1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ 6 #define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ 7 8 #include "chromeos/chromeos_export.h" 9 10 namespace chromeos { 11 namespace attestation { 12 13 // Options available for customizing an attestation certificate. 14 enum AttestationCertificateOptions { 15 CERTIFICATE_OPTION_NONE = 0, 16 // A stable identifier is simply an identifier that is not affected by device 17 // state changes, including device recovery. 18 CERTIFICATE_INCLUDE_STABLE_ID = 1, 19 // Device state information contains a quoted assertion of whether the device 20 // is in verified mode. 21 CERTIFICATE_INCLUDE_DEVICE_STATE = 1 << 1, 22 }; 23 24 // Key types supported by the Chrome OS attestation subsystem. 25 enum AttestationKeyType { 26 // The key will be associated with the device itself and will be available 27 // regardless of which user is signed-in. 28 KEY_DEVICE, 29 // The key will be associated with the current user and will only be available 30 // when that user is signed-in. 31 KEY_USER, 32 }; 33 34 // Options available for customizing an attestation challenge response. 35 enum AttestationChallengeOptions { 36 CHALLENGE_OPTION_NONE = 0, 37 // Indicates that a SignedPublicKeyAndChallenge should be embedded in the 38 // challenge response. 39 CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1, 40 }; 41 42 // Available attestation certificate profiles. 43 enum AttestationCertificateProfile { 44 // Uses the following certificate options: 45 // CERTIFICATE_INCLUDE_STABLE_ID 46 // CERTIFICATE_INCLUDE_DEVICE_STATE 47 PROFILE_ENTERPRISE_MACHINE_CERTIFICATE, 48 // Uses the following certificate options: 49 // CERTIFICATE_INCLUDE_DEVICE_STATE 50 PROFILE_ENTERPRISE_USER_CERTIFICATE, 51 }; 52 53 // A key name for the Enterprise Machine Key. This key should always be stored 54 // as a DEVICE_KEY. 55 CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[]; 56 57 // A key name for the Enterprise User Key. This key should always be stored as 58 // a USER_KEY. 59 CHROMEOS_EXPORT extern const char kEnterpriseUserKey[]; 60 61 } // namespace attestation 62 } // namespace chromeos 63 64 #endif // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_ 65