Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / browser / chromeos / attestation / attestation_policy_observer.h
blobec595370545e1b652ccfed09318b6358c841f033
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_
6 #define CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_
8 #include <string>
10 #include "base/basictypes.h"
11 #include "base/callback.h"
12 #include "base/memory/scoped_ptr.h"
13 #include "base/memory/weak_ptr.h"
14 #include "chrome/browser/chromeos/settings/cros_settings.h"
16 namespace policy {
17 class CloudPolicyClient;
20 namespace chromeos {
22 class CrosSettings;
23 class CryptohomeClient;
25 namespace attestation {
27 class AttestationFlow;
29 // A class which observes policy changes and triggers device attestation work if
30 // necessary.
31 class AttestationPolicyObserver {
32 public:
33 // The observer immediately connects with CrosSettings to listen for policy
34 // changes. The CloudPolicyClient is used to upload the device certificate to
35 // the server if one is created in response to policy changes; it must be in
36 // the registered state. This class does not take ownership of
37 // |policy_client|.
38 explicit AttestationPolicyObserver(policy::CloudPolicyClient* policy_client);
40 // A constructor which allows custom CryptohomeClient and AttestationFlow
41 // implementations. Useful for testing.
42 AttestationPolicyObserver(policy::CloudPolicyClient* policy_client,
43 CryptohomeClient* cryptohome_client,
44 AttestationFlow* attestation_flow);
46 ~AttestationPolicyObserver();
48 // Sets the retry delay in seconds; useful in testing.
49 void set_retry_delay(int retry_delay) {
50 retry_delay_ = retry_delay;
53 private:
54 // Called when the attestation setting changes.
55 void AttestationSettingChanged();
57 // Checks attestation policy and starts any necessary work.
58 void Start();
60 // Gets a new certificate for the Enterprise Machine Key (EMK).
61 void GetNewCertificate();
63 // Gets the existing EMK certificate and sends it to CheckCertificateExpiry.
64 void GetExistingCertificate();
66 // Checks if the given certificate is expired and, if so, get a new one.
67 void CheckCertificateExpiry(const std::string& certificate);
69 // Uploads a certificate to the policy server.
70 void UploadCertificate(const std::string& certificate);
72 // Checks if a certificate has already been uploaded and, if not, upload.
73 void CheckIfUploaded(const std::string& certificate,
74 const std::string& key_payload);
76 // Gets the payload associated with the EMK and sends it to |callback|.
77 void GetKeyPayload(base::Callback<void(const std::string&)> callback);
79 // Called when a certificate upload operation completes. On success, |status|
80 // will be true.
81 void OnUploadComplete(bool status);
83 // Marks a key as uploaded in the payload proto.
84 void MarkAsUploaded(const std::string& key_payload);
86 // Reschedules a policy check (i.e. a call to Start) for a later time.
87 // TODO(dkrahn): A better solution would be to wait for a dbus signal which
88 // indicates the system is ready to process this task. See crbug.com/256845.
89 void Reschedule();
91 CrosSettings* cros_settings_;
92 policy::CloudPolicyClient* policy_client_;
93 CryptohomeClient* cryptohome_client_;
94 AttestationFlow* attestation_flow_;
95 scoped_ptr<AttestationFlow> default_attestation_flow_;
96 int num_retries_;
97 int retry_delay_;
99 scoped_ptr<CrosSettings::ObserverSubscription> attestation_subscription_;
101 // Note: This should remain the last member so it'll be destroyed and
102 // invalidate the weak pointers before any other members are destroyed.
103 base::WeakPtrFactory<AttestationPolicyObserver> weak_factory_;
105 DISALLOW_COPY_AND_ASSIGN(AttestationPolicyObserver);
108 } // namespace attestation
109 } // namespace chromeos
111 #endif // CHROME_BROWSER_CHROMEOS_ATTESTATION_ATTESTATION_POLICY_OBSERVER_H_