chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc - Issue 214863002: Extension API enterprise.platformKeys.

Unified Diff: chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc

Issue 214863002: Extension API enterprise.platformKeys. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Allow import of non-extractable keys. Created 6 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« no previous file with comments | « chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.h ('k') | chrome/chrome_browser_extensions.gypi » ('j') | chrome/renderer/extensions/enterprise_certificates_natives.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc

diff --git a/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc b/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc

new file mode 100644

index 0000000000000000000000000000000000000000..edebf166d5700f9aeaec200bb5ac3f8a3144cbd7

--- /dev/null

+++ b/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc

@@ -0,0 +1,69 @@

+// Use of this source code is governed by a BSD-style license that can be

+// found in the LICENSE file.

+#include "chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.h"

+#include "base/logging.h"

+#include "chrome/browser/net/nss_context.h"

+#include "chrome/common/extensions/api/enterprise_certificates_internal.h"

+#include "net/base/crypto_module.h"

+#include "net/base/net_errors.h"

+#include "net/cert/nss_cert_database.h"

+#include "net/cert/x509_certificate.h"

+namespace extensions {

+namespace api_eci = api::enterprise_certificates_internal;

+bool ECIImport::RunImpl() {

+ LOG(ERROR) << "Called internal import";

+ scoped_ptr<api_eci::ImportClientCertificate::Params> params(

+ api_eci::ImportClientCertificate::Params::Create(*args_));

+ EXTENSION_FUNCTION_VALIDATE(params.get());

+ GetNSSCertDatabaseForProfile(

+ GetProfile(), base::Bind(&ECIImport::DidGetCertDB, this));

+ return true;

+void ECIImport::DidGetCertDB(net::NSSCertDatabase* cert_db) {

+ if (!cert_db) {

+ LOG(ERROR) << "Couldn't get NSSCertDatabase.";

+ SendResponse(false);

+ return;

+ }

+ scoped_ptr<api_eci::ImportClientCertificate::Params> params(

+ api_eci::ImportClientCertificate::Params::Create(*args_));

+ const std::string& cert_der = params->certificate;

+ scoped_refptr<net::X509Certificate> cert =

+ net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());

+ if (!cert) {

+ LOG(ERROR) << "Could not parse X509 cert.";

+ SendResponse(false);

+ return;

+ }

+ crypto::ScopedPK11Slot private_slot(cert_db->GetPrivateSlot());

+ if (!private_slot) {

+ LOG(ERROR) << "No private slot";

+ SendResponse(false);

+ return;

+ }

+ scoped_refptr<net::CryptoModule> module(

+ net::CryptoModule::CreateFromHandle(private_slot.get()));

+ const std::string& pkcs8 = params->key;

+ if (!cert_db->ImportPKCS8KeyAndCertificate(pkcs8, cert.get(), module.get())) {

+ LOG(ERROR) << "Could not import key or cert.";

+ SendResponse(false);

+ return;

+ }

+ SendResponse(true);

+ return;

+} // namespace extensions