//
// Copyright (C) 2014 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
#include "trunks/trunks_factory_for_test.h"
#include <memory>
#include <base/memory/ptr_util.h>
#include <gmock/gmock.h>
#include "trunks/authorization_delegate.h"
#include "trunks/blob_parser.h"
#include "trunks/hmac_session.h"
#include "trunks/mock_blob_parser.h"
#include "trunks/mock_hmac_session.h"
#include "trunks/mock_policy_session.h"
#include "trunks/mock_session_manager.h"
#include "trunks/mock_tpm.h"
#include "trunks/mock_tpm_state.h"
#include "trunks/mock_tpm_utility.h"
#include "trunks/policy_session.h"
#include "trunks/session_manager.h"
#include "trunks/tpm_generated.h"
#include "trunks/tpm_state.h"
#include "trunks/tpm_utility.h"
using testing::NiceMock;
namespace trunks {
// Forwards all calls to a target instance.
class TpmStateForwarder : public TpmState {
public:
explicit TpmStateForwarder(TpmState* target) : target_(target) {}
~TpmStateForwarder() override = default;
TPM_RC Initialize() override { return target_->Initialize(); }
bool IsOwnerPasswordSet() override { return target_->IsOwnerPasswordSet(); }
bool IsEndorsementPasswordSet() override {
return target_->IsEndorsementPasswordSet();
}
bool IsLockoutPasswordSet() override {
return target_->IsLockoutPasswordSet();
}
bool IsOwned() override { return target_->IsOwned(); }
bool IsInLockout() override { return target_->IsInLockout(); }
bool IsPlatformHierarchyEnabled() override {
return target_->IsPlatformHierarchyEnabled();
}
bool IsStorageHierarchyEnabled() override {
return target_->IsStorageHierarchyEnabled();
}
bool IsEndorsementHierarchyEnabled() override {
return target_->IsEndorsementHierarchyEnabled();
}
bool IsEnabled() override { return target_->IsEnabled(); }
bool WasShutdownOrderly() override { return target_->WasShutdownOrderly(); }
bool IsRSASupported() override { return target_->IsRSASupported(); }
bool IsECCSupported() override { return target_->IsECCSupported(); }
uint32_t GetLockoutCounter() override { return target_->GetLockoutCounter(); }
uint32_t GetLockoutThreshold() override {
return target_->GetLockoutThreshold();
}
uint32_t GetLockoutInterval() override {
return target_->GetLockoutInterval();
}
uint32_t GetLockoutRecovery() override {
return target_->GetLockoutRecovery();
}
uint32_t GetMaxNVSize() override { return target_->GetMaxNVSize(); }
bool GetTpmProperty(TPM_PT property, uint32_t* value) override {
return target_->GetTpmProperty(property, value);
}
bool GetAlgorithmProperties(TPM_ALG_ID algorithm,
TPMA_ALGORITHM* properties) override {
return target_->GetAlgorithmProperties(algorithm, properties);
}
private:
TpmState* target_;
};
// Forwards all calls to a target instance.
class TpmUtilityForwarder : public TpmUtility {
public:
explicit TpmUtilityForwarder(TpmUtility* target) : target_(target) {}
~TpmUtilityForwarder() override = default;
TPM_RC Startup() override { return target_->Startup(); }
TPM_RC Clear() override { return target_->Clear(); }
void Shutdown() override { return target_->Shutdown(); }
TPM_RC InitializeTpm() override { return target_->InitializeTpm(); }
TPM_RC AllocatePCR(const std::string& platform_password) override {
return target_->AllocatePCR(platform_password);
}
TPM_RC TakeOwnership(const std::string& owner_password,
const std::string& endorsement_password,
const std::string& lockout_password) override {
return target_->TakeOwnership(owner_password, endorsement_password,
lockout_password);
}
TPM_RC StirRandom(const std::string& entropy_data,
AuthorizationDelegate* delegate) override {
return target_->StirRandom(entropy_data, delegate);
}
TPM_RC GenerateRandom(size_t num_bytes,
AuthorizationDelegate* delegate,
std::string* random_data) override {
return target_->GenerateRandom(num_bytes, delegate, random_data);
}
TPM_RC ExtendPCR(int pcr_index,
const std::string& extend_data,
AuthorizationDelegate* delegate) override {
return target_->ExtendPCR(pcr_index, extend_data, delegate);
}
TPM_RC ReadPCR(int pcr_index, std::string* pcr_value) override {
return target_->ReadPCR(pcr_index, pcr_value);
}
TPM_RC AsymmetricEncrypt(TPM_HANDLE key_handle,
