diff options
| -rw-r--r-- | chromeos/attestation/attestation_constants.h | 5 | ||||
| -rw-r--r-- | chromeos/attestation/attestation_flow.cc | 19 | ||||
| -rw-r--r-- | chromeos/attestation/attestation_flow.h | 3 | ||||
| -rw-r--r-- | chromeos/attestation/attestation_flow_unittest.cc | 76 | ||||
| -rw-r--r-- | chromeos/attestation/mock_attestation_flow.cc | 5 | ||||
| -rw-r--r-- | chromeos/attestation/mock_attestation_flow.h | 1 | ||||
| -rw-r--r-- | chromeos/cryptohome/async_method_caller.cc | 13 | ||||
| -rw-r--r-- | chromeos/cryptohome/async_method_caller.h | 17 | ||||
| -rw-r--r-- | chromeos/cryptohome/mock_async_method_caller.cc | 12 | ||||
| -rw-r--r-- | chromeos/cryptohome/mock_async_method_caller.h | 16 | ||||
| -rw-r--r-- | chromeos/dbus/cryptohome_client.cc | 13 | ||||
| -rw-r--r-- | chromeos/dbus/cryptohome_client.h | 16 | ||||
| -rw-r--r-- | chromeos/dbus/fake_cryptohome_client.cc | 3 | ||||
| -rw-r--r-- | chromeos/dbus/fake_cryptohome_client.h | 3 | ||||
| -rw-r--r-- | chromeos/dbus/mock_cryptohome_client.h | 15 |
15 files changed, 162 insertions, 55 deletions
diff --git a/chromeos/attestation/attestation_constants.h b/chromeos/attestation/attestation_constants.h index 1429004..de55998 100644 --- a/chromeos/attestation/attestation_constants.h +++ b/chromeos/attestation/attestation_constants.h @@ -41,6 +41,11 @@ enum AttestationCertificateProfile { PROFILE_CONTENT_PROTECTION_CERTIFICATE, }; +enum PrivacyCAType { + DEFAULT_PCA, // The Google-operated Privacy CA. + ALTERNATE_PCA, // An alternate Privacy CA specified by enterprise policy. +}; + // A key name for the Enterprise Machine Key. This key should always be stored // as a DEVICE_KEY. CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[]; diff --git a/chromeos/attestation/attestation_flow.cc b/chromeos/attestation/attestation_flow.cc index 5021ddf..7cfdc87 100644 --- a/chromeos/attestation/attestation_flow.cc +++ b/chromeos/attestation/attestation_flow.cc @@ -125,11 +125,12 @@ void AttestationFlow::GetCertificate( void AttestationFlow::StartEnroll(const base::Closure& on_failure, const base::Closure& next_task) { // Get the attestation service to create a Privacy CA enrollment request. - async_caller_->AsyncTpmAttestationCreateEnrollRequest(base::Bind( - &AttestationFlow::SendEnrollRequestToPCA, - weak_factory_.GetWeakPtr(), - on_failure, - next_task)); + async_caller_->AsyncTpmAttestationCreateEnrollRequest( + server_proxy_->GetType(), + base::Bind(&AttestationFlow::SendEnrollRequestToPCA, + weak_factory_.GetWeakPtr(), + on_failure, + next_task)); } void AttestationFlow::SendEnrollRequestToPCA(const base::Closure& on_failure, @@ -166,6 +167,7 @@ void AttestationFlow::SendEnrollResponseToDaemon( // Forward the response to the attestation service to complete enrollment. async_caller_->AsyncTpmAttestationEnroll( + server_proxy_->GetType(), data, base::Bind(&AttestationFlow::OnEnrollComplete, weak_factory_.GetWeakPtr(), @@ -201,6 +203,7 @@ void AttestationFlow::StartCertificateRequest( if (generate_new_key) { // Get the attestation service to create a Privacy CA certificate request. async_caller_->AsyncTpmAttestationCreateCertRequest( + server_proxy_->GetType(), certificate_profile, user_id, request_origin, @@ -299,5 +302,11 @@ void AttestationFlow::GetExistingCertificate( base::Bind(&DBusDataMethodCallback, callback)); } +ServerProxy::~ServerProxy() {} + +PrivacyCAType ServerProxy::GetType() { + return DEFAULT_PCA; +} + } // namespace attestation } // namespace chromeos diff --git a/chromeos/attestation/attestation_flow.h b/chromeos/attestation/attestation_flow.h index 3c846db..a6c6cd2 100644 --- a/chromeos/attestation/attestation_flow.h +++ b/chromeos/attestation/attestation_flow.h @@ -33,11 +33,12 @@ class CHROMEOS_EXPORT ServerProxy { public: typedef base::Callback<void(bool success, const std::string& data)> DataCallback; - virtual ~ServerProxy() {} + virtual ~ServerProxy(); virtual void SendEnrollRequest(const