Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(289)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/chromeos/policy/enrollment_handler_chromeos.h

Issue 2727713003: Update FWMP in TPM (Closed)
Patch Set: Test fixed Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc ('K') | « chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('j') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 5 #ifndef CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 6 #define CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
7 7
8 #include <memory> 8 #include <memory>
9 #include <string> 9 #include <string>
10 10
(...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after
108 // explicitly to make it easier to read debug logs.) 108 // explicitly to make it easier to read debug logs.)
109 enum EnrollmentStep { 109 enum EnrollmentStep {
110 STEP_PENDING = 0, // Not started yet. 110 STEP_PENDING = 0, // Not started yet.
111 STEP_STATE_KEYS = 1, // Waiting for state keys to become available. 111 STEP_STATE_KEYS = 1, // Waiting for state keys to become available.
112 STEP_LOADING_STORE = 2, // Waiting for |store_| to initialize. 112 STEP_LOADING_STORE = 2, // Waiting for |store_| to initialize.
113 STEP_REGISTRATION = 3, // Currently registering the client. 113 STEP_REGISTRATION = 3, // Currently registering the client.
114 STEP_POLICY_FETCH = 4, // Fetching policy. 114 STEP_POLICY_FETCH = 4, // Fetching policy.
115 STEP_VALIDATION = 5, // Policy validation. 115 STEP_VALIDATION = 5, // Policy validation.
116 STEP_ROBOT_AUTH_FETCH = 6, // Fetching device API auth code. 116 STEP_ROBOT_AUTH_FETCH = 6, // Fetching device API auth code.
117 STEP_ROBOT_AUTH_REFRESH = 7, // Fetching device API refresh token. 117 STEP_ROBOT_AUTH_REFRESH = 7, // Fetching device API refresh token.
118 STEP_AD_DOMAIN_JOIN = 8, // Joining Active Directory domain. 118 STEP_SET_FWMP_DATA = 8, // Setting the firmware management parameters.
119 STEP_LOCK_DEVICE = 9, // Writing installation-time attributes. 119 STEP_AD_DOMAIN_JOIN = 9, // Joining Active Directory domain.
120 STEP_STORE_TOKEN = 10, // Encrypting and storing DM token. 120 STEP_LOCK_DEVICE = 10, // Writing installation-time attributes.
121 STEP_STORE_ROBOT_AUTH = 11, // Encrypting & writing robot refresh token. 121 STEP_STORE_TOKEN = 11, // Encrypting and storing DM token.
122 STEP_STORE_POLICY = 12, // Storing policy and API refresh token. For 122 STEP_STORE_ROBOT_AUTH = 12, // Encrypting & writing robot refresh token.
123 STEP_STORE_POLICY = 13, // Storing policy and API refresh token. For
123 // AD, includes policy fetch via authpolicyd. 124 // AD, includes policy fetch via authpolicyd.
124 STEP_FINISHED = 13, // Enrollment process done, no further action. 125 STEP_FINISHED = 14, // Enrollment process done, no further action.
125 }; 126 };
126 127
127 // Handles the response to a request for server-backed state keys. 128 // Handles the response to a request for server-backed state keys.
128 void HandleStateKeysResult(const std::vector<std::string>& state_keys); 129 void HandleStateKeysResult(const std::vector<std::string>& state_keys);
129 130
130 // Starts attestation based enrollment flow. 131 // Starts attestation based enrollment flow.
131 void StartAttestationBasedEnrollmentFlow(); 132 void StartAttestationBasedEnrollmentFlow();
132 133
133 // Handles the response to a request for a registration certificate. 134 // Handles the response to a request for a registration certificate.
134 void HandleRegistrationCertificateResult( 135 void HandleRegistrationCertificateResult(
135 bool success, 136 bool success,
136 const std::string& pem_certificate_chain); 137 const std::string& pem_certificate_chain);
137 138
138 // Starts registration if the store is initialized. 139 // Starts registration if the store is initialized.
139 void StartRegistration(); 140 void StartRegistration();
140 141
141 // Handles the policy validation result, proceeding with device lock if 142 // Handles the policy validation result, proceeding with device lock if
142 // successful. 143 // successful.
143 void HandlePolicyValidationResult(DeviceCloudPolicyValidator* validator); 144 void HandlePolicyValidationResult(DeviceCloudPolicyValidator* validator);
144 145
146 // Updates the firmware management partition from TPM, setting the data
147 // according to devmode.
148 void SetFwmpData();
Daniel Erat 2017/03/06 21:18:26 nit: mind expanding the acronym in these names too
igorcov 2017/03/09 12:22:57 Done.
149
150 // Invoked after the firmware management partition in TPM is updated.
151 void OnFwmpDataSet(chromeos::DBusMethodCallStatus call_status,
152 bool result,
153 const cryptohome::BaseReply& reply);
154
155 // Returns whether block_devmode is set. Can be invoked after the policy is
156 // retrieved.
157 bool GetBlockDevmode();
158
145 // Start joining the Active Directory domain in case the device is enrolling 159 // Start joining the Active Directory domain in case the device is enrolling
146 // into Active Directory management mode. 160 // into Active Directory management mode.
147 void StartJoinAdDomain(); 161 void StartJoinAdDomain();
148 162
149 // Handles successful Active Directory domain join. 163 // Handles successful Active Directory domain join.
150 void OnAdDomainJoined(const std::string& realm); 164 void OnAdDomainJoined(const std::string& realm);
151 165
152 // Calls InstallAttributes::LockDevice() for enterprise enrollment and 166 // Calls InstallAttributes::LockDevice() for enterprise enrollment and
153 // DeviceSettingsService::SetManagementSettings() for consumer 167 // DeviceSettingsService::SetManagementSettings() for consumer
154 // enrollment. 168 // enrollment.
(...skipping 69 matching lines...) Expand 10 before | Expand all | Expand 10 after
224 int lockbox_init_duration_ = 0; 238 int lockbox_init_duration_ = 0;
225 239
226 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_; 240 base::WeakPtrFactory<EnrollmentHandlerChromeOS> weak_ptr_factory_;
227 241
228 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS); 242 DISALLOW_COPY_AND_ASSIGN(EnrollmentHandlerChromeOS);
229 }; 243 };
230 244
231 } // namespace policy 245 } // namespace policy
232 246
233 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_ 247 #endif // CHROME_BROWSER_CHROMEOS_POLICY_ENROLLMENT_HANDLER_CHROMEOS_H_
OLDNEW
« chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc ('K') | « chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.cc ('k') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('j') | chrome/browser/chromeos/policy/enrollment_handler_chromeos.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698