chrome/browser/chromeos/platform_keys/platform_keys_service.h - Issue 323093003: Add the Sign-At-Most-Once restriction the enterprise.platformKeys API.

Side by Side Diff: chrome/browser/chromeos/platform_keys/platform_keys_service.h

Issue 323093003: Add the Sign-At-Most-Once restriction the enterprise.platformKeys API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Addressed comments. Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/browser/chromeos/platform_keys/platform_keys_nss.cc ('k') | chrome/browser/chromeos/platform_keys/platform_keys_service.cc » ('j') | chrome/browser/extensions/api/enterprise_platform_keys/enterprise_platform_keys_api.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_

	6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_

	7

	8 #include <string>

	9

	10 #include "base/callback_forward.h"

	11 #include "base/macros.h"

	12 #include "base/memory/scoped_ptr.h"

	13 #include "base/memory/weak_ptr.h"

	14 #include "components/keyed_service/core/keyed_service.h"

	15

	16 class Profile;

	17

	18 namespace base {

	19 class ListValue;

	20 class Value;

	21 }

	22

	23 namespace extensions {

	24 class StateStore;

	25 }

	26

	27 namespace chromeos {

	28

	29 class PlatformKeysService : public KeyedService {

	30 public:

	31 // Stores registration information in \|state_store\|, i.e. for each extension

	32 // the list of public keys that are valid to be used for signing. Each key can

	33 // be used for signing at most once.

	34 // The format written to \|state_store\| is:

	35 // kStateStorePlatformKeys maps to a list of strings.

	36 // Each string is the base64 encoding of the DER representation of a public

	37 // key's SPKI.

	38 explicit PlatformKeysService(extensions::StateStore* state_store);

	39 virtual ~PlatformKeysService();

	40

	41 // If the generation was successful, \|public_key_spki_der\| will contain the

	42 // DER encoding of the SubjectPublicKeyInfo of the generated key and

	43 // \|error_message\| will be empty. If it failed, \|public_key_spki_der\| will be

	44 // empty and \|error_message\| contain an error message.

	45 typedef base::Callback<void(const std::string& public_key_spki_der,

	46 const std::string& error_message)>

	47 GenerateKeyCallback;

	48

	49 // Generates a RSA key pair with \|modulus_length_bits\| and registers the key

	50 // to allow a single sign operation by the given extension. \|token_id\| is

	51 // currently ignored, instead the user token associated with \|profile\| is

	52 // always used. \|callback\| will be invoked with the resulting public key or an

	53 // error.

	54 void GenerateRSAKey(const std::string& token_id,

	55 unsigned int modulus_length_bits,

	56 const std::string& extension_id,

	57 const GenerateKeyCallback& callback,

	58 Profile* profile);
	not at google - send to devlin 2014/06/15 18:27:06 It's odd to me that several of these methods take It's odd to me that several of these methods take a Profile as an argument when ostensibly this class is bound to a BrowserContext (at least, implicitly via its dependence on the per-BrowserContext StateStore). (by the way: the interface implies they need a Profile but do they really? can they make do with a BrowserContext?) pneubeck (no reviews) 2014/06/16 09:11:12 Yeah, I realized that Profile isn't required, too. Show quoted text On 2014/06/15 18:27:06, kalman wrote: > It's odd to me that several of these methods take a Profile as an argument when > ostensibly this class is bound to a BrowserContext (at least, implicitly via its > dependence on the per-BrowserContext StateStore). > > (by the way: the interface implies they need a Profile but do they really? can > they make do with a BrowserContext?) Yeah, I realized that Profile isn't required, too. Landing a CL to fix that. Storing the BrowserContext* and removing the argument.
	59

	60 // If signing was successful, \|signature\| will be contain the signature and

	61 // \|error_message\| will be empty. If it failed, \|signature\| will be empty and

	62 // \|error_message\| contain an error message.

	63 typedef base::Callback<void(const std::string& signature,

	64 const std::string& error_message)> SignCallback;

	65

	66 // Signs \|data\| with the private key matching \|public_key_spki_der\|, if that

	67 // key is stored in the given token and wasn't used for signing before.

	68 // Unregisters the key so that every future attempt to sign data with this key

	69 // is rejected. \|token_id\| is currently ignored, instead the user token

	70 // associated with \|profile\| is always used. \|public_key_spki_der\| must be the

	71 // DER encoding of a SubjectPublicKeyInfo. \|callback\| will be invoked with the

	72 // signature or an error message. Currently supports RSA keys only.

