• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
6 #define CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "chromeos/chromeos_export.h"
13 
14 namespace cryptohome {
15 
16 enum AuthKeyPrivileges {
17   PRIV_MOUNT = 1 << 0,              // Can mount with this key.
18   PRIV_ADD = 1 << 1,                // Can add new keys.
19   PRIV_REMOVE = 1 << 2,             // Can remove other keys.
20   PRIV_MIGRATE = 1 << 3,            // Destroy all keys and replace with new.
21   PRIV_AUTHORIZED_UPDATE = 1 << 4,  // Key can be updated in place.
22   PRIV_DEFAULT = PRIV_MOUNT | PRIV_ADD | PRIV_REMOVE | PRIV_MIGRATE
23 };
24 
25 // Identification of the user calling cryptohome method.
26 struct CHROMEOS_EXPORT Identification {
IdentificationIdentification27   explicit Identification(const std::string& user_id) : user_id(user_id) {}
28   std::string user_id;
29 };
30 
31 // Definition of the key (e.g. password) for the cryptohome.
32 // It contains authorization data along with extra parameters like perimissions
33 // associated with this key.
34 struct CHROMEOS_EXPORT KeyDefinition {
35   KeyDefinition(const std::string& key,
36                 const std::string& label,
37                 int /*AuthKeyPrivileges*/ privileges);
38   ~KeyDefinition();
39   std::string label;
40 
41   int revision;
42   std::string key;
43 
44   std::string encryption_key;
45   std::string signature_key;
46   // Privileges associated with key. Combination of |AuthKeyPrivileges| values.
47   int privileges;
48 };
49 
50 // Authorization attempt data for user.
51 struct CHROMEOS_EXPORT Authorization {
52   Authorization(const std::string& key, const std::string& label);
53   explicit Authorization(const KeyDefinition& key);
54   std::string key;
55   std::string label;
56 };
57 
58 // Parameters for Mount call.
59 class CHROMEOS_EXPORT MountParameters {
60  public:
61   explicit MountParameters(bool ephemeral);
62   ~MountParameters();
63 
64   // If |true|, the mounted home dir will be backed by tmpfs. If |false|, the
65   // ephemeral users policy decides whether tmpfs or an encrypted directory is
66   // used as the backend.
67   bool ephemeral;
68 
69   // If not empty, home dir will be created with these keys if it exist.
70   std::vector<KeyDefinition> create_keys;
71 };
72 
73 }  // namespace cryptohome
74 
75 #endif  // CHROMEOS_CRYPTOHOME_CRYPTOHOME_PARAMETERS_H_
76