std::string& request, const DataCallback& on_response) = 0; virtual void SendCertificateRequest(const std::string& request, const DataCallback& on_response) = 0; + virtual PrivacyCAType GetType(); }; // Implements the message flow for Chrome OS attestation tasks. Generally this diff --git a/chromeos/attestation/attestation_flow_unittest.cc b/chromeos/attestation/attestation_flow_unittest.cc index 3597517..578393b 100644 --- a/chromeos/attestation/attestation_flow_unittest.cc +++ b/chromeos/attestation/attestation_flow_unittest.cc @@ -12,7 +12,11 @@ #include "testing/gtest/include/gtest/gtest.h" using testing::_; +using testing::AtLeast; +using testing::DoDefault; using testing::Invoke; +using testing::NiceMock; +using testing::Return; using testing::Sequence; using testing::StrictMock; using testing::WithArgs; @@ -79,12 +83,13 @@ TEST_F(AttestationFlowTest, GetCertificate) { // Use StrictMock when we want to verify invocation frequency. StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) + EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) .Times(1) .InSequence(flow_order); scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(true); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendEnrollRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, _)).Times(1) @@ -93,13 +98,15 @@ TEST_F(AttestationFlowTest, GetCertificate) { std::string fake_enroll_response = cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; fake_enroll_response += "_response"; - EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _)) + EXPECT_CALL(async_caller, + AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) .Times(1) .InSequence(flow_order); EXPECT_CALL( async_caller, - AsyncTpmAttestationCreateCertRequest(PROFILE_ENTERPRISE_USER_CERTIFICATE, + AsyncTpmAttestationCreateCertRequest(_, + PROFILE_ENTERPRISE_USER_CERTIFICATE, "fake@test.com", "fake_origin", _)) .Times(1) .InSequence(flow_order); @@ -141,7 +148,7 @@ TEST_F(AttestationFlowTest, GetCertificate) { TEST_F(AttestationFlowTest, GetCertificate_NoEK) { StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) + EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) .Times(1); chromeos::MockCryptohomeClient client; @@ -150,6 +157,7 @@ TEST_F(AttestationFlowTest, GetCertificate_NoEK) { // We're not expecting any server calls in this case; StrictMock will verify. scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); StrictMock<MockObserver> observer; EXPECT_CALL(observer, MockCertificateCallback(false, "")) @@ -168,7 +176,7 @@ TEST_F(AttestationFlowTest, GetCertificate_NoEK) { TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) + EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) .Times(1); chromeos::MockCryptohomeClient client; @@ -177,6 +185,7 @@ TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(false); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendEnrollRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, _)).Times(1); @@ -198,13 +207,14 @@ TEST_F(AttestationFlowTest, GetCertificate_EKRejected) { TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { StrictMock<cryptohome::MockAsyncMethodCaller> async_caller; async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); - EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_)) + EXPECT_CALL(async_caller, AsyncTpmAttestationCreateEnrollRequest(_, _)) .Times(1); std::string fake_enroll_response = cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest; fake_enroll_response += "_response"; - EXPECT_CALL(async_caller, AsyncTpmAttestationEnroll(fake_enroll_response, _)) - .WillOnce(WithArgs<1>(Invoke(AsyncCallbackFalse))); + EXPECT_CALL(async_caller, + AsyncTpmAttestationEnroll(_, fake_enroll_response, _)) + .WillOnce(WithArgs<2>(Invoke(AsyncCallbackFalse))); chromeos::MockCryptohomeClient client; EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) @@ -212,6 +222,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailEnroll) { scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(true); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendEnrollRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationEnrollRequest, _)).Times(1); @@ -234,7 +245,7 @@ TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( - PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", _)) + _, PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, "", "", _)) .Times(1); std::string fake_cert_response = cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; @@ -253,6 +264,7 @@ TEST_F(AttestationFlowTest, GetMachineCertificateAlreadyEnrolled) { scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(true); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendCertificateRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, _)).Times(1); @@ -277,7 +289,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { async_caller.SetUp(false, cryptohome::MOUNT_ERROR_NONE); EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( - PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) + _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) .Times(1); chromeos::MockCryptohomeClient client; @@ -286,6 +298,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailCreateCertRequest) { // We're not expecting any server calls in this case; StrictMock will verify. scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); StrictMock<MockObserver> observer; EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); @@ -305,7 +318,7 @@ TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( - PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) + _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) .Times(1); chromeos::MockCryptohomeClient client; @@ -314,6 +327,7 @@ TEST_F(AttestationFlowTest, GetCertificate_CertRequestRejected) { scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(false); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendCertificateRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, _)).Times(1); @@ -341,6 +355,7 @@ TEST_F(AttestationFlowTest, GetCertificate_FailIsEnrolled) { // We're not expecting any server calls in this case; StrictMock will verify. scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); StrictMock<MockObserver> observer; EXPECT_CALL(observer, MockCertificateCallback(false, "")).Times(1); @@ -360,7 +375,7 @@ TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); EXPECT_CALL(async_caller, AsyncTpmAttestationCreateCertRequest( - PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) + _, PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", _)) .Times(1); std::string fake_cert_response = cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest; @@ -382,6 +397,7 @@ TEST_F(AttestationFlowTest, GetCertificate_CheckExisting) { scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); proxy->DeferToFake(true); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); EXPECT_CALL(*proxy, SendCertificateRequest( cryptohome::MockAsyncMethodCaller::kFakeAttestationCertRequest, _)).Times(1); @@ -417,6 +433,7 @@ TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { // We're not expecting any server calls in this case; StrictMock will verify. scoped_ptr<MockServerProxy> proxy(new StrictMock<MockServerProxy>()); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(DoDefault()); StrictMock<MockObserver> observer; EXPECT_CALL(observer, MockCertificateCallback(true, "fake_cert")).Times(1); @@ -431,5 +448,40 @@ TEST_F(AttestationFlowTest, GetCertificate_AlreadyExists) { Run(); } +TEST_F(AttestationFlowTest, AlternatePCA) { + // Strategy: Create a ServerProxy mock which reports ALTERNATE_PCA and check + // that all calls to the AsyncMethodCaller reflect this PCA type. + scoped_ptr<MockServerProxy> proxy(new NiceMock<MockServerProxy>()); + proxy->DeferToFake(true); + EXPECT_CALL(*proxy, GetType()).WillRepeatedly(Return(ALTERNATE_PCA)); + + chromeos::MockCryptohomeClient