1 // 2 // Copyright (C) 2014 The Android Open Source Project 3 // 4 // Licensed under the Apache License, Version 2.0 (the "License"); 5 // you may not use this file except in compliance with the License. 6 // You may obtain a copy of the License at 7 // 8 // http://www.apache.org/licenses/LICENSE-2.0 9 // 10 // Unless required by applicable law or agreed to in writing, software 11 // distributed under the License is distributed on an "AS IS" BASIS, 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 // See the License for the specific language governing permissions and 14 // limitations under the License. 15 // 16 17 #include "trunks/trunks_factory_for_test.h" 18 19 #include <gmock/gmock.h> 20 21 #include "trunks/authorization_delegate.h" 22 #include "trunks/blob_parser.h" 23 #include "trunks/hmac_session.h" 24 #include "trunks/mock_blob_parser.h" 25 #include "trunks/mock_hmac_session.h" 26 #include "trunks/mock_policy_session.h" 27 #include "trunks/mock_session_manager.h" 28 #include "trunks/mock_tpm.h" 29 #include "trunks/mock_tpm_state.h" 30 #include "trunks/mock_tpm_utility.h" 31 #include "trunks/policy_session.h" 32 #include "trunks/session_manager.h" 33 #include "trunks/tpm_generated.h" 34 #include "trunks/tpm_state.h" 35 #include "trunks/tpm_utility.h" 36 37 using testing::NiceMock; 38 39 namespace trunks { 40 41 // Forwards all calls to a target instance. 42 class TpmStateForwarder : public TpmState { 43 public: 44 explicit TpmStateForwarder(TpmState* target) : target_(target) {} 45 ~TpmStateForwarder() override = default; 46 47 TPM_RC Initialize() override { 48 return target_->Initialize(); 49 } 50 51 bool IsOwnerPasswordSet() override { 52 return target_->IsOwnerPasswordSet(); 53 } 54 55 bool IsEndorsementPasswordSet() override { 56 return target_->IsEndorsementPasswordSet(); 57 } 58 59 bool IsLockoutPasswordSet() override { 60 return target_->IsLockoutPasswordSet(); 61 } 62 63 bool IsOwned() override { 64 return target_->IsOwned(); 65 } 66 67 bool IsInLockout() override { 68 return target_->IsInLockout(); 69 } 70 71 bool IsPlatformHierarchyEnabled() override { 72 return target_->IsPlatformHierarchyEnabled(); 73 } 74 75 bool IsStorageHierarchyEnabled() override { 76 return target_->IsStorageHierarchyEnabled(); 77 } 78 79 bool IsEndorsementHierarchyEnabled() override { 80 return target_->IsEndorsementHierarchyEnabled(); 81 } 82 83 bool IsEnabled() override { 84 return target_->IsEnabled(); 85 } 86 87 bool WasShutdownOrderly() override { 88 return target_->WasShutdownOrderly(); 89 } 90 91 bool IsRSASupported() override { 92 return target_->IsRSASupported(); 93 } 94 95 bool IsECCSupported() override { 96 return target_->IsECCSupported(); 97 } 98 99 uint32_t GetLockoutCounter() override { 100 return target_->GetLockoutCounter(); 101 } 102 103 uint32_t GetLockoutThreshold() override { 104 return target_->GetLockoutThreshold(); 105 } 106 107 uint32_t GetLockoutInterval() override { 108 return target_->GetLockoutInterval(); 109 } 110 111 uint32_t GetLockoutRecovery() override { 112 return target_->GetLockoutRecovery(); 113 } 114 115 private: 116 TpmState* target_; 117 }; 118 119 // Forwards all calls to a target instance. 