Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(134)

Side by Side Diff: chrome/browser/extensions/api/certificate_provider/certificate_provider_api.cc

Issue 1232553003: Add new certificateProvider extension API. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebased. Created 5 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
(Empty)
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/extensions/api/certificate_provider/certificate_provide r_api.h"
6
7 #include "base/logging.h"
8 #include "base/memory/linked_ptr.h"
9 #include "base/stl_util.h"
10 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice.h"
11 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice_factory.h"
12 #include "chrome/common/extensions/api/certificate_provider.h"
13 #include "chrome/common/extensions/api/certificate_provider_internal.h"
14 #include "net/cert/x509_certificate.h"
15
16 namespace extensions {
17
18 namespace api_cp = api::certificate_provider;
19 namespace api_cpi = api::certificate_provider_internal;
20
21 namespace {
22
23 const char kErrorInvalidX509Cert[] =
24 "Certificate is not a valid X.509 certificate.";
25 const char kErrorECDSANotSupported[] = "Key type ECDSA not supported.";
26 const char kErrorUnknownKeyType[] = "Key type unknown.";
27
28 } // namespace
29
30 CertificateProviderInternalReportCertificatesFunction::
31 ~CertificateProviderInternalReportCertificatesFunction() {}
32
33 ExtensionFunction::ResponseAction
34 CertificateProviderInternalReportCertificatesFunction::Run() {
35 scoped_ptr<api_cpi::ReportCertificates::Params> params(
bartfab (slow) 2015/09/03 17:30:52 Nit: #include "base/memory/scoped_ptr.h"
pneubeck (no reviews) 2015/09/07 17:21:32 Done.
36 api_cpi::ReportCertificates::Params::Create(*args_));
37 EXTENSION_FUNCTION_VALIDATE(params);
38
39 chromeos::CertificateProviderService* service =
bartfab (slow) 2015/09/03 17:30:52 Nit: const pointer.
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
40 chromeos::CertificateProviderServiceFactory::GetForBrowserContext(
41 browser_context());
42 DCHECK(service);
43
44 if (!params->certificates)
45 return RespondNow(Error("Failure"));
46
47 chromeos::certificate_provider::CertificateInfoList cert_infos;
48 std::vector<std::vector<char>> rejected_certificates;
bartfab (slow) 2015/09/03 17:30:52 Nit: #include <vector>
pneubeck (no reviews) 2015/09/07 17:21:32 Done.
49 for (linked_ptr<api_cp::CertificateInfo> input_cert_info :
50 *params->certificates) {
51 chromeos::certificate_provider::CertificateInfo parsed_cert_info;
52
53 if (ParseCertificateInfo(*input_cert_info, &parsed_cert_info))
54 cert_infos.push_back(parsed_cert_info);
55 else
56 rejected_certificates.push_back(input_cert_info->certificate);
57 }
58
59 if (service->SetCertificatesProvidedByExtension(
60 extension_id(), params->request_id, cert_infos)) {
61 return RespondNow(ArgumentList(
62 api_cpi::ReportCertificates::Results::Create(rejected_certificates)));
63 } else {
64 return RespondNow(Error("Failure"));
65 }
66 }
67
68 bool CertificateProviderInternalReportCertificatesFunction::
69 ParseCertificateInfo(
70 const api_cp::CertificateInfo& info,
71 chromeos::certificate_provider::CertificateInfo* out_info) {
72 const std::vector<char>& cert_der = info.certificate;
73 if (cert_der.empty()) {
74 WriteToConsole(content::CONSOLE_MESSAGE_LEVEL_ERROR, kErrorInvalidX509Cert);
bartfab (slow) 2015/09/03 17:30:52 Nit: #include "content/public/common/console_messa
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
75 return false;
76 }
77
78 out_info->certificate = net::X509Certificate::CreateFromBytes(
79 vector_as_array(&cert_der), cert_der.size());
80 if (!out_info->certificate) {
81 WriteToConsole(content::CONSOLE_MESSAGE_LEVEL_ERROR, kErrorInvalidX509Cert);
82 return false;
83 }
84
85 size_t public_key_length_in_bits = 0;
bartfab (slow) 2015/09/03 17:30:52 Nit: #include <stddef.h>
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
86 net::X509Certificate::PublicKeyType type =
87 net::X509Certificate::kPublicKeyTypeUnknown;
88 net::X509Certificate::GetPublicKeyInfo(
89 out_info->certificate->os_cert_handle(), &public_key_length_in_bits,
90 &type);
91
92 switch (type) {
93 case net::X509Certificate::kPublicKeyTypeRSA:
94 DCHECK(public_key_length_in_bits != 0);
bartfab (slow) 2015/09/03 17:30:52 Nit: DCHECK(public_key_length_in_bits) is sufficie
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
95
96 // Convert bits to bytes.
