chromeos/cryptohome/cryptohome_parameters.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
   6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/basictypes.h"
  12 #include "chromeos/chromeos_export.h"
  13
  14 namespace cryptohome {
  15
  16 enum AuthKeyPrivileges {
  17   PRIV_MOUNT = 1 << 0,              // Can mount with this key.
  18   PRIV_ADD = 1 << 1,                // Can add new keys.
  19   PRIV_REMOVE = 1 << 2,             // Can remove other keys.
  20   PRIV_MIGRATE = 1 << 3,            // Destroy all keys and replace with new.
  21   PRIV_AUTHORIZED_UPDATE = 1 << 4,  // Key can be updated in place.
  22   PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
  23 };
  24
  25 // Identification of the user calling cryptohome method.
  26 struct CHROMEOS_EXPORT Identification {
  27   explicit Identification(const std::string& user_id) : user_id(user_id) {}
  28   std::string user_id;
  29 };
  30
  31 // Definition of the key (e.g. password) for the cryptohome.
  32 // It contains authorization data along with extra parameters like perimissions
  33 // associated with this key.
  34 struct CHROMEOS_EXPORT KeyDefinition {
  35   KeyDefinition(const std::string& key,
  36                 const std::string& label,
  37                 int /*AuthKeyPrivileges*/ privileges);
  38   ~KeyDefinition();
  39   std::string label;
  40
  41   int revision;
  42   std::string key;
  43
  44   std::string encryption_key;
  45   std::string signature_key;
  46   // Privileges associated with key. Combination of |AuthKeyPrivileges| values.
  47   int privileges;
  48 };
  49
  50 // Authorization attempt data for user.
  51 struct CHROMEOS_EXPORT Authorization {
  52   Authorization(const std::string& key, const std::string& label);
  53   explicit Authorization(const KeyDefinition& key);
  54   std::string key;
  55   std::string label;
  56 };
  57
  58 // Parameters for Mount call.
  59 class CHROMEOS_EXPORT MountParameters {
  60  public:
  61   explicit MountParameters(bool ephemeral);
  62   ~MountParameters();
  63
  64   // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the
  65   // ephemeral users policy decides whether tmpfs or an encrypted directory is
  66   // used as the backend.
  67   bool ephemeral;
  68
  69   // If not empty, home dir will be created with these keys if it exist.
  70   std::vector<KeyDefinition> create_keys;
  71 };
  72
  73 }  // namespace cryptohome
  74
  75 #endif  // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_