Implementation for chrome.certificateProvider.requestPin/stopPinRequest

chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc

Index: chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
diff --git a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
index eec8b3bf2483b30e2f303a1158e9857ef021862d..da505c9ba4f4b66cc9a2a73a6625c849807a605e 100644
--- a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
+++ b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
@@ -14,6 +14,7 @@
 #include "base/memory/ptr_util.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/singleton.h"
+#include "base/rand_util.h"
 #include "base/values.h"
 #include "chrome/browser/chromeos/certificate_provider/certificate_provider_service.h"
 #include "chrome/browser/profiles/incognito_helpers.h"
@@ -112,6 +113,13 @@ bool DefaultDelegate::DispatchSignRequestToExtension(
     return false;
 
   api_cp::SignRequest request;

[stevenjb, 2016/08/11 01:58:54]

We should comment why we use a random number here, e.g.
// Generate a random request id so that a malicious extension can not guess a
valid id and spam the user.

[igorcov1, 2016/08/11 16:15:22]

Done.

+  uint64_t sign_request_id = base::RandUint64();
+  // If we hit the improbable case when generated ID exists already, we
+  // generate another ID.
+  while (!service_->pin_dialog_manager()->AddSignRequestId(sign_request_id)) {
+    sign_request_id = base::RandUint64();
+  }
+  request.sign_request_id = sign_request_id;
   switch (hash) {
     case net::SSLPrivateKey::Hash::MD5_SHA1:
       request.hash = api_cp::HASH_MD5_SHA1;