Home | History | Annotate | Download | only in cryptohome 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
      6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/basictypes.h"
     12 #include "chromeos/chromeos_export.h"
     13 
     14 namespace cryptohome {
     15 
     16 enum AuthKeyPrivileges {
     17   PRIV_MOUNT = 1 << 0,              // Can mount with this key.
     18   PRIV_ADD = 1 << 1,                // Can add new keys.
     19   PRIV_REMOVE = 1 << 2,             // Can remove other keys.
     20   PRIV_MIGRATE = 1 << 3,            // Destroy all keys and replace with new.
     21   PRIV_AUTHORIZED_UPDATE = 1 << 4,  // Key can be updated in place.
     22   PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
     23 };
     24 
     25 // Identification of the user calling cryptohome method.
     26 struct CHROMEOS_EXPORT Identification {
     27   explicit Identification(const std::string& user_id) : user_id(user_id) {}
     28   std::string user_id;
     29 };
     30 
     31 // Definition of the key (e.g. password) for the cryptohome.
     32 // It contains authorization data along with extra parameters like perimissions
     33 // associated with this key.
     34 struct CHROMEOS_EXPORT KeyDefinition {
     35   KeyDefinition(const std::string& key,
     36                 const std::string& label,
     37                 int /*AuthKeyPrivileges*/ privileges);
     38   ~KeyDefinition();
     39   std::string label;
     40 
     41   int revision;
     42   std::string key;
     43 
     44   std::string encryption_key;
     45   std::string signature_key;
     46   // Privileges associated with key. Combination of |AuthKeyPrivileges| values.
     47   int privileges;
     48 };
     49 
     50 // Authorization attempt data for user.
     51 struct CHROMEOS_EXPORT Authorization {
     52   Authorization(const std::string& key, const std::string& label);
     53   explicit Authorization(const KeyDefinition& key);
     54   std::string key;
     55   std::string label;
     56 };
     57 
     58 // Parameters for Mount call.
     59 class CHROMEOS_EXPORT MountParameters {
     60  public:
     61   explicit MountParameters(bool ephemeral);
     62   ~MountParameters();
     63 
     64   // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the
     65   // ephemeral users policy decides whether tmpfs or an encrypted directory is
     66   // used as the backend.
     67   bool ephemeral;
     68 
     69   // If not empty, home dir will be created with these keys if it exist.
     70   std::vector<KeyDefinition> create_keys;
     71 };
     72 
     73 }  // namespace cryptohome
     74 
     75 #endif  // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
     76