• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
6 #define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
7 
8 #include "chromeos/chromeos_export.h"
9 
10 namespace chromeos {
11 namespace attestation {
12 
13 // Key types supported by the Chrome OS attestation subsystem.
14 enum AttestationKeyType {
15   // The key will be associated with the device itself and will be available
16   // regardless of which user is signed-in.
17   KEY_DEVICE,
18   // The key will be associated with the current user and will only be available
19   // when that user is signed-in.
20   KEY_USER,
21 };
22 
23 // Options available for customizing an attestation challenge response.
24 enum AttestationChallengeOptions {
25   CHALLENGE_OPTION_NONE = 0,
26   // Indicates that a SignedPublicKeyAndChallenge should be embedded in the
27   // challenge response.
28   CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1,
29 };
30 
31 // Available attestation certificate profiles.
32 enum AttestationCertificateProfile {
33   // Uses the following certificate options:
34   //   CERTIFICATE_INCLUDE_STABLE_ID
35   //   CERTIFICATE_INCLUDE_DEVICE_STATE
36   PROFILE_ENTERPRISE_MACHINE_CERTIFICATE,
37   // Uses the following certificate options:
38   //   CERTIFICATE_INCLUDE_DEVICE_STATE
39   PROFILE_ENTERPRISE_USER_CERTIFICATE,
40   // A profile for certificates intended for protected content providers.
41   PROFILE_CONTENT_PROTECTION_CERTIFICATE,
42 };
43 
44 enum PrivacyCAType {
45   DEFAULT_PCA,    // The Google-operated Privacy CA.
46   ALTERNATE_PCA,  // An alternate Privacy CA specified by enterprise policy.
47 };
48 
49 // A key name for the Enterprise Machine Key.  This key should always be stored
50 // as a DEVICE_KEY.
51 CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[];
52 
53 // A key name for the Enterprise User Key.  This key should always be stored as
54 // a USER_KEY.
55 CHROMEOS_EXPORT extern const char kEnterpriseUserKey[];
56 
57 // The key name prefix for content protection keys.  This prefix must be
58 // appended with an origin-specific identifier to form the final key name.
59 CHROMEOS_EXPORT extern const char kContentProtectionKeyPrefix[];
60 
61 }  // namespace attestation
62 }  // namespace chromeos
63 
64 #endif  // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
65