Chromium Code Reviews Chromium Code Reviews
Issue 729803002:
Easy Sign-in: Use TPM RSA key to sign nonce in sign-in protocol (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER_H_ | |
| 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER_H_ | |
| 7 | |
| 8 #include <string> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/callback.h" | |
| 12 #include "base/macros.h" | |
| 13 #include "base/memory/weak_ptr.h" | |
| 14 #include "components/keyed_service/core/keyed_service.h" | |
| 15 #include "crypto/scoped_nss_types.h" | |
| 16 | |
| 17 class PrefRegistrySimple; | |
| 18 class PrefService; | |
| 19 | |
| 20 namespace content { | |
| 21 class BrowserContext; | |
| 22 } | |
| 23 | |
| 24 namespace user_prefs { | |
| 25 class PrefRegistrySyncable; | |
| 26 } | |
| 27 | |
| 28 // Manages per user RSA keys stored in system TPM slot used in easy signin | |
| 29 // protocol. The keys are used to sign a nonce exchanged during signin. | |
| 30 class EasyUnlockTpmKeyManager : public KeyedService { | |
| 31 public: | |
| 32 // Registers user's profile prefs. | |
| 33 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); | |
| 34 // Registers local state prefs (used to expose public RSA keys before login). | |
| 35 static void RegisterLocalStatePrefs(PrefRegistrySimple* registry); | |
| 36 // Clears local state for user. Should be called when a user is removed. | |
| 37 static void ResetLocalStateForUser(const std::string& user_id); | |
| 38 | |
| 39 // |user_id|: Id for the user associated with the service. Empty for signin | |
| 40 // service. | |
| 41 // |browser_context|: The browser context that owns the service. | |
| 42 // |user_prefs|: The |browser_context| prefs. NULL for signin profile. | |
| 43 // |local_state|: The local state prefs. | |
| 44 EasyUnlockTpmKeyManager( | |
| 45 const std::string& user_id, | |
| 46 content::BrowserContext* browser_context, | |
| 47 PrefService* user_prefs, | |
| 48 PrefService* local_state); | |
| 49 ~EasyUnlockTpmKeyManager(); | |
|
xiyuan
2014/12/02 23:15:58
nit: override
tbarzic
2014/12/03 19:10:28
Done.
| |
| 50 | |
| 51 // Checks if the RSA public key is set in the user prefs. If not, creates one. | |
| 52 // If the key presence can be confirmed, immediately returns true and | |
| 53 // |callback| never gets called, otherwise returns false (callback is called | |
| 54 // when the key presence is confirmed). | |
| 55 // Must not be called for signin profile. | |
| 56 // |check_private_key|: If public RSA key is set in the prefs, whether the | |
| 57 // method should confirm that the private key is present in the system | |
| 58 // slot. If the private key cannot be found, a new key pair will be | |
| 59 // created for the user. | |
| 60 // Note: Checking TPM for the private key is more expensive than only | |
| 61 // checking user prefs, so setting this to |false| should be preferable. | |
| 62 // Generally, if public key is set in user prefs, the private key should | |
| 63 // be present in the system TPM slot. This is used to make sure that easy | |
| 64 // signin does not remain permanently broken if something goes wrong. | |
| 65 // |callback|: If the method cannot return immediately, callled when the key | |
|
xiyuan
2014/12/02 23:15:58
nit: callled -> called
tbarzic
2014/12/03 19:10:28
Done.
| |
| 66 // pair presence is confirmed (or a key pair for the user is created). | |
| 67 bool IsTpmKeyPresent(const std::string& user_id, | |
|
xiyuan
2014/12/02 23:15:58
nit: IsTpmKeyPresent sounds like just a key presen
tbarzic
2014/12/03 19:10:28
Done.
