Home | History | Annotate | Download | only in trunks
      1 //
      2 // Copyright (C) 2014 The Android Open Source Project
      3 //
      4 // Licensed under the Apache License, Version 2.0 (the "License");
      5 // you may not use this file except in compliance with the License.
      6 // You may obtain a copy of the License at
      7 //
      8 //      http://www.apache.org/licenses/LICENSE-2.0
      9 //
     10 // Unless required by applicable law or agreed to in writing, software
     11 // distributed under the License is distributed on an "AS IS" BASIS,
     12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
     13 // See the License for the specific language governing permissions and
     14 // limitations under the License.
     15 //
     16 
     17 #include "trunks/trunks_factory_for_test.h"
     18 
     19 #include <memory>
     20 
     21 #include <base/memory/ptr_util.h>
     22 #include <gmock/gmock.h>
     23 
     24 #include "trunks/authorization_delegate.h"
     25 #include "trunks/blob_parser.h"
     26 #include "trunks/hmac_session.h"
     27 #include "trunks/mock_blob_parser.h"
     28 #include "trunks/mock_hmac_session.h"
     29 #include "trunks/mock_policy_session.h"
     30 #include "trunks/mock_session_manager.h"
     31 #include "trunks/mock_tpm.h"
     32 #include "trunks/mock_tpm_state.h"
     33 #include "trunks/mock_tpm_utility.h"
     34 #include "trunks/policy_session.h"
     35 #include "trunks/session_manager.h"
     36 #include "trunks/tpm_generated.h"
     37 #include "trunks/tpm_state.h"
     38 #include "trunks/tpm_utility.h"
     39 
     40 using testing::NiceMock;
     41 
     42 namespace trunks {
     43 
     44 // Forwards all calls to a target instance.
     45 class TpmStateForwarder : public TpmState {
     46  public:
     47   explicit TpmStateForwarder(TpmState* target) : target_(target) {}
     48   ~TpmStateForwarder() override = default;
     49 
     50   TPM_RC Initialize() override { return target_->Initialize(); }
     51 
     52   bool IsOwnerPasswordSet() override { return target_->IsOwnerPasswordSet(); }
     53 
     54   bool IsEndorsementPasswordSet() override {
     55     return target_->IsEndorsementPasswordSet();
     56   }
     57 
     58   bool IsLockoutPasswordSet() override {
     59     return target_->IsLockoutPasswordSet();
     60   }
     61 
     62   bool IsOwned() override { return target_->IsOwned(); }
     63 
     64   bool IsInLockout() override { return target_->IsInLockout(); }
     65 
     66   bool IsPlatformHierarchyEnabled() override {
     67     return target_->IsPlatformHierarchyEnabled();
     68   }
     69 
     70   bool IsStorageHierarchyEnabled() override {
     71     return target_->IsStorageHierarchyEnabled();
     72   }
     73 
     74   bool IsEndorsementHierarchyEnabled() override {
     75     return target_->IsEndorsementHierarchyEnabled();
     76   }
     77 
     78   bool IsEnabled() override { return target_->IsEnabled(); }
     79 
     80   bool WasShutdownOrderly() override { return target_->WasShutdownOrderly(); }
     81 
     82   bool IsRSASupported() override { return target_->IsRSASupported(); }
     83 
     84   bool IsECCSupported() override { return target_->IsECCSupported(); }
     85 
     86   uint32_t GetLockoutCounter() override { return target_->GetLockoutCounter(); }
     87 
     88   uint32_t GetLockoutThreshold() override {
     89     return target_->GetLockoutThreshold();
     90   }
     91 
     92   uint32_t GetLockoutInterval() override {
     93     return target_->GetLockoutInterval();
     94   }
     95 
     96   uint32_t GetLockoutRecovery() override {
     97     return target_->GetLockoutRecovery();
     98   }
     99 
    100   uint32_t GetMaxNVSize() override { return target_->GetMaxNVSize(); }
    101 
    102   bool GetTpmProperty(TPM_PT property, uint32_t* value) override {
    103     return target_->GetTpmProperty(property, value);
    104   }
    105 
    106   bool GetAlgorithmProperties(TPM_ALG_ID algorithm,
    107                               TPMA_ALGORITHM* properties) override {
    108     return target_->GetAlgorithmProperties(algorithm, properties);
    109   }
    110 
    111  private:
    112   TpmState* target_;
    113 };
    114 
    115 // Forwards all calls to a target instance.
