Home | History | Annotate | Download | only in attestation
      1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
      6 #define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
      7 
      8 #include "chromeos/chromeos_export.h"
      9 
     10 namespace chromeos {
     11 namespace attestation {
     12 
     13 // Options available for customizing an attestation certificate.
     14 enum AttestationCertificateOptions {
     15   CERTIFICATE_OPTION_NONE = 0,
     16   // A stable identifier is simply an identifier that is not affected by device
     17   // state changes, including device recovery.
     18   CERTIFICATE_INCLUDE_STABLE_ID = 1,
     19   // Device state information contains a quoted assertion of whether the device
     20   // is in verified mode.
     21   CERTIFICATE_INCLUDE_DEVICE_STATE = 1 << 1,
     22 };
     23 
     24 // Key types supported by the Chrome OS attestation subsystem.
     25 enum AttestationKeyType {
     26   // The key will be associated with the device itself and will be available
     27   // regardless of which user is signed-in.
     28   KEY_DEVICE,
     29   // The key will be associated with the current user and will only be available
     30   // when that user is signed-in.
     31   KEY_USER,
     32 };
     33 
     34 // Options available for customizing an attestation challenge response.
     35 enum AttestationChallengeOptions {
     36   CHALLENGE_OPTION_NONE = 0,
     37   // Indicates that a SignedPublicKeyAndChallenge should be embedded in the
     38   // challenge response.
     39   CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1,
     40 };
     41 
     42 // Available attestation certificate profiles.
     43 enum AttestationCertificateProfile {
     44   // Uses the following certificate options:
     45   //   CERTIFICATE_INCLUDE_STABLE_ID
     46   //   CERTIFICATE_INCLUDE_DEVICE_STATE
     47   PROFILE_ENTERPRISE_MACHINE_CERTIFICATE,
     48   // Uses the following certificate options:
     49   //   CERTIFICATE_INCLUDE_DEVICE_STATE
     50   PROFILE_ENTERPRISE_USER_CERTIFICATE,
     51 };
     52 
     53 // A key name for the Enterprise Machine Key.  This key should always be stored
     54 // as a DEVICE_KEY.
     55 CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[];
     56 
     57 // A key name for the Enterprise User Key.  This key should always be stored as
     58 // a USER_KEY.
     59 CHROMEOS_EXPORT extern const char kEnterpriseUserKey[];
     60 
     61 }  // namespace attestation
     62 }  // namespace chromeos
     63 
     64 #endif  // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
     65