	73 void Sign(const std::string& token_id,

	74 const std::string& public_key_spki_der,

	75 const std::string& data,

	76 const std::string& extension_id,

	77 const SignCallback& callback,

	78 Profile* profile);

	79

	80 private:

	81 typedef base::Callback<void(base::WeakPtr<PlatformKeysService> service,

	82 scoped_ptr<base::ListValue> platform_keys)>

	83 GetPlatformKeysCallback;

	84

	85 // Registers the given public key as newly generated key, which is allowed to

	86 // be used for signing for a single time. Afterwards, calls \|callback\|. If

	87 // registration was successful, passes \|true\| otherwise \|false\| to the

	88 // callback.

	89 void RegisterPublicKey(const std::string& extension_id,

	90 const std::string& public_key_spki_der,

	91 const base::Callback<void(bool)>& callback);

	92

	93 // Gets the current validity of the given public key by reading StateStore.

	94 // Invalidates the key if it was found to be valid. Finally, calls \|callback\|

	95 // with the old validity.

	96 void ReadValidityAndInvalidateKey(const std::string& extension_id,

	97 const std::string& public_key_spki_der,

	98 const base::Callback<void(bool)>& callback);

	99

	100 // Reads the list of public keys currently registered for \|extension_id\| from

	101 // StateStore. Calls \|callback\| with the read list, or a new empty list if

	102 // none existed. If an error occurred, calls \|callback\| with NULL.

	103 void GetPlatformKeysOfExtension(const std::string& extension_id,

	104 const GetPlatformKeysCallback& callback);

	105

	106 // Callback used by \|GenerateRSAKey\|.

	107 // If the key generation was successful, registers the generated public key

	108 // for the given extension. If any error occurs during key generation or

	109 // registration, calls \|callback\| with an error. Otherwise, on success, calls

	110 // \|callback\| with the public key.

	111 static void GenerateRSAKeyCallback(const std::string& extension_id,
	not at google - send to devlin 2014/06/15 18:27:07 can these static-private methods just be in an ano can these static-private methods just be in an anonymous namespace within platform_keys_service.cc? pneubeck (no reviews) 2014/06/16 09:11:12 They're all calling back to the PlatformKeysServic Show quoted text On 2014/06/15 18:27:07, kalman wrote: > can these static-private methods just be in an anonymous namespace within > platform_keys_service.cc? They're all calling back to the PlatformKeysService (using the provided weakptr). As it should be fine to just drop callbacks when the service is destroyed, I dropped the explicit WeakPtr argument and made the non-static.
	112 const GenerateKeyCallback& callback,

	113 base::WeakPtr<PlatformKeysService> service,

	114 const std::string& public_key_spki_der,

	115 const std::string& error_message);

	116

	117 // Callback used by \|RegisterPublicKey\|.

	118 // Updates the old \|platform_keys\| read from the StateStore and writes the

	119 // updated value back to the StateStore.

	120 static void RegisterPublicKeyGotPlatformKeys(

	121 const std::string& extension_id,

	122 const std::string& public_key_spki_der,

	123 const base::Callback<void(bool)>& callback,

	124 base::WeakPtr<PlatformKeysService> service,

	125 scoped_ptr<base::ListValue> platform_keys);

	126

	127 // Callback used by \|ReadValidityAndInvalidateKey\|.

	128 // Invalidates the given public key so that future signing is prohibited and

	129 // calls \|callback\| with the old validity.

	130 static void InvalidateKey(const std::string& extension_id,

	131 const std::string& public_key_spki_der,

	132 const base::Callback<void(bool)>& callback,

	133 base::WeakPtr<PlatformKeysService> service,

	134 scoped_ptr<base::ListValue> platform_keys);

	135

	136 // Callback used by \|GetPlatformKeysOfExtension\|.

	137 // Is called with \|value\| set to the PlatformKeys value read from the

	138 // StateStore, which it forwards to \|callback\|. On error, calls \|callback\|

	139 // with NULL; if no value existed, with an empty list.

	140 static void GotPlatformKeysOfExtension(

	141 const std::string& extension_id,

	142 base::WeakPtr<PlatformKeysService> service,

	143 const GetPlatformKeysCallback& callback,

	144 scoped_ptr<base::Value> value);

	145

	146 extensions::StateStore* state_store_;

	147 base::WeakPtrFactory<PlatformKeysService> weak_factory_;

	148

	149 DISALLOW_COPY_AND_ASSIGN(PlatformKeysService);

	150 };

	151

	152 } // namespace chromeos

	153

	154 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_

OLD	NEW