| |
| 68 bool check_private_key, | |
| 69 const base::Closure& callback); | |
| 70 | |
| 71 // If called, posts a delayed task that cancels |IsTpmKeyPresent| in case | |
| 72 // getting system slot takes more than |timeout_ms|. In the case getting | |
| 73 // system slot times out |IstpmKeyPresent| will be called with an empty | |
| 74 // public key. | |
| 75 bool SetGetSystemSlotTimeoutMs(size_t timeout_ms); | |
| 76 | |
| 77 | |
| 78 // Gets the public RSA key for user. For sign in profile it returns key from | |
| 79 // local state. For user profile returns the key from user prefs. | |
| 80 std::string GetPublicTpmKey(const std::string& user_id); | |
| 81 | |
| 82 // Signs |data| using private RSA key associated with |user_id| stored in TPM | |
| 83 // system slot. | |
| 84 void SignUsingTpmKey( | |
| 85 const std::string& user_id, | |
| 86 const std::string& data, | |
| 87 const base::Callback<void(const std::string& data)> callback); | |
| 88 | |
| 89 private: | |
| 90 // Utility methods for getting and setting public key values in local state | |
| 91 // and user prefs. Note that the keys are saved base64 encoded. | |
| 92 std::string GetKeyFromUserPrefs(); | |
| 93 std::string GetKeyFromLocalState(const std::string& user_id); | |
| 94 void SetKeyInLocalState(const std::string& user_id, | |
| 95 const std::string& value); | |
| 96 void SetKeyInUserPrefs(const std::string& value); | |
| 97 | |
| 98 // Called when TPM system slot is initialized and ready to be used. | |
| 99 // It creates RSA key pair for the user in the system slot. | |
| 100 // When the key pair is created, |OnTpmKeyCreated| will be called with the | |
| 101 // created public key. | |
| 102 // The key will not be created if |public_key| is non-empty and the associated | |
| 103 // private key can be found in the slot. Instead |OnTpmKeyCreated| will be | |
| 104 // called with |public_key|. | |
| 105 void CreateKeyInSystemSlot( | |
| 106 const std::string& user_id, | |
| 107 const std::string& public_key, | |
| 108 crypto::ScopedPK11Slot system_slot); | |
| 109 | |
| 110 // Called when a RSA key pair is created for a user in TOM system slot. | |
| 111 // It saves the pulic key in the prefs and runs queued up | |
| 112 // |IsTpmKeyPresent| callbacks. | |
| 113 void OnTpmKeyCreated(const std::string& user_id, | |
| 114 const std::string& public_key); | |
| 115 | |
| 116 // Called when data signing requested in |SignUsingTpmKey| is done. | |
| 117 // It runs |callback| with the created |signature|. On error the callback will | |
| 118 // be run with an empty string. | |
| 119 void OnDataSigned( | |
| 120 const base::Callback<void(const std::string&)>& callback, | |
| 121 const std::string& signature, | |
| 122 const std::string& error_message); | |
| 123 | |
| 124 std::string user_id_; | |
| 125 content::BrowserContext* browser_context_; | |
| 126 | |
| 127 PrefService* user_prefs_; | |
| 128 PrefService* local_state_; | |
| 129 | |
| 130 // Whether TPM key pair is being created as a result of call to | |
| 131 // |IsTpmKeyPresent|. If set, callbacks for further |IsTpmKeyPresent| | |
| 132 // will be queued up and run when the original function call finishes. | |
| 133 bool creating_tpm_key_pair_; | |
| 134 bool got_tpm_slot_; | |
| 135 | |
| 136 // Queued up |IsTpmKeyPresent| callbacks. | |
| 137 std::vector<base::Closure> tpm_key_present_callbacks_; | |
| 138 | |
| 139 base::WeakPtrFactory<EasyUnlockTpmKeyManager> get_tpm_slot_weak_ptr_factory_; | |
| 140 base::WeakPtrFactory<EasyUnlockTpmKeyManager> weak_ptr_factory_; | |
| 141 | |
| 142 DISALLOW_COPY_AND_ASSIGN(EasyUnlockTpmKeyManager); | |
| 143 }; | |
| 144 | |
| 145 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER _H_ | |
| OLD | NEW |
