-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathwrapper.cc
64 lines (52 loc) · 1.7 KB
/
wrapper.cc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
// Copyright 2019 The Chromium OS Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <cstdint>
#include <cstring>
#include <memory>
#include <vector>
#include <base/task/current_thread.h>
#include <base/task/single_thread_task_executor.h>
#include "sealed_storage/sealed_storage.h"
#include "sealed_storage/wrapper.h"
namespace sealed_storage {
namespace wrapper {
bool Unseal(bool verified_boot_mode,
int additional_pcr,
const uint8_t* sealed_buf,
size_t sealed_size,
uint8_t* plain_buf,
size_t* plain_size) {
DCHECK(sealed_buf);
DCHECK(plain_buf);
DCHECK(plain_size);
std::unique_ptr<base::SingleThreadTaskExecutor> task_executor;
if (!base::CurrentThread::IsSet()) {
VLOG(2) << "Creating local SingleThreadTaskExector";
task_executor.reset(
new base::SingleThreadTaskExecutor(base::MessagePumpType::IO));
}
sealed_storage::Policy policy;
if (verified_boot_mode) {
policy.pcr_map.insert(Policy::BootModePCR(kVerifiedBootMode));
}
if (additional_pcr > 0) {
policy.pcr_map.insert(Policy::UnchangedPCR(additional_pcr));
}
SealedStorage storage(policy);
Data input(sealed_buf, sealed_buf + sealed_size);
auto output = storage.Unseal(input);
if (!output.has_value()) {
return false;
}
if (output->size() > *plain_size) {
LOG(ERROR) << "Too small buffer for plaintext data: " << *plain_size
<< " < " << output->size();
return false;
}
memcpy(plain_buf, output->data(), output->size());
*plain_size = output->size();
return true;
}
} // namespace wrapper
} // namespace sealed_storage