Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(118)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc

Issue 214863002: Extension API enterprise.platformKeys. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Enabled restriction to extensions force-installed by policy. Created 6 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« chrome/browser/chromeos/platform_keys/platform_keys_nss.cc ('K') | « chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h ('k') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_apitest_nss.cc » ('j') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_apitest_nss.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
diff --git a/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc b/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
new file mode 100644
index 0000000000000000000000000000000000000000..77fd4658d4b43353a262692eb0c9476db41be602
--- /dev/null
+++ b/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
@@ -0,0 +1,232 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h"
+
+#include "base/bind.h"
+#include "base/values.h"
+#include "chrome/browser/chromeos/platform_keys/platform_keys.h"
+#include "chrome/common/extensions/api/enterprise_platform_keys.h"
+#include "chrome/common/extensions/api/enterprise_platform_keys_internal.h"
+#include "net/cert/x509_certificate.h"
+
+namespace extensions {
+
+namespace {
+
+namespace api_epk = api::enterprise_platform_keys;
+namespace api_epki = api::enterprise_platform_keys_internal;
+
+// This error will occur if a token is removed and will be exposed to the
+// extension. Keep this in sync with the custom binding in Javascript.
+const char kErrorInvalidToken[] = "The token is not valid.";
+
+const char kErrorInvalidX509Cert[] =
+ "Certificate is not a valid X.509 certificate.";
+const char kTokenIdUser[] = "user";
+
+// Returns whether |token_id| references a known Token.
+bool ValidateToken(const std::string& token_id) {
+ // For now, the user token is the only valid one.
+ return token_id == kTokenIdUser;
+}
+
+} // namespace
+
+EnterprisePlatformKeysInternalGenerateKeyFunction::
+ ~EnterprisePlatformKeysInternalGenerateKeyFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysInternalGenerateKeyFunction::Run() {
+ scoped_ptr<api_epki::GenerateKey::Params> params(
+ api_epki::GenerateKey::Params::Create(*args_));
+ EXTENSION_FUNCTION_VALIDATE(params);
+ if (!ValidateToken(params->token_id))
+ return RespondNow(Error(kErrorInvalidToken));
+
+ chromeos::platform_keys::GenerateRSAKey(
+ params->token_id,
+ params->modulus_length,
+ base::Bind(
+ &EnterprisePlatformKeysInternalGenerateKeyFunction::OnGeneratedKey,
+ this),
+ GetProfile());
+ return RespondLater();
+}
+
+void EnterprisePlatformKeysInternalGenerateKeyFunction::OnGeneratedKey(
+ const std::string& public_key_der,
+ const std::string& error_message) {
+ if (error_message.empty()) {
+ Respond(MultipleArguments(
+ api_epki::GenerateKey::Results::Create(public_key_der).release()));
+ } else {
+ Respond(Error(error_message));
+ }
+}
+
+EnterprisePlatformKeysInternalSignFunction::
+ ~EnterprisePlatformKeysInternalSignFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysInternalSignFunction::Run() {
+ scoped_ptr<api_epki::Sign::Params> params(
+ api_epki::Sign::Params::Create(*args_));
+ EXTENSION_FUNCTION_VALIDATE(params);
+ if (!ValidateToken(params->token_id))
+ return RespondNow(Error(kErrorInvalidToken));
+
+ chromeos::platform_keys::Sign(
+ params->token_id,
+ params->public_key,
+ params->data,
+ base::Bind(&EnterprisePlatformKeysInternalSignFunction::OnSigned, this),
+ GetProfile());
+ return RespondLater();
+}
+
+void EnterprisePlatformKeysInternalSignFunction::OnSigned(
+ const std::string& signature,
+ const std::string& error_message) {
+ if (error_message.empty()) {
+ Respond(MultipleArguments(
+ api_epki::Sign::Results::Create(signature).release()));
+ } else {
+ Respond(Error(error_message));
+ }
+}
+
+EnterprisePlatformKeysGetCertificatesFunction::
+ ~EnterprisePlatformKeysGetCertificatesFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysGetCertificatesFunction::Run() {
+ scoped_ptr<api_epk::GetCertificates::Params> params(
