| Index: chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
|
| diff --git a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
|
| index eec8b3bf2483b30e2f303a1158e9857ef021862d..11ffe2855478dd4c728f34ff3e5586a1ca86919c 100644
|
| --- a/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
|
| +++ b/chrome/browser/chromeos/certificate_provider/certificate_provider_service_factory.cc
|
| @@ -14,6 +14,7 @@
|
| #include "base/memory/ptr_util.h"
|
| #include "base/memory/ref_counted.h"
|
| #include "base/memory/singleton.h"
|
| +#include "base/rand_util.h"
|
| #include "base/values.h"
|
| #include "chrome/browser/chromeos/certificate_provider/certificate_provider_service.h"
|
| #include "chrome/browser/profiles/incognito_helpers.h"
|
| @@ -112,6 +113,15 @@ bool DefaultDelegate::DispatchSignRequestToExtension(
|
| return false;
|
|
|
| api_cp::SignRequest request;
|
| + // Generate a random request id so that a malicious extension can not guess a
|
| + // valid id and spam the user.
|
| + uint64_t sign_request_id = base::RandUint64();
|
| + // If we hit the improbable case when generated ID exists already, we
|
| + // generate another ID.
|
| + while (!service_->pin_dialog_manager()->AddSignRequestId(sign_request_id)) {
|
| + sign_request_id = base::RandUint64();
|
| + }
|
| + request.sign_request_id = sign_request_id;
|
| switch (hash) {
|
| case net::SSLPrivateKey::Hash::MD5_SHA1:
|
| request.hash = api_cp::HASH_MD5_SHA1;
|
|
|
Chromium Code Reviews
Issue 2094333002:
Implementation for chrome.certificateProvider.requestPin/stopPinRequest (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master