120 class TpmUtilityForwarder : public TpmUtility { 121 public: 122 explicit TpmUtilityForwarder(TpmUtility* target) : target_(target) {} 123 ~TpmUtilityForwarder() override = default; 124 125 TPM_RC Startup() override { 126 return target_->Startup(); 127 } 128 129 TPM_RC Clear() override { 130 return target_->Clear(); 131 } 132 133 void Shutdown() override { 134 return target_->Shutdown(); 135 } 136 137 TPM_RC InitializeTpm() override { 138 return target_->InitializeTpm(); 139 } 140 141 TPM_RC AllocatePCR(const std::string& platform_password) override { 142 return target_->AllocatePCR(platform_password); 143 } 144 145 TPM_RC TakeOwnership(const std::string& owner_password, 146 const std::string& endorsement_password, 147 const std::string& lockout_password) override { 148 return target_->TakeOwnership(owner_password, 149 endorsement_password, 150 lockout_password); 151 } 152 153 TPM_RC StirRandom(const std::string& entropy_data, 154 AuthorizationDelegate* delegate) override { 155 return target_->StirRandom(entropy_data, delegate); 156 } 157 158 TPM_RC GenerateRandom(size_t num_bytes, 159 AuthorizationDelegate* delegate, 160 std::string* random_data) override { 161 return target_->GenerateRandom(num_bytes, delegate, random_data); 162 } 163 164 TPM_RC ExtendPCR(int pcr_index, 165 const std::string& extend_data, 166 AuthorizationDelegate* delegate) override { 167 return target_->ExtendPCR(pcr_index, extend_data, delegate); 168 } 169 170 TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override { 171 return target_->ReadPCR(pcr_index, pcr_value); 172 } 173 174 TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle, 175 TPM_ALG_ID scheme, 176 TPM_ALG_ID hash_alg, 177 const std::string& plaintext, 178 AuthorizationDelegate* delegate, 179 std::string* ciphertext) override { 180 return target_->AsymmetricEncrypt(key_handle, 181 scheme, 182 hash_alg, 183 plaintext, 184 delegate, 185 ciphertext); 186 } 187 188 TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle, 189 TPM_ALG_ID scheme, 190 TPM_ALG_ID hash_alg, 191 const std::string& ciphertext, 192 AuthorizationDelegate* delegate, 193 std::string* plaintext) override { 194 return target_->AsymmetricDecrypt(key_handle, 195 scheme, 196 hash_alg, 197 ciphertext, 198 delegate, 199 plaintext); 200 } 201 202 TPM_RC Sign(TPM_HANDLE key_handle, 203 TPM_ALG_ID scheme, 204 TPM_ALG_ID hash_alg, 205 const std::string& plaintext, 206 AuthorizationDelegate* delegate, 207 std::string* signature) override { 208 return target_->Sign(key_handle, 209 scheme, 210 hash_alg, 211 plaintext, 212 delegate, 213 signature); 214 } 215 216 TPM_RC Verify(TPM_HANDLE key_handle, 217 TPM_ALG_ID scheme, 218 TPM_ALG_ID hash_alg, 219 const std::string& plaintext, 220 const std::string& signature, 221 AuthorizationDelegate* delegate) override { 222 return target_->Verify(key_handle, scheme, hash_alg, 223 plaintext, signature, delegate); 224 } 225 226 TPM_RC CertifyCreation(TPM_HANDLE key_handle, 227 const std::string& creation_blob) override { 228 return target_->CertifyCreation(key_handle, creation_blob); 229 } 230 231 TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle, 232 const std::string& new_password, 233 AuthorizationDelegate* delegate, 234 std::string* key_blob) override { 235 return target_->ChangeKeyAuthorizationData(key_handle, 236 new_password, 237 delegate, 238 key_blob); 239 } 240 241 TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type, 242 const std::string& modulus, 243 uint32_t public_exponent, 244 const std::string& prime_factor, 245 const std::string& password, 246 AuthorizationDelegate* delegate, 247 std::string* key_blob) override { 248 return target_->ImportRSAKey(key_type, modulus, public_exponent, 249 prime_factor, password, delegate, key_blob); 250 } 251 252 TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type, 253 int modulus_bits, 254 uint32_t public_exponent, 255 const std::string& password, 256 const std::string& policy_digest, 257 bool use_only_policy_authorization, 258 int creation_pcr_index, 259 AuthorizationDelegate* delegate, 260 std::string* key_blob, 261 std::string* creation_blob) override { 262 return target_->CreateRSAKeyPair(key_type, modulus_bits, public_exponent, 263 password, policy_digest, 264 