cryptohome/tpm_new_impl.cc - chromiumos/platform2 - Git at Google

 // Copyright (c) 2019 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "cryptohome/tpm_new_impl.h"

 namespace cryptohome {

 TpmNewImpl::TpmNewImpl(tpm_manager::TpmManagerUtility* tpm_manager_utility)
     : tpm_manager_utility_(tpm_manager_utility) {}

 bool TpmNewImpl::GetOwnerPassword(brillo::SecureBlob* owner_password) {
   if (IsOwned()) {
     *owner_password =
         brillo::SecureBlob(last_tpm_manager_data_.owner_password());
     if (owner_password->empty()) {
       LOG(WARNING) << __func__
                    << ": Trying to get owner password after it is cleared.";
     }
   } else {
     LOG(ERROR)
         << __func__
         << ": Cannot get owner password until TPM is confirmed to be owned.";
     owner_password->clear();
   }
   return !owner_password->empty();
 }

 bool TpmNewImpl::InitializeTpmManagerUtility() {
   return tpm_manager_utility_->Initialize();
 }

 bool TpmNewImpl::CacheTpmManagerStatus() {
   if (!InitializeTpmManagerUtility()) {
     LOG(ERROR) << __func__ << ": Failed to initialize |TpmMangerUtility|.";
     return false;
   }
   return tpm_manager_utility_->GetTpmStatus(&is_enabled_, &is_owned_,
                                             &last_tpm_manager_data_);
 }

 bool TpmNewImpl::IsEnabled() {
   if (!is_enabled_) {
     if (!CacheTpmManagerStatus()) {
       LOG(ERROR) << __func__
                  << ": Failed to update TPM status from tpm manager.";
       return false;
     }
   }
   return is_enabled_;
 }

 bool TpmNewImpl::IsOwned() {
   if (!is_owned_) {
     if (!CacheTpmManagerStatus()) {
       LOG(ERROR) << __func__
                  << ": Failed to update TPM status from tpm manager.";
       return false;
     }
   }
   return is_owned_;
 }

 bool TpmNewImpl::TakeOwnership(int, const brillo::SecureBlob&) {
   if (!InitializeTpmManagerUtility()) {
     LOG(ERROR) << __func__ << ": Failed to initialize |TpmMangerUtility|.";
     return false;
   }
   if (IsOwned()) {
     LOG(INFO) << __func__ << ": TPM is already owned.";
     return true;
   }
   return tpm_manager_utility_->TakeOwnership();
 }

 void TpmNewImpl::SetOwnerPassword(const brillo::SecureBlob&) {
   LOG(WARNING) << __func__ << ": no-ops.";
 }

 void TpmNewImpl::SetIsEnabled(bool) {
   LOG(WARNING) << __func__ << ": no-ops.";
 }

 void TpmNewImpl::SetIsOwned(bool) {
   LOG(WARNING) << __func__ << ": no-ops.";
 }

 bool TpmNewImpl::GetDelegate(brillo::Blob* blob,
                              brillo::Blob* secret,
                              bool* has_reset_lock_permissions) {
   blob->clear();
   secret->clear();
   if (last_tpm_manager_data_.owner_delegate().blob().empty() ||
       last_tpm_manager_data_.owner_delegate().secret().empty()) {
     if (!CacheTpmManagerStatus()) {
       LOG(ERROR) << __func__
                  << ": Failed to update TPM status from tpm manager.";
       return false;
     }
   }
   const auto& owner_delegate = last_tpm_manager_data_.owner_delegate();
   *blob = brillo::BlobFromString(owner_delegate.blob());
   *secret = brillo::BlobFromString(owner_delegate.secret());
   *has_reset_lock_permissions = owner_delegate.has_reset_lock_permissions();
   return !blob->empty() && !secret->empty();
 }

 bool TpmNewImpl::DoesUseTpmManager() {
   return true;
 }

 bool TpmNewImpl::GetDictionaryAttackInfo(int* counter,
                                          int* threshold,
                                          bool* lockout,
                                          int* seconds_remaining) {
   if (!InitializeTpmManagerUtility()) {
     LOG(ERROR) << __func__ << ": failed to initialize |TpmMangerUtility|.";
     return false;
   }
   return tpm_manager_utility_->GetDictionaryAttackInfo(
       counter, threshold, lockout, seconds_remaining);
 }

 bool TpmNewImpl::ResetDictionaryAttackMitigation(const brillo::Blob&,
                                                  const brillo::Blob&) {
   if (!InitializeTpmManagerUtility()) {
     LOG(ERROR) << __func__ << ": failed to initialize |TpmMangerUtility|.";
     return false;
   }
   return tpm_manager_utility_->ResetDictionaryAttackLock();
 }

