chromeos/services/device_sync/cryptauth_key_registry.h - chromium/src.git - Git at Google

 // Copyright 2019 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_
 #define CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_

 #include "base/containers/flat_map.h"
 #include "base/values.h"
 #include "chromeos/services/device_sync/cryptauth_key_bundle.h"
 #include "chromeos/services/device_sync/proto/cryptauth_enrollment.pb.h"

 namespace chromeos {

 namespace device_sync {

 // Stores key bundles used in CryptAuth v2 protocols.
 //
 // Note: Not all key bundles in the registry are enrolled with CryptAuth, only
 // those bundles contained in CryptAuthKeyBundle::AllEnrollableNames().
 class CryptAuthKeyRegistry {
  public:
   using KeyBundleMap =
       base::flat_map<CryptAuthKeyBundle::Name, CryptAuthKeyBundle>;

   virtual ~CryptAuthKeyRegistry();

   // Returns the underlying map from the key-bundle name to the key bundle.
   virtual const KeyBundleMap& key_bundles() const;

   // Returns the key bundle with name |name| if it exists in the key registry,
   // and returns null if it cannot be found.
   virtual const CryptAuthKeyBundle* GetKeyBundle(
       CryptAuthKeyBundle::Name name) const;

   // Returns the key with status kActive if one exists in the key bundle with
   // name |name|, and returns null if one cannot be found.
   virtual const CryptAuthKey* GetActiveKey(CryptAuthKeyBundle::Name name) const;

   // Adds |key| to the key bundle with |name|. If the key being added is active,
   // all other keys in the bundle will be deactivated. If the handle of the
   // input key matches one in the bundle, the existing key will be overwritten.
   // Note: All keys added to the bundle kUserKeyPair must have the handle
   // kCryptAuthFixedUserKeyPairHandle.
   virtual void AddKey(CryptAuthKeyBundle::Name name, const CryptAuthKey& key);

   // Activates the key corresponding to |handle| in the key bundle with |name|
   // and deactivates the other keys the bundle.
   virtual void SetActiveKey(CryptAuthKeyBundle::Name name,
                             const std::string& handle);

   // Sets all key statuses to kInactive in the key bundle with |name|.
   virtual void DeactivateKeys(CryptAuthKeyBundle::Name name);

   // Remove the key corresponding to |handle| from the key bundle with |name|.
   virtual void DeleteKey(CryptAuthKeyBundle::Name name,
                          const std::string& handle);

   // Set the key directive for the key bundle with |name|.
   virtual void SetKeyDirective(CryptAuthKeyBundle::Name name,
                                const cryptauthv2::KeyDirective& key_directive);

  protected:
   CryptAuthKeyRegistry();

   // Invoked when the key bundle map changes.
   virtual void OnKeyRegistryUpdated() = 0;

   KeyBundleMap key_bundles_;

   DISALLOW_COPY_AND_ASSIGN(CryptAuthKeyRegistry);
 };

 }  // namespace device_sync

 }  // namespace chromeos

 #endif  // CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_
	// Copyright 2019 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_
	#define CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_

	#include "base/containers/flat_map.h"
	#include "base/values.h"
	#include "chromeos/services/device_sync/cryptauth_key_bundle.h"
	#include "chromeos/services/device_sync/proto/cryptauth_enrollment.pb.h"

	namespace chromeos {

	namespace device_sync {

	// Stores key bundles used in CryptAuth v2 protocols.
	//
	// Note: Not all key bundles in the registry are enrolled with CryptAuth, only
	// those bundles contained in CryptAuthKeyBundle::AllEnrollableNames().
	class CryptAuthKeyRegistry {
	public:
	using KeyBundleMap =
	base::flat_map<CryptAuthKeyBundle::Name, CryptAuthKeyBundle>;

	virtual ~CryptAuthKeyRegistry();

	// Returns the underlying map from the key-bundle name to the key bundle.
	virtual const KeyBundleMap& key_bundles() const;

	// Returns the key bundle with name \|name\| if it exists in the key registry,
	// and returns null if it cannot be found.
	virtual const CryptAuthKeyBundle* GetKeyBundle(
	CryptAuthKeyBundle::Name name) const;

	// Returns the key with status kActive if one exists in the key bundle with
	// name \|name\|, and returns null if one cannot be found.
	virtual const CryptAuthKey* GetActiveKey(CryptAuthKeyBundle::Name name) const;

	// Adds \|key\| to the key bundle with \|name\|. If the key being added is active,
	// all other keys in the bundle will be deactivated. If the handle of the
	// input key matches one in the bundle, the existing key will be overwritten.
	// Note: All keys added to the bundle kUserKeyPair must have the handle
	// kCryptAuthFixedUserKeyPairHandle.
	virtual void AddKey(CryptAuthKeyBundle::Name name, const CryptAuthKey& key);

	// Activates the key corresponding to \|handle\| in the key bundle with \|name\|
	// and deactivates the other keys the bundle.
	virtual void SetActiveKey(CryptAuthKeyBundle::Name name,
	const std::string& handle);

	// Sets all key statuses to kInactive in the key bundle with \|name\|.
	virtual void DeactivateKeys(CryptAuthKeyBundle::Name name);

	// Remove the key corresponding to \|handle\| from the key bundle with \|name\|.
	virtual void DeleteKey(CryptAuthKeyBundle::Name name,
	const std::string& handle);

	// Set the key directive for the key bundle with \|name\|.
	virtual void SetKeyDirective(CryptAuthKeyBundle::Name name,
	const cryptauthv2::KeyDirective& key_directive);

	protected:
	CryptAuthKeyRegistry();

	// Invoked when the key bundle map changes.
	virtual void OnKeyRegistryUpdated() = 0;

	KeyBundleMap key_bundles_;

	DISALLOW_COPY_AND_ASSIGN(CryptAuthKeyRegistry);
	};

	} // namespace device_sync

	} // namespace chromeos

	#endif // CHROMEOS_SERVICES_DEVICE_SYNC_CRYPTAUTH_KEY_REGISTRY_H_