Home | History | Annotate | Download | only in cryptohome 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
      6 #define CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/callback_forward.h"
     13 #include "chromeos/chromeos_export.h"
     14 #include "chromeos/cryptohome/cryptohome_parameters.h"
     15 #include "chromeos/dbus/cryptohome_client.h"
     16 #include "third_party/cros_system_api/dbus/service_constants.h"
     17 
     18 namespace cryptohome {
     19 
     20 // This class manages calls to Cryptohome service's home directory methods:
     21 // Mount, CheckKey, Add/UpdateKey.
     22 class CHROMEOS_EXPORT HomedirMethods {
     23  public:
     24   // Callbacks that are called back on the UI thread when the results of the
     25   // respective method calls are ready.
     26   typedef base::Callback<void(bool success, MountError return_code)> Callback;
     27   typedef base::Callback<void(
     28       bool success,
     29       MountError return_code,
     30       const std::vector<KeyDefinition>& key_definitions)> GetKeyDataCallback;
     31   typedef base::Callback<
     32       void(bool success, MountError return_code, const std::string& mount_hash)>
     33       MountCallback;
     34 
     35   virtual ~HomedirMethods() {}
     36 
     37   // Asks cryptohomed to return data about the key identified by |label| for the
     38   // user identified by |id|. At present, this does not return any secret
     39   // information and the request does not need to be authenticated.
     40   virtual void GetKeyDataEx(const Identification& id,
     41                             const std::string& label,
     42                             const GetKeyDataCallback& callback) = 0;
     43 
     44   // Asks cryptohomed to attempt authorization for user identified by |id| using
     45   // |auth|. This can be used to unlock a user session.
     46   virtual void CheckKeyEx(const Identification& id,
     47                           const Authorization& auth,
     48                           const Callback& callback) = 0;
     49 
     50   // Asks cryptohomed to find the cryptohome for user identified by |id| and
     51   // then mount it using |auth| to unlock the key.
     52   // If the |create_keys| are not given and no cryptohome exists for |id|,
     53   // the expected result is
     54   // callback.Run(false, kCryptohomeMountErrorUserDoesNotExist, string()).
     55   // Otherwise, the normal range of return codes is expected.
     56   virtual void MountEx(const Identification& id,
     57                        const Authorization& auth,
     58                        const MountParameters& request,
     59                        const MountCallback& callback) = 0;
     60 
     61   // Asks cryptohomed to try to add another |key| for user identified by |id|
     62   // using |auth| to unlock the key.
     63   // |clobber_if_exist| governs action if key with same label already exists for
     64   // this user. if |true| old key will be replaced, if  |false| old key will be
     65   // preserved.
     66   // Key used in |auth| should have PRIV_ADD privilege.
     67   // |callback| will be called with status info on completion.
     68   virtual void AddKeyEx(const Identification& id,
     69                         const Authorization& auth,
     70                         const KeyDefinition& key,
     71                         bool clobber_if_exist,
     72                         const Callback& callback) = 0;
     73 
     74   // Asks cryptohomed to update |key| for user identified by |id| using |auth|
     75   // to unlock the key.
     76   // Label for |auth| and |key| have to be the same.
     77   // Key used in |auth| should have PRIV_AUTHORIZED_UPDATE privilege.
     78   // |signature| is used by cryptohome to verify the authentity of new key.
     79   // |callback| will be called with status info on completion.
     80   virtual void UpdateKeyEx(const Identification& id,
     81                            const Authorization& auth,
     82                            const KeyDefinition& key,
     83                            const std::string& signature,
     84                            const Callback& callback) = 0;
     85 
     86   // Asks cryptohomed to remove specific key labeled with |label| for user
     87   // identified by |id| using |auth|.
     88   virtual void RemoveKeyEx(const Identification& id,
     89                            const Authorization& auth,
     90                            const std::string& label,
     91                            const Callback& callback) = 0;
     92 
     93   // Creates the global HomedirMethods instance.
     94   static void Initialize();
     95 
     96   // Similar to Initialize(), but can inject an alternative
     97   // HomedirMethods such as MockHomedirMethods for testing.
     98   // The injected object will be owned by the internal pointer and deleted
     99   // by Shutdown().
    100   static void InitializeForTesting(HomedirMethods* homedir_methods);
    101 
    102   // Destroys the global HomedirMethods instance if it exists.
    103   static void Shutdown();
    104 
    105   // Returns a pointer to the global HomedirMethods instance.
    106   // Initialize() should already have been called.
    107   static HomedirMethods* GetInstance();
    108 };
    109 
    110 }  // namespace cryptohome
    111 
    112 #endif  // CHROMEOS_CRYPTOHOME_HOMEDIR_METHODS_H_
    113