| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/attestation/attestation_flow.h" | 5 #include "chromeos/attestation/attestation_flow.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "chromeos/cryptohome/async_method_caller.h" | 8 #include "chromeos/cryptohome/async_method_caller.h" |
| 9 #include "chromeos/dbus/cryptohome_client.h" | 9 #include "chromeos/dbus/cryptohome_client.h" |
| 10 #include "components/user_manager/user_id.h" |
| 10 | 11 |
| 11 namespace chromeos { | 12 namespace chromeos { |
| 12 namespace attestation { | 13 namespace attestation { |
| 13 | 14 |
| 14 namespace { | 15 namespace { |
| 15 | 16 |
| 16 // Redirects to one of three callbacks based on a boolean value and dbus call | 17 // Redirects to one of three callbacks based on a boolean value and dbus call |
| 17 // status. | 18 // status. |
| 18 // | 19 // |
| 19 // Parameters | 20 // Parameters |
| (...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 89 cryptohome_client_(cryptohome_client), | 90 cryptohome_client_(cryptohome_client), |
| 90 server_proxy_(server_proxy.Pass()), | 91 server_proxy_(server_proxy.Pass()), |
| 91 weak_factory_(this) { | 92 weak_factory_(this) { |
| 92 } | 93 } |
| 93 | 94 |
| 94 AttestationFlow::~AttestationFlow() { | 95 AttestationFlow::~AttestationFlow() { |
| 95 } | 96 } |
| 96 | 97 |
| 97 void AttestationFlow::GetCertificate( | 98 void AttestationFlow::GetCertificate( |
| 98 AttestationCertificateProfile certificate_profile, | 99 AttestationCertificateProfile certificate_profile, |
| 99 const std::string& user_id, | 100 const user_manager::UserID& user_id, |
| 100 const std::string& request_origin, | 101 const std::string& request_origin, |
| 101 bool force_new_key, | 102 bool force_new_key, |
| 102 const CertificateCallback& callback) { | 103 const CertificateCallback& callback) { |
| 103 // If this device has not enrolled with the Privacy CA, we need to do that | 104 // If this device has not enrolled with the Privacy CA, we need to do that |
| 104 // first. Once enrolled we can proceed with the certificate request. | 105 // first. Once enrolled we can proceed with the certificate request. |
| 105 base::Closure do_cert_request = base::Bind( | 106 base::Closure do_cert_request = base::Bind( |
| 106 &AttestationFlow::StartCertificateRequest, | 107 &AttestationFlow::StartCertificateRequest, |
| 107 weak_factory_.GetWeakPtr(), | 108 weak_factory_.GetWeakPtr(), |
| 108 certificate_profile, | 109 certificate_profile, |
| 109 user_id, | 110 user_id, |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 186 return; | 187 return; |
| 187 } | 188 } |
| 188 | 189 |
| 189 // Enrollment has successfully completed, we can move on to whatever is next. | 190 // Enrollment has successfully completed, we can move on to whatever is next. |
| 190 if (!next_task.is_null()) | 191 if (!next_task.is_null()) |
| 191 next_task.Run(); | 192 next_task.Run(); |
| 192 } | 193 } |
| 193 | 194 |
| 194 void AttestationFlow::StartCertificateRequest( | 195 void AttestationFlow::StartCertificateRequest( |
| 195 AttestationCertificateProfile certificate_profile, | 196 AttestationCertificateProfile certificate_profile, |
| 196 const std::string& user_id, | 197 const user_manager::UserID& user_id, |
| 197 const std::string& request_origin, | 198 const std::string& request_origin, |
| 198 bool generate_new_key, | 199 bool generate_new_key, |
| 199 const CertificateCallback& callback) { | 200 const CertificateCallback& callback) { |
| 200 AttestationKeyType key_type = GetKeyTypeForProfile(certificate_profile); | 201 AttestationKeyType key_type = GetKeyTypeForProfile(certificate_profile); |
| 201 std::string key_name = GetKeyNameForProfile(certificate_profile, | 202 std::string key_name = GetKeyNameForProfile(certificate_profile, |
| 202 request_origin); | 203 request_origin); |
| 203 if (generate_new_key) { | 204 if (generate_new_key) { |
| 204 // Get the attestation service to create a Privacy CA certificate request. | 205 // Get the attestation service to create a Privacy CA certificate request. |
| 205 async_caller_->AsyncTpmAttestationCreateCertRequest( | 206 async_caller_->AsyncTpmAttestationCreateCertRequest( |
| 206 server_proxy_->GetType(), | 207 server_proxy_->GetType(), |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 238 key_name, | 239 key_name, |
| 239 base::Bind(&DBusBoolRedirectCallback, | 240 base::Bind(&DBusBoolRedirectCallback, |
