Home | History | Annotate | Download | only in attestation 
      1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
      6 #define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
      7 
      8 #include "chromeos/chromeos_export.h"
      9 
     10 namespace chromeos {
     11 namespace attestation {
     12 
     13 // Key types supported by the Chrome OS attestation subsystem.
     14 enum AttestationKeyType {
     15   // The key will be associated with the device itself and will be available
     16   // regardless of which user is signed-in.
     17   KEY_DEVICE,
     18   // The key will be associated with the current user and will only be available
     19   // when that user is signed-in.
     20   KEY_USER,
     21 };
     22 
     23 // Options available for customizing an attestation challenge response.
     24 enum AttestationChallengeOptions {
     25   CHALLENGE_OPTION_NONE = 0,
     26   // Indicates that a SignedPublicKeyAndChallenge should be embedded in the
     27   // challenge response.
     28   CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1,
     29 };
     30 
     31 // Available attestation certificate profiles.
     32 enum AttestationCertificateProfile {
     33   // Uses the following certificate options:
     34   //   CERTIFICATE_INCLUDE_STABLE_ID
     35   //   CERTIFICATE_INCLUDE_DEVICE_STATE
     36   PROFILE_ENTERPRISE_MACHINE_CERTIFICATE,
     37   // Uses the following certificate options:
     38   //   CERTIFICATE_INCLUDE_DEVICE_STATE
     39   PROFILE_ENTERPRISE_USER_CERTIFICATE,
     40   // A profile for certificates intended for protected content providers.
     41   PROFILE_CONTENT_PROTECTION_CERTIFICATE,
     42 };
     43 
     44 enum PrivacyCAType {
     45   DEFAULT_PCA,    // The Google-operated Privacy CA.
     46   ALTERNATE_PCA,  // An alternate Privacy CA specified by enterprise policy.
     47 };
     48 
     49 // A key name for the Enterprise Machine Key.  This key should always be stored
     50 // as a DEVICE_KEY.
     51 CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[];
     52 
     53 // A key name for the Enterprise User Key.  This key should always be stored as
     54 // a USER_KEY.
     55 CHROMEOS_EXPORT extern const char kEnterpriseUserKey[];
     56 
     57 // The key name prefix for content protection keys.  This prefix must be
     58 // appended with an origin-specific identifier to form the final key name.
     59 CHROMEOS_EXPORT extern const char kContentProtectionKeyPrefix[];
     60 
     61 }  // namespace attestation
     62 }  // namespace chromeos
     63 
     64 #endif  // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
     65