Roll src/third_party/skia 7b05ff1:dab1f60
[chromium-blink-merge.git] / chromeos / cryptohome / async_method_caller.h
blob7f1660e4883cd8d22075283c94ffa41f1778327b
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_
6 #define CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_
8 #include <string>
10 #include "base/basictypes.h"
11 #include "base/callback_forward.h"
12 #include "chromeos/attestation/attestation_constants.h"
13 #include "chromeos/chromeos_export.h"
14 #include "chromeos/dbus/cryptohome_client.h"
15 #include "third_party/cros_system_api/dbus/service_constants.h"
17 namespace cryptohome {
19 // Note: This file is placed in ::cryptohome instead of ::chromeos::cryptohome
20 // since there is already a namespace ::cryptohome which holds the error code
21 // enum (MountError) and referencing ::chromeos::cryptohome and ::cryptohome
22 // within the same code is confusing.
24 // Flags for the AsyncMount method.
25 enum MountFlags {
26 MOUNT_FLAGS_NONE = 0, // Used to explicitly denote that no flags are
27 // set.
28 CREATE_IF_MISSING = 1, // Create a cryptohome if it does not exist yet.
29 ENSURE_EPHEMERAL = 1 << 1, // Ensure that the mount is ephemeral.
32 // This class manages calls to Cryptohome service's 'async' methods.
33 class CHROMEOS_EXPORT AsyncMethodCaller {
34 public:
35 // A callback type which is called back on the UI thread when the results of
36 // method calls are ready.
37 typedef base::Callback<void(bool success, MountError return_code)> Callback;
38 typedef base::Callback<void(bool success, const std::string& data)>
39 DataCallback;
41 virtual ~AsyncMethodCaller() {}
43 // Asks cryptohomed to asynchronously try to find the cryptohome for
44 // |user_email| and then use |passhash| to unlock the key.
45 // |callback| will be called with status info on completion.
46 virtual void AsyncCheckKey(const std::string& user_email,
47 const std::string& passhash,
48 Callback callback) = 0;
50 // Asks cryptohomed to asynchronously try to find the cryptohome for
51 // |user_email| and then change from using |old_hash| to lock the
52 // key to using |new_hash|.
53 // |callback| will be called with status info on completion.
54 virtual void AsyncMigrateKey(const std::string& user_email,
55 const std::string& old_hash,
56 const std::string& new_hash,
57 Callback callback) = 0;
59 // Asks cryptohomed to asynchronously try to find the cryptohome for
60 // |user_email| and then mount it using |passhash| to unlock the key.
61 // The |flags| are a combination of |MountFlags|:
62 // * CREATE_IF_MISSING Controls whether or not cryptohomed is asked to create
63 // a new cryptohome if one does not exist yet for
64 // |user_email|.
65 // * ENSURE_EPHEMERAL If |true|, the mounted cryptohome will be backed by
66 // tmpfs. If |false|, the ephemeral users policy decides
67 // whether tmpfs or an encrypted directory is used as the
68 // backend.
69 // |callback| will be called with status info on completion.
70 // If the |CREATE_IF_MISSING| flag is not given and no cryptohome exists
71 // for |user_email|, the expected result is
72 // callback.Run(false, kCryptohomeMountErrorUserDoesNotExist). Otherwise,
73 // the normal range of return codes is expected.
74 virtual void AsyncMount(const std::string& user_email,
75 const std::string& passhash,
76 int flags,
77 Callback callback) = 0;
79 // Asks cryptohomed to asynchronously try to add another |new_passhash| for
80 // |user_email| using |passhash| to unlock the key.
81 // |callback| will be called with status info on completion.
82 virtual void AsyncAddKey(const std::string& user_email,
83 const std::string& passhash,
84 const std::string& new_passhash,
85 Callback callback) = 0;
87 // Asks cryptohomed to asynchronously to mount a tmpfs for guest mode.
88 // |callback| will be called with status info on completion.
89 virtual void AsyncMountGuest(Callback callback) = 0;
91 // Asks cryptohomed to asynchrounously try to find the cryptohome for
92 // |public_mount_id| and then mount it using a passhash derived from
93 // |public_mount_id| and a secret. See AsyncMount for possible values for
94 // |flags|.
95 virtual void AsyncMountPublic(const std::string& public_mount_id,
96 int flags,
97 Callback callback) = 0;
99 // Asks cryptohomed to asynchronously try to find the cryptohome for
100 // |user_email| and then nuke it.
101 virtual void AsyncRemove(const std::string& user_email,
102 Callback callback) = 0;
104 // Asks cryptohomed to asynchronously create an attestation enrollment
105 // request. On success the data sent to |callback| is a request to be sent
106 // to the Privacy CA of type |pca_type|.
107 virtual void AsyncTpmAttestationCreateEnrollRequest(
108 chromeos::attestation::PrivacyCAType pca_type,
109 const DataCallback& callback) = 0;
111 // Asks cryptohomed to asynchronously finish an attestation enrollment.
