Make enterprise.platformKeys documentation public.

chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html

Index: chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
diff --git a/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html b/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
new file mode 100644
index 0000000000000000000000000000000000000000..2e4e264da8a3b15c29619bffc475ddd49532a5fe
--- /dev/null
+++ b/chrome/common/extensions/docs/templates/intros/enterprise_platformKeys.html
@@ -0,0 +1,82 @@
+<p class="note">
+<strong>Note: </strong>
+This API is only available on Chrome OS and to
+<a href="https://support.google.com/chrome/a/answer/1375694?hl=en">extensions pre-installed by policy</a>.
+</p>
+
+<h2 id="usage">Usage</h2>
+
+Typical usage of this API to enroll a client certificate follows these steps: 
+<ul>
+  <li>Get all available tokens using $(ref:enterprise.platformKeys.getTokens).
+  </li>
+  <li>Find the Token with <code>id</code> equal <code>"user"</code>. Use this
+  Token subsequently.</li>
+  <li>Generate a key pair using the <code>generateKey</code> Token method
+  (defined in SubtleCrypto). This will return handle to the key.</li>
+  <li>Export the public key using the <code>exportKey</code> Token method 
+  (defined in SubtleCrypto).
+  <li>Create the signature of the certification request's data using the
+  <code>sign</code> Token method (defined in SubtleCrypto).</li>
+  <li>Complete the certification request and send it to the certification 
+  authority.</li>
+  <li>If a certificate is received, import it using
+  $(ref:enterprise.platformKeys.importCertificate)</li>
+</ul>
+
+<p>
+Here's an example that shows the major API interaction except the building and sending of the certification request:
+</p>
+
+<pre>

[not at google - send to devlin, 2014/06/03 15:12:21]

put a data-filename="background.js" attribute on this.

[pneubeck (no reviews), 2014/06/03 16:41:36]

Done.

+function getUserToken(callback) {
+  chrome.enterprise.platformKeys.getTokens(function(tokens) {
+    for (var i = 0; i < tokens.length; i++) {
+      if (tokens[i].id == "user") {
+        callback(tokens[i]);
+        return;
+      }
+    }
+    callback(undefined);
+  });
+}
+
+function generateAndSign(userToken) {
+  var data = new Uint8Array([0, 5, 1, 2, 3, 4, 5, 6]);
+  var algorithm = {
+    name: "RSASSA-PKCS1-v1_5",
+    // RsaHashedKeyGenParams
+    modulusLength: 2048,
+    publicExponent:
+        new Uint8Array([0x01, 0x00, 0x01]),  // Equivalent to 65537
+    hash: {
+      name: "SHA-1",
+    }
+  };
+  var cachedKeyPair;
+  userToken.subtleCrypto.generateKey(algorithm, false, ["sign"])
+    .then(function(keyPair) {
+            cachedKeyPair = keyPair;
+            return userToken.subtleCrypto.exportKey("spki", keyPair.publicKey);
+          },
+          console.log.bind(console))
+    .then(function(publicKeySpki) {
+            // Build the Certification Request using the public key.
+            return userToken.subtleCrypto.sign(
+                {name : "RSASSA-PKCS1-v1_5"}, cachedKeyPair.privateKey, data);
+          },
+          console.log.bind(console))
+    .then(function(signature) {
+              // Complete the Certification Request with |signature|.
+              // Send out the request to the CA, calling back
+              // onClientCertificateReceived.
+          },
+          console.log.bind(console));
+}
+
+function onClientCertificateReceived(userToken, certificate) {
+  chrome.enterprise.platformKeys.importCertificate(userToken.id, certificate);
+}
+
+getUserToken(generateAndSign);
+</pre>