tpm_manager: Add an implementation for TpmNvram for Tpm2.0

This CL implements the TpmNvram interface for Tpm2.0 Bug: 24059574 TEST=FEATURES=test USE=tpm2 emerge-rambi tpm_manager TEST=ran nvram methods on an owned tpm2.0 Change-Id: Ic803d6e6fb18362a53708fd6051c1afdf581a9d3
author: Utkarsh Sanghi <usanghi@google.com> 2015-10-01 11:29:43 -0700
committer: Utkarsh Sanghi <usanghi@google.com> 2015-10-22 02:27:39 -0700
commit: 39074f04aec7466722271d1484ff75f48a77f93c (patch)
tree: 4c5e99d02d974cc6f31b812de167857baca19d16
parent: 31ece73e45b7191a8230ac7fde0431d9f2184c03 (diff)
download: tpm_manager-39074f04aec7466722271d1484ff75f48a77f93c.tar.gz
5 files changed, 544 insertions, 1 deletions
diff --git a/server/main.cc b/server/main.cc
index fbace0f..307334f 100644
--- a/server/main.cc
+++ b/server/main.cc
@@ -31,6 +31,7 @@
 
 #if USE_TPM2
 #include "tpm_manager/server/tpm2_initializer_impl.h"
+#include "tpm_manager/server/tpm2_nvram_impl.h"
 #include "tpm_manager/server/tpm2_status_impl.h"
 #else
 #include "tpm_manager/server/tpm_initializer_impl.h"
@@ -55,6 +56,7 @@ class TpmManagerDaemon : public brillo::DBusServiceDaemon {
     tpm_initializer_.reset(new tpm_manager::Tpm2InitializerImpl(
         local_data_store_.get(),
         tpm_status_.get()));
+    tpm_nvram_.reset(new tpm_manager::Tpm2NvramImpl(local_data_store_.get()));
 #else
     tpm_status_.reset(new tpm_manager::TpmStatusImpl);
     tpm_initializer_.reset(new tpm_manager::TpmInitializerImpl(
diff --git a/server/tpm2_nvram_impl.cc b/server/tpm2_nvram_impl.cc
new file mode 100644
index 0000000..e9cee57
--- /dev/null
+++ b/server/tpm2_nvram_impl.cc
@@ -0,0 +1,191 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include "tpm_manager/server/tpm2_nvram_impl.h"
+
+#include <memory>
+#include <string>
+
+#include <base/logging.h>
+#include <trunks/error_codes.h>
+#include <trunks/tpm_constants.h>
+#include <trunks/tpm_utility.h>
+#include <trunks/trunks_factory_impl.h>
+
+namespace tpm_manager {
+
+using trunks::GetErrorString;
+using trunks::TPM_RC;
+using trunks::TPM_RC_SUCCESS;
+
+Tpm2NvramImpl::Tpm2NvramImpl(LocalDataStore* local_data_store)
+    : trunks_factory_(new trunks::TrunksFactoryImpl()),
+      local_data_store_(local_data_store),
+      initialized_(false),
+      trunks_session_(trunks_factory_->GetHmacSession()),
+      trunks_utility_(trunks_factory_->GetTpmUtility()) {}
+
+Tpm2NvramImpl::Tpm2NvramImpl(std::unique_ptr<trunks::TrunksFactory> factory,
+                             LocalDataStore* local_data_store)
+    : trunks_factory_(std::move(factory)),
+      local_data_store_(local_data_store),
+      initialized_(false),
+      trunks_session_(trunks_factory_->GetHmacSession()),
+      trunks_utility_(trunks_factory_->GetTpmUtility()) {}
+
+bool Tpm2NvramImpl::Initialize() {
+  if (initialized_) {
+    return true;
+  }
+  TPM_RC result = trunks_utility_->StartSession(trunks_session_.get());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error starting an authorization session with trunks: "
+               << GetErrorString(result);
+    return false;
+  }
+  LocalData local_data;
+  if (!local_data_store_->Read(&local_data)) {
+    LOG(ERROR) << "Error reading local tpm data.";
+    return false;
+  }
+  if (!local_data.owner_password().empty()) {
+    owner_password_.assign(local_data.owner_password());
+    initialized_ = true;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::InitializeWithOwnerPassword() {
+  if (!Initialize()) {
+    return false;
+  }
+  if (owner_password_.empty()) {
+    LOG(ERROR) << "Error owner password not available.";
+    return false;
+  }
+  trunks_session_->SetEntityAuthorizationValue(owner_password_);
+  return true;
+}
+
+bool Tpm2NvramImpl::DefineNvram(uint32_t index, size_t length) {
+  if (!InitializeWithOwnerPassword()) {
+    return false;
+  }
+  TPM_RC result = trunks_utility_->DefineNVSpace(
+      index, length, trunks_session_->GetDelegate());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error defining nvram space: " << GetErrorString(result);
+    return false;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::DestroyNvram(uint32_t index) {
+  if (!InitializeWithOwnerPassword()) {
+    return false;