client; + EXPECT_CALL(client, TpmAttestationIsEnrolled(_)) + .WillRepeatedly(Invoke(DBusCallbackFalse)); + + NiceMock<cryptohome::MockAsyncMethodCaller> async_caller; + async_caller.SetUp(true, cryptohome::MOUNT_ERROR_NONE); + EXPECT_CALL(async_caller, + AsyncTpmAttestationCreateEnrollRequest(ALTERNATE_PCA, _)) + .Times(AtLeast(1)); + EXPECT_CALL(async_caller, + AsyncTpmAttestationEnroll(ALTERNATE_PCA, _, _)) + .Times(AtLeast(1)); + EXPECT_CALL(async_caller, + AsyncTpmAttestationCreateCertRequest(ALTERNATE_PCA, _, _, _, _)) + .Times(AtLeast(1)); + + NiceMock<MockObserver> observer; + AttestationFlow::CertificateCallback mock_callback = base::Bind( + &MockObserver::MockCertificateCallback, + base::Unretained(&observer)); + + scoped_ptr<ServerProxy> proxy_interface(proxy.release()); + AttestationFlow flow(&async_caller, &client, proxy_interface.Pass()); + flow.GetCertificate(PROFILE_ENTERPRISE_USER_CERTIFICATE, "", "", true, + mock_callback); + Run(); +} + } // namespace attestation } // namespace chromeos diff --git a/chromeos/attestation/mock_attestation_flow.cc b/chromeos/attestation/mock_attestation_flow.cc index b776899..b6eda5b3 100644 --- a/chromeos/attestation/mock_attestation_flow.cc +++ b/chromeos/attestation/mock_attestation_flow.cc @@ -8,6 +8,7 @@ #include "testing/gmock/include/gmock/gmock.h" using testing::_; +using testing::DefaultValue; using testing::Invoke; namespace chromeos { @@ -27,7 +28,9 @@ void FakeServerProxy::SendCertificateRequest(const std::string& request, callback.Run(result_, request + "_response"); } -MockServerProxy::MockServerProxy() {} +MockServerProxy::MockServerProxy() { + DefaultValue<PrivacyCAType>::Set(DEFAULT_PCA); +} MockServerProxy::~MockServerProxy() {} diff --git a/chromeos/attestation/mock_attestation_flow.h b/chromeos/attestation/mock_attestation_flow.h index 1950246..1774964 100644 --- a/chromeos/attestation/mock_attestation_flow.h +++ b/chromeos/attestation/mock_attestation_flow.h @@ -46,6 +46,7 @@ class MockServerProxy : public ServerProxy { void(const std::string&, const DataCallback&)); MOCK_METHOD2(SendCertificateRequest, void(const std::string&, const DataCallback&)); + MOCK_METHOD0(GetType, PrivacyCAType()); private: FakeServerProxy fake_; diff --git a/chromeos/cryptohome/async_method_caller.cc b/chromeos/cryptohome/async_method_caller.cc index 8e89309..5d9b844 100644 --- a/chromeos/cryptohome/async_method_caller.cc +++ b/chromeos/cryptohome/async_method_caller.cc @@ -113,19 +113,22 @@ class AsyncMethodCallerImpl : public AsyncMethodCaller { } virtual void AsyncTpmAttestationCreateEnrollRequest( + chromeos::attestation::PrivacyCAType pca_type, const DataCallback& callback) OVERRIDE { DBusThreadManager::Get()->GetCryptohomeClient()-> - AsyncTpmAttestationCreateEnrollRequest(base::Bind( + AsyncTpmAttestationCreateEnrollRequest(pca_type, base::Bind( &AsyncMethodCallerImpl::RegisterAsyncDataCallback, weak_ptr_factory_.GetWeakPtr(), callback, "Couldn't initiate async attestation enroll request.")); } - virtual void AsyncTpmAttestationEnroll(const std::string& pca_response, - const Callback& callback) OVERRIDE { + virtual void AsyncTpmAttestationEnroll( + chromeos::attestation::PrivacyCAType pca_type, + const std::string& pca_response, + const Callback& callback) OVERRIDE { DBusThreadManager::Get()->GetCryptohomeClient()-> - AsyncTpmAttestationEnroll(pca_response, base::Bind( + AsyncTpmAttestationEnroll(pca_type, pca_response, base::Bind( &AsyncMethodCallerImpl::RegisterAsyncCallback, weak_ptr_factory_.GetWeakPtr(), callback, @@ -133,12 +136,14 @@ class AsyncMethodCallerImpl : public AsyncMethodCaller { } virtual void AsyncTpmAttestationCreateCertRequest( + chromeos::attestation::PrivacyCAType pca_type, chromeos::attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, const DataCallback& callback) OVERRIDE { DBusThreadManager::Get()->GetCryptohomeClient()-> AsyncTpmAttestationCreateCertRequest( + pca_type, certificate_profile, user_id, request_origin, diff --git a/chromeos/cryptohome/async_method_caller.h