Support both default and test Verified Access servers.

The servers are picked using the same command line switch that we use to pick PCAs. BUG=b:69687094 TEST=None Change-Id: Ia1c79fda63e2d3d07b44da1ce814974d56d6726d Reviewed-on: https://chromium-review.googlesource.com/795187 Commit-Queue: Yves Arrouye <drcrash@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> Cr-Commit-Position: refs/heads/master@{#524401}

Support both default and test Verified Access servers.
The servers are picked using the same command line switch that we use to pick PCAs. BUG=b:69687094 TEST=None Change-Id: Ia1c79fda63e2d3d07b44da1ce814974d56d6726d Reviewed-on: https://chromium-review.googlesource.com/795187 Commit-Queue: Yves Arrouye <drcrash@chromium.org> Reviewed-by: Darren Krahn <dkrahn@chromium.org> Cr-Commit-Position: refs/heads/master@{#524401}
870084cc · Yves Arrouye · Commit Bot · 3c9069f3 · 870084cc · 870084cc
Commit 870084cc authored Dec 15, 2017 by Yves Arrouye Committed by Commit Bot Dec 15, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 1 deletion

chromeos/attestation/attestation_constants.h chromeos/attestation/attestation_constants.h +5 -0

chromeos/dbus/cryptohome_client.cc chromeos/dbus/cryptohome_client.cc +23 -1

No files found.
--- a/chromeos/attestation/attestation_constants.h
+++ b/chromeos/attestation/attestation_constants.h
@@ -10,6 +10,11 @@
 namespace chromeos {
 namespace attestation {
+enum VerifiedAccessType {
+  DEFAULT_VA,  // The default Verified Access server.
+  TEST_VA,     // The test Verified Access server.
+};
 // Key types supported by the Chrome OS attestation subsystem.
 enum AttestationKeyType {
  // The key will be associated with the device itself and will be available

--- a/chromeos/dbus/cryptohome_client.cc
+++ b/chromeos/dbus/cryptohome_client.cc
@@ -12,12 +12,14 @@
 #include "base/bind.h"
 #include "base/bind_helpers.h"
+#include "base/command_line.h"
 #include "base/location.h"
 #include "base/macros.h"
 #include "base/memory/weak_ptr.h"
 #include "base/message_loop/message_loop.h"
 #include "base/observer_list.h"
 #include "base/optional.h"
+#include "chromeos/chromeos_switches.h"
 #include "chromeos/cryptohome/async_method_caller.h"
 #include "chromeos/cryptohome/cryptohome_parameters.h"
 #include "chromeos/dbus/blocking_method_caller.h"
@@ -46,6 +48,25 @@ void FillIdentificationProtobuf(const cryptohome::Identification& id,
  id_proto->set_account_id(id.id());
 }
+// Values for the attestation server switch.
+const char kAttestationServerDefault[] = "default";
+const char kAttestationServerTest[] = "test";
+static attestation::VerifiedAccessType GetVerifiedAccessType() {
+  std::string value =
+      base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
+          chromeos::switches::kAttestationServer);
+  if (value.empty() || value == kAttestationServerDefault) {
+    return attestation::DEFAULT_VA;
+  }
+  if (value == kAttestationServerTest) {
+    return attestation::TEST_VA;
+  }
+  LOG(WARNING) << "Invalid Verified Access server value: " << value
+               << ". Using default.";
+  return attestation::DEFAULT_VA;
+}
 // The CryptohomeClient implementation.
 class CryptohomeClientImpl : public CryptohomeClient {
 public:
@@ -624,8 +645,9 @@ class CryptohomeClientImpl : public CryptohomeClient {
      AsyncMethodCallback callback) override {
    dbus::MethodCall method_call(
        cryptohome::kCryptohomeInterface,
-        cryptohome::kCryptohomeTpmAttestationSignEnterpriseChallenge);
+        cryptohome::kCryptohomeTpmAttestationSignEnterpriseVaChallenge);
    dbus::MessageWriter writer(&method_call);
+    writer.AppendInt32(GetVerifiedAccessType());
    bool is_user_specific = (key_type == attestation::KEY_USER);
    writer.AppendBool(is_user_specific);
    writer.AppendString(cryptohome_id.id());