97 out_info->max_signature_length_in_bytes =
98 (public_key_length_in_bits + 7) / 8;
99 out_info->type = net::SSLPrivateKey::Type::RSA;
bartfab (slow) 2015/09/03 17:30:52 Nit: #include "net/ssl/ssl_private_key.h"
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
100 break;
101 case net::X509Certificate::kPublicKeyTypeECDSA:
102 WriteToConsole(content::CONSOLE_MESSAGE_LEVEL_ERROR,
103 kErrorECDSANotSupported);
104 return false;
105 default:
106 WriteToConsole(content::CONSOLE_MESSAGE_LEVEL_ERROR,
107 kErrorUnknownKeyType);
108 return false;
109 }
110
111 for (const api_cp::Hash hash : info.supported_hashes) {
112 switch (hash) {
113 case api_cp::HASH_MD5_SHA1:
114 out_info->supported_hashes.push_back(
115 net::SSLPrivateKey::Hash::MD5_SHA1);
116 break;
117 case api_cp::HASH_SHA1:
118 out_info->supported_hashes.push_back(net::SSLPrivateKey::Hash::SHA1);
119 break;
120 case api_cp::HASH_SHA256:
121 out_info->supported_hashes.push_back(net::SSLPrivateKey::Hash::SHA256);
122 break;
123 case api_cp::HASH_SHA384:
124 out_info->supported_hashes.push_back(net::SSLPrivateKey::Hash::SHA384);
125 break;
126 case api_cp::HASH_SHA512:
127 out_info->supported_hashes.push_back(net::SSLPrivateKey::Hash::SHA512);
128 break;
129 case api_cp::HASH_NONE:
130 NOTREACHED();
131 return false;
132 }
133 }
134 return true;
135 }
136
137 CertificateProviderInternalReportSignatureFunction::
138 ~CertificateProviderInternalReportSignatureFunction() {}
139
140 ExtensionFunction::ResponseAction
141 CertificateProviderInternalReportSignatureFunction::Run() {
142 scoped_ptr<api_cpi::ReportSignature::Params> params(
143 api_cpi::ReportSignature::Params::Create(*args_));
144 EXTENSION_FUNCTION_VALIDATE(params);
145
146 chromeos::CertificateProviderService* service =
bartfab (slow) 2015/09/03 17:30:52 Nit: const pointer.
pneubeck (no reviews) 2015/09/07 17:21:32 Done.
147 chromeos::CertificateProviderServiceFactory::GetForBrowserContext(
148 browser_context());
149 DCHECK(service);
150
151 std::vector<uint8_t> signature;
bartfab (slow) 2015/09/03 17:30:52 Nit: #include <stdint.h>
pneubeck (no reviews) 2015/09/07 17:21:31 Done.
152 // If an error occurred, |signature| will not be set.
153 if (params->signature)
154 signature.assign(params->signature->begin(), params->signature->end());
155
156 service->ReplyToSignRequest(extension_id(), params->request_id, signature);
157 return RespondNow(NoArguments());
158 }
159
160 } // namespace extensions
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698