| Index: chromeos/attestation/attestation_flow.cc
|
| diff --git a/chromeos/attestation/attestation_flow.cc b/chromeos/attestation/attestation_flow.cc
|
| index ec2b12ef504c90917945e0bfb92e4cc9779d214d..22d348541eb1e955e2a4ce7db0104b440e445227 100644
|
| --- a/chromeos/attestation/attestation_flow.cc
|
| +++ b/chromeos/attestation/attestation_flow.cc
|
| @@ -8,7 +8,9 @@
|
|
|
| #include "base/bind.h"
|
| #include "chromeos/cryptohome/async_method_caller.h"
|
| +#include "chromeos/cryptohome/cryptohome_parameters.h"
|
| #include "chromeos/dbus/cryptohome_client.h"
|
| +#include "components/signin/core/account_id/account_id.h"
|
|
|
| namespace chromeos {
|
| namespace attestation {
|
| @@ -97,20 +99,15 @@ AttestationFlow::~AttestationFlow() {
|
|
|
| void AttestationFlow::GetCertificate(
|
| AttestationCertificateProfile certificate_profile,
|
| - const std::string& user_id,
|
| + const AccountId& account_id,
|
| const std::string& request_origin,
|
| bool force_new_key,
|
| const CertificateCallback& callback) {
|
| // If this device has not enrolled with the Privacy CA, we need to do that
|
| // first. Once enrolled we can proceed with the certificate request.
|
| base::Closure do_cert_request = base::Bind(
|
| - &AttestationFlow::StartCertificateRequest,
|
| - weak_factory_.GetWeakPtr(),
|
| - certificate_profile,
|
| - user_id,
|
| - request_origin,
|
| - force_new_key,
|
| - callback);
|
| + &AttestationFlow::StartCertificateRequest, weak_factory_.GetWeakPtr(),
|
| + certificate_profile, account_id, request_origin, force_new_key, callback);
|
| base::Closure on_enroll_failure = base::Bind(callback, false, "");
|
| base::Closure do_enroll = base::Bind(&AttestationFlow::StartEnroll,
|
| weak_factory_.GetWeakPtr(),
|
| @@ -194,7 +191,7 @@ void AttestationFlow::OnEnrollComplete(const base::Closure& on_failure,
|
|
|
| void AttestationFlow::StartCertificateRequest(
|
| AttestationCertificateProfile certificate_profile,
|
| - const std::string& user_id,
|
| + const AccountId& account_id,
|
| const std::string& request_origin,
|
| bool generate_new_key,
|
| const CertificateCallback& callback) {
|
| @@ -204,49 +201,31 @@ void AttestationFlow::StartCertificateRequest(
|
| if (generate_new_key) {
|
| // Get the attestation service to create a Privacy CA certificate request.
|
| async_caller_->AsyncTpmAttestationCreateCertRequest(
|
| - server_proxy_->GetType(),
|
| - certificate_profile,
|
| - user_id,
|
| - request_origin,
|
| + server_proxy_->GetType(), certificate_profile,
|
| + cryptohome::Identification(account_id), request_origin,
|
| base::Bind(&AttestationFlow::SendCertificateRequestToPCA,
|
| - weak_factory_.GetWeakPtr(),
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| + weak_factory_.GetWeakPtr(), key_type, account_id, key_name,
|
| callback));
|
| } else {
|
| // If the key already exists, query the existing certificate.
|
| base::Closure on_key_exists = base::Bind(
|
| - &AttestationFlow::GetExistingCertificate,
|
| - weak_factory_.GetWeakPtr(),
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| - callback);
|
| + &AttestationFlow::GetExistingCertificate, weak_factory_.GetWeakPtr(),
|
| + key_type, account_id, key_name, callback);
|
| // If the key does not exist, call this method back with |generate_new_key|
|
| // set to true.
|
| base::Closure on_key_not_exists = base::Bind(
|
| - &AttestationFlow::StartCertificateRequest,
|
| - weak_factory_.GetWeakPtr(),
|
| - certificate_profile,
|
| - user_id,
|
| - request_origin,
|
| - true,
|
| - callback);
|
| + &AttestationFlow::StartCertificateRequest, weak_factory_.GetWeakPtr(),
|
| + certificate_profile, account_id, request_origin, true, callback);
|
| cryptohome_client_->TpmAttestationDoesKeyExist(
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| - base::Bind(&DBusBoolRedirectCallback,
|
| - on_key_exists,
|
| - on_key_not_exists,
|
| - base::Bind(callback, false, "")));
|
| + key_type, cryptohome::Identification(account_id).id(), key_name,
|
| + base::Bind(&DBusBoolRedirectCallback, on_key_exists, on_key_not_exists,
|
| + base::Bind(callback, false, "")));
|
| }
|
| }
|
|
|
| void AttestationFlow::SendCertificateRequestToPCA(
|
| AttestationKeyType key_type,
|
| - const std::string& user_id,
|
| + const AccountId& account_id,
|
| const std::string& key_name,
|
| const CertificateCallback& callback,
|
| bool success,
|
| @@ -260,18 +239,14 @@ void AttestationFlow::SendCertificateRequestToPCA(
|
|
|
| // Send the request to the Privacy CA.
|
| server_proxy_->SendCertificateRequest(
|
| - data,
|
| - base::Bind(&AttestationFlow::SendCertificateResponseToDaemon,
|
| - weak_factory_.GetWeakPtr(),
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| - callback));
|
| + data, base::Bind(&AttestationFlow::SendCertificateResponseToDaemon,
|
| + weak_factory_.GetWeakPtr(), key_type, account_id,
|
| + key_name, callback));
|
| }
|
|
|
| void AttestationFlow::SendCertificateResponseToDaemon(
|
| AttestationKeyType key_type,
|
| - const std::string& user_id,
|
| + const AccountId& account_id,
|
| const std::string& key_name,
|
| const CertificateCallback& callback,
|
| bool success,
|
| @@ -284,22 +259,18 @@ void AttestationFlow::SendCertificateResponseToDaemon(
|
| }
|
|
|
| // Forward the response to the attestation service to complete the operation.
|
| - async_caller_->AsyncTpmAttestationFinishCertRequest(data,
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| - base::Bind(callback));
|
| + async_caller_->AsyncTpmAttestationFinishCertRequest(
|
| + data, key_type, cryptohome::Identification(account_id), key_name,
|
| + base::Bind(callback));
|
| }
|
|
|
| void AttestationFlow::GetExistingCertificate(
|
| AttestationKeyType key_type,
|
| - const std::string& user_id,
|
| + const AccountId& account_id,
|
| const std::string& key_name,
|
| const CertificateCallback& callback) {
|
| cryptohome_client_->TpmAttestationGetCertificate(
|
| - key_type,
|
| - user_id,
|
| - key_name,
|
| + key_type, cryptohome::Identification(account_id).id(), key_name,
|
| base::Bind(&DBusDataMethodCallback, callback));
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 1693383003:
ChromeOS cryptohome should be able to use gaia id as user identifier. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master