forked from chromium/chromium
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathasync_method_caller.h
144 lines (123 loc) · 6.63 KB
/
async_method_caller.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_
#define CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_
#include <string>
#include "base/callback_forward.h"
#include "base/component_export.h"
#include "chromeos/dbus/constants/attestation_constants.h"
#include "chromeos/dbus/cryptohome/cryptohome_client.h"
#include "third_party/cros_system_api/dbus/service_constants.h"
namespace cryptohome {
class Identification;
// Note: This file is placed in ::cryptohome instead of ::chromeos::cryptohome
// since there is already a namespace ::cryptohome which holds the error code
// enum (MountError) and referencing ::chromeos::cryptohome and ::cryptohome
// within the same code is confusing.
// This class manages calls to Cryptohome service's 'async' methods.
class COMPONENT_EXPORT(CHROMEOS_CRYPTOHOME) AsyncMethodCaller {
public:
// A callback type which is called back on the UI thread when the results of
// method calls are ready.
using Callback =
base::OnceCallback<void(bool success, MountError return_code)>;
using DataCallback =
base::OnceCallback<void(bool success, const std::string& data)>;
virtual ~AsyncMethodCaller() {}
// Asks cryptohomed to asynchronously create an attestation enrollment
// request. On success the data sent to |callback| is a request to be sent
// to the Privacy CA of type |pca_type|.
virtual void AsyncTpmAttestationCreateEnrollRequest(
chromeos::attestation::PrivacyCAType pca_type,
DataCallback callback) = 0;
// Asks cryptohomed to asynchronously finish an attestation enrollment.
// |pca_response| is the response to the enrollment request emitted by the
// Privacy CA of type |pca_type|.
virtual void AsyncTpmAttestationEnroll(
chromeos::attestation::PrivacyCAType pca_type,
const std::string& pca_response,
Callback callback) = 0;
// Asks cryptohomed to asynchronously create an attestation certificate
// request according to |certificate_profile|. Some profiles require that the
// |user_id| of the currently active user and an identifier of the
// |request_origin| be provided. On success the data sent to |callback| is a
// request to be sent to the Privacy CA of type |pca_type|. The
// |request_origin| may be sent to the Privacy CA but the |user_id| will never
// be sent.
virtual void AsyncTpmAttestationCreateCertRequest(
chromeos::attestation::PrivacyCAType pca_type,
chromeos::attestation::AttestationCertificateProfile certificate_profile,
const Identification& user_id,
const std::string& request_origin,
DataCallback callback) = 0;
// Asks cryptohomed to asynchronously finish an attestation certificate
// request. On success the data sent to |callback| is a certificate chain
// in PEM format. |pca_response| is the response to the certificate request
// emitted by the Privacy CA. |key_type| determines whether the certified key
// is to be associated with the current user. |key_name| is a name for the
// key. If |key_type| is KEY_USER, a |user_id| must be provided. Otherwise
// |user_id| is ignored. For normal GAIA users the |user_id| is
// an AccountId-derived string (see AccountId::GetAccountIdKey).
virtual void AsyncTpmAttestationFinishCertRequest(
const std::string& pca_response,
chromeos::attestation::AttestationKeyType key_type,
const Identification& user_id,
const std::string& key_name,
DataCallback callback) = 0;
// Asks cryptohomed to asynchronously register the attestation key specified
// by |key_type| and |key_name|. If |key_type| is KEY_USER, a |user_id| must
// be provided. Otherwise |user_id| is ignored. For normal GAIA users the
// |user_id| is an AccountId-derived string (see AccountId::GetAccountIdKey).
virtual void TpmAttestationRegisterKey(
chromeos::attestation::AttestationKeyType key_type,
const Identification& user_id,
const std::string& key_name,
Callback callback) = 0;
// Asks cryptohomed to asynchronously sign an enterprise challenge with the
// key specified by |key_type| and |key_name|. The |domain| and |device_id|
// parameters will be included in the challenge response. |challenge| must be
// a valid enterprise challenge. On success, the data sent to |callback| is
// the challenge response. If |key_type| is KEY_USER, a |user_id| must be
// provided. Otherwise |user_id| is ignored. For normal GAIA users the
// |user_id| is an AccountaId-derived string (see AccountId::GetAccountIdKey).
// If |key_name_for_spkac| is not empty, then the corresponding key will be
// used for SignedPublicKeyAndChallenge, but the challenge response will still
// be signed by the key specified by |key_name| (EMK or EUK).
virtual void TpmAttestationSignEnterpriseChallenge(
chromeos::attestation::AttestationKeyType key_type,
const Identification& user_id,
const std::string& key_name,
const std::string& domain,
const std::string& device_id,
chromeos::attestation::AttestationChallengeOptions options,
const std::string& challenge,
const std::string& key_name_for_spkac,
DataCallback callback) = 0;
// Asks cryptohomed to asynchronously sign a simple challenge with the key
// specified by |key_type| and |key_name|. |challenge| can be any arbitrary
// set of bytes. On success, the data sent to |callback| is the challenge
// response. If |key_type| is KEY_USER, a |user_id| must be provided.
// Otherwise |user_id| is ignored. For normal GAIA users the |user_id| is an
// AccountId-derived string (see AccountId::GetAccountIdKey).
virtual void TpmAttestationSignSimpleChallenge(
chromeos::attestation::AttestationKeyType key_type,
const Identification& user_id,
const std::string& key_name,
const std::string& challenge,
DataCallback callback) = 0;
// Creates the global AsyncMethodCaller instance.
static void Initialize();
// Similar to Initialize(), but can inject an alternative
// AsyncMethodCaller such as MockAsyncMethodCaller for testing.
// The injected object will be owned by the internal pointer and deleted
// by Shutdown().
static void InitializeForTesting(AsyncMethodCaller* async_method_caller);
// Destroys the global AsyncMethodCaller instance if it exists.
static void Shutdown();
// Returns a pointer to the global AsyncMethodCaller instance.
// Initialize() should already have been called.
static AsyncMethodCaller* GetInstance();
};
} // namespace cryptohome
#endif // CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_