OLD | NEW |
1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 /** | 5 /** |
6 * Check the validity of the policy extension manifest. | 6 * Check the validity of the policy extension manifest. |
7 * | 7 * |
8 * This function is invoked by entd before the policy is loaded in order to | 8 * This function is invoked by entd before the policy is loaded in order to |
9 * check the validity of the extension manifest. If this function returns | 9 * check the validity of the extension manifest. If this function returns |
10 * false, entd exits and does not restart until the next user logs in. | 10 * false, entd exits and does not restart until the next user logs in. |
(...skipping 1223 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1234 /** | 1234 /** |
1235 * Return information about the current policy. | 1235 * Return information about the current policy. |
1236 * | 1236 * |
1237 * This policy callback returns the policy description, according to the | 1237 * This policy callback returns the policy description, according to the |
1238 * extension manifest,and the current username. | 1238 * extension manifest,and the current username. |
1239 * | 1239 * |
1240 * @return {Object} An object with 'description' and 'username' properties. | 1240 * @return {Object} An object with 'description' and 'username' properties. |
1241 */ | 1241 */ |
1242 Policy.Callbacks.prototype['cb:info'] = | 1242 Policy.Callbacks.prototype['cb:info'] = |
1243 function cb_info() { | 1243 function cb_info() { |
1244 return Policy.CallbackSuccess({ | 1244 var callback_data = { |
1245 description: this.policy.manifest.description, | 1245 description: this.policy.manifest.description, |
1246 version: this.policy.manifest.version, | 1246 version: this.policy.manifest.version, |
1247 username: entd.username, | 1247 username: entd.username, |
1248 browserPolicyChanged: this.policy.browserPolicyChanged, | 1248 browserPolicyChanged: this.policy.browserPolicyChanged, |
1249 isLibcrosLoaded: entd.isLibcrosLoaded, | 1249 isLibcrosLoaded: entd.isLibcrosLoaded, |
1250 tpm: { | 1250 tpm: { |
1251 isReady: (entd.isLibcrosLoaded ? entd.tpm.isReady : true), | 1251 isReady: (entd.isLibcrosLoaded ? entd.tpm.isReady : true), |
1252 isEnabled: (entd.isLibcrosLoaded ? entd.tpm.isEnabled : true), | 1252 isEnabled: (entd.isLibcrosLoaded ? entd.tpm.isEnabled : true), |
1253 isOwned: (entd.isLibcrosLoaded ? entd.tpm.isOwned : true), | 1253 isOwned: (entd.isLibcrosLoaded ? entd.tpm.isOwned : true), |
1254 isBeingOwned: (entd.isLibcrosLoaded ? entd.tpm.isBeingOwned : false), | 1254 isBeingOwned: (entd.isLibcrosLoaded ? entd.tpm.isBeingOwned : false), |
1255 statusString: (entd.isLibcrosLoaded ? entd.tpm.statusString : | 1255 statusString: (entd.isLibcrosLoaded ? entd.tpm.statusString : |
1256 "libcros not loaded"), | 1256 "libcros not loaded") |
1257 }, | 1257 }, |
1258 pkcs11: { | 1258 pkcs11: { |
1259 state: this.policy.pkcs11.state, | 1259 state: this.policy.pkcs11.state, |
1260 log: this.policy.getLog(this.policy.pkcs11) | 1260 log: this.policy.getLog(this.policy.pkcs11) |
1261 } | 1261 } |
1262 }); | 1262 } |
| 1263 if ('isTokenReady' in entd.tpm) { |
| 1264 callback_data.pkcs11.isTokenReady = |
| 1265 (entd.isLibcrosLoaded ? entd.tpm.isTokenReady : false); |
| 1266 } |
| 1267 |
| 1268 return Policy.CallbackSuccess(callback_data); |
1263 }; | 1269 }; |
1264 | 1270 |
1265 /** | 1271 /** |
1266 * Set the user PIN on a given token. | 1272 * Set the user PIN on a given token. |
1267 * | 1273 * |
1268 * This is a no-op if the oldPin and newPin are the same value. | 1274 * This is a no-op if the oldPin and newPin are the same value. |
1269 * | 1275 * |
1270 * @param {Object} arg An object with the following properties: | 1276 * @param {Object} arg An object with the following properties: |
1271 * - 'slotId' An integer representing the slot that contains the target token. | 1277 * - 'slotId' An integer representing the slot that contains the target token. |
1272 * - 'oldPin' An optional string representing the current PIN. Defaults to | 1278 * - 'oldPin' An optional string representing the current PIN. Defaults to |
1273 * Token.DEFAULT_USER_PIN or Policy.PKCS11_USER_PIN, depending on the | 1279 * Token.DEFAULT_USER_PIN or Policy.PKCS11_USER_PIN, depending on the |
1274 * state of the token. | 1280 * state of the token. |
1275 * - 'oldPin' An optional string representing the new PIN. Defaults to | 1281 * - 'oldPin' An optional string representing the new PIN. Defaults to |
1276 * Policy.PKCS11_USER_PIN. | 1282 * Policy.PKCS11_USER_PIN. |
1277 * | 1283 * |
1278 * Setting the user pin is an asynchronous operation. While the set is in | 1284 * Setting the user pin is an asynchronous operation. While the set is in |
1279 * progress the token state will be 'start:user-pin'. If the operation | 1285 * progress the token state will be 'start:user-pin'. If the operation |