use_only_policy_authorization, 265 creation_pcr_index, 266 delegate, key_blob, creation_blob); 267 } 268 269 TPM_RC LoadKey(const std::string& key_blob, 270 AuthorizationDelegate* delegate, 271 TPM_HANDLE* key_handle) override { 272 return target_->LoadKey(key_blob, delegate, key_handle); 273 } 274 275 TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override { 276 return target_->GetKeyName(handle, name); 277 } 278 279 TPM_RC GetKeyPublicArea(TPM_HANDLE handle, 280 TPMT_PUBLIC* public_data) override { 281 return target_->GetKeyPublicArea(handle, public_data); 282 } 283 284 TPM_RC SealData(const std::string& data_to_seal, 285 const std::string& policy_digest, 286 AuthorizationDelegate* delegate, 287 std::string* sealed_data) override { 288 return target_->SealData(data_to_seal, policy_digest, 289 delegate, sealed_data); 290 } 291 292 TPM_RC UnsealData(const std::string& sealed_data, 293 AuthorizationDelegate* delegate, 294 std::string* unsealed_data) override { 295 return target_->UnsealData(sealed_data, delegate, unsealed_data); 296 } 297 298 TPM_RC StartSession(HmacSession* session) override { 299 return target_->StartSession(session); 300 } 301 302 TPM_RC GetPolicyDigestForPcrValue(int pcr_index, 303 const std::string& pcr_value, 304 std::string* policy_digest) override { 305 return target_->GetPolicyDigestForPcrValue(pcr_index, pcr_value, 306 policy_digest); 307 } 308 309 TPM_RC DefineNVSpace(uint32_t index, 310 size_t num_bytes, 311 AuthorizationDelegate* delegate) override { 312 return target_->DefineNVSpace(index, num_bytes, delegate); 313 } 314 315 TPM_RC DestroyNVSpace(uint32_t index, 316 AuthorizationDelegate* delegate) override { 317 return target_->DestroyNVSpace(index, delegate); 318 } 319 320 TPM_RC LockNVSpace(uint32_t index, 321 AuthorizationDelegate* delegate) override { 322 return target_->LockNVSpace(index, delegate); 323 } 324 325 TPM_RC WriteNVSpace(uint32_t index, 326 uint32_t offset, 327 const std::string& nvram_data, 328 AuthorizationDelegate* delegate) override { 329 return target_->WriteNVSpace(index, offset, nvram_data, delegate); 330 } 331 332 TPM_RC ReadNVSpace(uint32_t index, 333 uint32_t offset, 334 size_t num_bytes, 335 std::string* nvram_data, 336 AuthorizationDelegate* delegate) override { 337 return target_->ReadNVSpace(index, offset, num_bytes, nvram_data, delegate); 338 } 339 340 TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override { 341 return target_->GetNVSpaceName(index, name); 342 } 343 344 TPM_RC GetNVSpacePublicArea(uint32_t index, 345 TPMS_NV_PUBLIC* public_data) override { 346 return target_->GetNVSpacePublicArea(index, public_data); 347 } 348 349 private: 350 TpmUtility* target_; 351 }; 352 353 // Forwards all calls to a target instance. 354 class AuthorizationDelegateForwarder : public AuthorizationDelegate { 355 public: 356 explicit AuthorizationDelegateForwarder(AuthorizationDelegate* target) 357 : target_(target) {} 358 ~AuthorizationDelegateForwarder() override = default; 359 360 bool GetCommandAuthorization(const std::string& command_hash, 361 bool is_command_parameter_encryption_possible, 362 bool is_response_parameter_encryption_possible, 363 std::string* authorization) override { 364 return target_->GetCommandAuthorization( 365 command_hash, 366 is_command_parameter_encryption_possible, 367 is_response_parameter_encryption_possible, 368 authorization); 369 } 370 371 bool CheckResponseAuthorization(const std::string& response_hash, 372 const std::string& authorization) override { 373 return target_->CheckResponseAuthorization(response_hash, authorization); 374 } 375 376 bool EncryptCommandParameter(std::string* parameter) override { 377 return target_->EncryptCommandParameter(parameter); 378 } 379 380 bool DecryptResponseParameter(std::string* parameter) override { 381 return target_->DecryptResponseParameter(parameter); 382 } 383 384 private: 385 AuthorizationDelegate* target_; 386 }; 387 388 // Forwards all calls to a target instance. 