b/chromeos/cryptohome/async_method_caller.h index be1b0a8..7f1660e 100644 --- a/chromeos/cryptohome/async_method_caller.h +++ b/chromeos/cryptohome/async_method_caller.h @@ -103,23 +103,28 @@ class CHROMEOS_EXPORT AsyncMethodCaller { // Asks cryptohomed to asynchronously create an attestation enrollment // request. On success the data sent to |callback| is a request to be sent - // to the Privacy CA. + // to the Privacy CA of type |pca_type|. virtual void AsyncTpmAttestationCreateEnrollRequest( + chromeos::attestation::PrivacyCAType pca_type, const DataCallback& callback) = 0; // Asks cryptohomed to asynchronously finish an attestation enrollment. // |pca_response| is the response to the enrollment request emitted by the - // Privacy CA. - virtual void AsyncTpmAttestationEnroll(const std::string& pca_response, - const Callback& callback) = 0; + // Privacy CA of type |pca_type|. + virtual void AsyncTpmAttestationEnroll( + chromeos::attestation::PrivacyCAType pca_type, + const std::string& pca_response, + const Callback& callback) = 0; // Asks cryptohomed to asynchronously create an attestation certificate // request according to |certificate_profile|. Some profiles require that the // |user_id| of the currently active user and an identifier of the // |request_origin| be provided. On success the data sent to |callback| is a - // request to be sent to the Privacy CA. The |request_origin| may be sent to - // the Privacy CA but the |user_id| will never be sent. + // request to be sent to the Privacy CA of type |pca_type|. The + // |request_origin| may be sent to the Privacy CA but the |user_id| will never + // be sent. virtual void AsyncTpmAttestationCreateCertRequest( + chromeos::attestation::PrivacyCAType pca_type, chromeos::attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, diff --git a/chromeos/cryptohome/mock_async_method_caller.cc b/chromeos/cryptohome/mock_async_method_caller.cc index 7f54164..7f39eef 100644 --- a/chromeos/cryptohome/mock_async_method_caller.cc +++ b/chromeos/cryptohome/mock_async_method_caller.cc @@ -44,16 +44,16 @@ void MockAsyncMethodCaller::SetUp(bool success, MountError return_code) { ON_CALL(*this, AsyncRemove(_, _)) .WillByDefault( WithArgs<1>(Invoke(this, &MockAsyncMethodCaller::DoCallback))); - ON_CALL(*this, AsyncTpmAttestationCreateEnrollRequest(_)) + ON_CALL(*this, AsyncTpmAttestationCreateEnrollRequest(_, _)) .WillByDefault( - WithArgs<0>(Invoke(this, + WithArgs<1>(Invoke(this, &MockAsyncMethodCaller::FakeCreateEnrollRequest))); - ON_CALL(*this, AsyncTpmAttestationEnroll(_, _)) + ON_CALL(*this, AsyncTpmAttestationEnroll(_, _, _)) .WillByDefault( - WithArgs<1>(Invoke(this, &MockAsyncMethodCaller::DoCallback))); - ON_CALL(*this, AsyncTpmAttestationCreateCertRequest(_, _, _, _)) + WithArgs<2>(Invoke(this, &MockAsyncMethodCaller::DoCallback))); + ON_CALL(*this, AsyncTpmAttestationCreateCertRequest(_, _, _, _, _)) .WillByDefault( - WithArgs<3>(Invoke(this, + WithArgs<4>(Invoke(this, &MockAsyncMethodCaller::FakeCreateCertRequest))); ON_CALL(*this, AsyncTpmAttestationFinishCertRequest(_, _, _, _, _)) .WillByDefault( diff --git a/chromeos/cryptohome/mock_async_method_caller.h b/chromeos/cryptohome/mock_async_method_caller.h index e41457a..515ec78 100644 --- a/chromeos/cryptohome/mock_async_method_caller.h +++ b/chromeos/cryptohome/mock_async_method_caller.h @@ -48,13 +48,17 @@ class MockAsyncMethodCaller : public AsyncMethodCaller { Callback callback)); MOCK_METHOD2(AsyncRemove, void(const std::string& user_email, Callback callback)); - MOCK_METHOD1(AsyncTpmAttestationCreateEnrollRequest, - void(const DataCallback& callback)); - MOCK_METHOD2(AsyncTpmAttestationEnroll, - void(const std::string& pca_response, const Callback& callback)); - MOCK_METHOD4( + MOCK_METHOD2(AsyncTpmAttestationCreateEnrollRequest, + void(chromeos::attestation::PrivacyCAType pca_type, + const DataCallback& callback)); + MOCK_METHOD3(AsyncTpmAttestationEnroll, + void(chromeos::attestation::PrivacyCAType