TPM_ALG_ID scheme,
TPM_ALG_ID hash_alg,
const std::string& plaintext,
AuthorizationDelegate* delegate,
std::string* ciphertext) override {
return target_->AsymmetricEncrypt(key_handle, scheme, hash_alg, plaintext,
delegate, ciphertext);
}
TPM_RC AsymmetricDecrypt(TPM_HANDLE key_handle,
TPM_ALG_ID scheme,
TPM_ALG_ID hash_alg,
const std::string& ciphertext,
AuthorizationDelegate* delegate,
std::string* plaintext) override {
return target_->AsymmetricDecrypt(key_handle, scheme, hash_alg, ciphertext,
delegate, plaintext);
}
TPM_RC Sign(TPM_HANDLE key_handle,
TPM_ALG_ID scheme,
TPM_ALG_ID hash_alg,
const std::string& plaintext,
AuthorizationDelegate* delegate,
std::string* signature) override {
return target_->Sign(key_handle, scheme, hash_alg, plaintext, delegate,
signature);
}
TPM_RC Verify(TPM_HANDLE key_handle,
TPM_ALG_ID scheme,
TPM_ALG_ID hash_alg,
const std::string& plaintext,
const std::string& signature,
AuthorizationDelegate* delegate) override {
return target_->Verify(key_handle, scheme, hash_alg, plaintext, signature,
delegate);
}
TPM_RC CertifyCreation(TPM_HANDLE key_handle,
const std::string& creation_blob) override {
return target_->CertifyCreation(key_handle, creation_blob);
}
TPM_RC ChangeKeyAuthorizationData(TPM_HANDLE key_handle,
const std::string& new_password,
AuthorizationDelegate* delegate,
std::string* key_blob) override {
return target_->ChangeKeyAuthorizationData(key_handle, new_password,
delegate, key_blob);
}
TPM_RC ImportRSAKey(AsymmetricKeyUsage key_type,
const std::string& modulus,
uint32_t public_exponent,
const std::string& prime_factor,
const std::string& password,
AuthorizationDelegate* delegate,
std::string* key_blob) override {
return target_->ImportRSAKey(key_type, modulus, public_exponent,
prime_factor, password, delegate, key_blob);
}
TPM_RC CreateRSAKeyPair(AsymmetricKeyUsage key_type,
int modulus_bits,
uint32_t public_exponent,
const std::string& password,
const std::string& policy_digest,
bool use_only_policy_authorization,
int creation_pcr_index,
AuthorizationDelegate* delegate,
std::string* key_blob,
std::string* creation_blob) override {
return target_->CreateRSAKeyPair(
key_type, modulus_bits, public_exponent, password, policy_digest,
use_only_policy_authorization, creation_pcr_index, delegate, key_blob,
creation_blob);
}
TPM_RC LoadKey(const std::string& key_blob,
AuthorizationDelegate* delegate,
TPM_HANDLE* key_handle) override {
return target_->LoadKey(key_blob, delegate, key_handle);
}
TPM_RC GetKeyName(TPM_HANDLE handle, std::string* name) override {
return target_->GetKeyName(handle, name);
}
TPM_RC GetKeyPublicArea(TPM_HANDLE handle,
TPMT_PUBLIC* public_data) override {
return target_->GetKeyPublicArea(handle, public_data);
}
TPM_RC SealData(const std::string& data_to_seal,
const std::string& policy_digest,
AuthorizationDelegate* delegate,
std::string* sealed_data) override {
return target_->SealData(data_to_seal, policy_digest, delegate,
sealed_data);
}
TPM_RC UnsealData(const std::string& sealed_data,
AuthorizationDelegate* delegate,
std::string* unsealed_data) override {
return target_->UnsealData(sealed_data, delegate, unsealed_data);
}
TPM_RC StartSession(HmacSession* session) override {
return target_->StartSession(session);
}
TPM_RC GetPolicyDigestForPcrValue(int pcr_index,
const std::string& pcr_value,
std::string* policy_digest) override {
return target_->GetPolicyDigestForPcrValue(pcr_index, pcr_value,
policy_digest);
}
TPM_RC DefineNVSpace(uint32_t index,
size_t num_bytes,
TPMA_NV attributes,
const std::string& authorization_value,
const std::string& policy_digest,
AuthorizationDelegate* delegate) override {
return target_->DefineNVSpace(index, num_bytes, attributes,
authorization_value, policy_digest, delegate);
}
TPM_RC DestroyNVSpace(uint32_t index,
AuthorizationDelegate* delegate) override {
return target_->DestroyNVSpace(index, delegate);
}
TPM_RC LockNVSpace(uint32_t index,
bool lock_read,
bool lock_write,
bool using_owner_authorization,
AuthorizationDelegate* delegate) override {
return target_->LockNVSpace(index, lock_read, lock_write,
using_owner_authorization, delegate);
}
