Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(791)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc

Issue 2094333002: Implementation for chrome.certificateProvider.requestPin/stopPinRequest (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Externalized back the constant Created 4 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/certificate_provider/certificate_provider_service.cc ('k') | chrome/browser/chromeos/certificate_provider/certificate_provider_service_unittest.cc » ('j') | chrome/browser/chromeos/certificate_provider/pin_dialog_manager.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
diff --git a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
index eec8b3bf2483b30e2f303a1158e9857ef021862d..11ffe2855478dd4c728f34ff3e5586a1ca86919c 100644
--- a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
+++ b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
@@ -14,6 +14,7 @@
#include "base/memory/ptr_util.h"
#include "base/memory/ref_counted.h"
#include "base/memory/singleton.h"
+#include "base/rand_util.h"
#include "base/values.h"
#include "chrome/browser/chromeos/certificate_provider/certificate_provider_service.h"
#include "chrome/browser/profiles/incognito_helpers.h"
@@ -112,6 +113,15 @@ bool DefaultDelegate::DispatchSignRequestToExtension(
return false;
api_cp::SignRequest request;
+ // Generate a random request id so that a malicious extension can not guess a
+ // valid id and spam the user.
+ uint64_t sign_request_id = base::RandUint64();
emaxx 2016/09/06 15:02:10 I'm afraid we can put the client extensions into a
emaxx 2016/09/06 15:02:10 There is already another "sign_request_id" in the
igorcov 2016/09/07 09:12:28 Done.
igorcov 2016/09/07 09:12:28 Done.
+ // If we hit the improbable case when generated ID exists already, we
+ // generate another ID.
+ while (!service_->pin_dialog_manager()->AddSignRequestId(sign_request_id)) {
+ sign_request_id = base::RandUint64();
+ }
+ request.sign_request_id = sign_request_id;
switch (hash) {
case net::SSLPrivateKey::Hash::MD5_SHA1:
request.hash = api_cp::HASH_MD5_SHA1;
« no previous file with comments | « chrome/browser/chromeos/certificate_provider/certificate_provider_service.cc ('k') | chrome/browser/chromeos/certificate_provider/certificate_provider_service_unittest.cc » ('j') | chrome/browser/chromeos/certificate_provider/pin_dialog_manager.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698