| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/settings/session_manager_operation.h" | 5 #include "chrome/browser/chromeos/settings/session_manager_operation.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/files/file_path.h" | 9 #include "base/files/file_path.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 11 #include "base/stl_util.h" | 11 #include "base/stl_util.h" |
| 12 #include "base/task_runner_util.h" | 12 #include "base/task_runner_util.h" |
| 13 #include "base/threading/sequenced_worker_pool.h" | 13 #include "base/threading/sequenced_worker_pool.h" |
| 14 #include "chrome/browser/chromeos/login/user.h" |
| 15 #include "chrome/browser/chromeos/login/user_manager.h" |
| 14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" | 16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" |
| 15 #include "chrome/browser/chromeos/settings/owner_key_util.h" | 17 #include "chrome/browser/chromeos/settings/owner_key_util.h" |
| 18 #include "chrome/browser/net/nss_context.h" |
| 16 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 19 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 17 #include "content/public/browser/browser_thread.h" | 20 #include "content/public/browser/browser_thread.h" |
| 18 #include "crypto/rsa_private_key.h" | 21 #include "crypto/rsa_private_key.h" |
| 19 #include "crypto/signature_creator.h" | 22 #include "crypto/signature_creator.h" |
| 20 #include "policy/proto/device_management_backend.pb.h" | 23 #include "policy/proto/device_management_backend.pb.h" |
| 21 | 24 |
| 22 namespace em = enterprise_management; | 25 namespace em = enterprise_management; |
| 23 | 26 |
| 24 namespace chromeos { | 27 namespace chromeos { |
| 25 | 28 |
| 29 namespace { |
| 30 |
| 31 Profile* GetProfileByUsername(const std::string& username) { |
| 32 if (!UserManager::IsInitialized()) |
| 33 return NULL; |
| 34 UserManager* manager = UserManager::Get(); |
| 35 const User* user = manager->FindUser(username); |
| 36 if (!user || !user->is_profile_created()) |
| 37 return NULL; |
| 38 return manager->GetProfileByUser(user); |
| 39 } |
| 40 |
| 41 } // namespace |
| 42 |
| 26 SessionManagerOperation::SessionManagerOperation(const Callback& callback) | 43 SessionManagerOperation::SessionManagerOperation(const Callback& callback) |
| 27 : session_manager_client_(NULL), | 44 : session_manager_client_(NULL), |
| 28 weak_factory_(this), | 45 weak_factory_(this), |
| 29 callback_(callback), | 46 callback_(callback), |
| 30 force_key_load_(false), | 47 force_key_load_(false), |
| 31 is_loading_(false) {} | 48 is_loading_(false) {} |
| 32 | 49 |
| 33 SessionManagerOperation::~SessionManagerOperation() {} | 50 SessionManagerOperation::~SessionManagerOperation() {} |
| 34 | 51 |
| 35 void SessionManagerOperation::Start( | 52 void SessionManagerOperation::Start( |
| (...skipping 28 matching lines...) Expand all Loading... |
| 64 weak_factory_.GetWeakPtr())); | 81 weak_factory_.GetWeakPtr())); |
| 65 } | 82 } |
| 66 | 83 |
| 67 void SessionManagerOperation::ReportResult( | 84 void SessionManagerOperation::ReportResult( |
| 68 DeviceSettingsService::Status status) { | 85 DeviceSettingsService::Status status) { |
| 69 callback_.Run(this, status); | 86 callback_.Run(this, status); |
| 70 } | 87 } |
| 71 | 88 |
| 72 void SessionManagerOperation::EnsureOwnerKey(const base::Closure& callback) { | 89 void SessionManagerOperation::EnsureOwnerKey(const base::Closure& callback) { |
| 73 if (force_key_load_ || !owner_key_.get() || !owner_key_->public_key()) { | 90 if (force_key_load_ || !owner_key_.get() || !owner_key_->public_key()) { |
| 74 scoped_refptr<base::TaskRunner> task_runner = | 91 Profile* profile = GetProfileByUsername(username_); |
| 75 content::BrowserThread::GetBlockingPool()-> | 92 content::ResourceContext* context = |
| 76 GetTaskRunnerWithShutdownBehavior( | 93 profile ? profile->GetResourceContext() : NULL; |
| 77 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); | 94 if (!context) { |
| 78 base::PostTaskAndReplyWithResult( | 95 crypto::ScopedPK11Slot slot; |
| 79 task_runner.get(), | 96 LoadAndStoreOwnerKey(weak_factory_.GetWeakPtr(), |
| 80 FROM_HERE, | 97 owner_key_util_, |
| 81 base::Bind(&SessionManagerOperation::LoadOwnerKey, | 98 owner_key_, |
| 82 owner_key_util_, owner_key_), | 99 callback, |
| 83 base::Bind(&SessionManagerOperation::StoreOwnerKey, | 100 slot.Pass()); |
| 84 weak_factory_.GetWeakPtr(), callback)); | 101 } else { |
| 102 content::BrowserThread::PostTaskAndReplyWithResult( |
| 103 content::BrowserThread::IO, |
| 104 FROM_HERE, |