TPM_RC WriteNVSpace(uint32_t index,
uint32_t offset,
const std::string& nvram_data,
bool using_owner_authorization,
bool extend,
AuthorizationDelegate* delegate) override {
return target_->WriteNVSpace(index, offset, nvram_data,
using_owner_authorization, extend, delegate);
}
TPM_RC ReadNVSpace(uint32_t index,
uint32_t offset,
size_t num_bytes,
bool using_owner_authorization,
std::string* nvram_data,
AuthorizationDelegate* delegate) override {
return target_->ReadNVSpace(index, offset, num_bytes,
using_owner_authorization, nvram_data,
delegate);
}
TPM_RC GetNVSpaceName(uint32_t index, std::string* name) override {
return target_->GetNVSpaceName(index, name);
}
TPM_RC GetNVSpacePublicArea(uint32_t index,
TPMS_NV_PUBLIC* public_data) override {
return target_->GetNVSpacePublicArea(index, public_data);
}
TPM_RC ListNVSpaces(std::vector<uint32_t>* index_list) override {
return target_->ListNVSpaces(index_list);
}
TPM_RC SetDictionaryAttackParameters(
uint32_t max_tries,
uint32_t recovery_time,
uint32_t lockout_recovery,
AuthorizationDelegate* delegate) override {
return target_->SetDictionaryAttackParameters(max_tries, recovery_time,
lockout_recovery, delegate);
}
TPM_RC ResetDictionaryAttackLock(AuthorizationDelegate* delegate) override {
return target_->ResetDictionaryAttackLock(delegate);
}
private:
TpmUtility* target_;
};
// Forwards all calls to a target instance.
class AuthorizationDelegateForwarder : public AuthorizationDelegate {
public:
explicit AuthorizationDelegateForwarder(AuthorizationDelegate* target)
: target_(target) {}
~AuthorizationDelegateForwarder() override = default;
bool GetCommandAuthorization(const std::string& command_hash,
bool is_command_parameter_encryption_possible,
bool is_response_parameter_encryption_possible,
std::string* authorization) override {
return target_->GetCommandAuthorization(
command_hash, is_command_parameter_encryption_possible,
is_response_parameter_encryption_possible, authorization);
}
bool CheckResponseAuthorization(const std::string& response_hash,
const std::string& authorization) override {
return target_->CheckResponseAuthorization(response_hash, authorization);
}
bool EncryptCommandParameter(std::string* parameter) override {
return target_->EncryptCommandParameter(parameter);
}
bool DecryptResponseParameter(std::string* parameter) override {
return target_->DecryptResponseParameter(parameter);
}
private:
AuthorizationDelegate* target_;
};
// Forwards all calls to a target instance.
class SessionManagerForwarder : public SessionManager {
public:
explicit SessionManagerForwarder(SessionManager* target) : target_(target) {}
~SessionManagerForwarder() override {}
TPM_HANDLE GetSessionHandle() const override {
return target_->GetSessionHandle();
}
void CloseSession() override { return target_->CloseSession(); }
TPM_RC StartSession(TPM_SE session_type,
TPMI_DH_ENTITY bind_entity,
const std::string& bind_authorization_value,
bool enable_encryption,
HmacAuthorizationDelegate* delegate) override {
return target_->StartSession(session_type, bind_entity,
bind_authorization_value, enable_encryption,
delegate);
}
private:
SessionManager* target_;
};
// Forwards all calls to a target instance.
class HmacSessionForwarder : public HmacSession {
public:
explicit HmacSessionForwarder(HmacSession* target) : target_(target) {}
~HmacSessionForwarder() override = default;
AuthorizationDelegate* GetDelegate() override {
return target_->GetDelegate();
}
TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
const std::string& bind_authorization_value,
bool enable_encryption) override {
return target_->StartBoundSession(bind_entity, bind_authorization_value,
enable_encryption);
}
TPM_RC StartUnboundSession(bool enable_encryption) override {
return target_->StartUnboundSession(enable_encryption);
}
void SetEntityAuthorizationValue(const std::string& value) override {
return target_->SetEntityAuthorizationValue(value);
}
void SetFutureAuthorizationValue(const std::string& value) override {
return target_->SetFutureAuthorizationValue(value);
}
private:
HmacSession* target_;
};
// Forwards all calls to a target instance.
