remove TpmAttesttionSignEnterpriseChallenge APIs

Now we are using AttestationClient directly instead of passing through CryptohomeClient. BUG=b:158955123 TEST=build ok. Change-Id: Ib5ee5262e8dc6bc759dad9eb7737a04e89a0de3e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2505263 Commit-Queue: Leo Lai <cylai@google.com> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Cr-Commit-Position: refs/heads/master@{#823445}

remove TpmAttesttionSignEnterpriseChallenge APIs
Now we are using AttestationClient directly instead of passing through CryptohomeClient. BUG=b:158955123 TEST=build ok. Change-Id: Ib5ee5262e8dc6bc759dad9eb7737a04e89a0de3e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2505263 Commit-Queue: Leo Lai <cylai@google.com> Reviewed-by: Maksim Ivanov <emaxx@chromium.org> Cr-Commit-Position: refs/heads/master@{#823445}
09300a12 · Leo Lai · Commit Bot · 5dfdd4fb · 09300a12 · 09300a12
Commit 09300a12 authored Nov 03, 2020 by Leo Lai Committed by Commit Bot Nov 03, 2020
8 changed files
--- a/chromeos/cryptohome/async_method_caller.cc
+++ b/chromeos/cryptohome/async_method_caller.cc
@@ -82,25 +82,6 @@ class AsyncMethodCallerImpl : public AsyncMethodCaller,
            "Couldn't initiate async attestation finish cert request."));
  }

-  void TpmAttestationSignEnterpriseChallenge(
-      chromeos::attestation::AttestationKeyType key_type,
-      const Identification& cryptohome_id,
-      const std::string& key_name,
-      const std::string& domain,
-      const std::string& device_id,
-      chromeos::attestation::AttestationChallengeOptions options,
-      const std::string& challenge,
-      const std::string& key_name_for_spkac,
-      DataCallback callback) override {
-    CryptohomeClient::Get()->TpmAttestationSignEnterpriseChallenge(
-        key_type, CreateAccountIdentifierFromIdentification(cryptohome_id),
-        key_name, domain, device_id, options, challenge, key_name_for_spkac,
-        base::BindOnce(
-            &AsyncMethodCallerImpl::RegisterAsyncDataCallback,
-            weak_ptr_factory_.GetWeakPtr(), std::move(callback),
-            "Couldn't initiate async attestation enterprise challenge."));
-  }
-
 private:
  struct CallbackElement {
    CallbackElement() = default;

--- a/chromeos/cryptohome/async_method_caller.h
+++ b/chromeos/cryptohome/async_method_caller.h
@@ -78,27 +78,6 @@ class COMPONENT_EXPORT(CHROMEOS_CRYPTOHOME) AsyncMethodCaller {
      const std::string& key_name,
      DataCallback callback) = 0;

-  // Asks cryptohomed to asynchronously sign an enterprise challenge with the
-  // key specified by |key_type| and |key_name|.  The |domain| and |device_id|
-  // parameters will be included in the challenge response.  |challenge| must be
-  // a valid enterprise challenge.  On success, the data sent to |callback| is
-  // the challenge response.  If |key_type| is KEY_USER, a |user_id| must be
-  // provided.  Otherwise |user_id| is ignored.  For normal GAIA users the
-  // |user_id| is an AccountaId-derived string (see AccountId::GetAccountIdKey).
-  // If |key_name_for_spkac| is not empty, then the corresponding key will be
-  // used for SignedPublicKeyAndChallenge, but the challenge response will still
-  // be signed by the key specified by |key_name| (EMK or EUK).
-  virtual void TpmAttestationSignEnterpriseChallenge(
-      chromeos::attestation::AttestationKeyType key_type,
-      const Identification& user_id,
-      const std::string& key_name,
-      const std::string& domain,
-      const std::string& device_id,
-      chromeos::attestation::AttestationChallengeOptions options,
-      const std::string& challenge,
-      const std::string& key_name_for_spkac,
-      DataCallback callback) = 0;
-
  // Creates the global AsyncMethodCaller instance.
  static void Initialize();


