| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ | 5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ |
| 6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ | 6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "base/memory/scoped_vector.h" | 13 #include "base/memory/scoped_vector.h" |
| 14 #include "chromeos/chromeos_export.h" | 14 #include "chromeos/chromeos_export.h" |
| 15 | 15 |
| 16 namespace cryptohome { | 16 namespace cryptohome { |
| 17 | 17 |
| 18 enum AuthKeyPrivileges { | 18 enum AuthKeyPrivileges { |
| 19 PRIV_MOUNT = 1 << 0, // Can mount with this key. | 19 PRIV_MOUNT = 1 << 0, // Can mount with this key. |
| 20 PRIV_ADD = 1 << 1, // Can add new keys. | 20 PRIV_ADD = 1 << 1, // Can add new keys. |
| 21 PRIV_REMOVE = 1 << 2, // Can remove other keys. | 21 PRIV_REMOVE = 1 << 2, // Can remove other keys. |
| 22 PRIV_MIGRATE = 1 << 3, // Destroy all keys and replace with new. | 22 PRIV_MIGRATE = 1 << 3, // Destroy all keys and replace with new. |
| 23 PRIV_AUTHORIZED_UPDATE = 1 << 4, // Key can be updated in place. | 23 PRIV_AUTHORIZED_UPDATE = 1 << 4, // Key can be updated in place. |
| 24 PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE | 24 PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE |
| 25 }; | 25 }; |
| 26 | 26 |
| 27 // An entry in a cryptohome key provider data. |
| 28 struct CHROMEOS_EXPORT ProviderDataEntry { |
| 29 explicit ProviderDataEntry(const std::string& name); |
| 30 ProviderDataEntry(const std::string& name, int64 number); |
| 31 ProviderDataEntry(const std::string& name, const std::string& bytes); |
| 32 ~ProviderDataEntry(); |
| 33 |
| 34 void SetNumber(int64 number); |
| 35 void SetBytes(const std::string& bytes); |
| 36 |
| 37 std::string name; |
| 38 bool has_number; |
| 39 int64 number; |
| 40 bool has_bytes; |
| 41 std::string bytes; |
| 42 }; |
| 43 |
| 27 // Identification of the user calling cryptohome method. | 44 // Identification of the user calling cryptohome method. |
| 28 struct CHROMEOS_EXPORT Identification { | 45 struct CHROMEOS_EXPORT Identification { |
| 29 explicit Identification(const std::string& user_id); | 46 explicit Identification(const std::string& user_id); |
| 30 | 47 |
| 31 bool operator==(const Identification& other) const; | 48 bool operator==(const Identification& other) const; |
| 32 | 49 |
| 33 std::string user_id; | 50 std::string user_id; |
| 34 }; | 51 }; |
| 35 | 52 |
| 36 // Definition of the key (e.g. password) for the cryptohome. | 53 // Definition of the key (e.g. password) for the cryptohome. |
| 37 // It contains authorization data along with extra parameters like perimissions | 54 // It contains authorization data along with extra parameters like perimissions |
| 38 // associated with this key. | 55 // associated with this key. |
| 39 struct CHROMEOS_EXPORT KeyDefinition { | 56 struct CHROMEOS_EXPORT KeyDefinition { |
| 40 KeyDefinition(const std::string& key, | 57 KeyDefinition(const std::string& key, |
| 41 const std::string& label, | 58 const std::string& label, |
| 42 int /*AuthKeyPrivileges*/ privileges); | 59 int /*AuthKeyPrivileges*/ privileges); |
| 43 ~KeyDefinition(); | 60 ~KeyDefinition(); |
| 44 | 61 |
| 45 bool operator==(const KeyDefinition& other) const; | 62 bool operator==(const KeyDefinition& other) const; |
| 46 | 63 |
| 47 std::string label; | 64 std::string label; |
| 48 | 65 |
| 49 int revision; | 66 int revision; |
| 50 std::string key; | 67 std::string key; |
| 51 | 68 |
| 52 std::string encryption_key; | 69 std::string encryption_key; |
| 53 std::string signature_key; | 70 std::string signature_key; |
| 54 // Privileges associated with key. Combination of |AuthKeyPrivileges| values. | 71 // Privileges associated with key. Combination of |AuthKeyPrivileges| values. |
| 55 int privileges; | 72 int privileges; |
| 73 std::vector<ProviderDataEntry> provider_data; |
| 56 }; | 74 }; |
| 57 | 75 |
