| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| 6 #define CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 6 #define CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| 11 #include "base/callback_forward.h" | 11 #include "base/callback_forward.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/memory/weak_ptr.h" | 13 #include "base/memory/weak_ptr.h" |
| 14 #include "chromeos/attestation/attestation_constants.h" | 14 #include "chromeos/attestation/attestation_constants.h" |
| 15 #include "chromeos/chromeos_export.h" | 15 #include "chromeos/chromeos_export.h" |
| 16 #include "chromeos/dbus/dbus_method_call_status.h" | 16 #include "chromeos/dbus/dbus_method_call_status.h" |
| 17 #include "third_party/cros_system_api/dbus/service_constants.h" | 17 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 18 | 18 |
| 19 namespace cryptohome { | 19 namespace cryptohome { |
| 20 | 20 |
| 21 class AsyncMethodCaller; | 21 class AsyncMethodCaller; |
| 22 | 22 |
| 23 } // namespace cryptohome | 23 } // namespace cryptohome |
| 24 | 24 |
| 25 namespace user_manager { |
| 26 class UserID; |
| 27 } |
| 28 |
| 25 namespace chromeos { | 29 namespace chromeos { |
| 26 | 30 |
| 27 class CryptohomeClient; | 31 class CryptohomeClient; |
| 28 | 32 |
| 29 namespace attestation { | 33 namespace attestation { |
| 30 | 34 |
| 31 // Interface for access to the Privacy CA server. | 35 // Interface for access to the Privacy CA server. |
| 32 class CHROMEOS_EXPORT ServerProxy { | 36 class CHROMEOS_EXPORT ServerProxy { |
| 33 public: | 37 public: |
| 34 typedef base::Callback<void(bool success, | 38 typedef base::Callback<void(bool success, |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 75 // request_origin - For content protection profiles, certificate requests | 79 // request_origin - For content protection profiles, certificate requests |
| 76 // are origin-specific. This string must uniquely identify | 80 // are origin-specific. This string must uniquely identify |
| 77 // the origin of the request. | 81 // the origin of the request. |
| 78 // force_new_key - If set to true, a new key will be generated even if a key | 82 // force_new_key - If set to true, a new key will be generated even if a key |
| 79 // already exists for the profile. The new key will replace | 83 // already exists for the profile. The new key will replace |
| 80 // the existing key on success. | 84 // the existing key on success. |
| 81 // callback - A callback which will be called when the operation completes. | 85 // callback - A callback which will be called when the operation completes. |
| 82 // On success |result| will be true and |data| will contain the | 86 // On success |result| will be true and |data| will contain the |
| 83 // PCA-issued certificate chain in PEM format. | 87 // PCA-issued certificate chain in PEM format. |
| 84 virtual void GetCertificate(AttestationCertificateProfile certificate_profile, | 88 virtual void GetCertificate(AttestationCertificateProfile certificate_profile, |
| 85 const std::string& user_id, | 89 const user_manager::UserID& user_id, |
| 86 const std::string& request_origin, | 90 const std::string& request_origin, |
| 87 bool force_new_key, | 91 bool force_new_key, |
| 88 const CertificateCallback& callback); | 92 const CertificateCallback& callback); |
| 89 | 93 |
| 90 private: | 94 private: |
| 91 // Asynchronously initiates the attestation enrollment flow. | 95 // Asynchronously initiates the attestation enrollment flow. |
| 92 // | 96 // |
| 93 // Parameters | 97 // Parameters |
| 94 // on_failure - Called if any failure occurs. | 98 // on_failure - Called if any failure occurs. |
| 95 // next_task - Called on successful enrollment. | 99 // next_task - Called on successful enrollment. |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 142 // | 146 // |
| 143 // Parameters | 147 // Parameters |
| 144 // certificate_profile - Specifies what kind of certificate should be | 148 // certificate_profile - Specifies what kind of certificate should be |
| 145 // requested from the CA. | 149 // requested from the CA. |
| 146 // user_id - Identifies the active user. | 150 // user_id - Identifies the active user. |
| 147 // request_origin - An identifier for the origin of this request. | 151 // request_origin - An identifier for the origin of this request. |
| 148 // generate_new_key - If set to true a new key is generated. | 152 // generate_new_key - If set to true a new key is generated. |
| 149 // callback - Called when the operation completes. | 153 // callback - Called when the operation completes. |
| 150 void StartCertificateRequest( | 154 void StartCertificateRequest( |
| 151 const AttestationCertificateProfile certificate_profile, | 155 const AttestationCertificateProfile certificate_profile, |
| 152 const std::string& user_id, | 156 const user_manager::UserID& user_id, |
| 153 const std::string& request_origin, | 157 const std::string& request_origin, |
| 154 bool generate_new_key, | 158 bool generate_new_key, |
| 155 const CertificateCallback& callback); | 159 const CertificateCallback& callback); |
| 156 | 160 |
| 157 // Called when the attestation daemon has finished creating a certificate | 161 // Called when the attestation daemon has finished creating a certificate |
