1dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen// Use of this source code is governed by a BSD-style license that can be 3bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen// found in the LICENSE file. 4bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 5bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ 6bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#define CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ 7bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#pragma once 8bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 9bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#include <string> 10bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#include <vector> 11bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 12ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/callback.h" 13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/synchronization/lock.h" 14bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#include "chrome/browser/chromeos/login/owner_key_utils.h" 15bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#include "chrome/browser/chromeos/login/owner_manager.h" 16ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "chrome/browser/policy/proto/device_management_backend.pb.h" 17dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/browser_thread.h" 18dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/common/notification_observer.h" 19dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/common/notification_registrar.h" 20dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/common/notification_service.h" 21bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 2221d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsennamespace base { 2321d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsentemplate <typename T> struct DefaultLazyInstanceTraits; 2421d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen} 2521d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen 26ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsennamespace em = enterprise_management; 27bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsennamespace chromeos { 28bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 29dc0f95d653279beabeb9817299e2902918ba123eKristian Monsenclass OwnershipService : public NotificationObserver { 30bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen public: 31dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen enum Status { 32dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // Listed in upgrade order. 33dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen OWNERSHIP_UNKNOWN = 0, 34dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen OWNERSHIP_NONE, 35dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen OWNERSHIP_TAKEN 36dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen }; 37dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 38bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // Returns the singleton instance of the OwnershipService. 39bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen static OwnershipService* GetSharedInstance(); 40bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen virtual ~OwnershipService(); 41bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 42ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Called after FILE thread is created to prefetch ownership status and avoid 43ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // blocking on UI thread. 44ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen void Prewarm(); 45ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 46ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Owner settings are being re-implemented as a single, signed protobuf 47ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // that is stored by the session manager. Thus, to write a setting, you 48ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // need to have the existing policy, update it, re-sign it, and then have 49ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // it stored. This could be done by requesting the policy every time, or 50ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // by caching it and updating it upon every successful store. 51ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Caching is faster and easier, so we'll do that. These are the 52ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // getters/setters for the cached policy. 53ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual void set_cached_policy(const em::PolicyData& pol); 54ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual bool has_cached_policy(); 55ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual const em::PolicyData& cached_policy(); 56ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 57ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // Sets a new owner key. This will _not_ load the key material from disk, but 58ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // rather update Chrome's in-memory copy of the key. |callback| will be 59ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // invoked once the operation completes. 60ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual void StartUpdateOwnerKey(const std::vector<uint8>& new_key, 61ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen OwnerManager::KeyUpdateDelegate* d); 62ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 63bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // If the device has been owned already, posts a task to the FILE thread to 64bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // fetch the public key off disk. 65bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // 66bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // Sends out a OWNER_KEY_FETCH_ATTEMPT_SUCCESS notification on success, 67bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // OWNER_KEY_FETCH_ATTEMPT_FAILED on failure. 6872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen virtual void StartLoadOwnerKeyAttempt(); 69bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 70bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // Initiate an attempt to sign |data| with |private_key_|. Will call 71bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // d->OnKeyOpComplete() when done. Upon success, the signature will be passed 72bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // as the |payload| argument to d->OnKeyOpComplete(). 73bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // 74bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // If you call this on a well-known thread, you'll be called back on that 75bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // thread. Otherwise, you'll get called back on the UI thread. 76bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen virtual void StartSigningAttempt(const std::string& data, 77bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen OwnerManager::Delegate* d); 78bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 79bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // Initiate an attempt to verify that |signature| is valid over |data| with 80bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // |public_key_|. When the attempt is completed, an appropriate KeyOpCode 81bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // will be passed to d->OnKeyOpComplete(). 82bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // 83bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // If you call this on a well-known thread, you'll be called back on that 84bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen // thread. Otherwise, you'll get called back on the UI thread. 85bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen virtual void StartVerifyAttempt(const std::string& data, 86bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen const std::vector<uint8>& signature, 87bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen OwnerManager::Delegate* d); 88bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 8972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // This method must be run on the FILE thread. 90bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen virtual bool CurrentUserIsOwner(); 91bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 92dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // This method should be run on FILE thread. 9372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen // Note: not static, for better mocking. 9472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen virtual bool IsAlreadyOwned(); 9572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 96dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // This method can be run either on FILE or UI threads. If |blocking| flag 97dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // is specified then it is guaranteed to return either OWNERSHIP_NONE or 98dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // OWNERSHIP_TAKEN (and not OWNERSHIP_UNKNOWN), however in this case it may 99dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // occasionally block doing i/o. 100dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen virtual Status GetStatus(bool blocking); 101dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 102bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen protected: 103bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen OwnershipService(); 104bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 105dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // NotificationObserver implementation. 106dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen virtual void Observe(NotificationType type, 107dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen const NotificationSource& source, 108dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen const NotificationDetails& details); 109dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 110bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen private: 11121d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen friend struct base::DefaultLazyInstanceTraits<OwnershipService>; 112bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen friend class OwnershipServiceTest; 113bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 114dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // Task posted on FILE thread on startup to prefetch ownership status. 115dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen void FetchStatus(); 116dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 117dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // Sets ownership status. May be called on either thread. 118dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen void SetStatus(Status new_status); 119dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 120ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen static void UpdateOwnerKey(OwnershipService* service, 121ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen const BrowserThread::ID thread_id, 122ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen const std::vector<uint8>& new_key, 123ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen OwnerManager::KeyUpdateDelegate* d); 12472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen static void TryLoadOwnerKeyAttempt(OwnershipService* service); 12572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen static void TrySigningAttempt(OwnershipService* service, 12672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen const BrowserThread::ID thread_id, 12772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen const std::string& data, 12872a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen OwnerManager::Delegate* d); 12972a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen static void TryVerifyAttempt(OwnershipService* service, 13072a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen const BrowserThread::ID thread_id, 13172a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen const std::string& data, 13272a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen const std::vector<uint8>& signature, 13372a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen OwnerManager::Delegate* d); 13472a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen static void FailAttempt(OwnerManager::Delegate* d); 13572a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 13672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen OwnerManager* manager() { return manager_.get(); } 13772a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen 138bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen scoped_refptr<OwnerManager> manager_; 139bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen scoped_refptr<OwnerKeyUtils> utils_; 140ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen scoped_ptr<em::PolicyData> policy_; 141dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen NotificationRegistrar notification_registrar_; 142ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen volatile Status ownership_status_; 143dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen base::Lock ownership_status_lock_; 144bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen}; 145bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 146bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen} // namespace chromeos 147bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen 148bda42a81ee5f9b20d2bebedcf0bbef1e30e5b293Kristian Monsen#endif // CHROME_BROWSER_CHROMEOS_LOGIN_OWNERSHIP_SERVICE_H_ 149