Chromium Code Reviews Chromium Code Reviews
Issue 2529743002:
Wait for the attestation to be ready (TPM being prepared for attestation) before trying to enroll. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| 6 #define CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 6 #define CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| 7 | 7 |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/callback_forward.h" | 11 #include "base/callback_forward.h" |
| 12 #include "base/macros.h" | 12 #include "base/macros.h" |
| 13 #include "base/memory/weak_ptr.h" | 13 #include "base/memory/weak_ptr.h" |
| 14 #include "chromeos/attestation/attestation_constants.h" | 14 #include "chromeos/attestation/attestation_constants.h" |
| 15 #include "chromeos/chromeos_export.h" | 15 #include "chromeos/chromeos_export.h" |
| 16 #include "chromeos/dbus/dbus_method_call_status.h" | 16 #include "chromeos/dbus/dbus_method_call_status.h" |
| 17 #include "net/base/backoff_entry.h" | |
| 17 #include "third_party/cros_system_api/dbus/service_constants.h" | 18 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 18 | 19 |
| 19 class AccountId; | 20 class AccountId; |
| 20 | 21 |
| 22 namespace base { | |
| 23 | |
| 24 class OneShotTimer; | |
| 25 | |
| 26 } // namespace base | |
| 27 | |
| 21 namespace cryptohome { | 28 namespace cryptohome { |
| 22 | 29 |
| 23 class AsyncMethodCaller; | 30 class AsyncMethodCaller; |
| 24 | 31 |
| 25 } // namespace cryptohome | 32 } // namespace cryptohome |
| 26 | 33 |
| 27 namespace chromeos { | 34 namespace chromeos { |
| 28 | 35 |
| 29 class CryptohomeClient; | 36 class CryptohomeClient; |
| 30 | 37 |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 101 // the existing key on success. | 108 // the existing key on success. |
| 102 // callback - A callback which will be called when the operation completes. | 109 // callback - A callback which will be called when the operation completes. |
| 103 // On success |result| will be true and |data| will contain the | 110 // On success |result| will be true and |data| will contain the |
| 104 // PCA-issued certificate chain in PEM format. | 111 // PCA-issued certificate chain in PEM format. |
| 105 virtual void GetCertificate(AttestationCertificateProfile certificate_profile, | 112 virtual void GetCertificate(AttestationCertificateProfile certificate_profile, |
| 106 const AccountId& account_id, | 113 const AccountId& account_id, |
| 107 const std::string& request_origin, | 114 const std::string& request_origin, |
| 108 bool force_new_key, | 115 bool force_new_key, |
| 109 const CertificateCallback& callback); | 116 const CertificateCallback& callback); |
| 110 | 117 |
| 118 // Sets the retry timer for tests. | |
| 119 void SetRetryTimerForTest(std::unique_ptr<base::OneShotTimer> retry_timer); | |
| 120 | |
| 111 private: | 121 private: |
| 112 // Asynchronously initiates the attestation enrollment flow. | 122 // Asynchronously initiates the attestation enrollment flow. |
| 123 // If attestation is not ready yet, retry as needed. | |
| 113 // | 124 // |
| 114 // Parameters | 125 // Parameters |
| 115 // on_failure - Called if any failure occurs. | 126 // on_failure - Called if any failure occurs. |
| 127 // next_task - Called on successful enrollment. | |
| 128 void InitiateEnroll(const base::Closure& on_failure, | |
| 129 const base::Closure& next_task); | |
| 130 | |
| 131 // Called when atestation is not prepared yet, to re-initiate enrollment | |
| 132 // after a delay. | |
| 133 // | |
| 134 // Parameters | |
| 135 // on_failure - Called if any failure occurs. | |
| 136 // next_task - Called on successful enrollment. | |
| 137 void RetryInitiateEnroll(const base::Closure& on_failure, | |
| 138 const base::Closure& next_task); | |
| 139 | |
| 140 // Called when attestation is prepared, to start the actual enrollment flow. | |
| 141 // | |
| 142 // Parameters | |
| 143 // on_failure - Called if any failure occurs. | |
| 116 // next_task - Called on successful enrollment. | 144 // next_task - Called on successful enrollment. |
| 117 void StartEnroll(const base::Closure& on_failure, | 145 void StartEnroll(const base::Closure& on_failure, |
| 118 const base::Closure& next_task); | 146 const base::Closure& next_task); |
| 119 | 147 |
| 120 // Called when the attestation daemon has finished creating an enrollment | 148 // Called when the attestation daemon has finished creating an enrollment |
| 121 // request for the Privacy CA. The request is asynchronously forwarded as-is | 149 // request for the Privacy CA. The request is asynchronously forwarded as-is |
| 122 // to the PCA. | 150 // to the PCA. |
| 123 // | 151 // |
| 124 // Parameters | 152 // Parameters |
| 125 // on_failure - Called if any failure occurs. | 153 // on_failure - Called if any failure occurs. |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 220 // callback - Called when the operation completes. | 248 // callback - Called when the operation completes. |
| 221 void GetExistingCertificate(AttestationKeyType key_type, | 249 void GetExistingCertificate(AttestationKeyType key_type, |
| 222 const AccountId& account_id, | 250 const AccountId& account_id, |
| 223 const std::string& key_name, | 251 const std::string& key_name, |
| 224 const CertificateCallback& callback); | 252 const CertificateCallback& callback); |
| 225 | 253 |
| 226 cryptohome::AsyncMethodCaller* async_caller_; | 254 cryptohome::AsyncMethodCaller* async_caller_; |
| 227 CryptohomeClient* cryptohome_client_; | 255 CryptohomeClient* cryptohome_client_; |
| 228 std::unique_ptr<ServerProxy> server_proxy_; | 256 std::unique_ptr<ServerProxy> server_proxy_; |
| 229 | 257 |
| 258 int16_t initiate_enroll_retries_ = 7; // -1 is unlimited retries. | |
|
apronin1
2016/12/02 01:36:24
don't we want unlimited retries by default? why 7
| |
| 259 std::unique_ptr<base::OneShotTimer> retry_timer_; | |
| 260 net::BackoffEntry retry_backoff_; | |
| 261 | |
| 230 base::WeakPtrFactory<AttestationFlow> weak_factory_; | 262 base::WeakPtrFactory<AttestationFlow> weak_factory_; |
| 231 | 263 |
| 232 DISALLOW_COPY_AND_ASSIGN(AttestationFlow); | 264 DISALLOW_COPY_AND_ASSIGN(AttestationFlow); |
| 233 }; | 265 }; |
| 234 | 266 |
| 235 } // namespace attestation | 267 } // namespace attestation |
| 236 } // namespace chromeos | 268 } // namespace chromeos |
| 237 | 269 |
| 238 #endif // CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ | 270 #endif // CHROMEOS_ATTESTATION_ATTESTATION_FLOW_H_ |
| OLD | NEW |