    116 class TpmUtilityForwarder : public TpmUtility {
    117  public:
    118   explicit TpmUtilityForwarder(TpmUtility* target) : target_(target) {}
    119   ~TpmUtilityForwarder() override = default;
    120 
    121   TPM_RC Startup() override { return target_->Startup(); }
    122 
    123   TPM_RC Clear() override { return target_->Clear(); }
    124 
    125   void Shutdown() override { return target_->Shutdown(); }
    126 
    127   TPM_RC InitializeTpm() override { return target_->InitializeTpm(); }
    128 
    129   TPM_RC AllocatePCR(const std::string& platform_password) override {
    130     return target_->AllocatePCR(platform_password);
    131   }
    132 
    133   TPM_RC TakeOwnership(const std::string& owner_password,
    134                        const std::string& endorsement_password,
    135                        const std::string& lockout_password) override {
    136     return target_->TakeOwnership(owner_password, endorsement_password,
    137                                   lockout_password);
    138   }
    139 
    140   TPM_RC StirRandom(const std::string& entropy_data,
    141                     AuthorizationDelegate* delegate) override {
    142     return target_->StirRandom(entropy_data, delegate);
    143   }
    144 
    145   TPM_RC GenerateRandom(size_t num_bytes,
    146                         AuthorizationDelegate* delegate,
    147                         std::string* random_data) override {
    148     return target_->GenerateRandom(num_bytes, delegate, random_data);
    149   }
    150 
    151   TPM_RC ExtendPCR(int pcr_index,
    152                    const std::string& extend_data,
    153                    AuthorizationDelegate* delegate) override {
    154     return target_->ExtendPCR(pcr_index, extend_data, delegate);
    155   }
    156 
    157   TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override {
    158     return target_->ReadPCR(pcr_index, pcr_value);
    159   }
    160 
    161   TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
    162                            TPM_ALG_ID scheme,
    163                            TPM_ALG_ID hash_alg,
    164                            const std::string& plaintext,
    165                            AuthorizationDelegate* delegate,
    166                            std::string* ciphertext) override {
    167     return target_->AsymmetricEncrypt(key_handle, scheme, hash_alg, plaintext,
    168                                       delegate, ciphertext);
    169   }
    170 
    171   TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
    172                            TPM_ALG_ID scheme,
    173                            TPM_ALG_ID hash_alg,
    174                            const std::string& ciphertext,
    175                            AuthorizationDelegate* delegate,
    176                            std::string* plaintext) override {
    177     return target_->AsymmetricDecrypt(key_handle, scheme, hash_alg, ciphertext,
    178                                       delegate, plaintext);
    179   }
    180 
    181   TPM_RC Sign(TPM_HANDLE key_handle,
    182               TPM_ALG_ID scheme,
    183               TPM_ALG_ID hash_alg,
    184               const std::string& plaintext,
    185               AuthorizationDelegate* delegate,
    186               std::string* signature) override {
    187     return target_->Sign(key_handle, scheme, hash_alg, plaintext, delegate,
    188                          signature);
    189   }
    190 
    191   TPM_RC Verify(TPM_HANDLE key_handle,
    192                 TPM_ALG_ID scheme,
    193                 TPM_ALG_ID hash_alg,
    194                 const std::string& plaintext,
    195                 const std::string& signature,
    196                 AuthorizationDelegate* delegate) override {
    197     return target_->Verify(key_handle, scheme, hash_alg, plaintext, signature,
    198                            delegate);
    199   }
    200 
    201   TPM_RC CertifyCreation(TPM_HANDLE key_handle,
    202                          const std::string& creation_blob) override {
    203     return target_->CertifyCreation(key_handle, creation_blob);
    204   }
    205 
    206   TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle,
    207                                     const std::string& new_password,
    208                                     AuthorizationDelegate* delegate,
    209                                     std::string* key_blob) override {
    210     return target_->ChangeKeyAuthorizationData(key_handle, new_password,
    211                                                delegate, key_blob);
    212   }
    213 
