| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h" | 5 #include "chrome/browser/chromeos/attestation/platform_verification_flow.h" |
| 6 | 6 |
| 7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
| 10 #include "base/metrics/histogram.h" | 10 #include "base/metrics/histogram.h" |
| 11 #include "base/time/time.h" | 11 #include "base/time/time.h" |
| 12 #include "base/timer/timer.h" | 12 #include "base/timer/timer.h" |
| 13 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" | 13 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" |
| 14 #include "chrome/browser/chromeos/attestation/attestation_signed_data.pb.h" | 14 #include "chrome/browser/chromeos/attestation/attestation_signed_data.pb.h" |
| 15 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 15 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 16 #include "chrome/browser/chromeos/settings/cros_settings.h" | 16 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 17 #include "chrome/browser/media/protected_media_identifier_permission_context.h" | 17 #include "chrome/browser/media/protected_media_identifier_permission_context.h" |
| 18 #include "chrome/browser/media/protected_media_identifier_permission_context_fac
tory.h" | 18 #include "chrome/browser/media/protected_media_identifier_permission_context_fac
tory.h" |
| 19 #include "chrome/browser/profiles/profile.h" | 19 #include "chrome/browser/profiles/profile.h" |
| 20 #include "chromeos/attestation/attestation_flow.h" | 20 #include "chromeos/attestation/attestation_flow.h" |
| 21 #include "chromeos/chromeos_switches.h" | 21 #include "chromeos/chromeos_switches.h" |
| 22 #include "chromeos/cryptohome/async_method_caller.h" | 22 #include "chromeos/cryptohome/async_method_caller.h" |
| 23 #include "chromeos/dbus/cryptohome_client.h" | 23 #include "chromeos/dbus/cryptohome_client.h" |
| 24 #include "chromeos/dbus/dbus_thread_manager.h" | 24 #include "chromeos/dbus/dbus_thread_manager.h" |
| 25 #include "components/content_settings/core/browser/host_content_settings_map.h" | 25 #include "components/content_settings/core/browser/host_content_settings_map.h" |
| 26 #include "components/content_settings/core/common/content_settings_pattern.h" | 26 #include "components/content_settings/core/common/content_settings_pattern.h" |
| 27 #include "components/content_settings/core/common/permission_request_id.h" | 27 #include "components/content_settings/core/common/permission_request_id.h" |
| 28 #include "components/user_manager/user.h" | 28 #include "components/user_manager/user.h" |
| 29 #include "components/user_manager/user_id.h" |
| 29 #include "content/public/browser/browser_context.h" | 30 #include "content/public/browser/browser_context.h" |
| 30 #include "content/public/browser/browser_thread.h" | 31 #include "content/public/browser/browser_thread.h" |
| 31 #include "content/public/browser/render_process_host.h" | 32 #include "content/public/browser/render_process_host.h" |
| 32 #include "content/public/browser/render_view_host.h" | 33 #include "content/public/browser/render_view_host.h" |
| 33 #include "content/public/browser/user_metrics.h" | 34 #include "content/public/browser/user_metrics.h" |
| 34 #include "content/public/browser/web_contents.h" | 35 #include "content/public/browser/web_contents.h" |
| 35 #include "content/public/common/url_constants.h" | 36 #include "content/public/common/url_constants.h" |
| 36 #include "net/cert/x509_certificate.h" | 37 #include "net/cert/x509_certificate.h" |
| 37 | 38 |
| 38 namespace { | 39 namespace { |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 231 } | 232 } |
| 232 | 233 |
| 233 // Permission allowed. Now proceed to get certificate. | 234 // Permission allowed. Now proceed to get certificate. |
| 234 const user_manager::User* user = delegate_->GetUser(context.web_contents); | 235 const user_manager::User* user = delegate_->GetUser(context.web_contents); |
| 235 if (!user) { | 236 if (!user) { |
| 236 ReportError(context.callback, INTERNAL_ERROR); | 237 ReportError(context.callback, INTERNAL_ERROR); |
