trunks_client_test.h - platform/system/trunks - Git at Google

 // Copyright 2015 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef TRUNKS_TRUNKS_CLIENT_TEST_H_
 #define TRUNKS_TRUNKS_CLIENT_TEST_H_

 #include <string>

 #include <base/memory/scoped_ptr.h>

 #include "trunks/tpm_generated.h"
 #include "trunks/trunks_factory.h"

 namespace trunks {

 // This class is used to perform integration tests on the TPM. Each public
 // method defines a different test to perform.
 // NOTE: All these tests require that the TPM be owned, and SRKs exist.
 // Example usage:
 // TrunksClientTest test;
 // CHECK(test.RNGTest());
 // CHECK(test.SimplePolicyTest());
 class TrunksClientTest {
  public:
   TrunksClientTest();
   // Takes ownership of factory.
   explicit TrunksClientTest(scoped_ptr<TrunksFactory> factory);
   virtual ~TrunksClientTest();

   // This test verifies that the Random Number Generator on the TPM is working
   // correctly.
   bool RNGTest();

   // This test verifies that we can create an unrestricted RSA signing key and
   // use it to sign arbitrary data.
   bool SignTest();

   // This test verfifies that we can create an unrestricted RSA decryption key
   // and use it to encrypt and decrypt arbitrary data.
   bool DecryptTest();

   // This test verifies that we can import a RSA key into the TPM and use it
   // to encrypt and decrypt some data.
   bool ImportTest();

   // This test verifies that we can change a key's authorization data and
   // still use it to encrypt/decrypt data.
   bool AuthChangeTest();

   // This test sets up a PolicySession with the PolicyAuthValue assertion.
   // This policy is then used to create a key and use it to sign/verify and
   // encrypt/decrypt.
   bool SimplePolicyTest();

   // This test performs a simple PCR extension and then reads the value in the
   // PCR to verify if it is correct.
   // NOTE: PCR banks need to be configured for this test to succeed. Normally
   // this is done by the platform firmware.
   bool PCRTest();

   // This test verfies that we can create, write, read, lock and delete
   // NV spaces in the TPM.
   // NOTE: This test needs the |owner_password| to work.
   bool NvramTest(const std::string& owner_password);

  private:
   // This method verifies that plaintext == decrypt(encrypt(plaintext)) using
   // a given key.
   // TODO(usanghi): Remove |session| argument once we can support multiple
   // sessions.
   bool PerformRSAEncrpytAndDecrpyt(TPM_HANDLE key_handle,
                                    const std::string& key_authorization,
                                    HmacSession* session);

   // Factory for instantiation of Tpm classes
   scoped_ptr<TrunksFactory> factory_;

   DISALLOW_COPY_AND_ASSIGN(TrunksClientTest);
 };

 }  // namespace trunks

 #endif  // TRUNKS_TRUNKS_CLIENT_TEST_H_
	// Copyright 2015 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef TRUNKS_TRUNKS_CLIENT_TEST_H_
	#define TRUNKS_TRUNKS_CLIENT_TEST_H_

	#include <string>

	#include <base/memory/scoped_ptr.h>

	#include "trunks/tpm_generated.h"
	#include "trunks/trunks_factory.h"

	namespace trunks {

	// This class is used to perform integration tests on the TPM. Each public
	// method defines a different test to perform.
	// NOTE: All these tests require that the TPM be owned, and SRKs exist.
	// Example usage:
	// TrunksClientTest test;
	// CHECK(test.RNGTest());
	// CHECK(test.SimplePolicyTest());
	class TrunksClientTest {
	public:
	TrunksClientTest();
	// Takes ownership of factory.
	explicit TrunksClientTest(scoped_ptr<TrunksFactory> factory);
	virtual ~TrunksClientTest();

	// This test verifies that the Random Number Generator on the TPM is working
	// correctly.
	bool RNGTest();

	// This test verifies that we can create an unrestricted RSA signing key and
	// use it to sign arbitrary data.
	bool SignTest();

	// This test verfifies that we can create an unrestricted RSA decryption key
	// and use it to encrypt and decrypt arbitrary data.
	bool DecryptTest();

	// This test verifies that we can import a RSA key into the TPM and use it
	// to encrypt and decrypt some data.
	bool ImportTest();

	// This test verifies that we can change a key's authorization data and
	// still use it to encrypt/decrypt data.
	bool AuthChangeTest();

	// This test sets up a PolicySession with the PolicyAuthValue assertion.
	// This policy is then used to create a key and use it to sign/verify and
	// encrypt/decrypt.
	bool SimplePolicyTest();

	// This test performs a simple PCR extension and then reads the value in the
	// PCR to verify if it is correct.
	// NOTE: PCR banks need to be configured for this test to succeed. Normally
	// this is done by the platform firmware.
	bool PCRTest();

	// This test verfies that we can create, write, read, lock and delete
	// NV spaces in the TPM.
	// NOTE: This test needs the \|owner_password\| to work.
	bool NvramTest(const std::string& owner_password);

	private:
	// This method verifies that plaintext == decrypt(encrypt(plaintext)) using
	// a given key.
	// TODO(usanghi): Remove \|session\| argument once we can support multiple
	// sessions.
	bool PerformRSAEncrpytAndDecrpyt(TPM_HANDLE key_handle,
	const std::string& key_authorization,
	HmacSession* session);

	// Factory for instantiation of Tpm classes
	scoped_ptr<TrunksFactory> factory_;

	DISALLOW_COPY_AND_ASSIGN(TrunksClientTest);
	};

	} // namespace trunks

	#endif // TRUNKS_TRUNKS_CLIENT_TEST_H_