1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROMEOS_DBUS_CONSTANTS_ATTESTATION_CONSTANTS_H_ 6 #define CHROMEOS_DBUS_CONSTANTS_ATTESTATION_CONSTANTS_H_ 7 8 #include "base/component_export.h" 9 10 namespace chromeos { 11 namespace attestation { 12 13 enum VerifiedAccessType { 14 DEFAULT_VA, // The default Verified Access server. 15 TEST_VA, // The test Verified Access server. 16 }; 17 18 // Key types supported by the Chrome OS attestation subsystem. 19 enum AttestationKeyType { 20 // The key will be associated with the device itself and will be available 21 // regardless of which user is signed-in. 22 KEY_DEVICE, 23 // The key will be associated with the current user and will only be available 24 // when that user is signed-in. 25 KEY_USER, 26 }; 27 28 // Options available for customizing an attestation challenge response. 29 enum AttestationChallengeOptions { 30 CHALLENGE_OPTION_NONE = 0, 31 // Indicates that a SignedPublicKeyAndChallenge should be embedded in the 32 // challenge response. 33 CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1, 34 }; 35 36 // Available attestation certificate profiles. These values are sent straight 37 // to cryptohomed and therefore match the values of CertificateProfile in 38 // platform2/cryptohome/attestation.proto for the right certificates to be 39 // returned. 40 enum AttestationCertificateProfile { 41 // Uses the following certificate options: 42 // CERTIFICATE_INCLUDE_STABLE_ID 43 // CERTIFICATE_INCLUDE_DEVICE_STATE 44 PROFILE_ENTERPRISE_MACHINE_CERTIFICATE = 0, 45 // Uses the following certificate options: 46 // CERTIFICATE_INCLUDE_DEVICE_STATE 47 PROFILE_ENTERPRISE_USER_CERTIFICATE = 1, 48 // A profile for certificates intended for protected content providers. 49 PROFILE_CONTENT_PROTECTION_CERTIFICATE = 2, 50 // A profile for certificates intended for enterprise registration. 51 PROFILE_ENTERPRISE_ENROLLMENT_CERTIFICATE = 7 52 }; 53 54 // Status for operations involving an attestation server. 55 enum AttestationStatus { 56 // Call successful 57 ATTESTATION_SUCCESS, 58 // Failure, no specific reason 59 ATTESTATION_UNSPECIFIED_FAILURE, 60 // Failure, sending a bad request to an attestation server 61 ATTESTATION_SERVER_BAD_REQUEST_FAILURE 62 }; 63 64 enum PrivacyCAType { 65 DEFAULT_PCA, // The Google-operated Privacy CA. 66 TEST_PCA, // The test version of the Google-operated Privacy CA. 67 }; 68 69 // A key name for the Enterprise Machine Key. This key should always be stored 70 // as a DEVICE_KEY. 71 COMPONENT_EXPORT(CHROMEOS_DBUS_CONSTANTS) 72 extern const char kEnterpriseMachineKey[]; 73 74 // A key name for the Enterprise Enrollmnent Key. This key should always be 75 // stored as a DEVICE_KEY. 76 COMPONENT_EXPORT(CHROMEOS_DBUS_CONSTANTS) 77 extern const char kEnterpriseEnrollmentKey[]; 78 79 // A key name for the Enterprise User Key. This key should always be stored as 80 // a USER_KEY. 81 COMPONENT_EXPORT(CHROMEOS_DBUS_CONSTANTS) 82 extern const char kEnterpriseUserKey[]; 83 84 // The key name prefix for content protection keys. This prefix must be 85 // appended with an origin-specific identifier to form the final key name. 86 COMPONENT_EXPORT(CHROMEOS_DBUS_CONSTANTS) 87 extern const char kContentProtectionKeyPrefix[]; 88 89 } // namespace attestation 90 } // namespace chromeos 91 92 #endif // CHROMEOS_DBUS_CONSTANTS_ATTESTATION_CONSTANTS_H_ 93