diff options
author | dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-27 02:32:45 +0000 |
---|---|---|
committer | dkrahn@google.com <dkrahn@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-04-27 02:32:45 +0000 |
commit | cd88f791eacd3f59a83af0fe1713db55ed03a352 (patch) | |
tree | ff230ec36e7090fbe3a17e0b544b24e51c295883 /chromeos/attestation/attestation_constants.h | |
parent | 901864c2613bf8dd4afb5c8ba0b231b47938741a (diff) | |
download | chromium_src-cd88f791eacd3f59a83af0fe1713db55ed03a352.zip chromium_src-cd88f791eacd3f59a83af0fe1713db55ed03a352.tar.gz chromium_src-cd88f791eacd3f59a83af0fe1713db55ed03a352.tar.bz2 |
Enhanced and refactored the AttestationFlow interface.
This change makes the AttestationFlow interface easier to work with.
Supported certificate profiles are explicitly defined and the clobbering
of existing keys is now optional.
All attestation constants have been consolidated in
attestation_constants.h.
BUG=chromium:219959
TEST=unit
Review URL: https://chromiumcodereview.appspot.com/14305009
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@196926 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chromeos/attestation/attestation_constants.h')
-rw-r--r-- | chromeos/attestation/attestation_constants.h | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/chromeos/attestation/attestation_constants.h b/chromeos/attestation/attestation_constants.h new file mode 100644 index 0000000..a704cfc --- /dev/null +++ b/chromeos/attestation/attestation_constants.h @@ -0,0 +1,64 @@ +// Copyright (c) 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ +#define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ + +#include "chromeos/chromeos_export.h" + +namespace chromeos { +namespace attestation { + +// Options available for customizing an attestation certificate. +enum AttestationCertificateOptions { + CERTIFICATE_OPTION_NONE = 0, + // A stable identifier is simply an identifier that is not affected by device + // state changes, including device recovery. + CERTIFICATE_INCLUDE_STABLE_ID = 1, + // Device state information contains a quoted assertion of whether the device + // is in verified mode. + CERTIFICATE_INCLUDE_DEVICE_STATE = 1 << 1, +}; + +// Key types supported by the Chrome OS attestation subsystem. +enum AttestationKeyType { + // The key will be associated with the device itself and will be available + // regardless of which user is signed-in. + KEY_DEVICE, + // The key will be associated with the current user and will only be available + // when that user is signed-in. + KEY_USER, +}; + +// Options available for customizing an attestation challenge response. +enum AttestationChallengeOptions { + CHALLENGE_OPTION_NONE = 0, + // Indicates that a SignedPublicKeyAndChallenge should be embedded in the + // challenge response. + CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1, +}; + +// Available attestation certificate profiles. +enum AttestationCertificateProfile { + // Uses the following certificate options: + // CERTIFICATE_INCLUDE_STABLE_ID + // CERTIFICATE_INCLUDE_DEVICE_STATE + PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, + // Uses the following certificate options: + // CERTIFICATE_INCLUDE_DEVICE_STATE + PROFILE_ENTERPRISE_USER_CERTIFICATE, +}; + +// A key name for the Enterprise Machine Key. This key should always be stored +// as a DEVICE_KEY. +CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[]; + +// A key name for the Enterprise User Key. This key should always be stored as +// a USER_KEY. +CHROMEOS_EXPORT extern const char kEnterpriseUserKey[]; + +} // namespace attestation +} // namespace chromeos + +#endif // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ |