Chromium Code Reviews Chromium Code Reviews
Issue 2094333002:
Implementation for chrome.certificateProvider.requestPin/stopPinRequest (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice_factory.h" | 5 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice_factory.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <utility> | 9 #include <utility> |
| 10 #include <vector> | 10 #include <vector> |
| 11 | 11 |
| 12 #include "base/logging.h" | 12 #include "base/logging.h" |
| 13 #include "base/macros.h" | 13 #include "base/macros.h" |
| 14 #include "base/memory/ptr_util.h" | 14 #include "base/memory/ptr_util.h" |
| 15 #include "base/memory/ref_counted.h" | 15 #include "base/memory/ref_counted.h" |
| 16 #include "base/memory/singleton.h" | 16 #include "base/memory/singleton.h" |
| 17 #include "base/rand_util.h" | |
| 17 #include "base/values.h" | 18 #include "base/values.h" |
| 18 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice.h" | 19 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_serv ice.h" |
| 19 #include "chrome/browser/profiles/incognito_helpers.h" | 20 #include "chrome/browser/profiles/incognito_helpers.h" |
| 20 #include "chrome/common/extensions/api/certificate_provider.h" | 21 #include "chrome/common/extensions/api/certificate_provider.h" |
| 21 #include "components/keyed_service/content/browser_context_dependency_manager.h" | 22 #include "components/keyed_service/content/browser_context_dependency_manager.h" |
| 22 #include "extensions/browser/event_listener_map.h" | 23 #include "extensions/browser/event_listener_map.h" |
| 23 #include "extensions/browser/event_router.h" | 24 #include "extensions/browser/event_router.h" |
| 24 #include "extensions/browser/event_router_factory.h" | 25 #include "extensions/browser/event_router_factory.h" |
| 25 #include "extensions/browser/extension_event_histogram_value.h" | 26 #include "extensions/browser/extension_event_histogram_value.h" |
| 26 #include "extensions/browser/extension_registry.h" | 27 #include "extensions/browser/extension_registry.h" |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 105 const std::string& extension_id, | 106 const std::string& extension_id, |
| 106 int request_id, | 107 int request_id, |
| 107 net::SSLPrivateKey::Hash hash, | 108 net::SSLPrivateKey::Hash hash, |
| 108 const scoped_refptr<net::X509Certificate>& certificate, | 109 const scoped_refptr<net::X509Certificate>& certificate, |
| 109 const std::string& digest) { | 110 const std::string& digest) { |
| 110 const std::string event_name(api_cp::OnSignDigestRequested::kEventName); | 111 const std::string event_name(api_cp::OnSignDigestRequested::kEventName); |
| 111 if (!event_router_->ExtensionHasEventListener(extension_id, event_name)) | 112 if (!event_router_->ExtensionHasEventListener(extension_id, event_name)) |
| 112 return false; | 113 return false; |
| 113 | 114 |
| 114 api_cp::SignRequest request; | 115 api_cp::SignRequest request; |
| 116 // Generate a random request id so that a malicious extension can not guess a | |
| 117 // valid id and spam the user. | |
| 118 uint64_t sign_request_id = base::RandUint64(); | |
|
emaxx
2016/09/06 15:02:10
I'm afraid we can put the client extensions into a
emaxx
2016/09/06 15:02:10
There is already another "sign_request_id" in the
igorcov
2016/09/07 09:12:28
Done.
igorcov
2016/09/07 09:12:28
Done.
| |
| 119 // If we hit the improbable case when generated ID exists already, we | |
| 120 // generate another ID. | |
| 121 while (!service_->pin_dialog_manager()->AddSignRequestId(sign_request_id)) { | |
| 122 sign_request_id = base::RandUint64(); | |
| 123 } | |
| 124 request.sign_request_id = sign_request_id; | |
| 115 switch (hash) { | 125 switch (hash) { |
| 116 case net::SSLPrivateKey::Hash::MD5_SHA1: | 126 case net::SSLPrivateKey::Hash::MD5_SHA1: |
| 117 request.hash = api_cp::HASH_MD5_SHA1; | 127 request.hash = api_cp::HASH_MD5_SHA1; |
| 118 break; | 128 break; |
| 119 case net::SSLPrivateKey::Hash::SHA1: | 129 case net::SSLPrivateKey::Hash::SHA1: |
| 120 request.hash = api_cp::HASH_SHA1; | 130 request.hash = api_cp::HASH_SHA1; |
| 121 break; | 131 break; |
| 122 case net::SSLPrivateKey::Hash::SHA256: | 132 case net::SSLPrivateKey::Hash::SHA256: |
| 123 request.hash = api_cp::HASH_SHA256; | 133 request.hash = api_cp::HASH_SHA256; |
| 124 break; | 134 break; |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 195 content::BrowserContext* context) const { | 205 content::BrowserContext* context) const { |
| 196 CertificateProviderService* const service = new CertificateProviderService(); | 206 CertificateProviderService* const service = new CertificateProviderService(); |
| 197 service->SetDelegate(base::WrapUnique(new DefaultDelegate( | 207 service->SetDelegate(base::WrapUnique(new DefaultDelegate( |
| 198 service, | 208 service, |
| 199 extensions::ExtensionRegistryFactory::GetForBrowserContext(context), | 209 extensions::ExtensionRegistryFactory::GetForBrowserContext(context), |
| 200 extensions::EventRouterFactory::GetForBrowserContext(context)))); | 210 extensions::EventRouterFactory::GetForBrowserContext(context)))); |
| 201 return service; | 211 return service; |
| 202 } | 212 } |
| 203 | 213 |
| 204 } // namespace chromeos | 214 } // namespace chromeos |
| OLD | NEW |
