chromeos/attestation/attestation.cc - Issue 11932004: Implemented attestation message flow for Chrome OS.

Side by Side Diff: chromeos/attestation/attestation.cc

Issue 11932004: Implemented attestation message flow for Chrome OS. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "chromeos/attestation/attestation.h"

	6

	7 #include "base/bind.h"

	8 #include "chromeos/cryptohome/async_method_caller.h"

	9 #include "chromeos/dbus/cryptohome_client.h"

	10

	11
	Mattias Nissler (ping if slow) 2013/01/16 10:39:26 nit: remove extra blank line. nit: remove extra blank line. dkrahn 2013/01/17 23:36:24 Done. Show quoted text On 2013/01/16 10:39:26, Mattias Nissler wrote: > nit: remove extra blank line. Done.
	12 namespace chromeos {

	13 namespace attestation {

	14

	15 const char* Attestation::kEnterpriseMachineKey = "attest-ent-machine";
	Mattias Nissler (ping if slow) 2013/01/16 10:39:26 The type of this should be const char[] The type of this should be const char[] dkrahn 2013/01/17 23:36:24 Done. Show quoted text On 2013/01/16 10:39:26, Mattias Nissler wrote: > The type of this should be const char[] Done.
	16

	17 Attestation::Attestation(cryptohome::AsyncMethodCaller* async_caller,

	18 CryptohomeClient* cryptohome_client,

	19 ServerProxy* server_proxy)

	20 : ALLOW_THIS_IN_INITIALIZER_LIST(weak_factory_(this)),

	21 async_caller_(async_caller),

	22 cryptohome_client_(cryptohome_client),

	23 server_proxy_(server_proxy) {

	24 }

	25

	26 Attestation::~Attestation() {

	27 }

	28

	29 void Attestation::GetCertificate(const std::string& name,

	30 const CertificateCallback& callback) {

	31 // If this device has not enrolled with the Privacy CA, we need to do that

	32 // first. Once enrolled we can proceed with the certificate request.

	33 base::Closure do_cert_request = base::Bind(

	34 &Attestation::StartCertificateRequest,

	35 weak_factory_.GetWeakPtr(),

	36 name,

	37 callback);

	38 base::Closure on_enroll_failure = base::Bind(callback, false, "");

	39 base::Closure do_enroll = base::Bind(&Attestation::StartEnroll,

	40 weak_factory_.GetWeakPtr(),

	41 on_enroll_failure,

	42 do_cert_request);

	43 cryptohome_client_->TpmAttestationIsEnrolled(base::Bind(

	44 &Attestation::DBusBoolRedirectCallback,

	45 weak_factory_.GetWeakPtr(),

	46 do_cert_request, // If enrolled, proceed with cert request.

	47 do_enroll, // If not enrolled, initiate enrollment.

	48 on_enroll_failure));

	49 }

	50

	51 void Attestation::DBusBoolRedirectCallback(const base::Closure& on_true,
	Mattias Nissler (ping if slow) 2013/01/16 10:39:26 This function can be a static helper only visible This function can be a static helper only visible to the implementation file. dkrahn 2013/01/17 23:36:24 Done. Show quoted text On 2013/01/16 10:39:26, Mattias Nissler wrote: > This function can be a static helper only visible to the implementation file. Done.
	52 const base::Closure& on_false,

	53 const base::Closure& on_fail,

	54 DBusMethodCallStatus status,

	55 bool value) {

	56 if (status != DBUS_METHOD_CALL_SUCCESS) {

	57 LOG(ERROR) << "Attestation: Failed to query enrollment state.";

	58 on_fail.Run();

	59 return;

	60 }

	61 base::Closure task = value ? on_true : on_false;
	Mattias Nissler (ping if slow) 2013/01/16 10:39:26 declare as reference? declare as reference? dkrahn 2013/01/17 23:36:24 Was following the callback.h recommendation: "The Show quoted text On 2013/01/16 10:39:26, Mattias Nissler wrote: > declare as reference? Was following the callback.h recommendation: "The Callback objects themselves should be passed by const-reference, and stored by copy." However, this isn't exactly 'storing' and a reference would be optimal. Done.
	62 task.Run();

	63 }

	64

	65 void Attestation::StartEnroll(const base::Closure& on_failure,

	66 const base::Closure& next_task) {

	67 // Get the attestation service to create a Privacy CA enrollment request.

