| Index: chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
|
| diff --git a/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc b/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..cdf779cbf963192e5d3f4c13d40b7edd52a1a48a
|
| --- /dev/null
|
| +++ b/chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc
|
| @@ -0,0 +1,237 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.h"
|
| +
|
| +#include "base/bind.h"
|
| +#include "base/values.h"
|
| +#include "chrome/browser/chromeos/platform_keys/platform_keys.h"
|
| +#include "chrome/common/extensions/api/enterprise_platform_keys.h"
|
| +#include "chrome/common/extensions/api/enterprise_platform_keys_internal.h"
|
| +#include "content/public/browser/browser_thread.h"
|
| +#include "net/cert/x509_certificate.h"
|
| +
|
| +namespace extensions {
|
| +
|
| +namespace {
|
| +
|
| +namespace api_epk = api::enterprise_platform_keys;
|
| +namespace api_epki = api::enterprise_platform_keys_internal;
|
| +
|
| +// This error will occur if a token is removed and will be exposed to the
|
| +// extension. Keep this in sync with the custom binding in Javascript.
|
| +const char kErrorInvalidToken[] = "The token is not valid.";
|
| +
|
| +const char kErrorInvalidX509Cert[] =
|
| + "Certificate is not a valid X.509 certificate.";
|
| +const char kTokenIdUser[] = "user";
|
| +
|
| +// Returns whether |token_id| references a known Token.
|
| +bool ValidateToken(const std::string& token_id) {
|
| + // For now, the user token is the only valid one.
|
| + return token_id == kTokenIdUser;
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +EnterprisePlatformKeysInternalGenerateKeyFunction::
|
| + ~EnterprisePlatformKeysInternalGenerateKeyFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysInternalGenerateKeyFunction::Run() {
|
| + scoped_ptr<api_epki::GenerateKey::Params> params(
|
| + api_epki::GenerateKey::Params::Create(*args_));
|
| + // TODO(pneubeck): Add support for unsigned integers to IDL.
|
| + EXTENSION_FUNCTION_VALIDATE(params && params->modulus_length >= 0);
|
| + if (!ValidateToken(params->token_id))
|
| + return RespondNow(Error(kErrorInvalidToken));
|
| +
|
| + chromeos::platform_keys::GenerateRSAKey(
|
| + params->token_id,
|
| + params->modulus_length,
|
| + base::Bind(
|
| + &EnterprisePlatformKeysInternalGenerateKeyFunction::OnGeneratedKey,
|
| + this),
|
| + GetProfile());
|
| + return RespondLater();
|
| +}
|
| +
|
| +void EnterprisePlatformKeysInternalGenerateKeyFunction::OnGeneratedKey(
|
| + const std::string& public_key_der,
|
| + const std::string& error_message) {
|
| + DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
| + if (error_message.empty()) {
|
| + Respond(
|
| + ArgumentList(api_epki::GenerateKey::Results::Create(public_key_der)));
|
| + } else {
|
| + Respond(Error(error_message));
|
| + }
|
| +}
|
| +
|
| +EnterprisePlatformKeysInternalSignFunction::
|
| + ~EnterprisePlatformKeysInternalSignFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysInternalSignFunction::Run() {
|
| + scoped_ptr<api_epki::Sign::Params> params(
|
| + api_epki::Sign::Params::Create(*args_));
|
| + EXTENSION_FUNCTION_VALIDATE(params);
|
| + if (!ValidateToken(params->token_id))
|
| + return RespondNow(Error(kErrorInvalidToken));
|
| +
|
| + chromeos::platform_keys::Sign(
|
| + params->token_id,
|
| + params->public_key,
|
| + params->data,
|
| + base::Bind(&EnterprisePlatformKeysInternalSignFunction::OnSigned, this),
|
| + GetProfile());
|
| + return RespondLater();
|
| +}
|
| +
|
| +void EnterprisePlatformKeysInternalSignFunction::OnSigned(
|
| + const std::string& signature,
|
| + const std::string& error_message) {
|
| + DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
| + if (error_message.empty())
|
| + Respond(ArgumentList(api_epki::Sign::Results::Create(signature)));
|
| + else
|
| + Respond(Error(error_message));
|
| +}
|
| +
|
| +EnterprisePlatformKeysGetCertificatesFunction::
|
| + ~EnterprisePlatformKeysGetCertificatesFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysGetCertificatesFunction::Run() {
|
| + scoped_ptr<api_epk::GetCertificates::Params> params(
|
| + api_epk::GetCertificates::Params::Create(*args_));
|
| + EXTENSION_FUNCTION_VALIDATE(params);
|
| + if (!ValidateToken(params->token_id))
|
| + return RespondNow(Error(kErrorInvalidToken));
|
| +
|
| + chromeos::platform_keys::GetCertificates(