| 58 // Authorization attempt data for user. | 76 // Authorization attempt data for user. |
| 59 struct CHROMEOS_EXPORT Authorization { | 77 struct CHROMEOS_EXPORT Authorization { |
| 60 Authorization(const std::string& key, const std::string& label); | 78 Authorization(const std::string& key, const std::string& label); |
| 61 explicit Authorization(const KeyDefinition& key); | 79 explicit Authorization(const KeyDefinition& key); |
| 62 | 80 |
| 63 bool operator==(const Authorization& other) const; | 81 bool operator==(const Authorization& other) const; |
| 64 | 82 |
| 65 std::string key; | 83 std::string key; |
| 66 std::string label; | 84 std::string label; |
| 67 }; | 85 }; |
| 68 | 86 |
| 69 // Information about keys returned by GetKeyDataEx(). | 87 // Information about keys returned by GetKeyDataEx(). |
| 70 struct CHROMEOS_EXPORT RetrievedKeyData { | 88 struct CHROMEOS_EXPORT RetrievedKeyData { |
| 71 enum Type { | 89 enum Type { |
| 72 TYPE_PASSWORD = 0 | 90 TYPE_PASSWORD = 0 |
| 73 }; | 91 }; |
| 74 | 92 |
| 75 enum AuthorizationType { | 93 enum AuthorizationType { |
| 76 AUTHORIZATION_TYPE_HMACSHA256 = 0, | 94 AUTHORIZATION_TYPE_HMACSHA256 = 0, |
| 77 AUTHORIZATION_TYPE_AES256CBC_HMACSHA256 | 95 AUTHORIZATION_TYPE_AES256CBC_HMACSHA256 |
| 78 }; | 96 }; |
| 79 | 97 |
| 80 struct ProviderData { | |
| 81 explicit ProviderData(const std::string& name); | |
| 82 ~ProviderData(); | |
| 83 | |
| 84 std::string name; | |
| 85 scoped_ptr<int64> number; | |
| 86 scoped_ptr<std::string> bytes; | |
| 87 }; | |
| 88 | |
| 89 RetrievedKeyData(Type type, const std::string& label, int64 revision); | 98 RetrievedKeyData(Type type, const std::string& label, int64 revision); |
| 90 ~RetrievedKeyData(); | 99 ~RetrievedKeyData(); |
| 91 | 100 |
| 92 Type type; | 101 Type type; |
| 93 std::string label; | 102 std::string label; |
| 94 // Privileges associated with key. Combination of |AuthKeyPrivileges| values. | 103 // Privileges associated with key. Combination of |AuthKeyPrivileges| values. |
| 95 int privileges; | 104 int privileges; |
| 96 int64 revision; | 105 int64 revision; |
| 97 std::vector<AuthorizationType> authorization_types; | 106 std::vector<AuthorizationType> authorization_types; |
| 98 ScopedVector<ProviderData> provider_data; | 107 std::vector<ProviderDataEntry> provider_data; |
| 99 }; | 108 }; |
| 100 | 109 |
| 101 // Parameters for Mount call. | 110 // Parameters for Mount call. |
| 102 class CHROMEOS_EXPORT MountParameters { | 111 class CHROMEOS_EXPORT MountParameters { |
| 103 public: | 112 public: |
| 104 explicit MountParameters(bool ephemeral); | 113 explicit MountParameters(bool ephemeral); |
| 105 ~MountParameters(); | 114 ~MountParameters(); |
| 106 | 115 |
| 107 bool operator==(const MountParameters& other) const; | 116 bool operator==(const MountParameters& other) const; |
| 108 | 117 |
| 109 // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the | 118 // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the |
| 110 // ephemeral users policy decides whether tmpfs or an encrypted directory is | 119 // ephemeral users policy decides whether tmpfs or an encrypted directory is |
| 111 // used as the backend. | 120 // used as the backend. |
| 112 bool ephemeral; | 121 bool ephemeral; |
| 113 | 122 |
| 114 // If not empty, home dir will be created with these keys if it exist. | 123 // If not empty, home dir will be created with these keys if it exist. |
| 115 std::vector<KeyDefinition> create_keys; | 124 std::vector<KeyDefinition> create_keys; |
| 116 }; | 125 }; |
| 117 | 126 |
| 118 } // namespace cryptohome | 127 } // namespace cryptohome |
| 119 | 128 |
| 120 #endif // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ | 129 #endif // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 554043003:
cros: Create cryptohome keys for Easy sign-in. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master