+  }
+  TPM_RC result = trunks_utility_->DestroyNVSpace(
+      index, trunks_session_->GetDelegate());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error destroying nvram space:" << GetErrorString(result);
+    return false;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::WriteNvram(uint32_t index, const std::string& data) {
+  if (!InitializeWithOwnerPassword()) {
+    return false;
+  }
+  TPM_RC result = trunks_utility_->WriteNVSpace(index,
+                                                0,  // offset
+                                                data,
+                                                trunks_session_->GetDelegate());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error writing to nvram space: " << GetErrorString(result);
+    return false;
+  }
+  trunks_session_->SetEntityAuthorizationValue("");
+  result = trunks_utility_->LockNVSpace(index, trunks_session_->GetDelegate());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error locking nvram space: " << GetErrorString(result);
+    return false;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::ReadNvram(uint32_t index, std::string* data) {
+  if (!Initialize()) {
+    return false;
+  }
+  size_t nvram_size;
+  if (!GetNvramSize(index, &nvram_size)) {
+    LOG(ERROR) << "Error getting size of nvram space.";
+    return false;
+  }
+  trunks_session_->SetEntityAuthorizationValue("");
+  TPM_RC result = trunks_utility_->ReadNVSpace(index,
+                                               0,  // offset
+                                               nvram_size,
+                                               data,
+                                               trunks_session_->GetDelegate());
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error reading nvram space: " << GetErrorString(result);
+    return false;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::IsNvramDefined(uint32_t index, bool* defined) {
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  TPM_RC result = trunks_utility_->GetNVSpacePublicArea(index, &nvram_public);
+  if (trunks::GetFormatOneError(result) == trunks::TPM_RC_HANDLE) {
+    *defined = false;
+  } else if (result == TPM_RC_SUCCESS) {
+    *defined = true;
+  } else {
+    LOG(ERROR) << "Error reading NV space for index " << index
+               << " with error: " << GetErrorString(result);
+    return false;
+  }
+  return true;
+}
+
+bool Tpm2NvramImpl::IsNvramLocked(uint32_t index, bool* locked) {
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  TPM_RC result = trunks_utility_->GetNVSpacePublicArea(index, &nvram_public);
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error reading NV space for index " << index
+               << " with error: " << GetErrorString(result);
+    return false;
+  }
+  *locked = ((nvram_public.attributes & trunks::TPMA_NV_WRITELOCKED) != 0);
+  return true;
+}
+
+bool Tpm2NvramImpl::GetNvramSize(uint32_t index, size_t* size) {
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  TPM_RC result = trunks_utility_->GetNVSpacePublicArea(index, &nvram_public);
+  if (result != TPM_RC_SUCCESS) {
+    LOG(ERROR) << "Error reading NV space for index " << index
+               << " with error: " << GetErrorString(result);
+    return false;
+  }
+  *size = nvram_public.data_size;
+  return true;
+}
+
+}  // namespace tpm_manager
diff --git a/server/tpm2_nvram_impl.h b/server/tpm2_nvram_impl.h
new file mode 100644
index 0000000..43b8e2b
--- /dev/null
+++ b/server/tpm2_nvram_impl.h
@@ -0,0 +1,77 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#ifndef TPM_MANAGER_SERVER_TPM2_NVRAM_IMPL_H_
+#define TPM_MANAGER_SERVER_TPM2_NVRAM_IMPL_H_
+
+#include "tpm_manager/server/tpm_nvram.h"
+
+#include <memory>
+#include <string>
+
+#include <base/macros.h>
+#include <base/memory/scoped_ptr.h>
+#include <trunks/trunks_factory.h>
+
+#include "tpm_manager/server/local_data_store.h"
+
+namespace tpm_manager {
+
+class Tpm2NvramImpl : public TpmNvram {
+ public:
+  // Does not take ownership of |local_data_store|.
+  explicit Tpm2NvramImpl(LocalDataStore* local_data_store);
+  // Does not take ownership of |local_data_store|, but takes ownership of
+  // |factory|.
