| OLD | NEW |
| (Empty) |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ | |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/callback.h" | |
| 12 #include "base/compiler_specific.h" | |
| 13 #include "base/memory/ref_counted.h" | |
| 14 #include "base/synchronization/lock.h" | |
| 15 #include "chrome/browser/chromeos/login/owner_key_utils.h" | |
| 16 #include "chrome/browser/chromeos/login/owner_manager.h" | |
| 17 #include "content/public/browser/browser_thread.h" | |
| 18 #include "content/public/browser/notification_observer.h" | |
| 19 #include "content/public/browser/notification_registrar.h" | |
| 20 | |
| 21 namespace base { | |
| 22 template <typename T> struct DefaultLazyInstanceTraits; | |
| 23 } | |
| 24 | |
| 25 namespace chromeos { | |
| 26 | |
| 27 class OwnershipService : public content::NotificationObserver { | |
| 28 public: | |
| 29 enum Status { | |
| 30 // Listed in upgrade order. | |
| 31 OWNERSHIP_UNKNOWN = 0, | |
| 32 OWNERSHIP_NONE, | |
| 33 OWNERSHIP_TAKEN | |
| 34 }; | |
| 35 | |
| 36 // Callback function type. The status code is guaranteed to be different from | |
| 37 // OWNERSHIP_UNKNOWN. The bool parameter is true iff the currently logged in | |
| 38 // user is the owner. | |
| 39 typedef base::Callback<void(OwnershipService::Status, bool)> Callback; | |
| 40 | |
| 41 // Returns the singleton instance of the OwnershipService. | |
| 42 static OwnershipService* GetSharedInstance(); | |
| 43 virtual ~OwnershipService(); | |
| 44 | |
| 45 // Called after FILE thread is created to prefetch ownership status and avoid | |
| 46 // blocking on UI thread. | |
| 47 void Prewarm(); | |
| 48 | |
| 49 // Sets a new owner key. This will _not_ load the key material from disk, but | |
| 50 // rather update Chrome's in-memory copy of the key. |callback| will be | |
| 51 // invoked once the operation completes. | |
| 52 virtual void StartUpdateOwnerKey(const std::vector<uint8>& new_key, | |
| 53 OwnerManager::KeyUpdateDelegate* d); | |
| 54 | |
| 55 // If the device has been owned already, posts a task to the FILE thread to | |
| 56 // fetch the public key off disk. | |
| 57 // | |
| 58 // Sends out a OWNER_KEY_FETCH_ATTEMPT_SUCCESS notification on success, | |
| 59 // OWNER_KEY_FETCH_ATTEMPT_FAILED on failure. | |
| 60 virtual void StartLoadOwnerKeyAttempt(); | |
| 61 | |
| 62 // Initiate an attempt to sign |data| with |private_key_|. Will call | |
| 63 // d->OnKeyOpComplete() when done. Upon success, the signature will be passed | |
| 64 // as the |payload| argument to d->OnKeyOpComplete(). | |
| 65 // | |
| 66 // If you call this on a well-known thread, you'll be called back on that | |
| 67 // thread. Otherwise, you'll get called back on the UI thread. | |
| 68 virtual void StartSigningAttempt(const std::string& data, | |
| 69 OwnerManager::Delegate* d); | |
| 70 | |
| 71 // Initiate an attempt to verify that |signature| is valid over |data| with | |
| 72 // |public_key_|. When the attempt is completed, an appropriate KeyOpCode | |
| 73 // will be passed to d->OnKeyOpComplete(). | |
| 74 // | |
| 75 // If you call this on a well-known thread, you'll be called back on that | |
| 76 // thread. Otherwise, you'll get called back on the UI thread. | |
| 77 virtual void StartVerifyAttempt(const std::string& data, | |
| 78 const std::vector<uint8>& signature, | |
| 79 OwnerManager::Delegate* d); | |
| 80 | |
| 81 // This method must be run on the FILE thread. | |
| 82 virtual bool IsCurrentUserOwner(); | |
| 83 | |
| 84 // This method should be run on FILE thread. | |
| 85 // Note: not static, for better mocking. | |
| 86 virtual bool IsAlreadyOwned(); | |
| 87 | |
| 88 // This method can be run either on FILE or UI threads. If |blocking| flag | |
| 89 // is specified then it is guaranteed to return either OWNERSHIP_NONE or | |
| 90 // OWNERSHIP_TAKEN (and not OWNERSHIP_UNKNOWN), however in this case it may | |
| 91 // occasionally block doing i/o. | |
| 92 virtual Status GetStatus(bool blocking); | |
| 93 | |
| 94 // Determines the ownership status on the FILE thread and calls the |callback| | |
| 95 // with the result. | |
| 96 virtual void GetStatusAsync(const Callback& callback); | |
| 97 | |
| 98 protected: | |
| 99 OwnershipService(); | |
| 100 | |
| 101 // content::NotificationObserver implementation. | |
| 102 virtual void Observe(int type, | |
| 103 const content::NotificationSource& source, | |
| 104 const content::NotificationDetails& details) OVERRIDE; | |
| 105 | |
| 106 private: | |
| 107 friend struct base::DefaultLazyInstanceTraits<OwnershipService>; | |
| 108 friend class OwnershipServiceTest; | |
| 109 | |
| 110 // Task posted on FILE thread on startup to prefetch ownership status. | |
| 111 void FetchStatus(); | |
| 112 | |
| 113 // Sets ownership status. May be called on either thread. | |
| 114 void SetStatus(Status new_status); | |
| 115 | |
| 116 // Used by |CheckOwnershipAsync| to call the callback with the result. | |
| 117 static void ReturnStatus(const Callback& callback, | |
| 118 std::pair<OwnershipService::Status, bool> status); | |
| 119 | |
| 120 static void UpdateOwnerKey(OwnershipService* service, | |
| 121 const content::BrowserThread::ID thread_id, | |
| 122 const std::vector<uint8>& new_key, | |
| 123 OwnerManager::KeyUpdateDelegate* d); | |
| 124 static void TryLoadOwnerKeyAttempt(OwnershipService* service); | |
| 125 static void TrySigningAttempt(OwnershipService* service, | |
| 126 const content::BrowserThread::ID thread_id, | |
| 127 const std::string& data, | |
| 128 OwnerManager::Delegate* d); | |
| 129 static void TryVerifyAttempt(OwnershipService* service, | |
| 130 const content::BrowserThread::ID thread_id, | |
| 131 const std::string& data, | |
| 132 const std::vector<uint8>& signature, | |
| 133 OwnerManager::Delegate* d); | |
| 134 static void FailAttempt(OwnerManager::Delegate* d); | |
| 135 | |
| 136 OwnerManager* manager() { return manager_.get(); } | |
| 137 | |
| 138 scoped_refptr<OwnerManager> manager_; | |
| 139 scoped_refptr<OwnerKeyUtils> utils_; | |
| 140 content::NotificationRegistrar notification_registrar_; | |
| 141 volatile Status ownership_status_; | |
| 142 base::Lock ownership_status_lock_; | |
| 143 | |
| 144 // If true, current user is regarded as owner (for testing only). | |
| 145 bool force_ownership_; | |
| 146 }; | |
| 147 | |
| 148 } // namespace chromeos | |
| 149 | |
| 150 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ | |
| OLD | NEW |