    214   TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type,
    215                       const std::string& modulus,
    216                       uint32_t public_exponent,
    217                       const std::string& prime_factor,
    218                       const std::string& password,
    219                       AuthorizationDelegate* delegate,
    220                       std::string* key_blob) override {
    221     return target_->ImportRSAKey(key_type, modulus, public_exponent,
    222                                  prime_factor, password, delegate, key_blob);
    223   }
    224 
    225   TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type,
    226                           int modulus_bits,
    227                           uint32_t public_exponent,
    228                           const std::string& password,
    229                           const std::string& policy_digest,
    230                           bool use_only_policy_authorization,
    231                           int creation_pcr_index,
    232                           AuthorizationDelegate* delegate,
    233                           std::string* key_blob,
    234                           std::string* creation_blob) override {
    235     return target_->CreateRSAKeyPair(
    236         key_type, modulus_bits, public_exponent, password, policy_digest,
    237         use_only_policy_authorization, creation_pcr_index, delegate, key_blob,
    238         creation_blob);
    239   }
    240 
    241   TPM_RC LoadKey(const std::string& key_blob,
    242                  AuthorizationDelegate* delegate,
    243                  TPM_HANDLE* key_handle) override {
    244     return target_->LoadKey(key_blob, delegate, key_handle);
    245   }
    246 
    247   TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override {
    248     return target_->GetKeyName(handle, name);
    249   }
    250 
    251   TPM_RC GetKeyPublicArea(TPM_HANDLE handle,
    252                           TPMT_PUBLIC* public_data) override {
    253     return target_->GetKeyPublicArea(handle, public_data);
    254   }
    255 
    256   TPM_RC SealData(const std::string& data_to_seal,
    257                   const std::string& policy_digest,
    258                   AuthorizationDelegate* delegate,
    259                   std::string* sealed_data) override {
    260     return target_->SealData(data_to_seal, policy_digest, delegate,
    261                              sealed_data);
    262   }
    263 
    264   TPM_RC UnsealData(const std::string& sealed_data,
    265                     AuthorizationDelegate* delegate,
    266                     std::string* unsealed_data) override {
    267     return target_->UnsealData(sealed_data, delegate, unsealed_data);
    268   }
    269 
    270   TPM_RC StartSession(HmacSession* session) override {
    271     return target_->StartSession(session);
    272   }
    273 
    274   TPM_RC GetPolicyDigestForPcrValue(int pcr_index,
    275                                     const std::string& pcr_value,
    276                                     std::string* policy_digest) override {
    277     return target_->GetPolicyDigestForPcrValue(pcr_index, pcr_value,
    278                                                policy_digest);
    279   }
    280 
    281   TPM_RC DefineNVSpace(uint32_t index,
    282                        size_t num_bytes,
    283                        TPMA_NV attributes,
    284                        const std::string& authorization_value,
    285                        const std::string& policy_digest,
    286                        AuthorizationDelegate* delegate) override {
    287     return target_->DefineNVSpace(index, num_bytes, attributes,
    288                                   authorization_value, policy_digest, delegate);
    289   }
    290 
    291   TPM_RC DestroyNVSpace(uint32_t index,
    292                         AuthorizationDelegate* delegate) override {
    293     return target_->DestroyNVSpace(index, delegate);
    294   }
    295 
    296   TPM_RC LockNVSpace(uint32_t index,
    297                      bool lock_read,
    298                      bool lock_write,
    299                      bool using_owner_authorization,
    300                      AuthorizationDelegate* delegate) override {
    301     return target_->LockNVSpace(index, lock_read, lock_write,
    302                                 using_owner_authorization, delegate);
    303   }
    304 
    305   TPM_RC WriteNVSpace(uint32_t index,
    306                       uint32_t offset,
    307                       const std::string& nvram_data,
    308                       bool using_owner_authorization,
