New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 660260 link

Starred by 1 user
Status: Verified
Owner:
drcrash@chromium.org
Closed: Apr 2017
Cc:
apronin@chromium.org
dkalin@chromium.org
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Bug

Blocking:
issue 660258



Sign in to add a comment

TPM 1.2: Add a way to test Chrome OS against the Google test PCA and not the production one

Project Member Reported by drcrash@chromium.org, Oct 28 2016 
Subset of crbug/660258 which affects:

- cryptohomed
- cryptohome
- chromium

Comment 1 by drcrash@chromium.org, Oct 28 2016

Cc: apronin@chromium.org
Owner: drcrash@chromium.org
Status: Started (was: Untriaged)

Comment 2 by drcrash@chromium.org, Oct 28 2016

Cc: dkalin@chromium.org
Project Member

Comment 3 by bugdroid1@chromium.org, Oct 31 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/05374163a5a02f6768c72c1fe73c5f26723cb808

commit 05374163a5a02f6768c72c1fe73c5f26723cb808
Author: drcrash <drcrash@chromium.org>
Date: Mon Oct 31 23:49:46 2016

Support different Google attestation (Privacy CA) servers.

Add a --attestation-server flag that allows to pick the default or
the test server, and pass the appropriate value to cryptohomed
for operations involving requests sent to the attestation servers.
Also use the appropriate endpoints for the various servers when
sending requests.

BUG= 660260 
TEST=unit tests

Review-Url: https://codereview.chromium.org/2448213007
Cr-Commit-Position: refs/heads/master@{#428869}

[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chrome/browser/chromeos/attestation/attestation_ca_client.cc
[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chrome/browser/chromeos/attestation/attestation_ca_client.h
[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chrome/browser/chromeos/attestation/attestation_ca_client_unittest.cc
[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chromeos/attestation/attestation_constants.h
[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chromeos/chromeos_switches.cc
[modify] https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808/chromeos/chromeos_switches.h
Project Member

Comment 4 by bugdroid1@chromium.org, Nov 1 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d0e8e3bb416bea73930344711a6197e63a68e063

commit d0e8e3bb416bea73930344711a6197e63a68e063
Author: kjellander <kjellander@chromium.org>
Date: Tue Nov 01 07:34:20 2016

Revert of Support different Google attestation (Privacy CA) servers. (patchset #4 id:60001 of https://codereview.chromium.org/2448213007/ )

Reason for revert:
Breaks unit_tests: https://build.chromium.org/p/chromium.memory/builders/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20(1)/builds/17343/steps/unit_tests%20on%20Ubuntu-12.04

Original issue's description:
> Support different Google attestation (Privacy CA) servers.
>
> Add a --attestation-server flag that allows to pick the default or
> the test server, and pass the appropriate value to cryptohomed
> for operations involving requests sent to the attestation servers.
> Also use the appropriate endpoints for the various servers when
> sending requests.
>
> BUG= 660260 
> TEST=unit tests
>
> Committed: https://crrev.com/05374163a5a02f6768c72c1fe73c5f26723cb808
> Cr-Commit-Position: refs/heads/master@{#428869}

TBR=apronin@chromium.org,dkrahn@chromium.org,mnissler@chromium.org,drcrash@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG= 660260 

Review-Url: https://codereview.chromium.org/2466273002
Cr-Commit-Position: refs/heads/master@{#428957}

[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chrome/browser/chromeos/attestation/attestation_ca_client.cc
[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chrome/browser/chromeos/attestation/attestation_ca_client.h
[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chrome/browser/chromeos/attestation/attestation_ca_client_unittest.cc
[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chromeos/attestation/attestation_constants.h
[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chromeos/chromeos_switches.cc
[modify] https://crrev.com/d0e8e3bb416bea73930344711a6197e63a68e063/chromeos/chromeos_switches.h
Project Member

Comment 5 by bugdroid1@chromium.org, Nov 1 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/d47d1b565be5558afeb6e5d53c42ef7782b9573f

commit d47d1b565be5558afeb6e5d53c42ef7782b9573f
Author: Yves Arrouye <drcrash@google.com>
Date: Fri Oct 28 02:12:43 2016

cryptohome: Allow selecting the Google test PCA for operations.

Also blatantly steal field #6 in TPMCredentials from the mythical
alternate PCA, give it to the test PCA and relegate the alternate
PCA to the end (field #9). This way the proto will look oh so pretty
when we remove alt PCA support.

BUG= chromium:660260 
TEST=none

Change-Id: I745f5fbdf754168e45b4123f7ab955ca11e777e3
Reviewed-on: https://chromium-review.googlesource.com/404500
Commit-Ready: Yves Arrouye <drcrash@chromium.org>
Tested-by: Yves Arrouye <drcrash@chromium.org>
Reviewed-by: Andrey Pronin <apronin@chromium.org>

[modify] https://crrev.com/d47d1b565be5558afeb6e5d53c42ef7782b9573f/cryptohome/cryptohome.cc
[modify] https://crrev.com/d47d1b565be5558afeb6e5d53c42ef7782b9573f/cryptohome/attestation.proto
[modify] https://crrev.com/d47d1b565be5558afeb6e5d53c42ef7782b9573f/cryptohome/attestation.cc
[modify] https://crrev.com/d47d1b565be5558afeb6e5d53c42ef7782b9573f/cryptohome/attestation.h
Project Member

Comment 6 by bugdroid1@chromium.org, Nov 2 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0f864585a479d0c103a6d5b9ac8b3347385a093e

commit 0f864585a479d0c103a6d5b9ac8b3347385a093e
Author: drcrash <drcrash@chromium.org>
Date: Wed Nov 02 04:05:21 2016

Support different Google attestation (Privacy CA) servers.

Add a --attestation-server flag that allows to pick the default or
the test server, and pass the appropriate value to cryptohomed
for operations involving requests sent to the attestation servers.
Also use the appropriate endpoints for the various servers when
sending requests.

BUG= 660260 
TEST=unit tests (with asan enabled)

Review-Url: https://codereview.chromium.org/2464333002
Cr-Commit-Position: refs/heads/master@{#429205}

[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chrome/browser/chromeos/attestation/attestation_ca_client.cc
[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chrome/browser/chromeos/attestation/attestation_ca_client.h
[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chrome/browser/chromeos/attestation/attestation_ca_client_unittest.cc
[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chromeos/attestation/attestation_constants.h
[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chromeos/chromeos_switches.cc
[modify] https://crrev.com/0f864585a479d0c103a6d5b9ac8b3347385a093e/chromeos/chromeos_switches.h

Comment 7 by drcrash@chromium.org, Apr 24 2017

Status: Verified (was: Started)

Sign in to add a comment