| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 108 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 119 FROM_HERE, | 119 FROM_HERE, |
| 120 base::Bind(&GetCertDatabaseOnIOThread, | 120 base::Bind(&GetCertDatabaseOnIOThread, |
| 121 profile->GetResourceContext(), | 121 profile->GetResourceContext(), |
| 122 callback, | 122 callback, |
| 123 state)); | 123 state)); |
| 124 } | 124 } |
| 125 | 125 |
| 126 class GenerateRSAKeyState : public NSSOperationState { | 126 class GenerateRSAKeyState : public NSSOperationState { |
| 127 public: | 127 public: |
| 128 GenerateRSAKeyState(unsigned int modulus_length, | 128 GenerateRSAKeyState(unsigned int modulus_length, |
| 129 const GenerateKeyCallback& callback); | 129 const subtle::GenerateKeyCallback& callback); |
| 130 virtual ~GenerateRSAKeyState() {} | 130 virtual ~GenerateRSAKeyState() {} |
| 131 | 131 |
| 132 virtual void OnError(const tracked_objects::Location& from, | 132 virtual void OnError(const tracked_objects::Location& from, |
| 133 const std::string& error_message) OVERRIDE { | 133 const std::string& error_message) OVERRIDE { |
| 134 CallBack(from, std::string() /* no public key */, error_message); | 134 CallBack(from, std::string() /* no public key */, error_message); |
| 135 } | 135 } |
| 136 | 136 |
| 137 void CallBack(const tracked_objects::Location& from, | 137 void CallBack(const tracked_objects::Location& from, |
| 138 const std::string& public_key_spki_der, | 138 const std::string& public_key_spki_der, |
| 139 const std::string& error_message) { | 139 const std::string& error_message) { |
| 140 origin_task_runner_->PostTask( | 140 origin_task_runner_->PostTask( |
| 141 from, base::Bind(callback_, public_key_spki_der, error_message)); | 141 from, base::Bind(callback_, public_key_spki_der, error_message)); |
| 142 } | 142 } |
| 143 | 143 |
| 144 unsigned int modulus_length_; | 144 unsigned int modulus_length_; |
| 145 | 145 |
| 146 private: | 146 private: |
| 147 // Must be called on origin thread, use CallBack() therefore. | 147 // Must be called on origin thread, use CallBack() therefore. |
| 148 GenerateKeyCallback callback_; | 148 subtle::GenerateKeyCallback callback_; |
| 149 }; | 149 }; |
| 150 | 150 |
| 151 class SignState : public NSSOperationState { | 151 class SignState : public NSSOperationState { |
| 152 public: | 152 public: |
| 153 SignState(const std::string& public_key, | 153 SignState(const std::string& public_key, |
| 154 const std::string& data, | 154 const std::string& data, |
| 155 const SignCallback& callback); | 155 const subtle::SignCallback& callback); |
| 156 virtual ~SignState() {} | 156 virtual ~SignState() {} |
| 157 | 157 |
| 158 virtual void OnError(const tracked_objects::Location& from, | 158 virtual void OnError(const tracked_objects::Location& from, |
| 159 const std::string& error_message) OVERRIDE { | 159 const std::string& error_message) OVERRIDE { |
| 160 CallBack(from, std::string() /* no signature */, error_message); | 160 CallBack(from, std::string() /* no signature */, error_message); |
| 161 } | 161 } |
| 162 | 162 |
| 163 void CallBack(const tracked_objects::Location& from, | 163 void CallBack(const tracked_objects::Location& from, |
| 164 const std::string& signature, | 164 const std::string& signature, |
| 165 const std::string& error_message) { | 165 const std::string& error_message) { |
| 166 origin_task_runner_->PostTask( | 166 origin_task_runner_->PostTask( |
| 167 from, base::Bind(callback_, signature, error_message)); | 167 from, base::Bind(callback_, signature, error_message)); |
| 168 } | 168 } |
| 169 | 169 |
| 170 std::string public_key_; | 170 std::string public_key_; |
| 171 std::string data_; | 171 std::string data_; |
| 172 | 172 |
| 173 private: | 173 private: |
| 174 // Must be called on origin thread, use CallBack() therefore. | 174 // Must be called on origin thread, use CallBack() therefore. |
| 175 SignCallback callback_; | 175 subtle::SignCallback callback_; |
| 176 }; | 176 }; |
| 177 | 177 |
| 178 class GetCertificatesState : public NSSOperationState { | 178 class GetCertificatesState : public NSSOperationState { |
| 179 public: | 179 public: |
| 180 explicit GetCertificatesState(const GetCertificatesCallback& callback); | 180 explicit GetCertificatesState(const GetCertificatesCallback& callback); |
| 181 virtual ~GetCertificatesState() {} | 181 virtual ~GetCertificatesState() {} |
| 182 | 182 |
| 183 virtual void OnError(const tracked_objects::Location& from, | 183 virtual void OnError(const tracked_objects::Location& from, |
| 184 const std::string& error_message) OVERRIDE { | 184 const std::string& error_message) OVERRIDE { |
| 185 CallBack(from, | 185 CallBack(from, |
| (...skipping 58 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 244 | 244 |
| 245 private: | 245 private: |
| 246 // Must be called on origin thread, use CallBack() therefore. | 246 // Must be called on origin thread, use CallBack() therefore. |
| 247 RemoveCertificateCallback callback_; | 247 RemoveCertificateCallback callback_; |
| 248 }; | 248 }; |
| 249 | 249 |
| 250 NSSOperationState::NSSOperationState() | 250 NSSOperationState::NSSOperationState() |
| 251 : origin_task_runner_(base::ThreadTaskRunnerHandle::Get()) { | 251 : origin_task_runner_(base::ThreadTaskRunnerHandle::Get()) { |
| 252 } | 252 } |
| 253 | 253 |
| 254 GenerateRSAKeyState::GenerateRSAKeyState(unsigned int modulus_length, | 254 GenerateRSAKeyState::GenerateRSAKeyState( |
