File: enrollment_certificate_uploader_impl.h

package info (click to toggle)
chromium 139.0.7258.127-1
  • links: PTS, VCS
  • area: main
  • in suites:
  • size: 6,122,068 kB
  • sloc: cpp: 35,100,771; ansic: 7,163,530; javascript: 4,103,002; python: 1,436,920; asm: 946,517; xml: 746,709; pascal: 187,653; perl: 88,691; sh: 88,436; objc: 79,953; sql: 51,488; cs: 44,583; fortran: 24,137; makefile: 22,147; tcl: 15,277; php: 13,980; yacc: 8,984; ruby: 7,485; awk: 3,720; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; sed: 36
file content (116 lines) | stat: -rw-r--r-- 4,469 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
// Copyright 2019 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef CHROME_BROWSER_ASH_ATTESTATION_ENROLLMENT_CERTIFICATE_UPLOADER_IMPL_H_
#define CHROME_BROWSER_ASH_ATTESTATION_ENROLLMENT_CERTIFICATE_UPLOADER_IMPL_H_

#include <memory>
#include <queue>
#include <string>

#include "base/functional/callback.h"
#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "base/time/time.h"
#include "chrome/browser/ash/attestation/enrollment_certificate_uploader.h"
#include "chromeos/ash/components/attestation/attestation_flow.h"
#include "chromeos/ash/components/dbus/constants/attestation_constants.h"
#include "components/policy/core/common/cloud/cloud_policy_client.h"

namespace ash {
namespace attestation {

class AttestationFeatures;

// A class which uploads enterprise enrollment certificates.
class EnrollmentCertificateUploaderImpl : public EnrollmentCertificateUploader {
 public:
  explicit EnrollmentCertificateUploaderImpl(
      policy::CloudPolicyClient* policy_client);

  EnrollmentCertificateUploaderImpl(const EnrollmentCertificateUploaderImpl&) =
      delete;
  EnrollmentCertificateUploaderImpl& operator=(
      const EnrollmentCertificateUploaderImpl&) = delete;

  ~EnrollmentCertificateUploaderImpl() override;

  // Sets the retry limit in number of tries; useful for testing.
  void set_retry_limit_for_testing(int limit) { retry_limit_ = limit; }

  // Sets the retry delay; useful for testing.
  void set_retry_delay_for_testing(base::TimeDelta retry_delay) {
    retry_delay_ = retry_delay;
  }

  // Sets a custom AttestationFlow implementation; useful for testing.
  void set_attestation_flow_for_testing(AttestationFlow* attestation_flow) {
    attestation_flow_ = attestation_flow;
  }

  // Obtains a fresh enrollment certificate and uploads it. If certificate has
  // already been uploaded - reports success immediately and does not upload
  // second time.
  // If fails to fetch existing certificate, retries to fetch until success or
  // |retry_limit_|.
  // If fails to upload existing certificate, retries to fetch and upload a new
  // one until success or |retry_limit_|.
  void ObtainAndUploadCertificate(UploadCallback callback) override;

 private:
  // Starts certificate obtention and upload.
  void Start();

  // Gets a fresh certificate.
  void GetCertificate();

  // Checks the Attestation Features and gets a fresh certificate.
  void OnGetFeaturesReady(
      AttestationFlow::CertificateCallback callback,
      const ash::attestation::AttestationFeatures* features);

  // Handles failure of getting a certificate.
  void HandleGetCertificateFailure(AttestationStatus status);

  // Uploads an enterprise certificate to the policy server if it has not been
  // already uploaded. If it was uploaded - reports success without further
  // upload.
  void UploadCertificateIfNeeded(const std::string& pem_certificate_chain);

  // Called when a certificate upload operation completes.
  void OnUploadComplete(policy::CloudPolicyClient::Result result);

  // Reschedules certificate upload from |Start()| checkpoint and returns true.
  // If |retry_limit_| is exceeded, does not reschedule and returns false.
  // TODO(crbug.com/256845): A better solution would be to wait for a dbus
  // signal which indicates the system is ready to process this task.
  bool Reschedule();

  // Run all callbacks with |status|.
  void RunCallbacks(Status status);

  raw_ptr<policy::CloudPolicyClient, DanglingUntriaged> policy_client_;
  std::unique_ptr<AttestationFlow> default_attestation_flow_;
  raw_ptr<AttestationFlow> attestation_flow_ = nullptr;

  // Callbacks to run when a certificate is uploaded (or we fail to).
  std::queue<UploadCallback> callbacks_;
  // Values for retries.
  int num_retries_;
  int retry_limit_;
  base::TimeDelta retry_delay_;

  // Indicates whether certificate has already been uploaded successfully. False
  // when no certificate is uploaded or the current certificate has expired.
  bool has_already_uploaded_ = false;

  // Note: This should remain the last member so it'll be destroyed and
  // invalidate the weak pointers before any other members are destroyed.
  base::WeakPtrFactory<EnrollmentCertificateUploaderImpl> weak_factory_{this};
};

}  // namespace attestation
}  // namespace ash

#endif  // CHROME_BROWSER_ASH_ATTESTATION_ENROLLMENT_CERTIFICATE_UPLOADER_IMPL_H_