1c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Copyright (c) 2013 The Chromium Authors. All rights reserved. 2c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 3c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// found in the LICENSE file. 4c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 5c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_ 6c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_ 7c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 8c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include <string> 9c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 10c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/basictypes.h" 11c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/callback.h" 12c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/memory/scoped_ptr.h" 13c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "base/memory/weak_ptr.h" 1468043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles)#include "chrome/browser/chromeos/settings/cros_settings.h" 15c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 16c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace policy { 17c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class CloudPolicyClient; 18c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} 19c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 20c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace chromeos { 21c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 22c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class CrosSettings; 23c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class CryptohomeClient; 24c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 25c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)namespace attestation { 26c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 27c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)class AttestationFlow; 28c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 29c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// A class which observes policy changes and triggers device attestation work if 30c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)// necessary. 3168043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles)class AttestationPolicyObserver { 32c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) public: 33c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // The observer immediately connects with CrosSettings to listen for policy 34c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // changes. The CloudPolicyClient is used to upload the device certificate to 35c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // the server if one is created in response to policy changes; it must be in 36c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // the registered state. This class does not take ownership of 37c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // |policy_client|. 38c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) explicit AttestationPolicyObserver(policy::CloudPolicyClient* policy_client); 39c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 40c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // A constructor which allows custom CryptohomeClient and AttestationFlow 41c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // implementations. Useful for testing. 42c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationPolicyObserver(policy::CloudPolicyClient* policy_client, 43c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CryptohomeClient* cryptohome_client, 44c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow* attestation_flow); 45c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 4668043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) ~AttestationPolicyObserver(); 47c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 48eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // Sets the retry delay in seconds; useful in testing. 49eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch void set_retry_delay(int retry_delay) { 50eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch retry_delay_ = retry_delay; 51eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch } 52eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 53c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) private: 5468043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) // Called when the attestation setting changes. 5568043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) void AttestationSettingChanged(); 5668043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) 57c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Checks attestation policy and starts any necessary work. 58c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void Start(); 59c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 60c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Gets a new certificate for the Enterprise Machine Key (EMK). 61c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void GetNewCertificate(); 62c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 63c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Gets the existing EMK certificate and sends it to CheckCertificateExpiry. 64c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void GetExistingCertificate(); 65c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 66c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Checks if the given certificate is expired and, if so, get a new one. 67c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void CheckCertificateExpiry(const std::string& certificate); 68c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 69c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Uploads a certificate to the policy server. 70c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void UploadCertificate(const std::string& certificate); 71c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 72c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Checks if a certificate has already been uploaded and, if not, upload. 73c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void CheckIfUploaded(const std::string& certificate, 74c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) const std::string& key_payload); 75c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 76c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Gets the payload associated with the EMK and sends it to |callback|. 77c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void GetKeyPayload(base::Callback<void(const std::string&)> callback); 78c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 79c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Called when a certificate upload operation completes. On success, |status| 80c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // will be true. 81c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void OnUploadComplete(bool status); 82c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 83c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Marks a key as uploaded in the payload proto. 84c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) void MarkAsUploaded(const std::string& key_payload); 85c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 86eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // Reschedules a policy check (i.e. a call to Start) for a later time. 87eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // TODO(dkrahn): A better solution would be to wait for a dbus signal which 88eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch // indicates the system is ready to process this task. See crbug.com/256845. 89eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch void Reschedule(); 90eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch 91c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CrosSettings* cros_settings_; 92c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) policy::CloudPolicyClient* policy_client_; 93c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) CryptohomeClient* cryptohome_client_; 94c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) AttestationFlow* attestation_flow_; 95c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) scoped_ptr<AttestationFlow> default_attestation_flow_; 96eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch int num_retries_; 97eb525c5499e34cc9c4b825d6d9e75bb07cc06aceBen Murdoch int retry_delay_; 98c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 9968043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) scoped_ptr<CrosSettings::ObserverSubscription> attestation_subscription_; 10068043e1e95eeb07d5cae7aca370b26518b0867d6Torne (Richard Coles) 101c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // Note: This should remain the last member so it'll be destroyed and 102c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) // invalidate the weak pointers before any other members are destroyed. 103c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) base::WeakPtrFactory<AttestationPolicyObserver> weak_factory_; 104c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 105c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(AttestationPolicyObserver); 106c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)}; 107c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 108c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace attestation 109c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)} // namespace chromeos 110c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles) 111c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#endif // CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_ 112