+  Tpm2NvramImpl(std::unique_ptr<trunks::TrunksFactory> factory,
+                LocalDataStore* local_data_store);
+  ~Tpm2NvramImpl() override = default;
+
+  // TpmNvram methods.
+  bool DefineNvram(uint32_t index, size_t length) override;
+  bool DestroyNvram(uint32_t index) override;
+  bool WriteNvram(uint32_t index, const std::string& data) override;
+  bool ReadNvram(uint32_t index, std::string* data) override;
+  bool IsNvramDefined(uint32_t index, bool* defined) override;
+  bool IsNvramLocked(uint32_t index, bool* locked) override;
+  bool GetNvramSize(uint32_t index, size_t* size) override;
+
+ private:
+  // Initializes the connection to the Tpm2.0 and starts an authorization
+  // session.
+  // Note: there are no guarantees about the authorization value loaded into
+  // |trunks_session_| at the end of this method.
+  bool Initialize();
+
+  // This method initializes and ensures that a valid owner password is
+  // available. When this method returns, |owner_password_| will be loaded
+  // into |trunks_session_|.
+  bool InitializeWithOwnerPassword();
+
+  std::unique_ptr<trunks::TrunksFactory> trunks_factory_;
+  LocalDataStore* local_data_store_;
+  bool initialized_;
+  std::string owner_password_;
+  scoped_ptr<trunks::HmacSession> trunks_session_;
+  scoped_ptr<trunks::TpmUtility> trunks_utility_;
+
+  friend class Tpm2NvramTest;
+  DISALLOW_COPY_AND_ASSIGN(Tpm2NvramImpl);
+};
+
+}  // namespace tpm_manager
+
+#endif  // TPM_MANAGER_SERVER_TPM2_NVRAM_IMPL_H_
diff --git a/server/tpm2_nvram_test.cc b/server/tpm2_nvram_test.cc
new file mode 100644
index 0000000..347b17a
--- /dev/null
+++ b/server/tpm2_nvram_test.cc
@@ -0,0 +1,271 @@
+//
+// Copyright (C) 2015 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+#include "tpm_manager/server/tpm2_nvram_impl.h"
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+#include <trunks/mock_hmac_session.h>
+#include <trunks/mock_tpm_utility.h>
+#include <trunks/tpm_constants.h>
+#include <trunks/trunks_factory_for_test.h>
+
+#include "tpm_manager/server/mock_local_data_store.h"
+
+namespace {
+const char kTestOwnerPassword[] = "owner";
+}  // namespace
+
+namespace tpm_manager {
+
+using testing::_;
+using testing::DoAll;
+using testing::Mock;
+using testing::NiceMock;
+using testing::Return;
+using testing::SetArgPointee;
+using trunks::TPM_RC_SUCCESS;
+using trunks::TPM_RC_FAILURE;
+
+class Tpm2NvramTest : public testing::Test {
+ public:
+  Tpm2NvramTest() = default;
+  virtual ~Tpm2NvramTest() = default;
+
+  void SetUp() {
+    trunks::TrunksFactoryForTest* factory = new trunks::TrunksFactoryForTest();
+    factory->set_hmac_session(&mock_hmac_session_);
+    factory->set_tpm_utility(&mock_tpm_utility_);
+    tpm_nvram_.reset(new Tpm2NvramImpl(
+        std::unique_ptr<trunks::TrunksFactory>(factory),
+        &mock_data_store_));
+  }
+
+  void InitializeNvram(const std::string& owner_password) {
+    LocalData local_data;
+    local_data.set_owner_password(owner_password);
+    ON_CALL(mock_data_store_, Read(_))
+        .WillByDefault(DoAll(SetArgPointee<0>(local_data),
+                             Return(true)));
+    tpm_nvram_->Initialize();
+    Mock::VerifyAndClearExpectations(&mock_data_store_);
+    Mock::VerifyAndClearExpectations(&mock_hmac_session_);
+    Mock::VerifyAndClearExpectations(&mock_tpm_utility_);
+  }
+
+ protected:
+  NiceMock<trunks::MockHmacSession> mock_hmac_session_;
+  NiceMock<MockLocalDataStore> mock_data_store_;
+  NiceMock<trunks::MockTpmUtility> mock_tpm_utility_;
+  std::unique_ptr<Tpm2NvramImpl> tpm_nvram_;
+};
+
+TEST_F(Tpm2NvramTest, NvramNoOwnerFailure) {
+  uint32_t index = 42;
+  EXPECT_FALSE(tpm_nvram_->DefineNvram(index, 5));
+  EXPECT_FALSE(tpm_nvram_->DestroyNvram(index));
