Android-cuttlefish cvd tool
tpm_gatekeeper.h
Go to the documentation of this file.
1//
2// Copyright (C) 2020 The Android Open Source Project
3//
4// Licensed under the Apache License, Version 2.0 (the "License");
5// you may not use this file except in compliance with the License.
6// You may obtain a copy of the License at
7//
8// http://www.apache.org/licenses/LICENSE-2.0
9//
10// Unless required by applicable law or agreed to in writing, software
11// distributed under the License is distributed on an "AS IS" BASIS,
12// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13// See the License for the specific language governing permissions and
14// limitations under the License.
15
16#pragma once
17
18#include "gatekeeper/gatekeeper.h"
19#include "tss2/tss2_esys.h"
20
21#include "cuttlefish/host/commands/secure_env/gatekeeper_storage.h"
22#include "cuttlefish/host/commands/secure_env/storage/storage.h"
23#include "cuttlefish/host/commands/secure_env/tpm_resource_manager.h"
24
25namespace cuttlefish {
26
31class TpmGatekeeper : public gatekeeper::GateKeeper {
32public:
33 TpmGatekeeper(
34 TpmResourceManager& resource_manager,
35 secure_env::Storage& secure_storage,
36 secure_env::Storage& insecure_storage);
37
38 bool GetAuthTokenKey(
39 const uint8_t** auth_token_key, uint32_t* length) const override;
40
41 void GetPasswordKey(const uint8_t** pasword_key, uint32_t* length) override;
42
43 void ComputePasswordSignature(
44 uint8_t* signature,
45 uint32_t signature_length,
46 const uint8_t* key,
47 uint32_t key_length,
48 const uint8_t* password,
49 uint32_t password_length,
50 gatekeeper::salt_t salt) const override;
51
52 void GetRandom(void* random, uint32_t requested_size) const override;
53
54 void ComputeSignature(
55 uint8_t* signature,
56 uint32_t signature_length,
57 const uint8_t* key,
58 uint32_t key_length,
59 const uint8_t* message,
60 uint32_t length) const override;
61
62 uint64_t GetMillisecondsSinceBoot() const override;
63
69 bool GetFailureRecord(
70 uint32_t uid,
71 gatekeeper::secure_id_t user_id,
72 gatekeeper::failure_record_t *record,
73 bool secure) override;
74
75 bool ClearFailureRecord(
76 uint32_t uid, gatekeeper::secure_id_t user_id, bool secure) override;
77
78 bool WriteFailureRecord(
79 uint32_t uid, gatekeeper::failure_record_t *record, bool secure) override;
80
81 bool IsHardwareBacked() const override;
82private:
83 TpmResourceManager& resource_manager_;
84 secure_env::Storage& secure_storage_;
85 secure_env::Storage& insecure_storage_;
86};
87
88} // namespace cuttlefish
cuttlefish::TpmGatekeeper
Definition: tpm_gatekeeper.h:31
cuttlefish::TpmGatekeeper::ComputePasswordSignature
void ComputePasswordSignature(uint8_t *signature, uint32_t signature_length, const uint8_t *key, uint32_t key_length, const uint8_t *password, uint32_t password_length, gatekeeper::salt_t salt) const override
Definition: tpm_gatekeeper.cpp:66
cuttlefish::TpmGatekeeper::ComputeSignature
void ComputeSignature(uint8_t *signature, uint32_t signature_length, const uint8_t *key, uint32_t key_length, const uint8_t *message, uint32_t length) const override
Definition: tpm_gatekeeper.cpp:92
cuttlefish::TpmGatekeeper::IsHardwareBacked
bool IsHardwareBacked() const override
Definition: tpm_gatekeeper.cpp:224
cuttlefish::TpmGatekeeper::WriteFailureRecord
bool WriteFailureRecord(uint32_t uid, gatekeeper::failure_record_t *record, bool secure) override
Definition: tpm_gatekeeper.cpp:213
cuttlefish::TpmGatekeeper::GetAuthTokenKey
bool GetAuthTokenKey(const uint8_t **auth_token_key, uint32_t *length) const override
Definition: tpm_gatekeeper.cpp:51
cuttlefish::TpmGatekeeper::secure_storage_
secure_env::Storage & secure_storage_
Definition: tpm_gatekeeper.h:84
cuttlefish::TpmGatekeeper::GetRandom
void GetRandom(void *random, uint32_t requested_size) const override
Definition: tpm_gatekeeper.cpp:86
cuttlefish::TpmGatekeeper::ClearFailureRecord
bool ClearFailureRecord(uint32_t uid, gatekeeper::secure_id_t user_id, bool secure) override
Definition: tpm_gatekeeper.cpp:201
cuttlefish::TpmGatekeeper::TpmGatekeeper
TpmGatekeeper(TpmResourceManager &resource_manager, secure_env::Storage &secure_storage, secure_env::Storage &insecure_storage)
Definition: tpm_gatekeeper.cpp:37
cuttlefish::TpmGatekeeper::GetPasswordKey
void GetPasswordKey(const uint8_t **pasword_key, uint32_t *length) override
Definition: tpm_gatekeeper.cpp:59
cuttlefish::TpmGatekeeper::resource_manager_
TpmResourceManager & resource_manager_
Definition: tpm_gatekeeper.h:83
cuttlefish::TpmGatekeeper::insecure_storage_
secure_env::Storage & insecure_storage_
Definition: tpm_gatekeeper.h:85
cuttlefish::TpmGatekeeper::GetMillisecondsSinceBoot
uint64_t GetMillisecondsSinceBoot() const override
Definition: tpm_gatekeeper.cpp:114
cuttlefish::TpmGatekeeper::GetFailureRecord
bool GetFailureRecord(uint32_t uid, gatekeeper::secure_id_t user_id, gatekeeper::failure_record_t *record, bool secure) override
Definition: tpm_gatekeeper.cpp:177
cuttlefish::TpmResourceManager
Definition: tpm_resource_manager.h:50
cuttlefish::secure_env::Storage
Definition: storage.h:58
storage.h
gatekeeper_storage.h
cuttlefish
Definition: alloc_utils.cpp:23
tpm_resource_manager.h
Generated by doxygen 1.9.4