13551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// Copyright 2013 The Chromium Authors. All rights reserved. 23551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 33551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// found in the LICENSE file. 43551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 53551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#ifndef CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_ 63551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#define CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_ 73551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 83551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#include <string> 93551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 103551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#include "base/basictypes.h" 113551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#include "base/callback.h" 120f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)#include "base/memory/ref_counted.h" 133551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#include "base/memory/scoped_ptr.h" 140f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)#include "base/time/time.h" 150f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)#include "base/timer/timer.h" 1658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)#include "url/gurl.h" 1758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 180f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)class HostContentSettingsMap; 1958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)class PrefService; 203551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 213551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)namespace content { 223551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)class WebContents; 233551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)} 243551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 253551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)namespace cryptohome { 263551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)class AsyncMethodCaller; 273551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)} 283551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 295f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)namespace user_manager { 305f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)class User; 315f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles)} 325f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) 3358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)namespace user_prefs { 3458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)class PrefRegistrySyncable; 3558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)} 3658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 373551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)namespace chromeos { 383551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 393551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)class CryptohomeClient; 40424c4d7b64af9d0d8fd9624f381f469654d5e3d2Torne (Richard Coles) 413551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)namespace attestation { 423551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 433551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)class AttestationFlow; 440f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)class PlatformVerificationFlowTest; 453551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 463551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// This class allows platform verification for the content protection use case. 473551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// All methods must only be called on the UI thread. Example: 480f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// scoped_refptr<PlatformVerificationFlow> verifier = 490f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// new PlatformVerificationFlow(); 503551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)// PlatformVerificationFlow::Callback callback = base::Bind(&MyCallback); 510f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// verifier->ChallengePlatformKey(my_web_contents, "my_id", "some_challenge", 520f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// callback); 530f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// 540f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// This class is RefCountedThreadSafe because it may need to outlive its caller. 550f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// The attestation flow that needs to happen to establish a certified platform 560f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// key may take minutes on some hardware. This class will timeout after a much 570f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// shorter time so the caller can proceed without platform verification but it 580f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// is important that the pending operation be allowed to finish. If the 590f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// attestation flow is aborted at any stage, it will need to start over. If we 600f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// use weak pointers, the attestation flow will stop when the next callback is 610f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// run. So we need the instance to stay alive until the platform key is fully 620f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)// certified so the next time ChallegePlatformKey() is invoked it will be quick. 630f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles)class PlatformVerificationFlow 640f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) : public base::RefCountedThreadSafe<PlatformVerificationFlow> { 653551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) public: 663551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) enum Result { 673551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) SUCCESS, // The operation succeeded. 683551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) INTERNAL_ERROR, // The operation failed unexpectedly. 693551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) PLATFORM_NOT_VERIFIED, // The platform cannot be verified. For example: 703551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // - It is not a Chrome device. 713551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // - It is not running a verified OS image. 723551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) USER_REJECTED, // The user explicitly rejected the operation. 733551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) POLICY_REJECTED, // The operation is not allowed by policy/settings. 740f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) TIMEOUT, // The operation timed out. 753551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) }; 763551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 773551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) enum ConsentResponse { 783551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) CONSENT_RESPONSE_NONE, 793551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) CONSENT_RESPONSE_ALLOW, 803551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) CONSENT_RESPONSE_DENY, 813551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) }; 823551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 833551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // An interface which allows settings and UI to be abstracted for testing 843551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // purposes. For normal operation the default implementation should be used. 853551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) class Delegate { 863551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) public: 873551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) virtual ~Delegate() {} 883551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 893551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // This callback will be called when a user has given a |response| to a 903551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // consent request of the specified |type|. 913551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) typedef base::Callback<void(ConsentResponse response)> ConsentCallback; 923551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 930f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Invokes consent UI within the context of |web_contents| and calls 940f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // |callback| when the user responds. 950f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Precondition: The last committed URL for |web_contents| has a valid 960f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // origin. 970f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) virtual void ShowConsentPrompt(content::WebContents* web_contents, 983551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const ConsentCallback& callback) = 0; 995d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1005d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Gets prefs associated with the given |web_contents|. If no prefs are 1015d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // associated with |web_contents| then NULL is returned. 