Chromium Code Reviews Chromium Code Reviews
Issue 214863002:
Extension API enterprise.platformKeys. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc |
| diff --git a/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc b/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..7b65783c3ed43f220c728d8082df3f83cc5d1a6a |
| --- /dev/null |
| +++ b/chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.cc |
| @@ -0,0 +1,135 @@ |
| +// Copyright 2014 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/extensions/api/enterprise_certificates/enterprise_certificates_internal_api.h" |
| + |
| +#include "base/logging.h" |
| +#include "chrome/browser/net/nss_context.h" |
| +#include "chrome/common/extensions/api/enterprise_certificates_internal.h" |
| +#include "net/base/crypto_module.h" |
| +#include "net/base/net_errors.h" |
| +#include "net/cert/nss_cert_database.h" |
| +#include "net/cert/x509_certificate.h" |
| + |
| +namespace extensions { |
| +namespace api_eci = api::enterprise_certificates_internal; |
| + |
| +const char kTokenNameUser[] = "User"; |
| + |
| +bool ECIImport::RunImpl() { |
| + scoped_ptr<api_eci::ImportClientCertificateAndRawKey::Params> params( |
| + api_eci::ImportClientCertificateAndRawKey::Params::Create(*args_)); |
| + EXTENSION_FUNCTION_VALIDATE(params.get()); |
| + |
| + GetNSSCertDatabaseForProfile( |
| + GetProfile(), base::Bind(&ECIImport::DidGetCertDB, this)); |
|
Ryan Sleevi
2014/04/15 00:15:04
This file should either be suffixed with _nss or i
pneubeck (no reviews)
2014/05/02 17:44:02
Done.
|
| + return true; |
| +} |
| + |
| +void ECIImport::DidGetCertDB(net::NSSCertDatabase* cert_db) { |
| + if (!cert_db) { |
| + LOG(ERROR) << "Couldn't get NSSCertDatabase."; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + scoped_ptr<api_eci::ImportClientCertificateAndRawKey::Params> params( |
| + api_eci::ImportClientCertificateAndRawKey::Params::Create(*args_)); |
| + |
| + const std::string& cert_der = params->certificate; |
| + scoped_refptr<net::X509Certificate> cert = |
| + net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size()); |
| + if (!cert) { |
| + LOG(ERROR) << "Could not parse X509 cert."; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + crypto::ScopedPK11Slot private_slot(cert_db->GetPrivateSlot()); |
| + if (!private_slot) { |
| + LOG(ERROR) << "No private slot"; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + scoped_refptr<net::CryptoModule> module( |
| + net::CryptoModule::CreateFromHandle(private_slot.get())); |
| + const std::string& pkcs8 = params->key; |
| + if (!cert_db->ImportPKCS8KeyAndCertificate(pkcs8, cert.get(), module.get())) { |
| + LOG(ERROR) << "Could not import key or cert."; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + SendResponse(true); |
| + return; |
| +} |
| + |
| +bool ECIGetCerts::RunImpl() { |
| + scoped_ptr<api_eci::GetClientCertificates::Params> params( |
| + api_eci::GetClientCertificates::Params::Create(*args_)); |
| + EXTENSION_FUNCTION_VALIDATE(params.get()); |
| + |
| + GetNSSCertDatabaseForProfile(GetProfile(), |
| + base::Bind(&ECIGetCerts::DidGetCertDB, this)); |
| + return true; |
| +} |
| + |
| +void ECIGetCerts::DidGetCertDB(net::NSSCertDatabase* cert_db) { |
| + if (!cert_db) { |
| + LOG(ERROR) << "Couldn't get NSSCertDatabase."; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + cert_db->ListCerts(base::Bind(&ECIGetCerts::DidGetCerts, this)); |
| +} |
| + |
| +void ECIGetCerts::DidGetCerts(scoped_ptr<net::CertificateList> certs) { |
| + scoped_ptr<api_eci::GetClientCertificates::Params> params( |
| + api_eci::GetClientCertificates::Params::Create(*args_)); |
| + |
| + /* |
| + crypto::ScopedPK11Slot private_slot(cert_db->GetPrivateSlot()); |
| + if (!private_slot) { |
| + LOG(ERROR) << "No private slot"; |
| + SendResponse(false); |
| + return; |
| + } |
| + */ |
| + |
| + /* |
| + const std::string& cert_der = params->certificate; |
| + scoped_refptr<net::X509Certificate> cert = |
| + net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size()); |
| + if (!cert) { |
| + LOG(ERROR) << "Could not parse X509 cert."; |
| + SendResponse(false); |
| + return; |
| + } |
| + |
| + scoped_refptr<net::CryptoModule> module( |
| + net::CryptoModule::CreateFromHandle(private_slot.get())); |
| + const std::string& pkcs8 = params->key; |
| + if (!cert_db->ImportPKCS8KeyAndCertificate(pkcs8, cert.get(), module.get())) { |
| + LOG(ERROR) << "Could not import key or cert."; |
| + SendResponse(false); |
| + return; |
| + } |
| + */ |
| + |
| + SendResponse(true); |
| + return; |
| +} |
| + |
| +bool ECIGetTokens::RunImpl() { |
| + EXTENSION_FUNCTION_VALIDATE(args_->empty()); |
| + |
| + std::vector<std::string> token_names; |
| + token_names.push_back(kTokenNameUser); |
| + results_ = api_eci::GetTokens::Results::Create(token_names); |
| + SendResponse(true); |
| + return true; |
| +} |
| +} // namespace extensions |