1280 * completes successfully, the token state should become 'stop:ready', although | 1286 * completes successfully, the token state should become 'stop:ready', although |
1281 * if the operation completes successfully but the token is not ready due to | 1287 * if the operation completes successfully but the token is not ready due to |
1282 * some unexpected condition, it will become 'stop:user-pin'. On error it will | 1288 * some unexpected condition, it will become 'stop:user-pin'. On error it will |
1283 * become 'stop:error'. | 1289 * become 'stop:error'. |
| 1290 * TODO(crosbug.com/14277): Remove SetPIN functions. |
1284 */ | 1291 */ |
1285 Policy.Callbacks.prototype['cb:setUserPin'] = | 1292 Policy.Callbacks.prototype['cb:setUserPin'] = |
1286 function cb_setUserPin(arg) { | 1293 function cb_setUserPin(arg) { |
1287 var pkcs11 = this.policy.pkcs11.api; | 1294 var pkcs11 = this.policy.pkcs11.api; |
1288 if (!pkcs11) | 1295 if (!pkcs11) |
1289 return Policy.CallbackError('Pkcs11 not initialized'); | 1296 return Policy.CallbackError('Pkcs11 not initialized'); |
1290 | 1297 |
1291 if (!('slotId' in arg)) | 1298 if (!('slotId' in arg)) |
1292 return Policy.CallbackError('Missing required parameter: slotId'); | 1299 return Policy.CallbackError('Missing required parameter: slotId'); |
1293 | 1300 |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1406 /** | 1413 /** |
1407 * Initialize a PKCS11 token. | 1414 * Initialize a PKCS11 token. |
1408 * | 1415 * |
1409 * @param {Object} arg An object with the following properties: | 1416 * @param {Object} arg An object with the following properties: |
1410 * - 'slotId' An integer representing the slot that contains the target token. | 1417 * - 'slotId' An integer representing the slot that contains the target token. |
1411 * | 1418 * |
1412 * Initializing a PKCS11 token is an asynchronous operation. While the | 1419 * Initializing a PKCS11 token is an asynchronous operation. While the |
1413 * initialization is in progress the token state will be 'start:init'. If the | 1420 * initialization is in progress the token state will be 'start:init'. If the |
1414 * operation completes successfully the token state will become 'stop:init'. | 1421 * operation completes successfully the token state will become 'stop:init'. |
1415 * On error it will become 'stop:error'. | 1422 * On error it will become 'stop:error'. |
| 1423 * TODO(crosbug.com/14277): Remove initToken function. |
1416 */ | 1424 */ |
1417 Policy.Callbacks.prototype['cb:initToken'] = | 1425 Policy.Callbacks.prototype['cb:initToken'] = |
1418 function cb_initToken(arg) { | 1426 function cb_initToken(arg) { |
1419 var pkcs11 = this.policy.pkcs11.api; | 1427 var pkcs11 = this.policy.pkcs11.api; |
1420 if (!pkcs11) | 1428 if (!pkcs11) |
1421 return Policy.CallbackError('Pkcs11 not initialized'); | 1429 return Policy.CallbackError('Pkcs11 not initialized'); |
1422 | 1430 |
1423 if (!('slotId' in arg)) | 1431 if (!('slotId' in arg)) |
1424 return Policy.CallbackError('Mising parameter: slotId'); | 1432 return Policy.CallbackError('Mising parameter: slotId'); |
1425 | 1433 |
(...skipping 235 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1661 Policy.CallbackSuccess = | 1669 Policy.CallbackSuccess = |
1662 function CallbackSuccess(data) { | 1670 function CallbackSuccess(data) { |
1663 return { status: 'success', data: data }; | 1671 return { status: 'success', data: data }; |
1664 }; | 1672 }; |
1665 | 1673 |
1666 /** | 1674 /** |
1667 * Return an object indicating that a callback encountered an error. | 1675 * Return an object indicating that a callback encountered an error. |
1668 */ | 1676 */ |
1669 Policy.CallbackError = | 1677 Policy.CallbackError = |
1670 function CallbackError(data) { | 1678 function CallbackError(data) { |
| 1679 // Log the error to syslogs for further diagnosis. |
| 1680 entd.syslog.error(data); |
1671 return { status: 'error', data: data }; | 1681 return { status: 'error', data: data }; |
1672 }; | 1682 }; |
1673 | 1683 |
1674 /** | 1684 /** |
1675 * Namespace for utility functions... | 1685 * Namespace for utility functions... |
1676 */ | 1686 */ |
1677 | 1687 |
1678 var util = new Object(); | 1688 var util = new Object(); |
1679 | 1689 |
1680 /** | 1690 /** |
(...skipping 292 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1973 var result = []; | 1983 var result = []; |
1974 for (i = 0; i < str.length; i++) { | 1984 for (i = 0; i < str.length; i++) { |
1975 var d = str.charCodeAt(i); | 1985 var d = str.charCodeAt(i); |
1976 var h = d.toString(16); | 1986 var h = d.toString(16); |
1977 if (h.length == 1) | 1987 if (h.length == 1) |
1978 result.push('0'); | 1988 result.push('0'); |
1979 result.push(h); | 1989 result.push(h); |
1980 } | 1990 } |
1981 return result.join(''); | 1991 return result.join(''); |
1982 } | 1992 } |
OLD | NEW |