Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / platform2 / system_api / c96f7fef336e30f4be60433fa661dc22a7bb3ec2
commitc96f7fef336e30f4be60433fa661dc22a7bb3ec2[log] [tgz]
authorMaksim Ivanov <emaxx@google.com>Wed Aug 24 00:17:59 2022 +0000
committerCopybara-Service <copybara-worker@google.com>Fri Aug 26 09:13:57 2022 -0700
tree0443fad8811f470b4efe181b58ce2a61c4141fa6
parent51398d6bbd48ea4b8ab1bbed6eb9b4594dd77fb7 [diff]
system_api: Proto definition for AuthIntent

Add proto definition of the AuthIntent enum and its usages into
cryptohome's AuthSession API.

The intent is a declaration of which operations the caller (Chrome)
wants to perform after the authentication succeeds. Specifying it in
advance, when starting the AuthSession, allows Cryptohome to choose
eligible factors. For example, an unlock-only factor (like a legacy
fingerprint or ephemeral user's password) can be used for Lock Screen or
for visiting the web Password Manager, but not for the login.
Additionally, it allows cryptohome to choose a faster cryptographic
scheme if the intent allows so (e.g., the VERIFY_ONLY intent allows a
quick in-memory credential check).

We start from the minimal set of intents to support main scenarios
(unlocking using unlock-only factors): DECRYPT and VERIFY_ONLY. In the
future, more fine-grained intents can be added.

BUG=b:240596931
TEST=emerge-$BOARD chromeos-base/system_api

Change-Id: I86d7c2d86436e67ebfdbba75f52992e9bb25de33
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/3852836
Commit-Queue: Maksim Ivanov <emaxx@chromium.org>
Reviewed-by: Zi Lin <lziest@google.com>
Reviewed-by: Hardik Goyal <hardikgoyal@chromium.org>
Reviewed-by: John Admanski <jadmanski@chromium.org>
Tested-by: Maksim Ivanov <emaxx@chromium.org>
NOKEYCHECK=True
GitOrigin-RevId: fe4a6c5cf89afe83d0b309ba95f490b966a3fe7d
1 file changed
tree: 0443fad8811f470b4efe181b58ce2a61c4141fa6
  1. constants/
  2. dbus/
  3. mojo/
  4. src/
  5. switches/
  6. .gitignore
  7. BUILD.gn
  8. build.rs
  9. Cargo.toml
  10. LICENSE
  11. OWNERS
  12. README.md
  13. system_api.pc
README.md

This directory (platform2/system_api) contains constants and definitions like D-Bus service names that are shared between Chromium and Chromium OS.

This directory is only for things like headers and .proto files. No implementation should be added.

When writting a .proto file make sure to use:

option optimize_for = LITE_RUNTIME;

This will force usage of a lite protobuf instead of a full/heavy weight protobuf. The browser only links against the light version, so you will get cryptic link errors about missing parts of Message if you define a protobuf here and then try to use it in Chrome. Currently CrOS links against the full protobuffer library, but that might change in the future.

When declaring a protobuf, avoid use of required unless it is exactly what you mean. "Required is Forever" and very rarely should actually be used. Consult Protocol Buffer Basics: C++ for a detailed of this issue.