Add trusted vault key rotation logic
This CL adds high-level trusted vault key rotation logic. Once vault keys are marked as stale, following FetchKeys() call will trigger attempt to download fresh keys from the vault server. This makes StandaloneTrustedVaultBackend::FetchKeys() asynchronous, but result is populated immediately if preconditions aren't met (e.g. device isn't registered, device somehow misses old vault keys or current account isn't syncing one). StandaloneTrustedVaultBackend allows only one ongoing request to the vault server and only one ongoing fetch keys attempt at the time (following TrustedVaultClient::FetchKeys() documentation). In case of abandoning download keys request, ongoing fetch keys fulfilled immediately. Bug: 1102340 Change-Id: I2413176f03b07e67a72315a549add16f5e328678 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2340977 Commit-Queue: Maksim Moskvitin <mmoskvitin@google.com> Reviewed-by:Marc Treib <treib@chromium.org> Cr-Commit-Position: refs/heads/master@{#799624}
Showing
Please register or sign in to comment