hmac_session.h - Android社区 - https://www.androidos.net.cn/

//
// Copyright (C) 2015 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//

#ifndef TRUNKS_HMAC_SESSION_H_
#define TRUNKS_HMAC_SESSION_H_

#include <string>

#include <base/macros.h>

#include "trunks/tpm_generated.h"

namespace trunks {

class AuthorizationDelegate;

// HmacSession is an interface for managing hmac backed sessions for
// authorization and parameter encryption.
class HmacSession {
 public:
  HmacSession() {}
  virtual ~HmacSession() {}

  // Returns an authorization delegate for this session. Ownership of the
  // delegate pointer is retained by the session.
  virtual AuthorizationDelegate* GetDelegate() = 0;

  // Starts a salted session which is bound to |bind_entity| with
  // |bind_authorization_value|. Encryption is enabled if |enable_encryption| is
  // true. The session remains active until this object is destroyed or another
  // session is started with a call to Start*Session.
  virtual TPM_RC StartBoundSession(TPMI_DH_ENTITY bind_entity,
                                   const std::string& bind_authorization_value,
                                   bool enable_encryption) = 0;

  // Starts a salted, unbound session. Encryption is enabled if
  // |enable_encryption| is true. The session remains active until this object
  // is destroyed or another session is started with a call to Start*Session.
  virtual TPM_RC StartUnboundSession(bool enable_encryption) = 0;

  // Sets the current entity authorization value. This can be safely called
  // while the session is active and subsequent commands will use the value.
  virtual void SetEntityAuthorizationValue(const std::string& value) = 0;

  // Sets the future_authorization_value field in the HmacDelegate. This
  // is used in response validation for the TPM2_HierarchyChangeAuth command.
  // We need to perform this because the HMAC value returned from
  // HierarchyChangeAuth uses the new auth_value.
  virtual void SetFutureAuthorizationValue(const std::string& value) = 0;

 private:
  DISALLOW_COPY_AND_ASSIGN(HmacSession);
};

}  // namespace trunks

#endif  // TRUNKS_HMAC_SESSION_H_