--- a/chromeos/cryptohome/mock_async_method_caller.cc
+++ b/chromeos/cryptohome/mock_async_method_caller.cc
@@ -41,10 +41,6 @@ void MockAsyncMethodCaller::SetUp(bool success, MountError return_code) {
      .WillByDefault(
          WithArgs<4>(Invoke(this,
                             &MockAsyncMethodCaller::FakeFinishCertRequest)));
-  ON_CALL(*this,
-          TpmAttestationSignEnterpriseChallenge(_, _, _, _, _, _, _, _, _))
-      .WillByDefault(WithArgs<8>(
-          Invoke(this, &MockAsyncMethodCaller::FakeEnterpriseChallenge)));
 }

 void MockAsyncMethodCaller::DoCallback(Callback callback) {

--- a/chromeos/cryptohome/mock_async_method_caller.h
+++ b/chromeos/cryptohome/mock_async_method_caller.h
@@ -48,16 +48,6 @@ class MockAsyncMethodCaller : public AsyncMethodCaller {
                    const Identification& user_id,
                    const std::string& key_name,
                    DataCallback callback));
-  MOCK_METHOD9(TpmAttestationSignEnterpriseChallenge,
-               void(chromeos::attestation::AttestationKeyType key_type,
-                    const Identification& user_id,
-                    const std::string& key_name,
-                    const std::string& domain,
-                    const std::string& device_id,
-                    chromeos::attestation::AttestationChallengeOptions options,
-                    const std::string& challenge,
-                    const std::string& key_name_for_spkac,
-                    DataCallback callback));

 private:
  bool success_;

--- a/chromeos/dbus/cryptohome/cryptohome_client.cc
+++ b/chromeos/dbus/cryptohome/cryptohome_client.cc
@@ -12,7 +12,6 @@

 #include "base/bind.h"
 #include "base/bind_helpers.h"
-#include "base/command_line.h"
 #include "base/location.h"
 #include "base/logging.h"
 #include "base/macros.h"
@@ -44,29 +43,10 @@ static const char kUserIdStubHashSuffix[] = "-hash";
 // is 2 minutes.
 const int kTpmDBusTimeoutMs = 2 * 60 * 1000;

-// Values for the attestation server switch.
-const char kAttestationServerDefault[] = "default";
-const char kAttestationServerTest[] = "test";
-
 constexpr char kCryptohomeClientUmaPrefix[] = "CryptohomeClient.";

 CryptohomeClient* g_instance = nullptr;

-static attestation::VerifiedAccessType GetVerifiedAccessType() {
-  std::string value =
-      base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
-          chromeos::switches::kAttestationServer);
-  if (value.empty() || value == kAttestationServerDefault) {
-    return attestation::DEFAULT_VA;
-  }
-  if (value == kAttestationServerTest) {
-    return attestation::TEST_VA;
-  }
-  LOG(WARNING) << "Invalid Verified Access server value: " << value
-               << ". Using default.";
-  return attestation::DEFAULT_VA;
-}
-
 void UmaCallbackWraper(const std::string& metric_name,
                       const base::Time& start_time,
                       dbus::ObjectProxy::ResponseCallback callback,
@@ -615,41 +595,6 @@ class CryptohomeClientImpl : public CryptohomeClient {
                       weak_ptr_factory_.GetWeakPtr(), std::move(callback)));
  }

-  // CryptohomeClient override.
-  void TpmAttestationSignEnterpriseChallenge(
-      attestation::AttestationKeyType key_type,
-      const cryptohome::AccountIdentifier& id,
-      const std::string& key_name,
-      const std::string& domain,
-      const std::string& device_id,
-      attestation::AttestationChallengeOptions options,
-      const std::string& challenge,
-      const std::string& key_name_for_spkac,
-      AsyncMethodCallback callback) override {
-    dbus::MethodCall method_call(
-        cryptohome::kCryptohomeInterface,
-        cryptohome::kCryptohomeTpmAttestationSignEnterpriseVaChallengeV2);
-    dbus::MessageWriter writer(&method_call);
-    writer.AppendInt32(GetVerifiedAccessType());
-    bool is_user_specific = (key_type == attestation::KEY_USER);
-    writer.AppendBool(is_user_specific);
-    writer.AppendString(id.account_id());
-    writer.AppendString(key_name);
-    writer.AppendString(domain);
-    writer.AppendArrayOfBytes(
-        reinterpret_cast<const uint8_t*>(device_id.data()), device_id.size());
-    bool include_signed_public_key =
-        (options & attestation::CHALLENGE_INCLUDE_SIGNED_PUBLIC_KEY);
-    writer.AppendBool(include_signed_public_key);
-    writer.AppendArrayOfBytes(
-        reinterpret_cast<const uint8_t*>(challenge.data()), challenge.size());
-    writer.AppendString(key_name_for_spkac);
-    proxy_->CallMethod(
-        &method_call, kTpmDBusTimeoutMs,
-        base::BindOnce(&CryptohomeClientImpl::OnAsyncMethodCall,
-                       weak_ptr_factory_.GetWeakPtr(), std::move(callback)));
-  }
-
  // CryptohomeClient override.
  void TpmGetVersion(DBusMethodCallback<TpmVersionInfo> callback) override {
    dbus::MethodCall method_call(