1025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual PrefService* GetPrefs(content::WebContents* web_contents) = 0; 1035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Gets the URL associated with the given |web_contents|. 1055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual const GURL& GetURL(content::WebContents* web_contents) = 0; 1065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Gets the user associated with the given |web_contents|. NULL may be 1085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // returned. 1095f1c94371a64b3196d4be9466099bb892df9b88eTorne (Richard Coles) virtual user_manager::User* GetUser(content::WebContents* web_contents) = 0; 1105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1115d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Gets the content settings map associated with the given |web_contents|. 1125d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual HostContentSettingsMap* GetContentSettings( 1135d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) content::WebContents* web_contents) = 0; 1145d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 1155d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Returns true iff |web_contents| belongs to a guest or incognito session. 1165d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) virtual bool IsGuestOrIncognito(content::WebContents* web_contents) = 0; 1173551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) }; 1183551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1193551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // This callback will be called when a challenge operation completes. If 12058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // |result| is SUCCESS then |signed_data| holds the data which was signed 12158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // by the platform key (this is the original challenge appended with a random 12258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // nonce) and |signature| holds the RSA-PKCS1-v1.5 signature. The 12358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // |platform_key_certificate| certifies the key used to generate the 12458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // signature. This key may be generated on demand and is not guaranteed to 12558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // persist across multiple calls to this method. The browser does not check 12658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // the validity of |signature| or |platform_key_certificate|. 1273551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) typedef base::Callback<void(Result result, 12858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& signed_data, 12958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& signature, 1303551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const std::string& platform_key_certificate)> 1313551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) ChallengeCallback; 1323551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1333551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // A constructor that uses the default implementation of all dependencies 1343551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // including Delegate. 13558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) PlatformVerificationFlow(); 1363551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1373551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // An alternate constructor which specifies dependent objects explicitly. 1383551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // This is useful in testing. The caller retains ownership of all pointers. 1393551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) PlatformVerificationFlow(AttestationFlow* attestation_flow, 1403551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) cryptohome::AsyncMethodCaller* async_caller, 1413551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) CryptohomeClient* cryptohome_client, 1423551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) Delegate* delegate); 1433551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1443551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // Invokes an asynchronous operation to challenge a platform key. Any user 1453551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // interaction will be associated with |web_contents|. The |service_id| is an 1463551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // arbitrary value but it should uniquely identify the origin of the request 1473551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // and should not be determined by that origin; its purpose is to prevent 1483551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // collusion between multiple services. The |challenge| is also an arbitrary 1493551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // value but it should be time sensitive or associated to some kind of session 1503551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // because its purpose is to prevent certificate replay. The |callback| will 1513551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // be called when the operation completes. The duration of the operation can 1523551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // vary depending on system state, hardware capabilities, and interaction with 1533551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // the user. 1543551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) void ChallengePlatformKey(content::WebContents* web_contents, 1553551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const std::string& service_id, 1563551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const std::string& challenge, 1573551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const ChallengeCallback& callback); 1583551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 15958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* prefs); 16058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 1610f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void set_timeout_delay(const base::TimeDelta& timeout_delay) { 1620f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) timeout_delay_ = timeout_delay; 16358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) } 16458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 1653551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) private: 1660f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) friend class base::RefCountedThreadSafe<PlatformVerificationFlow>; 1670f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) friend class PlatformVerificationFlowTest; 1680f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 1690f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Holds the arguments of a ChallengePlatformKey call. This is convenient for 1700f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // use with base::Bind so we don't get too many arguments. 1710f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) struct ChallengeContext { 1720f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) ChallengeContext(content::WebContents* web_contents, 1730f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const std::string& service_id, 1740f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const std::string& challenge, 1750f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const ChallengeCallback& callback); 1760f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) ~ChallengeContext(); 1770f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 1780f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) content::WebContents* web_contents; 1790f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) std::string service_id; 1800f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) std::string challenge; 1810f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) ChallengeCallback callback; 1820f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) }; 1830f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 1840f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) ~PlatformVerificationFlow(); 1850f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 1863551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // Checks whether we need to prompt the user for consent before proceeding and 1870f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // invokes the consent UI if so. The arguments to ChallengePlatformKey are 1880f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // in |context| and |attestation_enrolled| specifies whether attestation has 1890f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // been enrolled for this device. 