389 class SessionManagerForwarder : public SessionManager { 390 public: 391 explicit SessionManagerForwarder(SessionManager* target) : target_(target) {} 392 ~SessionManagerForwarder() override {} 393 394 TPM_HANDLE GetSessionHandle() const override { 395 return target_->GetSessionHandle(); 396 } 397 398 void CloseSession() override { 399 return target_->CloseSession(); 400 } 401 402 TPM_RC StartSession(TPM_SE session_type, TPMI_DH_ENTITY bind_entity, 403 const std::string& bind_authorization_value, 404 bool enable_encryption, 405 HmacAuthorizationDelegate* delegate) override { 406 return target_->StartSession(session_type, bind_entity, 407 bind_authorization_value, 408 enable_encryption, delegate); 409 } 410 411 private: 412 SessionManager* target_; 413 }; 414 415 // Forwards all calls to a target instance. 416 class HmacSessionForwarder : public HmacSession { 417 public: 418 explicit HmacSessionForwarder(HmacSession* target): target_(target) {} 419 ~HmacSessionForwarder() override = default; 420 421 AuthorizationDelegate* GetDelegate() override { 422 return target_->GetDelegate(); 423 } 424 425 TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity, 426 const std::string& bind_authorization_value, 427 bool enable_encryption) override { 428 return target_->StartBoundSession(bind_entity, 429 bind_authorization_value, 430 enable_encryption); 431 } 432 433 TPM_RC StartUnboundSession(bool enable_encryption) override { 434 return target_->StartUnboundSession(enable_encryption); 435 } 436 437 void SetEntityAuthorizationValue(const std::string& value) override { 438 return target_->SetEntityAuthorizationValue(value); 439 } 440 441 void SetFutureAuthorizationValue(const std::string& value) override { 442 return target_->SetFutureAuthorizationValue(value); 443 } 444 445 private: 446 HmacSession* target_; 447 }; 448 449 450 // Forwards all calls to a target instance. 451 class PolicySessionForwarder : public PolicySession { 452 public: 453 explicit PolicySessionForwarder(PolicySession* target): target_(target) {} 454 ~PolicySessionForwarder() override = default; 455 456 AuthorizationDelegate* GetDelegate() override { 457 return target_->GetDelegate(); 458 } 459 460 TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity, 461 const std::string& bind_authorization_value, 462 bool enable_encryption) override { 463 return target_->StartBoundSession(bind_entity, 464 bind_authorization_value, 465 enable_encryption); 466 } 467 468 TPM_RC StartUnboundSession(bool enable_encryption) override { 469 return target_->StartUnboundSession(enable_encryption); 470 } 471 472 TPM_RC GetDigest(std::string* digest) override { 473 return target_->GetDigest(digest); 474 } 475 476 TPM_RC PolicyOR(const std::vector<std::string>& digests) override { 477 return target_->PolicyOR(digests); 478 } 479 480 TPM_RC PolicyPCR(uint32_t pcr_index, const std::string& pcr_value) override { 481 return target_->PolicyPCR(pcr_index, pcr_value); 482 } 483 484 TPM_RC PolicyCommandCode(TPM_CC command_code) override { 485 return target_->PolicyCommandCode(command_code); 486 } 487 488 TPM_RC PolicyAuthValue() override { 489 return target_->PolicyAuthValue(); 490 } 491 492 void SetEntityAuthorizationValue(const std::string& value) override { 493 return target_->SetEntityAuthorizationValue(value); 494 } 495 496 private: 497 PolicySession* target_; 498 }; 499 500 // Forwards all calls to a target instance. 