+ api_epk::GetCertificates::Params::Create(*args_));
+ EXTENSION_FUNCTION_VALIDATE(params);
+ if (!ValidateToken(params->token_id))
+ return RespondNow(Error(kErrorInvalidToken));
+
+ chromeos::platform_keys::GetCertificates(
+ params->token_id,
+ base::Bind(
+ &EnterprisePlatformKeysGetCertificatesFunction::OnGotCertificates,
+ this),
+ GetProfile());
+ return RespondLater();
+}
+
+void EnterprisePlatformKeysGetCertificatesFunction::OnGotCertificates(
+ scoped_ptr<net::CertificateList> certs,
+ const std::string& error_message) {
+ if (!error_message.empty()) {
+ Respond(Error(error_message));
+ return;
+ }
+
+ scoped_ptr<base::ListValue> client_certs(new base::ListValue());
+ for (net::CertificateList::const_iterator it = certs->begin();
+ it != certs->end();
+ ++it) {
+ std::string der_encoding;
+ net::X509Certificate::GetDEREncoded((*it)->os_cert_handle(), &der_encoding);
+ client_certs->Append(base::BinaryValue::CreateWithCopiedBuffer(
+ der_encoding.data(), der_encoding.size()));
+ }
+
+ scoped_ptr<base::ListValue> results(new base::ListValue());
+ results->Append(client_certs.release());
+ Respond(MultipleArguments(results.release()));
+}
+
+EnterprisePlatformKeysImportCertificateFunction::
+ ~EnterprisePlatformKeysImportCertificateFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysImportCertificateFunction::Run() {
+ scoped_ptr<api_epk::ImportCertificate::Params> params(
+ api_epk::ImportCertificate::Params::Create(*args_));
+ EXTENSION_FUNCTION_VALIDATE(params);
+ if (!ValidateToken(params->token_id))
+ return RespondNow(Error(kErrorInvalidToken));
+
+ const std::string& cert_der = params->certificate;
+ scoped_refptr<net::X509Certificate> cert_x509 =
+ net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ if (!cert_x509)
+ return RespondNow(Error(kErrorInvalidX509Cert));
+
+ chromeos::platform_keys::ImportCertificate(
+ params->token_id,
+ cert_x509,
+ base::Bind(&EnterprisePlatformKeysImportCertificateFunction::
+ OnImportedCertificate,
+ this),
+ GetProfile());
+ return RespondLater();
+}
+
+void EnterprisePlatformKeysImportCertificateFunction::OnImportedCertificate(
+ const std::string& error_message) {
+ if (error_message.empty())
+ Respond(NoArguments());
+ else
+ Respond(Error(error_message));
+}
+
+EnterprisePlatformKeysRemoveCertificateFunction::
+ ~EnterprisePlatformKeysRemoveCertificateFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysRemoveCertificateFunction::Run() {
+ scoped_ptr<api_epk::RemoveCertificate::Params> params(
+ api_epk::RemoveCertificate::Params::Create(*args_));
+ EXTENSION_FUNCTION_VALIDATE(params);
+ if (!ValidateToken(params->token_id))
+ return RespondNow(Error(kErrorInvalidToken));
+
+ const std::string& cert_der = params->certificate;
+ scoped_refptr<net::X509Certificate> cert_x509 =
+ net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
+ if (!cert_x509)
+ return RespondNow(Error(kErrorInvalidX509Cert));
+
+ chromeos::platform_keys::RemoveCertificate(
+ params->token_id,
+ cert_x509,
+ base::Bind(&EnterprisePlatformKeysRemoveCertificateFunction::
+ OnRemovedCertificate,
+ this),
+ GetProfile());
+ return RespondLater();
+}
+
+void EnterprisePlatformKeysRemoveCertificateFunction::OnRemovedCertificate(
+ const std::string& error_message) {
+ if (error_message.empty())
+ Respond(NoArguments());
+ else
+ Respond(Error(error_message));
+}
+
+EnterprisePlatformKeysInternalGetTokensFunction::
+ ~EnterprisePlatformKeysInternalGetTokensFunction() {
+}
+
+ExtensionFunction::ResponseAction
+EnterprisePlatformKeysInternalGetTokensFunction::Run() {
+ EXTENSION_FUNCTION_VALIDATE(args_->empty());
+
+ std::vector<std::string> token_ids;
+ token_ids.push_back(kTokenIdUser);
+ return RespondNow(MultipleArguments(
+ api_epki::GetTokens::Results::Create(token_ids).release()));
+}
+
+} // namespace extensions
« chrome/browser/chromeos/platform_keys/platform_keys_nss.cc ('K') | « chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h ('k') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_apitest_nss.cc » ('j') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_apitest_nss.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698