pca_type, + const std::string& pca_response, + const Callback& callback)); + MOCK_METHOD5( AsyncTpmAttestationCreateCertRequest, - void(chromeos::attestation::AttestationCertificateProfile profile, + void(chromeos::attestation::PrivacyCAType pca_type, + chromeos::attestation::AttestationCertificateProfile profile, const std::string& user_id, const std::string& request_origin, const DataCallback& callback)); diff --git a/chromeos/dbus/cryptohome_client.cc b/chromeos/dbus/cryptohome_client.cc index 9e24c32..e5b7db5 100644 --- a/chromeos/dbus/cryptohome_client.cc +++ b/chromeos/dbus/cryptohome_client.cc @@ -434,10 +434,13 @@ class CryptohomeClientImpl : public CryptohomeClient { // CryptohomeClient override. virtual void AsyncTpmAttestationCreateEnrollRequest( + attestation::PrivacyCAType pca_type, const AsyncMethodCallback& callback) OVERRIDE { dbus::MethodCall method_call( cryptohome::kCryptohomeInterface, - cryptohome::kCryptohomeAsyncTpmAttestationCreateEnrollRequest); + cryptohome::kCryptohomeAsyncTpmAttestationCreateEnrollRequestNew); + dbus::MessageWriter writer(&method_call); + writer.AppendInt32(pca_type); proxy_->CallMethod(&method_call, dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, base::Bind(&CryptohomeClientImpl::OnAsyncMethodCall, weak_ptr_factory_.GetWeakPtr(), @@ -446,12 +449,14 @@ class CryptohomeClientImpl : public CryptohomeClient { // CryptohomeClient override. virtual void AsyncTpmAttestationEnroll( + attestation::PrivacyCAType pca_type, const std::string& pca_response, const AsyncMethodCallback& callback) OVERRIDE { dbus::MethodCall method_call( cryptohome::kCryptohomeInterface, - cryptohome::kCryptohomeAsyncTpmAttestationEnroll); + cryptohome::kCryptohomeAsyncTpmAttestationEnrollNew); dbus::MessageWriter writer(&method_call); + writer.AppendInt32(pca_type); writer.AppendArrayOfBytes( reinterpret_cast<const uint8*>(pca_response.data()), pca_response.size()); @@ -463,14 +468,16 @@ class CryptohomeClientImpl : public CryptohomeClient { // CryptohomeClient override. virtual void AsyncTpmAttestationCreateCertRequest( + attestation::PrivacyCAType pca_type, attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, const AsyncMethodCallback& callback) OVERRIDE { dbus::MethodCall method_call( cryptohome::kCryptohomeInterface, - cryptohome::kCryptohomeAsyncTpmAttestationCreateCertRequestByProfile); + cryptohome::kCryptohomeAsyncTpmAttestationCreateCertRequest); dbus::MessageWriter writer(&method_call); + writer.AppendInt32(pca_type); writer.AppendInt32(certificate_profile); writer.AppendString(user_id); writer.AppendString(request_origin); diff --git a/chromeos/dbus/cryptohome_client.h b/chromeos/dbus/cryptohome_client.h index 85fc6fd..a532e9f 100644 --- a/chromeos/dbus/cryptohome_client.h +++ b/chromeos/dbus/cryptohome_client.h @@ -280,15 +280,19 @@ class CHROMEOS_EXPORT CryptohomeClient : public DBusClient { // will be called when the dbus call completes. When the operation completes, // the AsyncCallStatusWithDataHandler signal handler is called. The data that // is sent with the signal is an enrollment request to be sent to the Privacy - // CA. The enrollment is completed by calling AsyncTpmAttestationEnroll. + // CA of type |pca_type|. The enrollment is completed by calling + // AsyncTpmAttestationEnroll. virtual void AsyncTpmAttestationCreateEnrollRequest( + chromeos::attestation::PrivacyCAType pca_type, const AsyncMethodCallback& callback) = 0; // Asynchronously finishes an attestation enrollment operation. The callback // will be called when the dbus call completes. When the operation completes, // the AsyncCallStatusHandler signal handler is called. |pca_response| is the - // response to the enrollment request emitted by the Privacy CA. + // response to the enrollment request emitted by the Privacy CA of type + // |pca_type|. virtual void AsyncTpmAttestationEnroll( + chromeos::attestation::PrivacyCAType pca_type, const std::string& pca_response, const