chrome/browser/chromeos/login/easy_unlock/easy_unlock_tpm_key_manager.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER_H_
   6 #define CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/callback.h"
  12 #include "base/macros.h"
  13 #include "base/memory/weak_ptr.h"
  14 #include "components/keyed_service/core/keyed_service.h"
  15 #include "crypto/scoped_nss_types.h"
  16
  17 class PrefRegistrySimple;
  18 class PrefService;
  19
  20 // Manages per user RSA keys stored in system TPM slot used in easy signin
  21 // protocol. The keys are used to sign a nonce exchanged during signin.
  22 class EasyUnlockTpmKeyManager : public KeyedService {
  23  public:
  24   // Registers local state prefs used to store public RSA keys per user.
  25   static void RegisterLocalStatePrefs(PrefRegistrySimple* registry);
  26
  27   // Clears local state for user. Should be called when a user is removed.
  28   static void ResetLocalStateForUser(const std::string& user_id);
  29
  30   // |user_id|: Id for the user associated with the service. Empty for sign-in
  31   //     service.
  32   // |username_hash|: Username hash for the user associated with the service.
  33   //     Empty for sign-in service.
  34   // |local_state|: The local state prefs.
  35   EasyUnlockTpmKeyManager(const std::string& user_id,
  36                           const std::string& username_hash,
  37                           PrefService* local_state);
  38   ~EasyUnlockTpmKeyManager() override;
  39
  40   // Checks if the RSA public key is set in the local state. If not, creates
  41   // one. If the key presence can be confirmed, immediately returns true and
  42   // |callback| never gets called, otherwise returns false (callback is called
  43   // when the key presence is confirmed).
  44   // Must not be called for signin profile.
  45   // |check_private_key|: If public RSA key is set in the local state, whether
  46   //     the method should confirm that the private key is present in the system
  47   //     slot. If the private key cannot be found, a new key pair will be
  48   //     created for the user.
  49   //     Note: Checking TPM for the private key is more expensive than only
  50   //     checking local state, so setting this to |false| should be preferable.
  51   //     Generally, if public key is set in local state, the private key should
  52   //     be present in the system TPM slot. This is used to make sure that easy
  53   //     signin does not remain permanently broken if something goes wrong.
  54   // |callback|: If the method cannot return immediately, called when the key
  55   //     pair presence is confirmed (or a key pair for the user is created).
  56   bool PrepareTpmKey(bool check_private_key,
  57                      const base::Closure& callback);
  58
  59   // If called, posts a delayed task that cancels |PrepareTpmKey| and all other
  60   // started timeouts in case getting system slot takes more than |timeout_ms|.
  61   // In the case getting system slot times out, |PrepareTpmKey| callback will
  62   // be called with an empty public key.
  63   // Must be called after |PrepareTpmKey| to have the intended effect.
  64   bool StartGetSystemSlotTimeoutMs(size_t timeout_ms);
  65
  66   // Gets the public RSA key for user. The key is retrieved from local state.
  67   std::string GetPublicTpmKey(const std::string& user_id);
  68
  69   // Signs |data| using private RSA key associated with |user_id| stored in TPM
  70   // system slot.
  71   void SignUsingTpmKey(
  72       const std::string& user_id,
  73       const std::string& data,
  74       const base::Callback<void(const std::string& data)> callback);
  75
  76   bool StartedCreatingTpmKeys() const;
  77
  78  private:
  79   enum CreateTpmKeyState {
  80     CREATE_TPM_KEY_NOT_STARTED,
  81     CREATE_TPM_KEY_WAITING_FOR_USER_SLOT,
  82     CREATE_TPM_KEY_WAITING_FOR_SYSTEM_SLOT,
  83     CREATE_TPM_KEY_GOT_SYSTEM_SLOT,
  84     CREATE_TPM_KEY_DONE
  85   };
  86
  87   // Utility method for setting public key values in local state.
  88   // Note that the keys are saved base64 encoded.
  89   void SetKeyInLocalState(const std::string& user_id,
  90                           const std::string& value);
  91
  92   // Called when TPM system slot is initialized and ready to be used.
  93   // It creates RSA key pair for the user in the system slot.
  94   // When the key pair is created, |OnTpmKeyCreated| will be called with the
  95   // created public key.
  96   // The key will not be created if |public_key| is non-empty and the associated
  97   // private key can be found in the slot. Instead |OnTpmKeyCreated| will be
  98   // called with |public_key|.
  99   void CreateKeyInSystemSlot(const std::string& public_key,
 100                              crypto::ScopedPK11Slot system_slot);
 101
 102   // Called when user TPM token initialization is done. After this happens,
 103   // |this| may proceed with creating a user-specific TPM key for easy sign-in.
 104   // Note that this is done solely to ensure user TPM initialization, which is
 105   // done on IO thread, is not blocked by creating TPM keys in system slot.
 106   void OnUserTPMInitialized(const std::string& public_key);
 107
 108   // Called when TPM system slot is initialized and ready to be used.
 109   // It schedules data signing operation on a worker thread. The data is signed
 110   // by a private key stored in |system_slot| and identified by |public_key|
 111   // (a private key that is part of the same RSA key pair as |public_key|).
 112   // Once data is signed |callback| is called with the signed data.
 113   void SignDataWithSystemSlot(
 114       const std::string& public_key,
 115       const std::string& data,
 116       const base::Callback<void(const std::string& data)> callback,
 117       crypto::ScopedPK11Slot system_slot);
 118
 119   // Called when a RSA key pair is created for a user in TPM system slot.
 120   // It saves the pulic key in the local state and runs queued up
 121   // |PrepareTpmKey| callbacks.
 122   void OnTpmKeyCreated(const std::string& public_key);
 123
 124   // Called when data signing requested in |SignUsingTpmKey| is done.
 125   // It runs |callback| with the created |signature|. On error the callback will
 126   // be run with an empty string.
 127   void OnDataSigned(
 128       const base::Callback<void(const std::string&)>& callback,
 129       const std::string& signature);
 130
 131   std::string user_id_;
 132   std::string username_hash_;
 133
 134   PrefService* local_state_;
 135
 136   // The current TPM key creation state. If key creation is in progress,
 137   // callbacks for further |PrepareTpmKey| will be queued up and run when the
 138   // key is created. All queued callbacks will be run with the same key value.
 139   CreateTpmKeyState create_tpm_key_state_;
 140
 141   // Queued up |PrepareTpmKey| callbacks.
 142   std::vector<base::Closure> prepare_tpm_key_callbacks_;
 143
 144   base::WeakPtrFactory<EasyUnlockTpmKeyManager> get_tpm_slot_weak_ptr_factory_;
 145   base::WeakPtrFactory<EasyUnlockTpmKeyManager> weak_ptr_factory_;
 146
 147   DISALLOW_COPY_AND_ASSIGN(EasyUnlockTpmKeyManager);
 148 };
 149
 150 #endif  // CHROME_BROWSER_CHROMEOS_LOGIN_EASY_UNLOCK_EASY_UNLOCK_TPM_KEY_MANAGER_H_