 }  // namespace cryptohome
	// Copyright (c) 2019 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "cryptohome/tpm_new_impl.h"

	namespace cryptohome {

	TpmNewImpl::TpmNewImpl(tpm_manager::TpmManagerUtility* tpm_manager_utility)
	: tpm_manager_utility_(tpm_manager_utility) {}

	bool TpmNewImpl::GetOwnerPassword(brillo::SecureBlob* owner_password) {
	if (IsOwned()) {
	*owner_password =
	brillo::SecureBlob(last_tpm_manager_data_.owner_password());
	if (owner_password->empty()) {
	LOG(WARNING) << __func__
	<< ": Trying to get owner password after it is cleared.";
	}
	} else {
	LOG(ERROR)
	<< __func__
	<< ": Cannot get owner password until TPM is confirmed to be owned.";
	owner_password->clear();
	}
	return !owner_password->empty();
	}

	bool TpmNewImpl::InitializeTpmManagerUtility() {
	return tpm_manager_utility_->Initialize();
	}

	bool TpmNewImpl::CacheTpmManagerStatus() {
	if (!InitializeTpmManagerUtility()) {
	LOG(ERROR) << __func__ << ": Failed to initialize \|TpmMangerUtility\|.";
	return false;
	}
	return tpm_manager_utility_->GetTpmStatus(&is_enabled_, &is_owned_,
	&last_tpm_manager_data_);
	}

	bool TpmNewImpl::IsEnabled() {
	if (!is_enabled_) {
	if (!CacheTpmManagerStatus()) {
	LOG(ERROR) << __func__
	<< ": Failed to update TPM status from tpm manager.";
	return false;
	}
	}
	return is_enabled_;
	}

	bool TpmNewImpl::IsOwned() {
	if (!is_owned_) {
	if (!CacheTpmManagerStatus()) {
	LOG(ERROR) << __func__
	<< ": Failed to update TPM status from tpm manager.";
	return false;
	}
	}
	return is_owned_;
	}

	bool TpmNewImpl::TakeOwnership(int, const brillo::SecureBlob&) {
	if (!InitializeTpmManagerUtility()) {
	LOG(ERROR) << __func__ << ": Failed to initialize \|TpmMangerUtility\|.";
	return false;
	}
	if (IsOwned()) {
	LOG(INFO) << __func__ << ": TPM is already owned.";
	return true;
	}
	return tpm_manager_utility_->TakeOwnership();
	}

	void TpmNewImpl::SetOwnerPassword(const brillo::SecureBlob&) {
	LOG(WARNING) << __func__ << ": no-ops.";
	}

	void TpmNewImpl::SetIsEnabled(bool) {
	LOG(WARNING) << __func__ << ": no-ops.";
	}

	void TpmNewImpl::SetIsOwned(bool) {
	LOG(WARNING) << __func__ << ": no-ops.";
	}

	bool TpmNewImpl::GetDelegate(brillo::Blob* blob,
	brillo::Blob* secret,
	bool* has_reset_lock_permissions) {
	blob->clear();
	secret->clear();
	if (last_tpm_manager_data_.owner_delegate().blob().empty() \|\|
	last_tpm_manager_data_.owner_delegate().secret().empty()) {
	if (!CacheTpmManagerStatus()) {
	LOG(ERROR) << __func__
	<< ": Failed to update TPM status from tpm manager.";
	return false;
	}
	}
	const auto& owner_delegate = last_tpm_manager_data_.owner_delegate();
	*blob = brillo::BlobFromString(owner_delegate.blob());
	*secret = brillo::BlobFromString(owner_delegate.secret());
	*has_reset_lock_permissions = owner_delegate.has_reset_lock_permissions();
	return !blob->empty() && !secret->empty();
	}

	bool TpmNewImpl::DoesUseTpmManager() {
	return true;
	}

	bool TpmNewImpl::GetDictionaryAttackInfo(int* counter,
	int* threshold,
	bool* lockout,
	int* seconds_remaining) {
	if (!InitializeTpmManagerUtility()) {
	LOG(ERROR) << __func__ << ": failed to initialize \|TpmMangerUtility\|.";
	return false;
	}
	return tpm_manager_utility_->GetDictionaryAttackInfo(
	counter, threshold, lockout, seconds_remaining);
	}

	bool TpmNewImpl::ResetDictionaryAttackMitigation(const brillo::Blob&,
	const brillo::Blob&) {
	if (!InitializeTpmManagerUtility()) {
	LOG(ERROR) << __func__ << ": failed to initialize \|TpmMangerUtility\|.";
	return false;
	}
	return tpm_manager_utility_->ResetDictionaryAttackLock();
	}

	} // namespace cryptohome