chromeos/cryptohome/cryptohome_parameters.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
   6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/basictypes.h"
  12 #include "chromeos/chromeos_export.h"
  13
  14 namespace cryptohome {
  15
  16 enum AuthKeyPrivileges {
  17   PRIV_MOUNT = 1 << 0,              // Can mount with this key.
  18   PRIV_ADD = 1 << 1,                // Can add new keys.
  19   PRIV_REMOVE = 1 << 2,             // Can remove other keys.
  20   PRIV_MIGRATE = 1 << 3,            // Destroy all keys and replace with new.
  21   PRIV_AUTHORIZED_UPDATE = 1 << 4,  // Key can be updated in place.
  22   PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
  23 };
  24
  25 // Identification of the user calling cryptohome method.
  26 struct CHROMEOS_EXPORT Identification {
  27   explicit Identification(const std::string& user_id);
  28
  29   bool operator==(const Identification& other) const;
  30
  31   std::string user_id;
  32 };
  33
  34 // Definition of the key (e.g. password) for the cryptohome.
  35 // It contains authorization data along with extra parameters like perimissions
  36 // associated with this key.
  37 struct CHROMEOS_EXPORT KeyDefinition {
  38   KeyDefinition(const std::string& key,
  39                 const std::string& label,
  40                 int /*AuthKeyPrivileges*/ privileges);
  41   ~KeyDefinition();
  42
  43   bool operator==(const KeyDefinition& other) const;
  44
  45   std::string label;
  46
  47   int revision;
  48   std::string key;
  49
  50   std::string encryption_key;
  51   std::string signature_key;
  52   // Privileges associated with key. Combination of |AuthKeyPrivileges| values.
  53   int privileges;
  54 };
  55
  56 // Authorization attempt data for user.
  57 struct CHROMEOS_EXPORT Authorization {
  58   Authorization(const std::string& key, const std::string& label);
  59   explicit Authorization(const KeyDefinition& key);
  60
  61   bool operator==(const Authorization& other) const;
  62
  63   std::string key;
  64   std::string label;
  65 };
  66
  67 // Parameters for Mount call.
  68 class CHROMEOS_EXPORT MountParameters {
  69  public:
  70   explicit MountParameters(bool ephemeral);
  71   ~MountParameters();
  72
  73   bool operator==(const MountParameters& other) const;
  74
  75   // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the
  76   // ephemeral users policy decides whether tmpfs or an encrypted directory is
  77   // used as the backend.
  78   bool ephemeral;
  79
  80   // If not empty, home dir will be created with these keys if it exist.
  81   std::vector<KeyDefinition> create_keys;
  82 };
  83
  84 }  // namespace cryptohome
  85
  86 #endif  // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_