AsyncMethodCallback& callback) = 0; @@ -298,10 +302,12 @@ class CHROMEOS_EXPORT CryptohomeClient : public DBusClient { // provided. |callback| will be called when the dbus call completes. When // the operation completes, the AsyncCallStatusWithDataHandler signal handler // is called. The data that is sent with the signal is a certificate request - // to be sent to the Privacy CA. The certificate request is completed by - // calling AsyncTpmAttestationFinishCertRequest. The |user_id| will not - // be included in the certificate request for the Privacy CA. + // to be sent to the Privacy CA of type |pca_type|. The certificate request + // is completed by calling AsyncTpmAttestationFinishCertRequest. The + // |user_id| will not be included in the certificate request for the Privacy + // CA. virtual void AsyncTpmAttestationCreateCertRequest( + chromeos::attestation::PrivacyCAType pca_type, attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, diff --git a/chromeos/dbus/fake_cryptohome_client.cc b/chromeos/dbus/fake_cryptohome_client.cc index a4e7f28..df33138 100644 --- a/chromeos/dbus/fake_cryptohome_client.cc +++ b/chromeos/dbus/fake_cryptohome_client.cc @@ -279,17 +279,20 @@ void FakeCryptohomeClient::TpmAttestationIsEnrolled( } void FakeCryptohomeClient::AsyncTpmAttestationCreateEnrollRequest( + chromeos::attestation::PrivacyCAType pca_type, const AsyncMethodCallback& callback) { ReturnAsyncMethodResult(callback, true); } void FakeCryptohomeClient::AsyncTpmAttestationEnroll( + chromeos::attestation::PrivacyCAType pca_type, const std::string& pca_response, const AsyncMethodCallback& callback) { ReturnAsyncMethodResult(callback, false); } void FakeCryptohomeClient::AsyncTpmAttestationCreateCertRequest( + chromeos::attestation::PrivacyCAType pca_type, attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, diff --git a/chromeos/dbus/fake_cryptohome_client.h b/chromeos/dbus/fake_cryptohome_client.h index 96aeeab..f1b6538 100644 --- a/chromeos/dbus/fake_cryptohome_client.h +++ b/chromeos/dbus/fake_cryptohome_client.h @@ -91,11 +91,14 @@ class CHROMEOS_EXPORT FakeCryptohomeClient : public CryptohomeClient { virtual void TpmAttestationIsEnrolled( const BoolDBusMethodCallback& callback) OVERRIDE; virtual void AsyncTpmAttestationCreateEnrollRequest( + chromeos::attestation::PrivacyCAType pca_type, const AsyncMethodCallback& callback) OVERRIDE; virtual void AsyncTpmAttestationEnroll( + chromeos::attestation::PrivacyCAType pca_type, const std::string& pca_response, const AsyncMethodCallback& callback) OVERRIDE; virtual void AsyncTpmAttestationCreateCertRequest( + chromeos::attestation::PrivacyCAType pca_type, attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, diff --git a/chromeos/dbus/mock_cryptohome_client.h b/chromeos/dbus/mock_cryptohome_client.h index eedd26c..f36bbb58 100644 --- a/chromeos/dbus/mock_cryptohome_client.h +++ b/chromeos/dbus/mock_cryptohome_client.h @@ -94,14 +94,17 @@ class MockCryptohomeClient : public CryptohomeClient { void(const BoolDBusMethodCallback& callback)); MOCK_METHOD1(TpmAttestationIsEnrolled, void(const BoolDBusMethodCallback& callback)); - MOCK_METHOD1(AsyncTpmAttestationCreateEnrollRequest, - void(const AsyncMethodCallback& callback)); - MOCK_METHOD2(AsyncTpmAttestationEnroll, - void(const std::string& pca_response, + MOCK_METHOD2(AsyncTpmAttestationCreateEnrollRequest, + void(attestation::PrivacyCAType pca_type, + const AsyncMethodCallback& callback)); + MOCK_METHOD3(AsyncTpmAttestationEnroll, + void(attestation::PrivacyCAType pca_type, + const std::string& pca_response, const AsyncMethodCallback& callback)); - MOCK_METHOD4( + MOCK_METHOD5( AsyncTpmAttestationCreateCertRequest, - void(attestation::AttestationCertificateProfile certificate_profile, + void(attestation::PrivacyCAType pca_type, + attestation::AttestationCertificateProfile certificate_profile, const std::string& user_id, const std::string& request_origin, const AsyncMethodCallback& callback)); |