1900f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void CheckConsent(const ChallengeContext& context, 1913551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) bool attestation_enrolled); 1923551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 1930f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // A callback called when the user has given their consent response. The 1940f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // arguments to ChallengePlatformKey are in |context|. |consent_required| and 1950f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // |consent_response| indicate whether consent was required and user response, 1960f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // respectively. If the response indicates that the operation should proceed, 1970f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // this method invokes a certificate request. 1980f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void OnConsentResponse(const ChallengeContext& context, 1990f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) bool consent_required, 2003551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) ConsentResponse consent_response); 2013551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 2025d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Initiates the flow to get a platform key certificate. The arguments to 2035d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // ChallengePlatformKey are in |context|. |user_id| identifies the user for 2045d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // which to get a certificate. If |force_new_key| is true then any existing 2055d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // key for the same user and service will be ignored and a new key will be 2065d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // generated and certified. 2075d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) void GetCertificate(const ChallengeContext& context, 2085d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) const std::string& user_id, 2095d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool force_new_key); 2105d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) 2113551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // A callback called when an attestation certificate request operation 2120f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // completes. The arguments to ChallengePlatformKey are in |context|. 2130f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // |user_id| identifies the user for which the certificate was requested. 2140f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // |operation_success| is true iff the certificate request operation 2150f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // succeeded. |certificate| holds the certificate for the platform key on 2160f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // success. If the certificate request was successful, this method invokes a 2170f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // request to sign the challenge. If the operation timed out prior to this 2180f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // method being called, this method does nothing - notably, the callback is 2190f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // not invoked. 2200f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void OnCertificateReady(const ChallengeContext& context, 2210f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const std::string& user_id, 2220f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) scoped_ptr<base::Timer> timer, 2233551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) bool operation_success, 2243551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const std::string& certificate); 2253551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 2260f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // A callback run after a constant delay to handle timeouts for lengthy 2270f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // certificate requests. |context.callback| will be invoked with a TIMEOUT 2280f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // result. 2290f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void OnCertificateTimeout(const ChallengeContext& context); 2300f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 2313551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // A callback called when a challenge signing request has completed. The 2323551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // |certificate| is the platform certificate for the key which signed the 2330f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // |challenge|. The arguments to ChallengePlatformKey are in |context|. 2343551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // |operation_success| is true iff the challenge signing operation was 2353551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) // successful. If it was successful, |response_data| holds the challenge 2360f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // response and the method will invoke |context.callback|. 2370f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void OnChallengeReady(const ChallengeContext& context, 2380f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const std::string& certificate, 2393551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) bool operation_success, 2403551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) const std::string& response_data); 2413551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 24258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Checks whether policy or profile settings associated with |web_contents| 24358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // have attestation for content protection explicitly disabled. 24458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) bool IsAttestationEnabled(content::WebContents* web_contents); 24558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 24658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Updates user settings for the profile associated with |web_contents| based 24758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // on the |consent_response| to the request of type |consent_type|. 24858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) bool UpdateSettings(content::WebContents* web_contents, 24958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) ConsentResponse consent_response); 25058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 2510f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Finds the domain-specific consent pref in |content_settings| for |url|. If 2520f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // a pref exists for the domain, returns true and sets |pref_value| if it is 2530f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // not NULL. 2540f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) bool GetDomainPref(HostContentSettingsMap* content_settings, 2550f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const GURL& url, 2560f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) bool* pref_value); 2570f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 2580f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // Records the domain-specific consent pref in |content_settings| for |url|. 2590f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) // The pref will be set to |allow_domain|. 2600f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) void RecordDomainConsent(HostContentSettingsMap* content_settings, 2610f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) const GURL& url, 26258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) bool allow_domain); 26358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 2645d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) // Returns true iff |certificate| is an expired X.509 certificate. 2655d1f7b1de12d16ceb2c938c56701a3e8bfa558f7Torne (Richard Coles) bool IsExpired(const std::string& certificate); 2660f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) 2673551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) AttestationFlow* attestation_flow_; 2683551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) scoped_ptr<AttestationFlow> default_attestation_flow_; 2693551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) cryptohome::AsyncMethodCaller* async_caller_; 2703551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) CryptohomeClient* cryptohome_client_; 2713551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) Delegate* delegate_; 2723551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) scoped_ptr<Delegate> default_delegate_; 2730f1bc08d4cfcc34181b0b5cbf065c40f687bf740Torne (Richard Coles) base::TimeDelta timeout_delay_; 2743551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 2753551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(PlatformVerificationFlow); 2763551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)}; 2773551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 2783551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)} // namespace attestation 2793551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)} // namespace chromeos 2803551c9c881056c480085172ff9840cab31610854Torne (Richard Coles) 2813551c9c881056c480085172ff9840cab31610854Torne (Richard Coles)#endif // CHROME_BROWSER_CHROMEOS_ATTESTATION_PLATFORM_VERIFICATION_FLOW_H_ 282