| Index: chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
|
| diff --git a/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html b/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..94772f6f80a878ae665b550474e7e53e27930d0d
|
| --- /dev/null
|
| +++ b/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
|
| @@ -0,0 +1,82 @@
|
| +<p class="note">
|
| +<strong>Note: </strong>
|
| +This API is only available on Chrome OS and to
|
| +<a href="https://support.google.com/chrome/a/answer/1375694?hl=en">extensions pre-installed by policy</a>.
|
| +</p>
|
| +
|
| +<h2 id="usage">Usage</h2>
|
| +
|
| +Typical usage of this API to enroll a client certificate follows these steps:
|
| +<ul>
|
| + <li>Get all available tokens using $(ref:enterprise.platformKeys.getTokens).
|
| + </li>
|
| + <li>Find the Token with <code>id</code> equal <code>"user"</code>. Use this
|
| + Token subsequently.</li>
|
| + <li>Generate a key pair using the <code>generateKey</code> Token method
|
| + (defined in SubtleCrypto). This will return handle to the key.</li>
|
| + <li>Export the public key using the <code>exportKey</code> Token method
|
| + (defined in SubtleCrypto).
|
| + <li>Create the signature of the certification request's data using the
|
| + <code>sign</code> Token method (defined in SubtleCrypto).</li>
|
| + <li>Complete the certification request and send it to the certification
|
| + authority.</li>
|
| + <li>If a certificate is received, import it using
|
| + $(ref:enterprise.platformKeys.importCertificate)</li>
|
| +</ul>
|
| +
|
| +<p>
|
| +Here's an example that shows the major API interaction except the building and sending of the certification request:
|
| +</p>
|
| +
|
| +<pre data-filename="background.js">
|
| +function getUserToken(callback) {
|
| + chrome.enterprise.platformKeys.getTokens(function(tokens) {
|
| + for (var i = 0; i < tokens.length; i++) {
|
| + if (tokens[i].id == "user") {
|
| + callback(tokens[i]);
|
| + return;
|
| + }
|
| + }
|
| + callback(undefined);
|
| + });
|
| +}
|
| +
|
| +function generateAndSign(userToken) {
|
| + var data = new Uint8Array([0, 5, 1, 2, 3, 4, 5, 6]);
|
| + var algorithm = {
|
| + name: "RSASSA-PKCS1-v1_5",
|
| + // RsaHashedKeyGenParams
|
| + modulusLength: 2048,
|
| + publicExponent:
|
| + new Uint8Array([0x01, 0x00, 0x01]), // Equivalent to 65537
|
| + hash: {
|
| + name: "SHA-1",
|
| + }
|
| + };
|
| + var cachedKeyPair;
|
| + userToken.subtleCrypto.generateKey(algorithm, false, ["sign"])
|
| + .then(function(keyPair) {
|
| + cachedKeyPair = keyPair;
|
| + return userToken.subtleCrypto.exportKey("spki", keyPair.publicKey);
|
| + },
|
| + console.log.bind(console))
|
| + .then(function(publicKeySpki) {
|
| + // Build the Certification Request using the public key.
|
| + return userToken.subtleCrypto.sign(
|
| + {name : "RSASSA-PKCS1-v1_5"}, cachedKeyPair.privateKey, data);
|
| + },
|
| + console.log.bind(console))
|
| + .then(function(signature) {
|
| + // Complete the Certification Request with |signature|.
|
| + // Send out the request to the CA, calling back
|
| + // onClientCertificateReceived.
|
| + },
|
| + console.log.bind(console));
|
| +}
|
| +
|
| +function onClientCertificateReceived(userToken, certificate) {
|
| + chrome.enterprise.platformKeys.importCertificate(userToken.id, certificate);
|
| +}
|
| +
|
| +getUserToken(generateAndSign);
|
| +</pre>
|
|
|
Chromium Code Reviews
Issue 312503004:
Make enterprise.platformKeys documentation public. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src