+  EXPECT_FALSE(tpm_nvram_->WriteNvram(index, "data"));
+}
+
+TEST_F(Tpm2NvramTest, DefineNvramSuccess) {
+  InitializeNvram(kTestOwnerPassword);
+  EXPECT_CALL(mock_hmac_session_,
+              SetEntityAuthorizationValue(kTestOwnerPassword));
+  uint32_t index = 42;
+  size_t length = 20;
+  EXPECT_CALL(mock_tpm_utility_, DefineNVSpace(index, length, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  EXPECT_TRUE(tpm_nvram_->DefineNvram(index, length));
+}
+
+TEST_F(Tpm2NvramTest, DefineNvramFailure) {
+  InitializeNvram(kTestOwnerPassword);
+  uint32_t index = 42;
+  size_t length = 20;
+  EXPECT_CALL(mock_tpm_utility_, DefineNVSpace(index, length, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  EXPECT_FALSE(tpm_nvram_->DefineNvram(index, length));
+}
+
+TEST_F(Tpm2NvramTest, DestroyNvramSuccess) {
+  InitializeNvram(kTestOwnerPassword);
+  EXPECT_CALL(mock_hmac_session_,
+              SetEntityAuthorizationValue(kTestOwnerPassword));
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, DestroyNVSpace(index, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  EXPECT_TRUE(tpm_nvram_->DestroyNvram(index));
+}
+
+TEST_F(Tpm2NvramTest, DestroyNvramFailure) {
+  InitializeNvram(kTestOwnerPassword);
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, DestroyNVSpace(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  EXPECT_FALSE(tpm_nvram_->DestroyNvram(index));
+}
+
+TEST_F(Tpm2NvramTest, WriteNvramSuccess) {
+  InitializeNvram(kTestOwnerPassword);
+  EXPECT_CALL(mock_hmac_session_,
+              SetEntityAuthorizationValue(kTestOwnerPassword));
+  uint32_t index = 42;
+  std::string data("data");
+  EXPECT_CALL(mock_tpm_utility_, WriteNVSpace(index, 0, data, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  EXPECT_CALL(mock_hmac_session_, SetEntityAuthorizationValue(""));
+  EXPECT_CALL(mock_tpm_utility_, LockNVSpace(index, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  EXPECT_TRUE(tpm_nvram_->WriteNvram(index, data));
+}
+
+TEST_F(Tpm2NvramTest, WriteNvramLockError) {
+  InitializeNvram(kTestOwnerPassword);
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, WriteNVSpace(index, _, _, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  EXPECT_CALL(mock_tpm_utility_, LockNVSpace(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  EXPECT_FALSE(tpm_nvram_->WriteNvram(index, "data"));
+}
+
+TEST_F(Tpm2NvramTest, WriteNvramFailure) {
+  InitializeNvram(kTestOwnerPassword);
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, WriteNVSpace(index, _, _, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  EXPECT_FALSE(tpm_nvram_->WriteNvram(index, "data"));
+}
+
+TEST_F(Tpm2NvramTest, ReadNvramSuccess) {
+  uint32_t index = 42;
+  std::string tpm_data("data");
+  size_t size = tpm_data.size();
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  nvram_public.data_size = size;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(_, _))
+      .WillOnce(DoAll(SetArgPointee<1>(nvram_public),
+                      Return(TPM_RC_SUCCESS)));
+
+  EXPECT_CALL(mock_hmac_session_, SetEntityAuthorizationValue(""));
+  EXPECT_CALL(mock_tpm_utility_, ReadNVSpace(index, 0, size, _, _))
+      .WillOnce(DoAll(SetArgPointee<3>(tpm_data),
+                      Return(TPM_RC_SUCCESS)));
+  std::string read_data;
+  EXPECT_TRUE(tpm_nvram_->ReadNvram(index, &read_data));
+  EXPECT_EQ(read_data, tpm_data);
+}
+
+TEST_F(Tpm2NvramTest, ReadNvramNonexistant) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  std::string read_data;
+  EXPECT_FALSE(tpm_nvram_->ReadNvram(index, &read_data));
+}
+
+TEST_F(Tpm2NvramTest, ReadNvramFailure) {
+  uint32_t index = 42;
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(DoAll(SetArgPointee<1>(nvram_public),
