chromeos/attestation/attestation_constants.h

   1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
   6 #define CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_
   7
   8 #include "chromeos/chromeos_export.h"
   9
  10 namespace chromeos {
  11 namespace attestation {
  12
  13 // Key types supported by the Chrome OS attestation subsystem.
  14 enum AttestationKeyType {
  15   // The key will be associated with the device itself and will be available
  16   // regardless of which user is signed-in.
  17   KEY_DEVICE,
  18   // The key will be associated with the current user and will only be available
  19   // when that user is signed-in.
  20   KEY_USER,
  21 };
  22
  23 // Options available for customizing an attestation challenge response.
  24 enum AttestationChallengeOptions {
  25   CHALLENGE_OPTION_NONE = 0,
  26   // Indicates that a SignedPublicKeyAndChallenge should be embedded in the
  27   // challenge response.
  28   CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY = 1,
  29 };
  30
  31 // Available attestation certificate profiles.
  32 enum AttestationCertificateProfile {
  33   // Uses the following certificate options:
  34   //   CERTIFICATE_INCLUDE_STABLE_ID
  35   //   CERTIFICATE_INCLUDE_DEVICE_STATE
  36   PROFILE_ENTERPRISE_MACHINE_CERTIFICATE,
  37   // Uses the following certificate options:
  38   //   CERTIFICATE_INCLUDE_DEVICE_STATE
  39   PROFILE_ENTERPRISE_USER_CERTIFICATE,
  40   // A profile for certificates intended for protected content providers.
  41   PROFILE_CONTENT_PROTECTION_CERTIFICATE,
  42 };
  43
  44 enum PrivacyCAType {
  45   DEFAULT_PCA,    // The Google-operated Privacy CA.
  46   ALTERNATE_PCA,  // An alternate Privacy CA specified by enterprise policy.
  47 };
  48
  49 // A key name for the Enterprise Machine Key.  This key should always be stored
  50 // as a DEVICE_KEY.
  51 CHROMEOS_EXPORT extern const char kEnterpriseMachineKey[];
  52
  53 // A key name for the Enterprise User Key.  This key should always be stored as
  54 // a USER_KEY.
  55 CHROMEOS_EXPORT extern const char kEnterpriseUserKey[];
  56
  57 // The key name prefix for content protection keys.  This prefix must be
  58 // appended with an origin-specific identifier to form the final key name.
  59 CHROMEOS_EXPORT extern const char kContentProtectionKeyPrefix[];
  60
  61 }  // namespace attestation
  62 }  // namespace chromeos
  63
  64 #endif  // CHROMEOS_ATTESTATION_ATTESTATION_CONSTANTS_H_