1// Copyright 2014 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
6#define CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
7
8#include <string>
9#include <vector>
10
11#include "base/basictypes.h"
12#include "base/callback_forward.h"
13#include "chromeos/chromeos_export.h"
14#include "chromeos/cryptohome/cryptohome_parameters.h"
15#include "chromeos/dbus/cryptohome_client.h"
16#include "third_party/cros_system_api/dbus/service_constants.h"
17
18namespace cryptohome {
19
20// This class manages calls to Cryptohome service's home directory methods:
21// Mount, CheckKey, Add/UpdateKey.
22class CHROMEOS_EXPORT HomedirMethods {
23 public:
24  // Callbacks that are called back on the UI thread when the results of the
25  // respective method calls are ready.
26  typedef base::Callback<void(bool success, MountError return_code)> Callback;
27  typedef base::Callback<void(
28      bool success,
29      MountError return_code,
30      const std::vector<KeyDefinition>& key_definitions)> GetKeyDataCallback;
31  typedef base::Callback<
32      void(bool success, MountError return_code, const std::string& mount_hash)>
33      MountCallback;
34
35  virtual ~HomedirMethods() {}
36
37  // Asks cryptohomed to return data about the key identified by |label| for the
38  // user identified by |id|. At present, this does not return any secret
39  // information and the request does not need to be authenticated.
40  virtual void GetKeyDataEx(const Identification& id,
41                            const std::string& label,
42                            const GetKeyDataCallback& callback) = 0;
43
44  // Asks cryptohomed to attempt authorization for user identified by |id| using
45  // |auth|. This can be used to unlock a user session.
46  virtual void CheckKeyEx(const Identification& id,
47                          const Authorization& auth,
48                          const Callback& callback) = 0;
49
50  // Asks cryptohomed to find the cryptohome for user identified by |id| and
51  // then mount it using |auth| to unlock the key.
52  // If the |create_keys| are not given and no cryptohome exists for |id|,
53  // the expected result is
54  // callback.Run(false, kCryptohomeMountErrorUserDoesNotExist, string()).
55  // Otherwise, the normal range of return codes is expected.
56  virtual void MountEx(const Identification& id,
57                       const Authorization& auth,
58                       const MountParameters& request,
59                       const MountCallback& callback) = 0;
60
61  // Asks cryptohomed to try to add another |key| for user identified by |id|
62  // using |auth| to unlock the key.
63  // |clobber_if_exist| governs action if key with same label already exists for
64  // this user. if |true| old key will be replaced, if  |false| old key will be
65  // preserved.
66  // Key used in |auth| should have PRIV_ADD privilege.
67  // |callback| will be called with status info on completion.
68  virtual void AddKeyEx(const Identification& id,
69                        const Authorization& auth,
70                        const KeyDefinition& key,
71                        bool clobber_if_exist,
72                        const Callback& callback) = 0;
73
74  // Asks cryptohomed to update |key| for user identified by |id| using |auth|
75  // to unlock the key.
76  // Label for |auth| and |key| have to be the same.
77  // Key used in |auth| should have PRIV_AUTHORIZED_UPDATE privilege.
78  // |signature| is used by cryptohome to verify the authentity of new key.
79  // |callback| will be called with status info on completion.
80  virtual void UpdateKeyEx(const Identification& id,
81                           const Authorization& auth,
82                           const KeyDefinition& key,
83                           const std::string& signature,
84                           const Callback& callback) = 0;
85
86  // Asks cryptohomed to remove specific key labeled with |label| for user
87  // identified by |id| using |auth|.
88  virtual void RemoveKeyEx(const Identification& id,
89                           const Authorization& auth,
90                           const std::string& label,
91                           const Callback& callback) = 0;
92
93  // Creates the global HomedirMethods instance.
94  static void Initialize();
95
96  // Similar to Initialize(), but can inject an alternative
97  // HomedirMethods such as MockHomedirMethods for testing.
98  // The injected object will be owned by the internal pointer and deleted
99  // by Shutdown().
100  static void InitializeForTesting(HomedirMethods* homedir_methods);
101
102  // Destroys the global HomedirMethods instance if it exists.
103  static void Shutdown();
104
105  // Returns a pointer to the global HomedirMethods instance.
106  // Initialize() should already have been called.
107  static HomedirMethods* GetInstance();
108};
109
110}  // namespace cryptohome
111
112#endif  // CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
113