    309                       bool extend,
    310                       AuthorizationDelegate* delegate) override {
    311     return target_->WriteNVSpace(index, offset, nvram_data,
    312                                  using_owner_authorization, extend, delegate);
    313   }
    314 
    315   TPM_RC ReadNVSpace(uint32_t index,
    316                      uint32_t offset,
    317                      size_t num_bytes,
    318                      bool using_owner_authorization,
    319                      std::string* nvram_data,
    320                      AuthorizationDelegate* delegate) override {
    321     return target_->ReadNVSpace(index, offset, num_bytes,
    322                                 using_owner_authorization, nvram_data,
    323                                 delegate);
    324   }
    325 
    326   TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override {
    327     return target_->GetNVSpaceName(index, name);
    328   }
    329 
    330   TPM_RC GetNVSpacePublicArea(uint32_t index,
    331                               TPMS_NV_PUBLIC* public_data) override {
    332     return target_->GetNVSpacePublicArea(index, public_data);
    333   }
    334 
    335   TPM_RC ListNVSpaces(std::vector<uint32_t>* index_list) override {
    336     return target_->ListNVSpaces(index_list);
    337   }
    338 
    339   TPM_RC SetDictionaryAttackParameters(
    340       uint32_t max_tries,
    341       uint32_t recovery_time,
    342       uint32_t lockout_recovery,
    343       AuthorizationDelegate* delegate) override {
    344     return target_->SetDictionaryAttackParameters(max_tries, recovery_time,
    345                                                   lockout_recovery, delegate);
    346   }
    347 
    348   TPM_RC ResetDictionaryAttackLock(AuthorizationDelegate* delegate) override {
    349     return target_->ResetDictionaryAttackLock(delegate);
    350   }
    351 
    352  private:
    353   TpmUtility* target_;
    354 };
    355 
    356 // Forwards all calls to a target instance.
    357 class AuthorizationDelegateForwarder : public AuthorizationDelegate {
    358  public:
    359   explicit AuthorizationDelegateForwarder(AuthorizationDelegate* target)
    360       : target_(target) {}
    361   ~AuthorizationDelegateForwarder() override = default;
    362 
    363   bool GetCommandAuthorization(const std::string& command_hash,
    364                                bool is_command_parameter_encryption_possible,
    365                                bool is_response_parameter_encryption_possible,
    366                                std::string* authorization) override {
    367     return target_->GetCommandAuthorization(
    368         command_hash, is_command_parameter_encryption_possible,
    369         is_response_parameter_encryption_possible, authorization);
    370   }
    371 
    372   bool CheckResponseAuthorization(const std::string& response_hash,
    373                                   const std::string& authorization) override {
    374     return target_->CheckResponseAuthorization(response_hash, authorization);
    375   }
    376 
    377   bool EncryptCommandParameter(std::string* parameter) override {
    378     return target_->EncryptCommandParameter(parameter);
    379   }
    380 
    381   bool DecryptResponseParameter(std::string* parameter) override {
    382     return target_->DecryptResponseParameter(parameter);
    383   }
    384 
    385  private:
    386   AuthorizationDelegate* target_;
    387 };
    388 
    389 // Forwards all calls to a target instance.
    390 class SessionManagerForwarder : public SessionManager {
    391  public:
    392   explicit SessionManagerForwarder(SessionManager* target) : target_(target) {}
    393   ~SessionManagerForwarder() override {}
    394 
    395   TPM_HANDLE GetSessionHandle() const override {
    396     return target_->GetSessionHandle();
    397   }
    398 
    399   void CloseSession() override { return target_->CloseSession(); }
    400 
    401   TPM_RC StartSession(TPM_SE session_type,
    402                       TPMI_DH_ENTITY bind_entity,
    403                       const std::string& bind_authorization_value,
    404                       bool enable_encryption,
    405                       HmacAuthorizationDelegate* delegate) override {
    406     return target_->StartSession(session_type, bind_entity,
    407                                  bind_authorization_value, enable_encryption,
    408                                  delegate);
    409   }
    410 
    411  private:
    412   SessionManager* target_;
    413 };
    414 
    415 // Forwards all calls to a target instance.
