Implementation for chrome.certificateProvider.requestPin/stopPinRequest

chrome/common/extensions/api/certificate_provider.idl

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Use this API to expose certificates to the platform which can use these
 // certificates for TLS authentications.
 namespace certificateProvider {
   enum Hash {
     MD5_SHA1,
     SHA1,
     SHA256,
     SHA384,
     SHA512
   };
 
+  enum PinRequestType {

[Devlin, 2016/11/01 16:24:30]

Document these enums

[igorcov, 2016/11/04 15:51:42]

Done.

+    PIN,
+    PUK
+  };
+
+  enum PinRequestErrorType {
+    INVALID_PIN,
+    INVALID_PUK,
+    MAX_ATTEMPTS_EXCEEDED,
+    UNKNOWN_ERROR
+  };
+
   [noinline_doc] dictionary CertificateInfo {
     // Must be the DER encoding of a X.509 certificate. Currently, only
     // certificates of RSA keys are supported.
     ArrayBuffer certificate;
 
     // Must be set to all hashes supported for this certificate. This extension
     // will only be asked for signatures of digests calculated with one of these
     // hash algorithms. This should be in order of decreasing hash preference.
     Hash[] supportedHashes;
   };
 
   [noinline_doc] dictionary SignRequest {
+    // The unique ID to be used by the extension should it need to call a method
+    // that requires it, e.g. requestPin.
+    long signRequestId;
+
     // The digest that must be signed.
     ArrayBuffer digest;
 
     // Refers to the hash algorithm that was used to create <code>digest</code>.
     Hash hash;
 
     // The DER encoding of a X.509 certificate. The extension must sign
     // <code>digest</code> using the associated private key.
     ArrayBuffer certificate;
   };
 
+  dictionary RequestPinDetails {
+    // The ID given by Chrome in SignRequest.
+    long signRequestId;
+
+    // The type of code requested. Default is PIN.
+    PinRequestType? requestType;
+
+    // The error template displayed to the user. This should be set if the
+    // previous request failed, to notify the user of the failure reason.
+    PinRequestErrorType? errorType;

[Devlin, 2016/11/01 16:24:30]

Why don't we allow the extension to set the error directly?

[igorcov, 2016/11/04 15:51:42]

This proposal didn't pass security review. Basically it's a high risk of
spoofing.

+
+    // The number of attempts left. This is provided so that any UI can present
+    // this information to the user. Chrome is not expected to enforce this,

[Devlin, 2016/11/01 16:24:30]

This still strikes me as very odd - why doesn't Chrome enforce this?

[igorcov, 2016/11/04 15:51:42]

We don't want to limit the behavior of the extension if possible.
And if we decide to implement this enforcement, then we need to decide also
what to do if the next request from the extension contradicts the previous one.

+    // instead stopPinRequest should be called by the extension with
+    // errorType = MAX_ATTEMPTS_EXCEEDED when the number of pin requests is
+    // exceeded.
+    long? attemptsLeft;
+  };
+
+  dictionary StopPinRequestDetails {
+    // The ID given by Chrome in SignRequest.
+    long signRequestId;
+
+    // The error template. If present it is displayed to user. Intended to
+    // contain the reason for stopping the flow if it was caused by an error,
+    // e.g. MAX_ATTEMPTS_EXCEEDED.
+    PinRequestErrorType? errorType;
+  };
+
+  dictionary PinResponseDetails {
+    // The code provided by the user. Empty if user closed the dialog or some
+    // other error occurred.
+    DOMString? userInput;
+  };
+
+  callback RequestPinCallback = void (optional PinResponseDetails details);
+
+  callback StopPinRequestCallback = void ();
+
   // The callback provided by the extension that Chrome uses to report back
   // rejected certificates. See <code>CertificatesCallback</code>.
   callback ResultCallback = void (ArrayBuffer[] rejectedCertificates);
 
   // If no error occurred, this function must be called with the signature of
   // the digest using the private key of the requested certificate.
   // For an RSA key, the signature must be a PKCS#1 signature. The extension
   // is responsible for prepending the DigestInfo prefix and adding PKCS#1
   // padding. If an <code>MD5_SHA1</code> hash is to be signed, the extension
   // must not prepend a DigestInfo prefix but only add PKCS#1 padding.
@@ skipping 20 matching lines @@
     // certificate provided by this extension in reply to an
     // $(ref:onCertificatesRequested) event.
     // The extension must sign the data in <code>request</code> using the
     // appropriate algorithm and private key and return it by calling
     // <code>reportCallback</code>. <code>reportCallback</code> must be called
     // exactly once.
     // |request|: Contains the details about the sign request.
     static void onSignDigestRequested(SignRequest request,
                                       SignCallback reportCallback);
   };
+
+  interface Functions {
+    // Requests the PIN from the user. Only one ongoing request at a time is
+    // allowed. The requests issued while another flow is ongoing are rejected.
+    // It's the extension's responsibility to try again later if another flow is
+    // in progress.
+    // |details|: Contains the details about the requested dialog.
+    // |callback|: Is called when the dialog is resolved with the user input, or
+    // when the dialog request finishes unsuccessfully (e.g. the dialog was
+    // canceled by the user or was not allowed to be shown).
+    static void requestPin(RequestPinDetails details,
+                           RequestPinCallback callback);
+
+    // Stops the pin request started by the $(ref:requestPin) function.
+    // |details|: Contains the details about the reason for stopping the
+    // request flow.
+    // |callback|: To be used by Chrome to send to the extension the status from
+    // their request to close PIN dialog for user.
+    static void stopPinRequest(StopPinRequestDetails details,
+                               StopPinRequestCallback callback);
+  };
 };