Wait for the attestation to be ready (TPM being prepared for attestation) before trying to enroll.

chromeos/attestation/attestation_flow.h

Index: chromeos/attestation/attestation_flow.h
diff --git a/chromeos/attestation/attestation_flow.h b/chromeos/attestation/attestation_flow.h
index 26a7292d60a9d4eab6901f21e268e31b6a799846..be2cab585cd58b7717f85e6a3280bd739383d395 100644
--- a/chromeos/attestation/attestation_flow.h
+++ b/chromeos/attestation/attestation_flow.h
@@ -11,6 +11,8 @@
 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
+#include "base/time/time.h"
+#include "base/timer/timer.h"
 #include "chromeos/attestation/attestation_constants.h"
 #include "chromeos/chromeos_export.h"
 #include "chromeos/dbus/dbus_method_call_status.h"
@@ -46,11 +48,14 @@ class CHROMEOS_EXPORT ServerProxy {
 // Implements the message flow for Chrome OS attestation tasks.  Generally this
 // consists of coordinating messages between the Chrome OS attestation service
 // and the Chrome OS Privacy CA server.  Sample usage:
+//
 //    AttestationFlow flow(AsyncMethodCaller::GetInstance(),
 //                         DBusThreadManager::Get().GetCryptohomeClient(),
 //                         std::move(my_server_proxy));
 //    AttestationFlow::CertificateCallback callback = base::Bind(&MyCallback);
 //    flow.GetCertificate(ENTERPRISE_USER_CERTIFICATE, false, callback);
+//
+// This class is not thread safe.
 class CHROMEOS_EXPORT AttestationFlow {
  public:
   typedef base::Callback<void(bool success,
@@ -82,6 +87,21 @@ class CHROMEOS_EXPORT AttestationFlow {
                   std::unique_ptr<ServerProxy> server_proxy);
   virtual ~AttestationFlow();
 
+  // Sets the timeout for attestation to be ready.
+  void SetReadyTimeout(base::TimeDelta ready_timeout) {

[Darren Krahn, 2016/12/08 18:06:06]

set_ready_timeout()

[The one and only Dr. Crash, 2016/12/13 22:37:17]

Done.

+    ready_timeout_ = ready_timeout;
+  }
+  // Gets the timeout for attestation to be ready.
+  base::TimeDelta GetReadyTimeout() const { return ready_timeout_; }

[Darren Krahn, 2016/12/08 18:06:06]

ready_timeout()

[The one and only Dr. Crash, 2016/12/13 22:37:17]

Done.

+
+  // Sets the retry delay.
+  void SetRetryDelay(base::TimeDelta retry_delay) {

[Darren Krahn, 2016/12/08 18:06:06]

set_retry_delay()

[The one and only Dr. Crash, 2016/12/13 22:37:17]

Done.

+    retry_delay_ = retry_delay;
+  }
+
+  // Returns the retry delay.
+  base::TimeDelta GetRetryDelay() { return retry_delay_; }

[Darren Krahn, 2016/12/08 18:06:06]

retry_delay()

[The one and only Dr. Crash, 2016/12/13 22:37:17]

Done.

+
   // Gets an attestation certificate for a hardware-protected key.  If a key for
   // the given profile does not exist, it will be generated and a certificate
   // request will be made to the Chrome OS Privacy CA to issue a certificate for
@@ -109,7 +129,27 @@ class CHROMEOS_EXPORT AttestationFlow {
                               const CertificateCallback& callback);
 
  private:
-  // Asynchronously initiates the attestation enrollment flow.
+  // Initiates enrollment.
+  //
+  // Parameters
+  //   on_failure - Called if any failure occurs.
+  //   next_task - Called on successful enrollment.
+  void InitiateEnroll(const base::Closure& on_failure,
+                      const base::Closure& next_task);
+
+  // Asynchronously waits for attestation to be ready and start enrollment once
+  // it is. If attestation is not ready by the time the flow's timeout is
+  // reached, fail.
+  //
+  // Parameters
+  //   retries_left - Number of retries left (-1 for infinite retries).
+  //   on_failure - Called if any failure occurs.
+  //   next_task - Called on successful enrollment.
+  void WaitForAttestationReadyAndStartEnroll(base::TimeTicks end_time,
+                                             const base::Closure& on_failure,
+                                             const base::Closure& next_task);
+
+  // Called when attestation is prepared, to start the actual enrollment flow.
   //
   // Parameters
   //   on_failure - Called if any failure occurs.
@@ -223,10 +263,25 @@ class CHROMEOS_EXPORT AttestationFlow {
                               const std::string& key_name,
                               const CertificateCallback& callback);
 
+  // Checks whether attestation is ready. If not, reschedules a check after
+  // a delay unless we are out of retries, in which case we run |on_failure|.
+  // runs |on_giving_up|, otherwise runs |on_retrying| after a delay.

[Darren Krahn, 2016/12/08 18:06:06]

on_giving_up and on_retrying are not defined

[The one and only Dr. Crash, 2016/12/13 22:37:17]

Yes I went back to original names. Fixing documentation (which was all wrong,
including mentioning my former use of a #retries vs end time).

+  //
+  // Parameters
+  //   retries_left - Number of retries left (-1 for infinite retries).
+  //   on_failure - Called if any failure occurs.
+  //   next_task - Called on successful enrollment.
+  void CheckAttestationReadyAndReschedule(base::TimeTicks end_time,
+                                          const base::Closure& on_failure,
+                                          const base::Closure& next_task);
+
   cryptohome::AsyncMethodCaller* async_caller_;
   CryptohomeClient* cryptohome_client_;
   std::unique_ptr<ServerProxy> server_proxy_;
 
+  base::TimeDelta ready_timeout_;
+  base::TimeDelta retry_delay_;
+
   base::WeakPtrFactory<AttestationFlow> weak_factory_;
 
   DISALLOW_COPY_AND_ASSIGN(AttestationFlow);