112 // |pca_response| is the response to the enrollment request emitted by the
113 // Privacy CA of type |pca_type|.
114 virtual void AsyncTpmAttestationEnroll(
115 chromeos::attestation::PrivacyCAType pca_type,
116 const std::string& pca_response,
117 const Callback& callback) = 0;
119 // Asks cryptohomed to asynchronously create an attestation certificate
120 // request according to |certificate_profile|. Some profiles require that the
121 // |user_id| of the currently active user and an identifier of the
122 // |request_origin| be provided. On success the data sent to |callback| is a
123 // request to be sent to the Privacy CA of type |pca_type|. The
124 // |request_origin| may be sent to the Privacy CA but the |user_id| will never
125 // be sent.
126 virtual void AsyncTpmAttestationCreateCertRequest(
127 chromeos::attestation::PrivacyCAType pca_type,
128 chromeos::attestation::AttestationCertificateProfile certificate_profile,
129 const std::string& user_id,
130 const std::string& request_origin,
131 const DataCallback& callback) = 0;
133 // Asks cryptohomed to asynchronously finish an attestation certificate
134 // request. On success the data sent to |callback| is a certificate chain
135 // in PEM format. |pca_response| is the response to the certificate request
136 // emitted by the Privacy CA. |key_type| determines whether the certified key
137 // is to be associated with the current user. |key_name| is a name for the
138 // key. If |key_type| is KEY_USER, a |user_id| must be provided. Otherwise
139 // |user_id| is ignored. For normal GAIA users the |user_id| is a canonical
140 // email address.
141 virtual void AsyncTpmAttestationFinishCertRequest(
142 const std::string& pca_response,
143 chromeos::attestation::AttestationKeyType key_type,
144 const std::string& user_id,
145 const std::string& key_name,
146 const DataCallback& callback) = 0;
148 // Asks cryptohomed to asynchronously register the attestation key specified
149 // by |key_type| and |key_name|. If |key_type| is KEY_USER, a |user_id| must
150 // be provided. Otherwise |user_id| is ignored. For normal GAIA users the
151 // |user_id| is a canonical email address.
152 virtual void TpmAttestationRegisterKey(
153 chromeos::attestation::AttestationKeyType key_type,
154 const std::string& user_id,
155 const std::string& key_name,
156 const Callback& callback) = 0;
158 // Asks cryptohomed to asynchronously sign an enterprise challenge with the
159 // key specified by |key_type| and |key_name|. The |domain| and |device_id|
160 // parameters will be included in the challenge response. |challenge| must be
161 // a valid enterprise challenge. On success, the data sent to |callback| is
162 // the challenge response. If |key_type| is KEY_USER, a |user_id| must be
163 // provided. Otherwise |user_id| is ignored. For normal GAIA users the
164 // |user_id| is a canonical email address.
165 virtual void TpmAttestationSignEnterpriseChallenge(
166 chromeos::attestation::AttestationKeyType key_type,
167 const std::string& user_id,
168 const std::string& key_name,
169 const std::string& domain,
170 const std::string& device_id,
171 chromeos::attestation::AttestationChallengeOptions options,
172 const std::string& challenge,
173 const DataCallback& callback) = 0;
175 // Asks cryptohomed to asynchronously sign a simple challenge with the key
176 // specified by |key_type| and |key_name|. |challenge| can be any arbitrary
177 // set of bytes. On success, the data sent to |callback| is the challenge
178 // response. If |key_type| is KEY_USER, a |user_id| must be provided.
179 // Otherwise |user_id| is ignored. For normal GAIA users the |user_id| is a
180 // canonical email address.
181 virtual void TpmAttestationSignSimpleChallenge(
182 chromeos::attestation::AttestationKeyType key_type,
183 const std::string& user_id,
184 const std::string& key_name,
185 const std::string& challenge,
186 const DataCallback& callback) = 0;
188 // Asks cryptohome to asynchronously retrieve a string associated with given
189 // |user| that would be used in mount path instead of |user|.
190 // On success the data is sent to |callback|.
191 virtual void AsyncGetSanitizedUsername(
192 const std::string& user,
193 const DataCallback& callback) = 0;
195 // Creates the global AsyncMethodCaller instance.
196 static void Initialize();
198 // Similar to Initialize(), but can inject an alternative
199 // AsyncMethodCaller such as MockAsyncMethodCaller for testing.
200 // The injected object will be owned by the internal pointer and deleted
201 // by Shutdown().
202 static void InitializeForTesting(AsyncMethodCaller* async_method_caller);
204 // Destroys the global AsyncMethodCaller instance if it exists.
205 static void Shutdown();
207 // Returns a pointer to the global AsyncMethodCaller instance.
208 // Initialize() should already have been called.
209 static AsyncMethodCaller* GetInstance();
212 } // namespace cryptohome
214 #endif // CHROMEOS_CRYPTOHOME_ASYNC_METHOD_CALLER_H_