| 255 const GenerateKeyCallback& callback) | 255 unsigned int modulus_length, |
| 256 const subtle::GenerateKeyCallback& callback) |
| 256 : modulus_length_(modulus_length), callback_(callback) { | 257 : modulus_length_(modulus_length), callback_(callback) { |
| 257 } | 258 } |
| 258 | 259 |
| 259 SignState::SignState(const std::string& public_key, | 260 SignState::SignState(const std::string& public_key, |
| 260 const std::string& data, | 261 const std::string& data, |
| 261 const SignCallback& callback) | 262 const subtle::SignCallback& callback) |
| 262 : public_key_(public_key), data_(data), callback_(callback) { | 263 : public_key_(public_key), data_(data), callback_(callback) { |
| 263 } | 264 } |
| 264 | 265 |
| 265 GetCertificatesState::GetCertificatesState( | 266 GetCertificatesState::GetCertificatesState( |
| 266 const GetCertificatesCallback& callback) | 267 const GetCertificatesCallback& callback) |
| 267 : callback_(callback) { | 268 : callback_(callback) { |
| 268 } | 269 } |
| 269 | 270 |
| 270 ImportCertificateState::ImportCertificateState( | 271 ImportCertificateState::ImportCertificateState( |
| 271 scoped_refptr<net::X509Certificate> certificate, | 272 scoped_refptr<net::X509Certificate> certificate, |
| (...skipping 189 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 461 scoped_refptr<net::X509Certificate> certificate = state->certificate_; | 462 scoped_refptr<net::X509Certificate> certificate = state->certificate_; |
| 462 bool certificate_found = certificate->os_cert_handle()->isperm; | 463 bool certificate_found = certificate->os_cert_handle()->isperm; |
| 463 cert_db->DeleteCertAndKeyAsync( | 464 cert_db->DeleteCertAndKeyAsync( |
| 464 certificate, | 465 certificate, |
| 465 base::Bind( | 466 base::Bind( |
| 466 &DidRemoveCertificate, base::Passed(&state), certificate_found)); | 467 &DidRemoveCertificate, base::Passed(&state), certificate_found)); |
| 467 } | 468 } |
| 468 | 469 |
| 469 } // namespace | 470 } // namespace |
| 470 | 471 |
| 472 namespace subtle { |
| 473 |
| 471 void GenerateRSAKey(const std::string& token_id, | 474 void GenerateRSAKey(const std::string& token_id, |
| 472 unsigned int modulus_length, | 475 unsigned int modulus_length, |
| 473 const GenerateKeyCallback& callback, | 476 const GenerateKeyCallback& callback, |
| 474 Profile* profile) { | 477 Profile* profile) { |
| 475 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 478 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 476 scoped_ptr<GenerateRSAKeyState> state( | 479 scoped_ptr<GenerateRSAKeyState> state( |
| 477 new GenerateRSAKeyState(modulus_length, callback)); | 480 new GenerateRSAKeyState(modulus_length, callback)); |
| 478 | 481 |
| 479 if (modulus_length > kMaxRSAModulusLength) { | 482 if (modulus_length > kMaxRSAModulusLength) { |
| 480 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); | 483 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); |
| (...skipping 20 matching lines...) Expand all Loading... |
| 501 | 504 |
| 502 // The NSSCertDatabase object is not required. But in case it's not available | 505 // The NSSCertDatabase object is not required. But in case it's not available |
| 503 // we would get more informative error messages and we can double check that | 506 // we would get more informative error messages and we can double check that |
| 504 // we use a key of the correct token. | 507 // we use a key of the correct token. |
| 505 GetCertDatabase(token_id, | 508 GetCertDatabase(token_id, |
| 506 base::Bind(&RSASignWithDB, base::Passed(&state)), | 509 base::Bind(&RSASignWithDB, base::Passed(&state)), |
| 507 profile, | 510 profile, |
| 508 state_ptr); | 511 state_ptr); |
| 509 } | 512 } |
| 510 | 513 |
| 514 } // namespace subtle |
| 515 |
| 511 void GetCertificates(const std::string& token_id, | 516 void GetCertificates(const std::string& token_id, |
| 512 const GetCertificatesCallback& callback, | 517 const GetCertificatesCallback& callback, |
| 513 Profile* profile) { | 518 Profile* profile) { |
| 514 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 519 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 515 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); | 520 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); |
| 516 // Get the pointer to |state| before base::Passed releases |state|. | 521 // Get the pointer to |state| before base::Passed releases |state|. |
| 517 NSSOperationState* state_ptr = state.get(); | 522 NSSOperationState* state_ptr = state.get(); |
| 518 GetCertDatabase(token_id, | 523 GetCertDatabase(token_id, |
| 519 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), | 524 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), |
| 520 profile, | 525 profile, |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 554 // we would get more informative error messages. | 559 // we would get more informative error messages. |
| 555 GetCertDatabase(token_id, | 560 GetCertDatabase(token_id, |
| 556 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), | 561 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), |
| 557 profile, | 562 profile, |
| 558 state_ptr); | 563 state_ptr); |
| 559 } | 564 } |
| 560 | 565 |
| 561 } // namespace platform_keys | 566 } // namespace platform_keys |
| 562 | 567 |
| 563 } // namespace chromeos | 568 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 323093003:
Add the Sign-At-Most-Once restriction the enterprise.platformKeys API. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src