| 158 // request for the Privacy CA. The request is asynchronously forwarded as-is | 162 // request for the Privacy CA. The request is asynchronously forwarded as-is |
| 159 // to the PCA. | 163 // to the PCA. |
| 160 // | 164 // |
| 161 // Parameters | 165 // Parameters |
| 162 // key_type - The type of the key for which a certificate is requested. | 166 // key_type - The type of the key for which a certificate is requested. |
| 163 // user_id - Identifies the active user. | 167 // user_id - Identifies the active user. |
| 164 // key_name - The name of the key for which a certificate is requested. | 168 // key_name - The name of the key for which a certificate is requested. |
| 165 // callback - Called when the operation completes. | 169 // callback - Called when the operation completes. |
| 166 // success - The status of request creation. | 170 // success - The status of request creation. |
| 167 // data - The request data for the Privacy CA. | 171 // data - The request data for the Privacy CA. |
| 168 void SendCertificateRequestToPCA(AttestationKeyType key_type, | 172 void SendCertificateRequestToPCA(AttestationKeyType key_type, |
| 169 const std::string& user_id, | 173 const user_manager::UserID& user_id, |
| 170 const std::string& key_name, | 174 const std::string& key_name, |
| 171 const CertificateCallback& callback, | 175 const CertificateCallback& callback, |
| 172 bool success, | 176 bool success, |
| 173 const std::string& data); | 177 const std::string& data); |
| 174 | 178 |
| 175 // Called when the Privacy CA responds to a certificate request. The response | 179 // Called when the Privacy CA responds to a certificate request. The response |
| 176 // is asynchronously forwarded as-is to the attestation daemon in order to | 180 // is asynchronously forwarded as-is to the attestation daemon in order to |
| 177 // complete the operation. | 181 // complete the operation. |
| 178 // | 182 // |
| 179 // Parameters | 183 // Parameters |
| 180 // key_type - The type of the key for which a certificate is requested. | 184 // key_type - The type of the key for which a certificate is requested. |
| 181 // user_id - Identifies the active user. | 185 // user_id - Identifies the active user. |
| 182 // key_name - The name of the key for which a certificate is requested. | 186 // key_name - The name of the key for which a certificate is requested. |
| 183 // callback - Called when the operation completes. | 187 // callback - Called when the operation completes. |
| 184 // success - The status of the Privacy CA operation. | 188 // success - The status of the Privacy CA operation. |
| 185 // data - The response data from the Privacy CA. | 189 // data - The response data from the Privacy CA. |
| 186 void SendCertificateResponseToDaemon(AttestationKeyType key_type, | 190 void SendCertificateResponseToDaemon(AttestationKeyType key_type, |
| 187 const std::string& user_id, | 191 const user_manager::UserID& user_id, |
| 188 const std::string& key_name, | 192 const std::string& key_name, |
| 189 const CertificateCallback& callback, | 193 const CertificateCallback& callback, |
| 190 bool success, | 194 bool success, |
| 191 const std::string& data); | 195 const std::string& data); |
| 192 | 196 |
| 193 // Gets an existing certificate from the attestation daemon. | 197 // Gets an existing certificate from the attestation daemon. |
| 194 // | 198 // |
| 195 // Parameters | 199 // Parameters |
| 196 // key_type - The type of the key for which a certificate is requested. | 200 // key_type - The type of the key for which a certificate is requested. |
| 197 // user_id - Identifies the active user. | 201 // user_id - Identifies the active user. |
| 198 // key_name - The name of the key for which a certificate is requested. | 202 // key_name - The name of the key for which a certificate is requested. |
| 199 // callback - Called when the operation completes. | 203 // callback - Called when the operation completes. |
| 200 void GetExistingCertificate(AttestationKeyType key_type, | 204 void GetExistingCertificate(AttestationKeyType key_type, |
| 201 const std::string& user_id, | 205 const user_manager::UserID& user_id, |
| 202 const std::string& key_name, | 206 const std::string& key_name, |
| 203 const CertificateCallback& callback); | 207 const CertificateCallback& callback); |
| 204 | 208 |
| 205 cryptohome::AsyncMethodCaller* async_caller_; | 209 cryptohome::AsyncMethodCaller* async_caller_; |
| 206 CryptohomeClient* cryptohome_client_; | 210 CryptohomeClient* cryptohome_client_; |
| 207 scoped_ptr<ServerProxy> server_proxy_; | 211 scoped_ptr<ServerProxy> server_proxy_; |
| 208 | 212 |
| 209 base::WeakPtrFactory<AttestationFlow> weak_factory_; | 213 base::WeakPtrFactory<AttestationFlow> weak_factory_; |
| 210 | 214 |
| 211 DISALLOW_COPY_AND_ASSIGN(AttestationFlow); | 215 DISALLOW_COPY_AND_ASSIGN(AttestationFlow); |
| 212 }; | 216 }; |
| 213 | 217 |
| 214 } // namespace attestation | 218 } // namespace attestation |
| 215 } // namespace chromeos | 219 } // namespace chromeos |
| 216 | 220 |
| 217 #endif // CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 221 #endif // CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master