    416 class HmacSessionForwarder : public HmacSession {
    417  public:
    418   explicit HmacSessionForwarder(HmacSession* target) : target_(target) {}
    419   ~HmacSessionForwarder() override = default;
    420 
    421   AuthorizationDelegate* GetDelegate() override {
    422     return target_->GetDelegate();
    423   }
    424 
    425   TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
    426                            const std::string& bind_authorization_value,
    427                            bool enable_encryption) override {
    428     return target_->StartBoundSession(bind_entity, bind_authorization_value,
    429                                       enable_encryption);
    430   }
    431 
    432   TPM_RC StartUnboundSession(bool enable_encryption) override {
    433     return target_->StartUnboundSession(enable_encryption);
    434   }
    435 
    436   void SetEntityAuthorizationValue(const std::string& value) override {
    437     return target_->SetEntityAuthorizationValue(value);
    438   }
    439 
    440   void SetFutureAuthorizationValue(const std::string& value) override {
    441     return target_->SetFutureAuthorizationValue(value);
    442   }
    443 
    444  private:
    445   HmacSession* target_;
    446 };
    447 
    448 // Forwards all calls to a target instance.
    449 class PolicySessionForwarder : public PolicySession {
    450  public:
    451   explicit PolicySessionForwarder(PolicySession* target) : target_(target) {}
    452   ~PolicySessionForwarder() override = default;
    453 
    454   AuthorizationDelegate* GetDelegate() override {
    455     return target_->GetDelegate();
    456   }
    457 
    458   TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
    459                            const std::string& bind_authorization_value,
    460                            bool enable_encryption) override {
    461     return target_->StartBoundSession(bind_entity, bind_authorization_value,
    462                                       enable_encryption);
    463   }
    464 
    465   TPM_RC StartUnboundSession(bool enable_encryption) override {
    466     return target_->StartUnboundSession(enable_encryption);
    467   }
    468 
    469   TPM_RC GetDigest(std::string* digest) override {
    470     return target_->GetDigest(digest);
    471   }
    472 
    473   TPM_RC PolicyOR(const std::vector<std::string>& digests) override {
    474     return target_->PolicyOR(digests);
    475   }
    476 
    477   TPM_RC PolicyPCR(uint32_t pcr_index, const std::string& pcr_value) override {
    478     return target_->PolicyPCR(pcr_index, pcr_value);
    479   }
    480 
    481   TPM_RC PolicyCommandCode(TPM_CC command_code) override {
    482     return target_->PolicyCommandCode(command_code);
    483   }
    484 
    485   TPM_RC PolicyAuthValue() override { return target_->PolicyAuthValue(); }
    486 
    487   TPM_RC PolicyRestart() override { return target_->PolicyRestart(); }
    488 
    489   void SetEntityAuthorizationValue(const std::string& value) override {
    490     return target_->SetEntityAuthorizationValue(value);
    491   }
    492 
    493  private:
    494   PolicySession* target_;
    495 };
    496 
    497 // Forwards all calls to a target instance.