| 237 LOG(ERROR) << "Profile does not map to a valid user."; | 238 LOG(ERROR) << "Profile does not map to a valid user."; |
| 238 return; | 239 return; |
| 239 } | 240 } |
| 240 | 241 |
| 241 GetCertificate(context, user->email(), false /* Don't force a new key */); | 242 GetCertificate(context, user->GetUserID(), false /* Don't force a new key */); |
| 242 } | 243 } |
| 243 | 244 |
| 244 void PlatformVerificationFlow::GetCertificate(const ChallengeContext& context, | 245 void PlatformVerificationFlow::GetCertificate(const ChallengeContext& context, |
| 245 const std::string& user_id, | 246 const user_manager::UserID& user_i
d, |
| 246 bool force_new_key) { | 247 bool force_new_key) { |
| 247 scoped_ptr<base::Timer> timer(new base::Timer(false, // Don't retain. | 248 scoped_ptr<base::Timer> timer(new base::Timer(false, // Don't retain. |
| 248 false)); // Don't repeat. | 249 false)); // Don't repeat. |
| 249 base::Closure timeout_callback = base::Bind( | 250 base::Closure timeout_callback = base::Bind( |
| 250 &PlatformVerificationFlow::OnCertificateTimeout, | 251 &PlatformVerificationFlow::OnCertificateTimeout, |
| 251 this, | 252 this, |
| 252 context); | 253 context); |
| 253 timer->Start(FROM_HERE, timeout_delay_, timeout_callback); | 254 timer->Start(FROM_HERE, timeout_delay_, timeout_callback); |
| 254 | 255 |
| 255 AttestationFlow::CertificateCallback certificate_callback = base::Bind( | 256 AttestationFlow::CertificateCallback certificate_callback = base::Bind( |
| 256 &PlatformVerificationFlow::OnCertificateReady, | 257 &PlatformVerificationFlow::OnCertificateReady, |
| 257 this, | 258 this, |
| 258 context, | 259 context, |
| 259 user_id, | 260 user_id, |
| 260 base::Passed(&timer)); | 261 base::Passed(&timer)); |
| 261 attestation_flow_->GetCertificate( | 262 attestation_flow_->GetCertificate( |
| 262 PROFILE_CONTENT_PROTECTION_CERTIFICATE, | 263 PROFILE_CONTENT_PROTECTION_CERTIFICATE, |
| 263 user_id, | 264 user_id, |
| 264 context.service_id, | 265 context.service_id, |
| 265 force_new_key, | 266 force_new_key, |
| 266 certificate_callback); | 267 certificate_callback); |
| 267 } | 268 } |
| 268 | 269 |
| 269 void PlatformVerificationFlow::OnCertificateReady( | 270 void PlatformVerificationFlow::OnCertificateReady( |
| 270 const ChallengeContext& context, | 271 const ChallengeContext& context, |
| 271 const std::string& user_id, | 272 const user_manager::UserID& user_id, |
| 272 scoped_ptr<base::Timer> timer, | 273 scoped_ptr<base::Timer> timer, |
| 273 bool operation_success, | 274 bool operation_success, |
| 274 const std::string& certificate) { | 275 const std::string& certificate) { |
| 275 // Log failure before checking the timer so all failures are logged, even if | 276 // Log failure before checking the timer so all failures are logged, even if |
| 276 // they took too long. | 277 // they took too long. |
| 277 if (!operation_success) { | 278 if (!operation_success) { |
| 278 LOG(WARNING) << "PlatformVerificationFlow: Failed to certify platform."; | 279 LOG(WARNING) << "PlatformVerificationFlow: Failed to certify platform."; |
| 279 } | 280 } |
| 280 if (!timer->IsRunning()) { | 281 if (!timer->IsRunning()) { |
| 281 LOG(WARNING) << "PlatformVerificationFlow: Certificate ready but call has " | 282 LOG(WARNING) << "PlatformVerificationFlow: Certificate ready but call has " |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 359 certificate.length())); | 360 certificate.length())); |
| 360 if (!x509.get() || x509->valid_expiry().is_null()) { | 361 if (!x509.get() || x509->valid_expiry().is_null()) { |
| 361 LOG(WARNING) << "Failed to parse certificate, cannot check expiry."; | 362 LOG(WARNING) << "Failed to parse certificate, cannot check expiry."; |
| 362 return false; | 363 return false; |
| 363 } | 364 } |
| 364 return (base::Time::Now() > x509->valid_expiry()); | 365 return (base::Time::Now() > x509->valid_expiry()); |
| 365 } | 366 } |
| 366 | 367 |
| 367 } // namespace attestation | 368 } // namespace attestation |
| 368 } // namespace chromeos | 369 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master