501 class BlobParserForwarder : public BlobParser { 502 public: 503 explicit BlobParserForwarder(BlobParser* target): target_(target) {} 504 ~BlobParserForwarder() override = default; 505 506 bool SerializeKeyBlob(const TPM2B_PUBLIC& public_info, 507 const TPM2B_PRIVATE& private_info, 508 std::string* key_blob) override { 509 return target_->SerializeKeyBlob(public_info, private_info, key_blob); 510 } 511 512 bool ParseKeyBlob(const std::string& key_blob, 513 TPM2B_PUBLIC* public_info, 514 TPM2B_PRIVATE* private_info) override { 515 return target_->ParseKeyBlob(key_blob, public_info, private_info); 516 } 517 518 bool SerializeCreationBlob(const TPM2B_CREATION_DATA& creation_data, 519 const TPM2B_DIGEST& creation_hash, 520 const TPMT_TK_CREATION& creation_ticket, 521 std::string* creation_blob) override { 522 return target_->SerializeCreationBlob(creation_data, creation_hash, 523 creation_ticket, creation_blob); 524 } 525 526 bool ParseCreationBlob(const std::string& creation_blob, 527 TPM2B_CREATION_DATA* creation_data, 528 TPM2B_DIGEST* creation_hash, 529 TPMT_TK_CREATION* creation_ticket) override { 530 return target_->ParseCreationBlob(creation_blob, creation_data, 531 creation_hash, creation_ticket); 532 } 533 534 private: 535 BlobParser* target_; 536 }; 537 538 TrunksFactoryForTest::TrunksFactoryForTest() 539 : default_tpm_(new NiceMock<MockTpm>()), 540 tpm_(default_tpm_.get()), 541 default_tpm_state_(new NiceMock<MockTpmState>()), 542 tpm_state_(default_tpm_state_.get()), 543 default_tpm_utility_(new NiceMock<MockTpmUtility>()), 544 tpm_utility_(default_tpm_utility_.get()), 545 default_authorization_delegate_(new PasswordAuthorizationDelegate("")), 546 password_authorization_delegate_(default_authorization_delegate_.get()), 547 default_session_manager_(new NiceMock<MockSessionManager>()), 548 session_manager_(default_session_manager_.get()), 549 default_hmac_session_(new NiceMock<MockHmacSession>()), 550 hmac_session_(default_hmac_session_.get()), 551 default_policy_session_(new NiceMock<MockPolicySession>()), 552 policy_session_(default_policy_session_.get()), 553 default_blob_parser_(new NiceMock<MockBlobParser>()), 554 blob_parser_(default_blob_parser_.get()) { 555 } 556 557 TrunksFactoryForTest::~TrunksFactoryForTest() {} 558 559 Tpm* TrunksFactoryForTest::GetTpm() const { 560 return tpm_; 561 } 562 563 scoped_ptr<TpmState> TrunksFactoryForTest::GetTpmState() const { 564 return scoped_ptr<TpmState>(new TpmStateForwarder(tpm_state_)); 565 } 566 567 scoped_ptr<TpmUtility> TrunksFactoryForTest::GetTpmUtility() const { 568 return scoped_ptr<TpmUtility>(new TpmUtilityForwarder(tpm_utility_)); 569 } 570 571 scoped_ptr<AuthorizationDelegate> 572 TrunksFactoryForTest::GetPasswordAuthorization( 573 const std::string& password) const { 574 return scoped_ptr<AuthorizationDelegate>( 575 new AuthorizationDelegateForwarder(password_authorization_delegate_)); 576 } 577 578 scoped_ptr<SessionManager> TrunksFactoryForTest::GetSessionManager() const { 579 return scoped_ptr<SessionManager>( 580 new SessionManagerForwarder(session_manager_)); 581 } 582 583 scoped_ptr<HmacSession> TrunksFactoryForTest::GetHmacSession() const { 584 return scoped_ptr<HmacSession>(new HmacSessionForwarder(hmac_session_)); 585 } 586 587 scoped_ptr<PolicySession> TrunksFactoryForTest::GetPolicySession() const { 588 return scoped_ptr<PolicySession>(new PolicySessionForwarder(policy_session_)); 589 } 590 591 scoped_ptr<PolicySession> TrunksFactoryForTest::GetTrialSession() const { 592 return scoped_ptr<PolicySession>(new PolicySessionForwarder(policy_session_)); 593 } 594 595 scoped_ptr<BlobParser> TrunksFactoryForTest::GetBlobParser() const { 596 return scoped_ptr<BlobParser>(new BlobParserForwarder(blob_parser_)); 597 } 598 599 } // namespace trunks 600
