• Maksim Moskvitin's avatar
    Add trusted vault key rotation logic · b1a45ca7
    Maksim Moskvitin authored
    This CL adds high-level trusted vault key rotation logic. Once vault
    keys are marked as stale, following FetchKeys() call will trigger
    attempt to download fresh keys from the vault server. This makes
    StandaloneTrustedVaultBackend::FetchKeys() asynchronous, but result
    is populated immediately if preconditions aren't met (e.g. device isn't
    registered, device somehow misses old vault keys or current account
    isn't syncing one).
    
    StandaloneTrustedVaultBackend allows only one ongoing request to the
    vault server and only one ongoing fetch keys attempt at the time
    (following TrustedVaultClient::FetchKeys() documentation). In case of
    abandoning download keys request, ongoing fetch keys fulfilled
    immediately.
    
    Bug: 1102340
    Change-Id: I2413176f03b07e67a72315a549add16f5e328678
    Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2340977
    Commit-Queue: Maksim Moskvitin <mmoskvitin@google.com>
    Reviewed-by: default avatarMarc Treib <treib@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#799624}
    b1a45ca7
standalone_trusted_vault_client.cc 4.66 KB