    498 class BlobParserForwarder : public BlobParser {
    499  public:
    500   explicit BlobParserForwarder(BlobParser* target) : target_(target) {}
    501   ~BlobParserForwarder() override = default;
    502 
    503   bool SerializeKeyBlob(const TPM2B_PUBLIC& public_info,
    504                         const TPM2B_PRIVATE& private_info,
    505                         std::string* key_blob) override {
    506     return target_->SerializeKeyBlob(public_info, private_info, key_blob);
    507   }
    508 
    509   bool ParseKeyBlob(const std::string& key_blob,
    510                     TPM2B_PUBLIC* public_info,
    511                     TPM2B_PRIVATE* private_info) override {
    512     return target_->ParseKeyBlob(key_blob, public_info, private_info);
    513   }
    514 
    515   bool SerializeCreationBlob(const TPM2B_CREATION_DATA& creation_data,
    516                              const TPM2B_DIGEST& creation_hash,
    517                              const TPMT_TK_CREATION& creation_ticket,
    518                              std::string* creation_blob) override {
    519     return target_->SerializeCreationBlob(creation_data, creation_hash,
    520                                           creation_ticket, creation_blob);
    521   }
    522 
    523   bool ParseCreationBlob(const std::string& creation_blob,
    524                          TPM2B_CREATION_DATA* creation_data,
    525                          TPM2B_DIGEST* creation_hash,
    526                          TPMT_TK_CREATION* creation_ticket) override {
    527     return target_->ParseCreationBlob(creation_blob, creation_data,
    528                                       creation_hash, creation_ticket);
    529   }
    530 
    531  private:
    532   BlobParser* target_;
    533 };
    534 
    535 TrunksFactoryForTest::TrunksFactoryForTest()
    536     : default_tpm_(new NiceMock<MockTpm>()),
    537       tpm_(default_tpm_.get()),
    538       default_tpm_state_(new NiceMock<MockTpmState>()),
    539       tpm_state_(default_tpm_state_.get()),
    540       default_tpm_utility_(new NiceMock<MockTpmUtility>()),
    541       tpm_utility_(default_tpm_utility_.get()),
    542       default_authorization_delegate_(new PasswordAuthorizationDelegate("")),
    543       password_authorization_delegate_(default_authorization_delegate_.get()),
    544       default_session_manager_(new NiceMock<MockSessionManager>()),
    545       session_manager_(default_session_manager_.get()),
    546       default_hmac_session_(new NiceMock<MockHmacSession>()),
    547       hmac_session_(default_hmac_session_.get()),
    548       default_policy_session_(new NiceMock<MockPolicySession>()),
    549       policy_session_(default_policy_session_.get()),
    550       default_trial_session_(new NiceMock<MockPolicySession>()),
    551       trial_session_(default_trial_session_.get()),
    552       default_blob_parser_(new NiceMock<MockBlobParser>()),
    553       blob_parser_(default_blob_parser_.get()) {}
    554 
    555 TrunksFactoryForTest::~TrunksFactoryForTest() {}
    556 
    557 Tpm* TrunksFactoryForTest::GetTpm() const {
    558   return tpm_;
    559 }
    560 
    561 std::unique_ptr<TpmState> TrunksFactoryForTest::GetTpmState() const {
    562   return base::MakeUnique<TpmStateForwarder>(tpm_state_);
    563 }
    564 
    565 std::unique_ptr<TpmUtility> TrunksFactoryForTest::GetTpmUtility() const {
    566   return base::MakeUnique<TpmUtilityForwarder>(tpm_utility_);
    567 }
    568 
    569 std::unique_ptr<AuthorizationDelegate>
    570 TrunksFactoryForTest::GetPasswordAuthorization(
    571     const std::string& password) const {
    572   return base::MakeUnique<AuthorizationDelegateForwarder>(
    573       password_authorization_delegate_);
    574 }
    575 
    576 std::unique_ptr<SessionManager> TrunksFactoryForTest::GetSessionManager()
    577     const {
    578   return base::MakeUnique<SessionManagerForwarder>(session_manager_);
    579 }
    580 
    581 std::unique_ptr<HmacSession> TrunksFactoryForTest::GetHmacSession() const {
    582   return base::MakeUnique<HmacSessionForwarder>(hmac_session_);
    583 }
    584 
    585 std::unique_ptr<PolicySession> TrunksFactoryForTest::GetPolicySession() const {
    586   return base::MakeUnique<PolicySessionForwarder>(policy_session_);
    587 }
    588 
    589 std::unique_ptr<PolicySession> TrunksFactoryForTest::GetTrialSession() const {
    590   return base::MakeUnique<PolicySessionForwarder>(trial_session_);
    591 }
    592 
    593 std::unique_ptr<BlobParser> TrunksFactoryForTest::GetBlobParser() const {
    594   return base::MakeUnique<BlobParserForwarder>(blob_parser_);
    595 }
    596 
    597 }  // namespace trunks
    598