| 240 on_key_exists, | 241 on_key_exists, |
| 241 on_key_not_exists, | 242 on_key_not_exists, |
| 242 base::Bind(callback, false, ""))); | 243 base::Bind(callback, false, ""))); |
| 243 } | 244 } |
| 244 } | 245 } |
| 245 | 246 |
| 246 void AttestationFlow::SendCertificateRequestToPCA( | 247 void AttestationFlow::SendCertificateRequestToPCA( |
| 247 AttestationKeyType key_type, | 248 AttestationKeyType key_type, |
| 248 const std::string& user_id, | 249 const user_manager::UserID& user_id, |
| 249 const std::string& key_name, | 250 const std::string& key_name, |
| 250 const CertificateCallback& callback, | 251 const CertificateCallback& callback, |
| 251 bool success, | 252 bool success, |
| 252 const std::string& data) { | 253 const std::string& data) { |
| 253 if (!success) { | 254 if (!success) { |
| 254 LOG(ERROR) << "Attestation: Failed to create certificate request."; | 255 LOG(ERROR) << "Attestation: Failed to create certificate request."; |
| 255 if (!callback.is_null()) | 256 if (!callback.is_null()) |
| 256 callback.Run(false, ""); | 257 callback.Run(false, ""); |
| 257 return; | 258 return; |
| 258 } | 259 } |
| 259 | 260 |
| 260 // Send the request to the Privacy CA. | 261 // Send the request to the Privacy CA. |
| 261 server_proxy_->SendCertificateRequest( | 262 server_proxy_->SendCertificateRequest( |
| 262 data, | 263 data, |
| 263 base::Bind(&AttestationFlow::SendCertificateResponseToDaemon, | 264 base::Bind(&AttestationFlow::SendCertificateResponseToDaemon, |
| 264 weak_factory_.GetWeakPtr(), | 265 weak_factory_.GetWeakPtr(), |
| 265 key_type, | 266 key_type, |
| 266 user_id, | 267 user_id, |
| 267 key_name, | 268 key_name, |
| 268 callback)); | 269 callback)); |
| 269 } | 270 } |
| 270 | 271 |
| 271 void AttestationFlow::SendCertificateResponseToDaemon( | 272 void AttestationFlow::SendCertificateResponseToDaemon( |
| 272 AttestationKeyType key_type, | 273 AttestationKeyType key_type, |
| 273 const std::string& user_id, | 274 const user_manager::UserID& user_id, |
| 274 const std::string& key_name, | 275 const std::string& key_name, |
| 275 const CertificateCallback& callback, | 276 const CertificateCallback& callback, |
| 276 bool success, | 277 bool success, |
| 277 const std::string& data) { | 278 const std::string& data) { |
| 278 if (!success) { | 279 if (!success) { |
| 279 LOG(ERROR) << "Attestation: Certificate request failed."; | 280 LOG(ERROR) << "Attestation: Certificate request failed."; |
| 280 if (!callback.is_null()) | 281 if (!callback.is_null()) |
| 281 callback.Run(false, ""); | 282 callback.Run(false, ""); |
| 282 return; | 283 return; |
| 283 } | 284 } |
| 284 | 285 |
| 285 // Forward the response to the attestation service to complete the operation. | 286 // Forward the response to the attestation service to complete the operation. |
| 286 async_caller_->AsyncTpmAttestationFinishCertRequest(data, | 287 async_caller_->AsyncTpmAttestationFinishCertRequest(data, |
| 287 key_type, | 288 key_type, |
| 288 user_id, | 289 user_id, |
| 289 key_name, | 290 key_name, |
| 290 base::Bind(callback)); | 291 base::Bind(callback)); |
| 291 } | 292 } |
| 292 | 293 |
| 293 void AttestationFlow::GetExistingCertificate( | 294 void AttestationFlow::GetExistingCertificate( |
| 294 AttestationKeyType key_type, | 295 AttestationKeyType key_type, |
| 295 const std::string& user_id, | 296 const user_manager::UserID& user_id, |
| 296 const std::string& key_name, | 297 const std::string& key_name, |
| 297 const CertificateCallback& callback) { | 298 const CertificateCallback& callback) { |
| 298 cryptohome_client_->TpmAttestationGetCertificate( | 299 cryptohome_client_->TpmAttestationGetCertificate( |
| 299 key_type, | 300 key_type, |
| 300 user_id, | 301 user_id, |
| 301 key_name, | 302 key_name, |
| 302 base::Bind(&DBusDataMethodCallback, callback)); | 303 base::Bind(&DBusDataMethodCallback, callback)); |
| 303 } | 304 } |
| 304 | 305 |
| 305 ServerProxy::~ServerProxy() {} | 306 ServerProxy::~ServerProxy() {} |
| 306 | 307 |
| 307 PrivacyCAType ServerProxy::GetType() { | 308 PrivacyCAType ServerProxy::GetType() { |
| 308 return DEFAULT_PCA; | 309 return DEFAULT_PCA; |
| 309 } | 310 } |
| 310 | 311 |
| 311 } // namespace attestation | 312 } // namespace attestation |
| 312 } // namespace chromeos | 313 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master