|
| + params->token_id,
|
| + base::Bind(
|
| + &EnterprisePlatformKeysGetCertificatesFunction::OnGotCertificates,
|
| + this),
|
| + GetProfile());
|
| + return RespondLater();
|
| +}
|
| +
|
| +void EnterprisePlatformKeysGetCertificatesFunction::OnGotCertificates(
|
| + scoped_ptr<net::CertificateList> certs,
|
| + const std::string& error_message) {
|
| + DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
| + if (!error_message.empty()) {
|
| + Respond(Error(error_message));
|
| + return;
|
| + }
|
| +
|
| + scoped_ptr<base::ListValue> client_certs(new base::ListValue());
|
| + for (net::CertificateList::const_iterator it = certs->begin();
|
| + it != certs->end();
|
| + ++it) {
|
| + std::string der_encoding;
|
| + net::X509Certificate::GetDEREncoded((*it)->os_cert_handle(), &der_encoding);
|
| + client_certs->Append(base::BinaryValue::CreateWithCopiedBuffer(
|
| + der_encoding.data(), der_encoding.size()));
|
| + }
|
| +
|
| + scoped_ptr<base::ListValue> results(new base::ListValue());
|
| + results->Append(client_certs.release());
|
| + Respond(ArgumentList(results.Pass()));
|
| +}
|
| +
|
| +EnterprisePlatformKeysImportCertificateFunction::
|
| + ~EnterprisePlatformKeysImportCertificateFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysImportCertificateFunction::Run() {
|
| + scoped_ptr<api_epk::ImportCertificate::Params> params(
|
| + api_epk::ImportCertificate::Params::Create(*args_));
|
| + EXTENSION_FUNCTION_VALIDATE(params);
|
| + if (!ValidateToken(params->token_id))
|
| + return RespondNow(Error(kErrorInvalidToken));
|
| +
|
| + const std::string& cert_der = params->certificate;
|
| + scoped_refptr<net::X509Certificate> cert_x509 =
|
| + net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
|
| + if (!cert_x509)
|
| + return RespondNow(Error(kErrorInvalidX509Cert));
|
| +
|
| + chromeos::platform_keys::ImportCertificate(
|
| + params->token_id,
|
| + cert_x509,
|
| + base::Bind(&EnterprisePlatformKeysImportCertificateFunction::
|
| + OnImportedCertificate,
|
| + this),
|
| + GetProfile());
|
| + return RespondLater();
|
| +}
|
| +
|
| +void EnterprisePlatformKeysImportCertificateFunction::OnImportedCertificate(
|
| + const std::string& error_message) {
|
| + DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
| + if (error_message.empty())
|
| + Respond(NoArguments());
|
| + else
|
| + Respond(Error(error_message));
|
| +}
|
| +
|
| +EnterprisePlatformKeysRemoveCertificateFunction::
|
| + ~EnterprisePlatformKeysRemoveCertificateFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysRemoveCertificateFunction::Run() {
|
| + scoped_ptr<api_epk::RemoveCertificate::Params> params(
|
| + api_epk::RemoveCertificate::Params::Create(*args_));
|
| + EXTENSION_FUNCTION_VALIDATE(params);
|
| + if (!ValidateToken(params->token_id))
|
| + return RespondNow(Error(kErrorInvalidToken));
|
| +
|
| + const std::string& cert_der = params->certificate;
|
| + scoped_refptr<net::X509Certificate> cert_x509 =
|
| + net::X509Certificate::CreateFromBytes(cert_der.data(), cert_der.size());
|
| + if (!cert_x509)
|
| + return RespondNow(Error(kErrorInvalidX509Cert));
|
| +
|
| + chromeos::platform_keys::RemoveCertificate(
|
| + params->token_id,
|
| + cert_x509,
|
| + base::Bind(&EnterprisePlatformKeysRemoveCertificateFunction::
|
| + OnRemovedCertificate,
|
| + this),
|
| + GetProfile());
|
| + return RespondLater();
|
| +}
|
| +
|
| +void EnterprisePlatformKeysRemoveCertificateFunction::OnRemovedCertificate(
|
| + const std::string& error_message) {
|
| + DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI));
|
| + if (error_message.empty())
|
| + Respond(NoArguments());
|
| + else
|
| + Respond(Error(error_message));
|
| +}
|
| +
|
| +EnterprisePlatformKeysInternalGetTokensFunction::
|
| + ~EnterprisePlatformKeysInternalGetTokensFunction() {
|
| +}
|
| +
|
| +ExtensionFunction::ResponseAction
|
| +EnterprisePlatformKeysInternalGetTokensFunction::Run() {
|
| + EXTENSION_FUNCTION_VALIDATE(args_->empty());
|
| +
|
| + std::vector<std::string> token_ids;
|
| + token_ids.push_back(kTokenIdUser);
|
| + return RespondNow(
|
| + ArgumentList(api_epki::GetTokens::Results::Create(token_ids)));
|
| +}
|
| +
|
| +} // namespace extensions
|
|
|
Chromium Code Reviews
Issue 214863002:
Extension API enterprise.platformKeys. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src