| Index: tpm.h
|
| diff --git a/tpm.h b/tpm.h
|
| index 27bec227fc65636ed1e083605ae23280089a9d2e..d209bbec5db2e2f431958069ff6886f965585ea1 100644
|
| --- a/tpm.h
|
| +++ b/tpm.h
|
| @@ -12,7 +12,9 @@
|
| #include <trousers/trousers.h>
|
|
|
| #include "crypto.h"
|
| +#include "platform.h"
|
| #include "secure_blob.h"
|
| +#include "tpm_status.pb.h"
|
|
|
| #ifndef TPM_INIT_TPM_H_
|
| #define TPM_INIT_TPM_H_
|
| @@ -32,15 +34,6 @@ class Tpm {
|
| // Parameters
|
| virtual bool Init();
|
|
|
| - // Tries to connect to the TPM
|
| - virtual bool Connect();
|
| -
|
| - // Returns true if this instance is connected to the TPM
|
| - virtual bool IsConnected();
|
| -
|
| - // Disconnects from the TPM
|
| - virtual void Disconnect();
|
| -
|
| // Returns the number of simultaneously-loaded RSA keys that this TPM supports
|
| int GetMaxRsaKeyCount();
|
|
|
| @@ -51,6 +44,9 @@ class Tpm {
|
| // owner_password (OUT) - The random owner password used
|
| bool GetOwnerPassword(chromeos::Blob* owner_password);
|
|
|
| + // Clears the owner password from storage
|
| + void ClearStoredOwnerPassword();
|
| +
|
| // Returns whether or not the TPM is enabled. This method call returns a
|
| // cached result because querying the TPM directly will block if ownership is
|
| // currently being taken (such as on a separate thread).
|
| @@ -79,6 +75,33 @@ class Tpm {
|
| bool GetRandomData(size_t length, chromeos::Blob* data);
|
|
|
| private:
|
| + // Tries to connect to the TPM
|
| + virtual TSS_HCONTEXT Connect();
|
| +
|
| + // Disconnects from the TPM
|
| + virtual void Disconnect(TSS_HCONTEXT context_handle);
|
| +
|
| + // Gets a handle to the SRK
|
| + bool LoadSrk(TSS_HCONTEXT context_handle, TSS_HKEY* srk_handle,
|
| + TSS_RESULT* result);
|
| +
|
| + // Loads the contents of the file specified into a blob
|
| + bool LoadFileBytes(const FilePath& path, chromeos::Blob* blob);
|
| +
|
| + // Stores the TPM owner password to the TpmStatus object
|
| + bool StoreOwnerPassword(const chromeos::Blob& owner_password,
|
| + TpmStatus* tpm_status);
|
| +
|
| + // Retrieves the TPM owner password
|
| + bool LoadOwnerPassword(const TpmStatus& tpm_status,
|
| + chromeos::Blob* owner_password);
|
| +
|
| + // Loads the TpmStatus object
|
| + bool LoadTpmStatus(TpmStatus* serialized);
|
| +
|
| + // Saves the TpmStatus object
|
| + bool StoreTpmStatus(const TpmStatus& serialized);
|
| +
|
| // Attempts to connect to tcsd
|
| //
|
| // Parameters
|
| @@ -116,6 +139,13 @@ class Tpm {
|
| // context_handle - The context handle for the TPM session
|
| bool CreateEndorsementKey(TSS_HCONTEXT context_handle);
|
|
|
| + // Delegates ownership authority
|
| + //
|
| + // Parameters
|
| + // context_handle - The context handle for the TPM session
|
| + bool DelegateTpmOwnership(TSS_HCONTEXT context_handle, TSS_HTPM tpm_handle,
|
| + SecureBlob* delegation_blob);
|
| +
|
| // Checks to see if the endorsement key is available by attempting to get its
|
| // public key
|
| //
|
| @@ -188,9 +218,6 @@ class Tpm {
|
| // tpm_handle = The TPM handle
|
| bool TestTpmAuth(TSS_HTPM tpm_handle);
|
|
|
| - // The context handle for this TPM session
|
| - TSS_HCONTEXT context_handle_;
|
| -
|
| // The default Crypto instance to use (for generating the random owner
|
| // password)
|
| scoped_ptr<Crypto> default_crypto_;
|
| @@ -198,6 +225,12 @@ class Tpm {
|
| // The actual Crypto instance to use
|
| Crypto* crypto_;
|
|
|
| + // The default Platform instance to use
|
| + scoped_ptr<Platform> default_platform_;
|
| +
|
| + // The actual Platform instance to use
|
| + Platform* platform_;
|
| +
|
| // If TPM ownership is taken, owner_password_ contains the password used
|
| SecureBlob owner_password_;
|
|
|
|
|
Chromium Code Reviews
Issue 3475009:
Adds the necessary changes to tpm_init to allow triggered initialization. (Closed)
Base URL: http://git.chromium.org/git/tpm_init.git