class PolicySessionForwarder : public PolicySession {
public:
explicit PolicySessionForwarder(PolicySession* target) : target_(target) {}
~PolicySessionForwarder() override = default;
AuthorizationDelegate* GetDelegate() override {
return target_->GetDelegate();
}
TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
const std::string& bind_authorization_value,
bool enable_encryption) override {
return target_->StartBoundSession(bind_entity, bind_authorization_value,
enable_encryption);
}
TPM_RC StartUnboundSession(bool enable_encryption) override {
return target_->StartUnboundSession(enable_encryption);
}
TPM_RC GetDigest(std::string* digest) override {
return target_->GetDigest(digest);
}
TPM_RC PolicyOR(const std::vector<std::string>& digests) override {
return target_->PolicyOR(digests);
}
TPM_RC PolicyPCR(uint32_t pcr_index, const std::string& pcr_value) override {
return target_->PolicyPCR(pcr_index, pcr_value);
}
TPM_RC PolicyCommandCode(TPM_CC command_code) override {
return target_->PolicyCommandCode(command_code);
}
TPM_RC PolicyAuthValue() override { return target_->PolicyAuthValue(); }
TPM_RC PolicyRestart() override { return target_->PolicyRestart(); }
void SetEntityAuthorizationValue(const std::string& value) override {
return target_->SetEntityAuthorizationValue(value);
}
private:
PolicySession* target_;
};
// Forwards all calls to a target instance.
class BlobParserForwarder : public BlobParser {
public:
explicit BlobParserForwarder(BlobParser* target) : target_(target) {}
~BlobParserForwarder() override = default;
bool SerializeKeyBlob(const TPM2B_PUBLIC& public_info,
const TPM2B_PRIVATE& private_info,
std::string* key_blob) override {
return target_->SerializeKeyBlob(public_info, private_info, key_blob);
}
bool ParseKeyBlob(const std::string& key_blob,
TPM2B_PUBLIC* public_info,
TPM2B_PRIVATE* private_info) override {
return target_->ParseKeyBlob(key_blob, public_info, private_info);
}
bool SerializeCreationBlob(const TPM2B_CREATION_DATA& creation_data,
const TPM2B_DIGEST& creation_hash,
const TPMT_TK_CREATION& creation_ticket,
std::string* creation_blob) override {
return target_->SerializeCreationBlob(creation_data, creation_hash,
creation_ticket, creation_blob);
}
bool ParseCreationBlob(const std::string& creation_blob,
TPM2B_CREATION_DATA* creation_data,
TPM2B_DIGEST* creation_hash,
TPMT_TK_CREATION* creation_ticket) override {
return target_->ParseCreationBlob(creation_blob, creation_data,
creation_hash, creation_ticket);
}
private:
BlobParser* target_;
};
TrunksFactoryForTest::TrunksFactoryForTest()
: default_tpm_(new NiceMock<MockTpm>()),
tpm_(default_tpm_.get()),
default_tpm_state_(new NiceMock<MockTpmState>()),
tpm_state_(default_tpm_state_.get()),
default_tpm_utility_(new NiceMock<MockTpmUtility>()),
tpm_utility_(default_tpm_utility_.get()),
default_authorization_delegate_(new PasswordAuthorizationDelegate("")),
password_authorization_delegate_(default_authorization_delegate_.get()),
default_session_manager_(new NiceMock<MockSessionManager>()),
session_manager_(default_session_manager_.get()),
default_hmac_session_(new NiceMock<MockHmacSession>()),
hmac_session_(default_hmac_session_.get()),
default_policy_session_(new NiceMock<MockPolicySession>()),
policy_session_(default_policy_session_.get()),
default_trial_session_(new NiceMock<MockPolicySession>()),
trial_session_(default_trial_session_.get()),
default_blob_parser_(new NiceMock<MockBlobParser>()),
blob_parser_(default_blob_parser_.get()) {}
TrunksFactoryForTest::~TrunksFactoryForTest() {}
Tpm* TrunksFactoryForTest::GetTpm() const {
return tpm_;
}
std::unique_ptr<TpmState> TrunksFactoryForTest::GetTpmState() const {
return base::MakeUnique<TpmStateForwarder>(tpm_state_);
}
std::unique_ptr<TpmUtility> TrunksFactoryForTest::GetTpmUtility() const {
return base::MakeUnique<TpmUtilityForwarder>(tpm_utility_);
}
std::unique_ptr<AuthorizationDelegate>
TrunksFactoryForTest::GetPasswordAuthorization(
const std::string& password) const {
return base::MakeUnique<AuthorizationDelegateForwarder>(
password_authorization_delegate_);
}
std::unique_ptr<SessionManager> TrunksFactoryForTest::GetSessionManager()
const {
return base::MakeUnique<SessionManagerForwarder>(session_manager_);
}
std::unique_ptr<HmacSession> TrunksFactoryForTest::GetHmacSession() const {
return base::MakeUnique<HmacSessionForwarder>(hmac_session_);
}
std::unique_ptr<PolicySession> TrunksFactoryForTest::GetPolicySession() const {
return base::MakeUnique<PolicySessionForwarder>(policy_session_);
}
std::unique_ptr<PolicySession> TrunksFactoryForTest::GetTrialSession() const {
return base::MakeUnique<PolicySessionForwarder>(trial_session_);
}
std::unique_ptr<BlobParser> TrunksFactoryForTest::GetBlobParser() const {
return base::MakeUnique<BlobParserForwarder>(blob_parser_);
}
} // namespace trunks