+                      Return(TPM_RC_SUCCESS)));
+  EXPECT_CALL(mock_tpm_utility_, ReadNVSpace(index, _, _, _, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  std::string read_data;
+  EXPECT_FALSE(tpm_nvram_->ReadNvram(index, &read_data));
+}
+
+TEST_F(Tpm2NvramTest, IsNvramDefinedSuccess) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(TPM_RC_SUCCESS));
+  bool defined;
+  EXPECT_TRUE(tpm_nvram_->IsNvramDefined(index, &defined));
+  EXPECT_TRUE(defined);
+}
+
+TEST_F(Tpm2NvramTest, IsNvramDefinedNonexistant) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(trunks::TPM_RC_HANDLE));
+  bool defined;
+  EXPECT_TRUE(tpm_nvram_->IsNvramDefined(index, &defined));
+  EXPECT_FALSE(defined);
+}
+
+TEST_F(Tpm2NvramTest, IsNvramDefinedFailure) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  bool defined;
+  EXPECT_FALSE(tpm_nvram_->IsNvramDefined(index, &defined));
+}
+
+TEST_F(Tpm2NvramTest, IsNvramLockedSuccess) {
+  uint32_t index = 42;
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  nvram_public.attributes = trunks::TPMA_NV_WRITELOCKED;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(DoAll(SetArgPointee<1>(nvram_public),
+                      Return(TPM_RC_SUCCESS)));
+  bool locked;
+  EXPECT_TRUE(tpm_nvram_->IsNvramLocked(index, &locked));
+  EXPECT_TRUE(locked);
+}
+
+TEST_F(Tpm2NvramTest, IsNvramLockedUnlocked) {
+  uint32_t index = 42;
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  nvram_public.attributes = 0;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(DoAll(SetArgPointee<1>(nvram_public),
+                      Return(TPM_RC_SUCCESS)));
+  bool locked;
+  EXPECT_TRUE(tpm_nvram_->IsNvramLocked(index, &locked));
+  EXPECT_FALSE(locked);
+}
+
+TEST_F(Tpm2NvramTest, IsNvramLockedFailure) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  bool locked;
+  EXPECT_FALSE(tpm_nvram_->IsNvramLocked(index, &locked));
+}
+
+TEST_F(Tpm2NvramTest, GetNvramSizeSuccess) {
+  uint32_t index = 42;
+  size_t nvram_size = 20;
+  trunks::TPMS_NV_PUBLIC nvram_public;
+  nvram_public.data_size = nvram_size;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(DoAll(SetArgPointee<1>(nvram_public),
+                      Return(TPM_RC_SUCCESS)));
+  size_t size;
+  EXPECT_TRUE(tpm_nvram_->GetNvramSize(index, &size));
+  EXPECT_EQ(size, nvram_size);
+}
+
+TEST_F(Tpm2NvramTest, GetNvramSizeFailure) {
+  uint32_t index = 42;
+  EXPECT_CALL(mock_tpm_utility_, GetNVSpacePublicArea(index, _))
+      .WillOnce(Return(TPM_RC_FAILURE));
+  size_t size;
+  EXPECT_FALSE(tpm_nvram_->GetNvramSize(index, &size));
+}
+
+}  // namespace tpm_manager
diff --git a/tpm_manager.gyp b/tpm_manager.gyp
index 69e1efa..8922ac9 100644
--- a/tpm_manager.gyp
+++ b/tpm_manager.gyp
@@ -90,6 +90,7 @@
         ['USE_tpm2 == 1', {
           'sources': [
             'server/tpm2_initializer_impl.cc',
+            'server/tpm2_nvram_impl.cc',
             'server/tpm2_status_impl.cc',
           ],
           'all_dependent_settings': {
@@ -162,8 +163,9 @@
           'conditions': [
             ['USE_tpm2 == 1', {
               'sources': [
-                'server/tpm2_status_test.cc',
                 'server/tpm2_initializer_test.cc',
+                'server/tpm2_nvram_test.cc',
+                'server/tpm2_status_test.cc',
               ],
               'libraries': [
                 '-ltrunks_test',
author	Utkarsh Sanghi <usanghi@google.com>	2015-10-01 11:29:43 -0700
committer	Utkarsh Sanghi <usanghi@google.com>	2015-10-22 02:27:39 -0700
commit	39074f04aec7466722271d1484ff75f48a77f93c (patch)
tree	4c5e99d02d974cc6f31b812de167857baca19d16
parent	31ece73e45b7191a8230ac7fde0431d9f2184c03 (diff)
download	tpm_manager-39074f04aec7466722271d1484ff75f48a77f93c.tar.gz