Implementation for chrome.certificateProvider.requestPin/stopPinRequest

chrome/common/extensions/api/certificate_provider.idl

Index: chrome/common/extensions/api/certificate_provider.idl
diff --git a/chrome/common/extensions/api/certificate_provider.idl b/chrome/common/extensions/api/certificate_provider.idl
index 4062d0445b3a48d68be9c5f97b3a383d372e9416..22bb23151cad6253c08645eb32b1e4406fc37f83 100644
--- a/chrome/common/extensions/api/certificate_provider.idl
+++ b/chrome/common/extensions/api/certificate_provider.idl
@@ -13,6 +13,18 @@ namespace certificateProvider {
     SHA512
   };
 
+  enum PinRequestType {

[Devlin, 2016/11/01 16:24:30]

Document these enums

[igorcov, 2016/11/04 15:51:42]

Done.

+    PIN,
+    PUK
+  };
+
+  enum PinRequestErrorType {
+    INVALID_PIN,
+    INVALID_PUK,
+    MAX_ATTEMPTS_EXCEEDED,
+    UNKNOWN_ERROR
+  };
+
   [noinline_doc] dictionary CertificateInfo {
     // Must be the DER encoding of a X.509 certificate. Currently, only
     // certificates of RSA keys are supported.
@@ -25,6 +37,10 @@ namespace certificateProvider {
   };
 
   [noinline_doc] dictionary SignRequest {
+    // The unique ID to be used by the extension should it need to call a method
+    // that requires it, e.g. requestPin.
+    long signRequestId;
+
     // The digest that must be signed.
     ArrayBuffer digest;
 
@@ -36,6 +52,45 @@ namespace certificateProvider {
     ArrayBuffer certificate;
   };
 
+  dictionary RequestPinDetails {
+    // The ID given by Chrome in SignRequest.
+    long signRequestId;
+
+    // The type of code requested. Default is PIN.
+    PinRequestType? requestType;
+
+    // The error template displayed to the user. This should be set if the
+    // previous request failed, to notify the user of the failure reason.
+    PinRequestErrorType? errorType;

[Devlin, 2016/11/01 16:24:30]

Why don't we allow the extension to set the error directly?

[igorcov, 2016/11/04 15:51:42]

This proposal didn't pass security review. Basically it's a high risk of
spoofing.

+
+    // The number of attempts left. This is provided so that any UI can present
+    // this information to the user. Chrome is not expected to enforce this,

[Devlin, 2016/11/01 16:24:30]

This still strikes me as very odd - why doesn't Chrome enforce this?

[igorcov, 2016/11/04 15:51:42]

We don't want to limit the behavior of the extension if possible.
And if we decide to implement this enforcement, then we need to decide also
what to do if the next request from the extension contradicts the previous one.

+    // instead stopPinRequest should be called by the extension with
+    // errorType = MAX_ATTEMPTS_EXCEEDED when the number of pin requests is
+    // exceeded.
+    long? attemptsLeft;
+  };
+
+  dictionary StopPinRequestDetails {
+    // The ID given by Chrome in SignRequest.
+    long signRequestId;
+
+    // The error template. If present it is displayed to user. Intended to
+    // contain the reason for stopping the flow if it was caused by an error,
+    // e.g. MAX_ATTEMPTS_EXCEEDED.
+    PinRequestErrorType? errorType;
+  };
+
+  dictionary PinResponseDetails {
+    // The code provided by the user. Empty if user closed the dialog or some
+    // other error occurred.
+    DOMString? userInput;
+  };
+
+  callback RequestPinCallback = void (optional PinResponseDetails details);
+
+  callback StopPinRequestCallback = void ();
+
   // The callback provided by the extension that Chrome uses to report back
   // rejected certificates. See <code>CertificatesCallback</code>.
   callback ResultCallback = void (ArrayBuffer[] rejectedCertificates);
@@ -76,4 +131,25 @@ namespace certificateProvider {
     static void onSignDigestRequested(SignRequest request,
                                       SignCallback reportCallback);
   };
+
+  interface Functions {
+    // Requests the PIN from the user. Only one ongoing request at a time is
+    // allowed. The requests issued while another flow is ongoing are rejected.
+    // It's the extension's responsibility to try again later if another flow is
+    // in progress.
+    // |details|: Contains the details about the requested dialog.
+    // |callback|: Is called when the dialog is resolved with the user input, or
+    // when the dialog request finishes unsuccessfully (e.g. the dialog was
+    // canceled by the user or was not allowed to be shown).
+    static void requestPin(RequestPinDetails details,
+                           RequestPinCallback callback);
+
+    // Stops the pin request started by the $(ref:requestPin) function.
+    // |details|: Contains the details about the reason for stopping the
+    // request flow.
+    // |callback|: To be used by Chrome to send to the extension the status from
+    // their request to close PIN dialog for user.
+    static void stopPinRequest(StopPinRequestDetails details,
+                               StopPinRequestCallback callback);
+  };
 };