random bytes of length |num_bytes| and populates the string at
65   // |random_data|. Returns true on success.
66   bool GetTpmRandomData(size_t num_bytes, std::string* random_data);
67 
68   std::unique_ptr<trunks::TrunksFactory> trunks_factory_;
69   OpensslCryptoUtil* openssl_util_;
70   LocalDataStore* local_data_store_;
71   TpmStatus* tpm_status_;
72 
73   DISALLOW_COPY_AND_ASSIGN(Tpm2InitializerImpl);
74 };
75 
76 }  // namespace tpm_manager
77 
78 #endif  // TPM_MANAGER_SERVER_TPM2_INITIALIZER_IMPL_H_
79