-
tbarzic authored
that is used for easy sign-in protocol, and for signing data provided by Easy Unlock app using the created private key. Per user public keys are kept in the local state and added to challenge data when challenges are created (while resetting cryptohome sign-in secrets). During challenge creation, existence of the Easy Sign-in TPM key is checked for user, and the key pair is created if necessary. Additionally, key pair presence is ensured when EasyUnlockService is started after user log in. This is done to handle the case where Easy Unlock has previously been set up. At this time, it is verified that the private key actually exists in the TPM slot. Mapping from user id to public TPM key is kept in local state so it can be accessed on sign in screen (as it will be needed before a user logs in; the public key is used to identify the private key in the system slot) BUG=409027 TEST=Confirmed easy sign-in works Review URL: https://codereview.chromium.org/729803002 Cr-Commit-Position: refs/heads/master@{#308431}
cc7df610