	68 async_caller_->AsyncTpmAttestationCreateEnrollRequest(base::Bind(

	69 &Attestation::OnCreateEnrollRequest,

	70 weak_factory_.GetWeakPtr(),

	71 on_failure,

	72 next_task));

	73 }

	74

	75 void Attestation::OnCreateEnrollRequest(const base::Closure& on_failure,

	76 const base::Closure& next_task,

	77 bool success,

	78 const std::string& data) {

	79 if (!success) {

	80 LOG(ERROR) << "Attestation: Failed to create enroll request.";

	81 on_failure.Run();

	82 return;

	83 }

	84

	85 // Send the request to the Privacy CA.

	86 server_proxy_->SendEnrollRequest(

	87 data,

	88 base::Bind(&Attestation::OnEnrollResponse,

	89 weak_factory_.GetWeakPtr(),

	90 on_failure,

	91 next_task));

	92 }

	93

	94 void Attestation::OnEnrollResponse(const base::Closure& on_failure,

	95 const base::Closure& next_task,

	96 bool success,

	97 const std::string& data) {

	98 if (!success) {

	99 LOG(ERROR) << "Attestation: Enroll request failed.";

	100 on_failure.Run();

	101 return;

	102 }

	103

	104 // Forward the response to the attestation service to complete enrollment.

	105 async_caller_->AsyncTpmAttestationEnroll(data,

	106 base::Bind(

	107 &Attestation::OnEnrollComplete,

	108 weak_factory_.GetWeakPtr(),

	109 on_failure,

	110 next_task));

	111 }

	112

	113 void Attestation::OnEnrollComplete(const base::Closure& on_failure,

	114 const base::Closure& next_task,

	115 bool success,

	116 cryptohome::MountError /not_used/) {

	117 if (!success) {

	118 LOG(ERROR) << "Attestation: Failed to complete enrollment.";

	119 on_failure.Run();

	120 return;

	121 }

	122

	123 // Enrollment has successfully completed, we can move on to whatever is next.

	124 next_task.Run();

	125 }

	126

	127 void Attestation::StartCertificateRequest(const std::string& name,

	128 const CertificateCallback& callback) {

	129 // Get the attestation service to create a Privacy CA certificate request.

	130 async_caller_->AsyncTpmAttestationCreateCertRequest(

	131 (name == kEnterpriseMachineKey),

	132 base::Bind(&Attestation::OnCreateCertificateRequest,

	133 weak_factory_.GetWeakPtr(),

	134 callback));

	135 }

	136

	137 void Attestation::OnCreateCertificateRequest(

	138 const CertificateCallback& callback,

	139 bool success,

	140 const std::string& data) {

	141 if (!success) {

	142 LOG(ERROR) << "Attestation: Failed to create certificate request.";

	143 callback.Run(false, "");

	144 return;

	145 }

	146

	147 // Send the request to the Privacy CA.

	148 server_proxy_->SendCertificateRequest(

	149 data,

	150 base::Bind(&Attestation::OnCertificateResponse,

	151 weak_factory_.GetWeakPtr(),

	152 callback));

	153 }

	154

	155 void Attestation::OnCertificateResponse(const CertificateCallback& callback,

	156 bool success,

	157 const std::string& data) {

	158 if (!success) {

	159 LOG(ERROR) << "Attestation: Certificate request failed.";

	160 callback.Run(false, "");

	161 return;

	162 }

	163

	164 // Forward the response to the attestation service to complete the operation.

	165 async_caller_->AsyncTpmAttestationFinishCertRequest(data,

	166 base::Bind(callback));

	167 }

	168

	169 } // namespace attestation

	170 } // namespace chromeos

OLD	NEW