Handle expired platform key certificates.

Platform keys and certificates are retained until they are manually
cleared or the account is removed from the device.  If a certificate
expires, a new key is now generated and certified as a replacement.

BUG=chromium:322683
TEST=unit

Review URL: https://codereview.chromium.org/110883010

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240622 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 12 insertions, 0 deletions

diff --git a/chrome/browser/chromeos/attestation/platform_verification_flow.h b/chrome/browser/chromeos/attestation/platform_verification_flow.h
index 0e4e169..e21c024 100644
--- a/chrome/browser/chromeos/attestation/platform_verification_flow.h
+++ b/chrome/browser/chromeos/attestation/platform_verification_flow.h
@@ -180,6 +180,15 @@ class PlatformVerificationFlow
                          bool consent_required,
                          ConsentResponse consent_response);
 
+  // Initiates the flow to get a platform key certificate.  The arguments to
+  // ChallengePlatformKey are in |context|.  |user_id| identifies the user for
+  // which to get a certificate.  If |force_new_key| is true then any existing
+  // key for the same user and service will be ignored and a new key will be
+  // generated and certified.
+  void GetCertificate(const ChallengeContext& context,
+                      const std::string& user_id,
+                      bool force_new_key);
+
   // A callback called when an attestation certificate request operation
   // completes.  The arguments to ChallengePlatformKey are in |context|.
   // |user_id| identifies the user for which the certificate was requested.
@@ -252,6 +261,9 @@ class PlatformVerificationFlow
                            const GURL& url,
                            bool allow_domain);
 
+  // Returns true iff |certificate| is an expired X.509 certificate.
+  bool IsExpired(const std::string& certificate);
+
   void set_testing_prefs(PrefService* testing_prefs) {
     testing_prefs_ = testing_prefs;
   }