--- a/chromeos/dbus/cryptohome/cryptohome_client.h
+++ b/chromeos/dbus/cryptohome/cryptohome_client.h
@@ -398,28 +398,6 @@ class COMPONENT_EXPORT(CRYPTOHOME_CLIENT) CryptohomeClient {
      const std::string& key_name,
      DBusMethodCallback<TpmAttestationDataResult> callback) = 0;

-  // Asynchronously signs an enterprise challenge with the key specified by
-  // |key_type| and |key_name|.  |domain| and |device_id| will be included in
-  // the challenge response.  |options| control how the challenge response is
-  // generated.  |challenge| must be a valid enterprise attestation challenge.
-  // The |callback| will be called when the dbus call completes.  When the
-  // operation completes, the AsyncCallStatusWithDataHandler signal handler is
-  // called.  If |key_type| is KEY_USER, a |id| must be provided.
-  // Otherwise |id| is ignored. If |key_name_for_spkac| is not empty, then the
-  // corresponding key will be used for SignedPublicKeyAndChallenge, but the
-  // challenge response will still be signed by the key specified by |key_name|
-  // (EMK or EUK).
-  virtual void TpmAttestationSignEnterpriseChallenge(
-      attestation::AttestationKeyType key_type,
-      const cryptohome::AccountIdentifier& id,
-      const std::string& key_name,
-      const std::string& domain,
-      const std::string& device_id,
-      attestation::AttestationChallengeOptions options,
-      const std::string& challenge,
-      const std::string& key_name_for_spkac,
-      AsyncMethodCallback callback) = 0;
-
  // Asynchronously gets the underlying TPM version information and passes it to
  // the given callback.
  virtual void TpmGetVersion(DBusMethodCallback<TpmVersionInfo> callback) = 0;

--- a/chromeos/dbus/cryptohome/fake_cryptohome_client.cc
+++ b/chromeos/dbus/cryptohome/fake_cryptohome_client.cc
@@ -425,19 +425,6 @@ void FakeCryptohomeClient::TpmAttestationGetPublicKey(
      base::BindOnce(std::move(callback), tpm_attestation_public_key_));
 }

-void FakeCryptohomeClient::TpmAttestationSignEnterpriseChallenge(
-    attestation::AttestationKeyType key_type,
-    const cryptohome::AccountIdentifier& cryptohome_id,
-    const std::string& key_name,
-    const std::string& domain,
-    const std::string& device_id,
-    attestation::AttestationChallengeOptions options,
-    const std::string& challenge,
-    const std::string& key_name_for_spkac,
-    AsyncMethodCallback callback) {
-  ReturnAsyncMethodData(std::move(callback), std::string());
-}
-
 void FakeCryptohomeClient::TpmGetVersion(
    DBusMethodCallback<TpmVersionInfo> callback) {
  base::ThreadTaskRunnerHandle::Get()->PostTask(

--- a/chromeos/dbus/cryptohome/fake_cryptohome_client.h
+++ b/chromeos/dbus/cryptohome/fake_cryptohome_client.h
@@ -132,16 +132,6 @@ class COMPONENT_EXPORT(CRYPTOHOME_CLIENT) FakeCryptohomeClient
      const cryptohome::AccountIdentifier& cryptohome_id,
      const std::string& key_name,
      DBusMethodCallback<TpmAttestationDataResult> callback) override;
-  void TpmAttestationSignEnterpriseChallenge(
-      attestation::AttestationKeyType key_type,
-      const cryptohome::AccountIdentifier& cryptohome_id,
-      const std::string& key_name,
-      const std::string& domain,
-      const std::string& device_id,
-      attestation::AttestationChallengeOptions options,
-      const std::string& challenge,
-      const std::string& key_name_for_spkac,
-      AsyncMethodCallback callback) override;
  void TpmGetVersion(DBusMethodCallback<TpmVersionInfo> callback) override;
  void GetKeyDataEx(
      const cryptohome::AccountIdentifier& cryptohome_id,