cryptohome: Expose recovery_id history via dbus call.
This cl adds a dbus call to extract the history of recovery_ids
for a given user. It will be used to match the local history of
recovery attempts with the ledger data.
BUG=b:192786922
TEST=cros_run_unit_tests --board=${BOARD} --packages cryptohome
Change-Id: I5407fa5be41da0a1923fa639509c4ed2a9c43cc5
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform2/+/4003218
Reviewed-by: Maksim Ivanov <emaxx@chromium.org>
Reviewed-by: John Admanski <jadmanski@chromium.org>
Tested-by: Maciek Slusarczyk <mslus@chromium.org>
Commit-Queue: Maciek Slusarczyk <mslus@chromium.org>
NOKEYCHECK=True
GitOrigin-RevId: 70ada8046be10beb4d17680c6054b0e84db433c4
diff --git a/dbus/cryptohome/UserDataAuth.proto b/dbus/cryptohome/UserDataAuth.proto
index b4bfbbf..792d6b4 100644
--- a/dbus/cryptohome/UserDataAuth.proto
+++ b/dbus/cryptohome/UserDataAuth.proto
@@ -1609,6 +1609,45 @@
repeated AuthFactorType supported_auth_factors = 4;
}
+message RecoveryExtendedInfoRequest {
+ // Max number of latest RecoveryIds to be returned.
+ uint32 max_depth = 1;
+}
+
+message RecoveryExtendedInfoReply {
+ // List of latest recovery_ids of the user or empty list if they do not exist.
+ // The list begins with the current recovery_id and contains |max_depth| or
+ // the total number of ids generated so far whichever is bigger.
+ repeated string recovery_ids = 1;
+}
+
+message GetAuthFactorExtendedInfoRequest {
+ // The account of a user.
+ cryptohome.AccountIdentifier account_id = 1;
+ // Label of the AuthFactor to be returned.
+ string auth_factor_label = 2;
+ // Specifies the bits of data expected in the response.
+ oneof extended_info {
+ RecoveryExtendedInfoRequest recovery_info_request = 3;
+ }
+}
+
+message GetAuthFactorExtendedInfoReply {
+ // Return the status of the request.
+ CryptohomeErrorCode error = 1;
+ // Indicate an error if this field exists.
+ // This field is replacing the |error| field above, for more information on
+ // which field to use and the process on the migration, see comment in
+ // CryptohomeErrorInfo.
+ CryptohomeErrorInfo error_info = 2;
+ // All of the auth factors configured for the user.
+ AuthFactor auth_factor = 3;
+ // Extended data for for the AuthFactor.
+ oneof extended_info {
+ RecoveryExtendedInfoReply recovery_info_reply = 4;
+ }
+}
+
// GetRecoveryRequestRequest is built when a user is trying to get the
// recovery payload for CryptohomeRecoveryAuthFactor for a user. When the call
// is made, AuthSession is in an unauthenticated state. After the operation the
diff --git a/dbus/cryptohome/dbus-constants.h b/dbus/cryptohome/dbus-constants.h
index 55b983b..ea120f7 100644
--- a/dbus/cryptohome/dbus-constants.h
+++ b/dbus/cryptohome/dbus-constants.h
@@ -65,6 +65,8 @@
inline constexpr char kUpdateAuthFactor[] = "UpdateAuthFactor";
inline constexpr char kRemoveAuthFactor[] = "RemoveAuthFactor";
inline constexpr char kListAuthFactors[] = "ListAuthFactors";
+inline constexpr char kGetAuthFactorExtendedInfo[] =
+ "GetAuthFactorExtendedInfo";
inline constexpr char kGetAuthSessionStatus[] = "GetAuthSessionStatus";
inline constexpr char kGetRecoveryRequest[] = "GetRecoveryRequest";