diff options
| author | dkrahn@chromium.org <dkrahn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-11-01 22:51:45 +0000 |
|---|---|---|
| committer | dkrahn@chromium.org <dkrahn@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-11-01 22:51:45 +0000 |
| commit | 027188c58c7a605ed9ed995e03e2c4deb2e3e0fe (patch) | |
| tree | 6a84330d51a3f48f7efebfe7ca35b283b28029d5 /chromeos | |
| parent | 1b82aefbd6acc4e4cea6e445e0d770955dd9d021 (diff) | |
| download | chromium_src-027188c58c7a605ed9ed995e03e2c4deb2e3e0fe.zip chromium_src-027188c58c7a605ed9ed995e03e2c4deb2e3e0fe.tar.gz chromium_src-027188c58c7a605ed9ed995e03e2c4deb2e3e0fe.tar.bz2 | |
Clear content protection platform keys on Chrome OS.
When a user chooses to deauthorize content licenses we also want to
remove keys and certificates that may have been used in platform
verification for content protection.
BUG=chromium:280016
TEST=unit, manual
Review URL: https://codereview.chromium.org/50143007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@232496 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chromeos')
| -rw-r--r-- | chromeos/dbus/cryptohome_client.cc | 17 | ||||
| -rw-r--r-- | chromeos/dbus/cryptohome_client.h | 14 | ||||
| -rw-r--r-- | chromeos/dbus/fake_cryptohome_client.cc | 9 | ||||
| -rw-r--r-- | chromeos/dbus/fake_cryptohome_client.h | 5 | ||||
| -rw-r--r-- | chromeos/dbus/mock_cryptohome_client.h | 5 |
5 files changed, 50 insertions, 0 deletions
diff --git a/chromeos/dbus/cryptohome_client.cc b/chromeos/dbus/cryptohome_client.cc index 77848d3..7165aa7 100644 --- a/chromeos/dbus/cryptohome_client.cc +++ b/chromeos/dbus/cryptohome_client.cc @@ -675,6 +675,23 @@ class CryptohomeClientImpl : public CryptohomeClient { CallBoolMethod(&method_call, callback); } + // CryptohomeClient override. + virtual void TpmAttestationDeleteKeys( + attestation::AttestationKeyType key_type, + const std::string& user_id, + const std::string& key_prefix, + const BoolDBusMethodCallback& callback) OVERRIDE { + dbus::MethodCall method_call( + cryptohome::kCryptohomeInterface, + cryptohome::kCryptohomeTpmAttestationDeleteKeys); + dbus::MessageWriter writer(&method_call); + bool is_user_specific = (key_type == attestation::KEY_USER); + writer.AppendBool(is_user_specific); + writer.AppendString(user_id); + writer.AppendString(key_prefix); + CallBoolMethod(&method_call, callback); + } + protected: virtual void Init(dbus::Bus* bus) OVERRIDE { proxy_ = bus->GetObjectProxy( diff --git a/chromeos/dbus/cryptohome_client.h b/chromeos/dbus/cryptohome_client.h index 87457a7..2fcb975 100644 --- a/chromeos/dbus/cryptohome_client.h +++ b/chromeos/dbus/cryptohome_client.h @@ -413,6 +413,20 @@ class CHROMEOS_EXPORT CryptohomeClient : public DBusClient { const std::string& payload, const BoolDBusMethodCallback& callback) = 0; + // Deletes certified keys as specified by |key_type| and |key_prefix|. The + // |callback| will be called when the operation completes. If the operation + // succeeds, the callback |result| parameter will be true. If |key_type| is + // KEY_USER, a |user_id| must be provided. Otherwise |user_id| is ignored. + // For normal GAIA users the |user_id| is a canonical email address. All keys + // where the key name has a prefix matching |key_prefix| will be deleted. All + // meta-data associated with the key, including certificates, will also be + // deleted. + virtual void TpmAttestationDeleteKeys( + attestation::AttestationKeyType key_type, + const std::string& user_id, + const std::string& key_prefix, + const BoolDBusMethodCallback& callback) = 0; + protected: // Create() should be used instead. CryptohomeClient(); diff --git a/chromeos/dbus/fake_cryptohome_client.cc b/chromeos/dbus/fake_cryptohome_client.cc index 50ae793..c1baba0 100644 --- a/chromeos/dbus/fake_cryptohome_client.cc +++ b/chromeos/dbus/fake_cryptohome_client.cc @@ -382,6 +382,15 @@ void FakeCryptohomeClient::TpmAttestationSetKeyPayload( FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false)); } +void FakeCryptohomeClient::TpmAttestationDeleteKeys( + attestation::AttestationKeyType key_type, + const std::string& user_id, + const std::string& key_prefix, + const BoolDBusMethodCallback& callback) { + base::MessageLoop::current()->PostTask( + FROM_HERE, base::Bind(callback, DBUS_METHOD_CALL_SUCCESS, false)); +} + void FakeCryptohomeClient::SetServiceIsAvailable(bool is_available) { service_is_available_ = is_available; if (is_available) { diff --git a/chromeos/dbus/fake_cryptohome_client.h b/chromeos/dbus/fake_cryptohome_client.h index fd482b9..41b129d 100644 --- a/chromeos/dbus/fake_cryptohome_client.h +++ b/chromeos/dbus/fake_cryptohome_client.h @@ -152,6 +152,11 @@ class CHROMEOS_EXPORT FakeCryptohomeClient : public CryptohomeClient { const std::string& key_name, const std::string& payload, const BoolDBusMethodCallback& callback) OVERRIDE; + virtual void TpmAttestationDeleteKeys( + attestation::AttestationKeyType key_type, + const std::string& user_id, + const std::string& key_prefix, + const BoolDBusMethodCallback& callback) OVERRIDE; // Changes the behavior of WaitForServiceToBeAvailable(). This method runs // pending callbacks if is_available is true. diff --git a/chromeos/dbus/mock_cryptohome_client.h b/chromeos/dbus/mock_cryptohome_client.h index c8232da..6767923 100644 --- a/chromeos/dbus/mock_cryptohome_client.h +++ b/chromeos/dbus/mock_cryptohome_client.h @@ -156,6 +156,11 @@ class MockCryptohomeClient : public CryptohomeClient { const std::string& key_name, const std::string& payload, const BoolDBusMethodCallback& callback)); + MOCK_METHOD4(TpmAttestationDeleteKeys, + void(attestation::AttestationKeyType key_type, + const std::string& user_id, + const std::string& key_prefix, + const BoolDBusMethodCallback& callback)); }; } // namespace chromeos |