| 105 base::Bind(&GetPublicNSSKeySlotForResourceContext, context), |
| 106 base::Bind(&SessionManagerOperation::LoadAndStoreOwnerKey, |
| 107 weak_factory_.GetWeakPtr(), |
| 108 owner_key_util_, |
| 109 owner_key_, |
| 110 callback)); |
| 111 } |
| 85 } else { | 112 } else { |
| 86 callback.Run(); | 113 callback.Run(); |
| 87 } | 114 } |
| 88 } | 115 } |
| 89 | 116 |
| 90 // static | 117 // static |
| 118 void SessionManagerOperation::LoadAndStoreOwnerKey( |
| 119 base::WeakPtr<SessionManagerOperation> weak_ptr, |
| 120 scoped_refptr<OwnerKeyUtil> util, |
| 121 scoped_refptr<OwnerKey> current_key, |
| 122 const base::Closure& callback, |
| 123 crypto::ScopedPK11Slot slot) { |
| 124 scoped_refptr<base::TaskRunner> task_runner = |
| 125 content::BrowserThread::GetBlockingPool() |
| 126 ->GetTaskRunnerWithShutdownBehavior( |
| 127 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); |
| 128 base::PostTaskAndReplyWithResult( |
| 129 task_runner.get(), |
| 130 FROM_HERE, |
| 131 base::Bind(&SessionManagerOperation::LoadOwnerKey, |
| 132 util, |
| 133 current_key, |
| 134 base::Passed(&slot)), |
| 135 base::Bind(&SessionManagerOperation::StoreOwnerKey, weak_ptr, callback)); |
| 136 } |
| 137 |
| 138 // static |
| 91 scoped_refptr<OwnerKey> SessionManagerOperation::LoadOwnerKey( | 139 scoped_refptr<OwnerKey> SessionManagerOperation::LoadOwnerKey( |
| 92 scoped_refptr<OwnerKeyUtil> util, | 140 scoped_refptr<OwnerKeyUtil> util, |
| 93 scoped_refptr<OwnerKey> current_key) { | 141 scoped_refptr<OwnerKey> current_key, |
| 142 crypto::ScopedPK11Slot slot) { |
| 94 scoped_ptr<std::vector<uint8> > public_key; | 143 scoped_ptr<std::vector<uint8> > public_key; |
| 95 scoped_ptr<crypto::RSAPrivateKey> private_key; | 144 scoped_ptr<crypto::RSAPrivateKey> private_key; |
| 96 | 145 |
| 97 // Keep any already-existing keys. | 146 // Keep any already-existing keys. |
| 98 if (current_key.get()) { | 147 if (current_key.get()) { |
| 99 if (current_key->public_key()) | 148 if (current_key->public_key()) |
| 100 public_key.reset(new std::vector<uint8>(*current_key->public_key())); | 149 public_key.reset(new std::vector<uint8>(*current_key->public_key())); |
| 101 if (current_key->private_key()) | 150 if (current_key->private_key()) |
| 102 private_key.reset(current_key->private_key()->Copy()); | 151 private_key.reset(current_key->private_key()->Copy()); |
| 103 } | 152 } |
| 104 | 153 |
| 105 if (!public_key.get() && util->IsPublicKeyPresent()) { | 154 if (!public_key.get() && util->IsPublicKeyPresent()) { |
| 106 public_key.reset(new std::vector<uint8>()); | 155 public_key.reset(new std::vector<uint8>()); |
| 107 if (!util->ImportPublicKey(public_key.get())) | 156 if (!util->ImportPublicKey(public_key.get())) |
| 108 LOG(ERROR) << "Failed to load public owner key."; | 157 LOG(ERROR) << "Failed to load public owner key."; |
| 109 } | 158 } |
| 110 | 159 |
| 111 if (public_key.get() && !private_key.get()) { | 160 if (public_key.get() && !private_key.get()) { |
| 112 private_key.reset(util->FindPrivateKey(*public_key)); | 161 private_key.reset(util->FindPrivateKeyInSlot(*public_key, slot.get())); |
| 113 if (!private_key.get()) | 162 if (!private_key.get()) |
| 114 VLOG(1) << "Failed to load private owner key."; | 163 VLOG(1) << "Failed to load private owner key."; |
| 115 } | 164 } |
| 116 | 165 |
| 117 return new OwnerKey(public_key.Pass(), private_key.Pass()); | 166 return new OwnerKey(public_key.Pass(), private_key.Pass()); |
| 118 } | 167 } |
| 119 | 168 |
| 120 void SessionManagerOperation::StoreOwnerKey(const base::Closure& callback, | 169 void SessionManagerOperation::StoreOwnerKey(const base::Closure& callback, |
| 121 scoped_refptr<OwnerKey> new_key) { | 170 scoped_refptr<OwnerKey> new_key) { |
| 122 force_key_load_ = false; | 171 force_key_load_ = false; |
| (...skipping 199 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 322 } | 371 } |
| 323 | 372 |
| 324 void SignAndStoreSettingsOperation::HandleStoreResult(bool success) { | 373 void SignAndStoreSettingsOperation::HandleStoreResult(bool success) { |
| 325 if (!success) | 374 if (!success) |
| 326 ReportResult(DeviceSettingsService::STORE_OPERATION_FAILED); | 375 ReportResult(DeviceSettingsService::STORE_OPERATION_FAILED); |
| 327 else | 376 else |
| 328 StartLoading(); | 377 StartLoading(); |
| 329 } | 378 } |
| 330 | 379 |
| 331 } // namespace chromeos | 380 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 270663002:
Implemented profile-aware owner key loading. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src