| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/platform_keys/platform_keys_api.h" | 5 #include "chrome/browser/extensions/api/platform_keys/platform_keys_api.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 96 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 107 const std::vector<char>& cert_der = params->certificate; | 107 const std::vector<char>& cert_der = params->certificate; |
| 108 if (cert_der.empty()) | 108 if (cert_der.empty()) |
| 109 return RespondNow(Error(kErrorInvalidX509Cert)); | 109 return RespondNow(Error(kErrorInvalidX509Cert)); |
| 110 scoped_refptr<net::X509Certificate> cert_x509 = | 110 scoped_refptr<net::X509Certificate> cert_x509 = |
| 111 net::X509Certificate::CreateFromBytes(vector_as_array(&cert_der), | 111 net::X509Certificate::CreateFromBytes(vector_as_array(&cert_der), |
| 112 cert_der.size()); | 112 cert_der.size()); |
| 113 if (!cert_x509) | 113 if (!cert_x509) |
| 114 return RespondNow(Error(kErrorInvalidX509Cert)); | 114 return RespondNow(Error(kErrorInvalidX509Cert)); |
| 115 | 115 |
| 116 PublicKeyInfo key_info; | 116 PublicKeyInfo key_info; |
| 117 if (!chromeos::platform_keys::GetPublicKey( | 117 key_info.public_key_spki_der = |
| 118 cert_x509, &key_info.public_key_spki_der, &key_info.key_type, | 118 chromeos::platform_keys::GetSubjectPublicKeyInfo(cert_x509); |
| 119 &key_info.key_size_bits) || | 119 if (!chromeos::platform_keys::GetPublicKey(cert_x509, &key_info.key_type, |
| 120 &key_info.key_size_bits) || |
| 120 key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) { | 121 key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) { |
| 121 return RespondNow(Error(kErrorAlgorithmNotSupported)); | 122 return RespondNow(Error(kErrorAlgorithmNotSupported)); |
| 122 } | 123 } |
| 123 | 124 |
| 124 api_pki::GetPublicKey::Results::Algorithm algorithm; | 125 api_pki::GetPublicKey::Results::Algorithm algorithm; |
| 125 BuildWebCryptoRSAAlgorithmDictionary(key_info, | 126 BuildWebCryptoRSAAlgorithmDictionary(key_info, |
| 126 &algorithm.additional_properties); | 127 &algorithm.additional_properties); |
| 127 | 128 |
| 128 return RespondNow(ArgumentList(api_pki::GetPublicKey::Results::Create( | 129 return RespondNow(ArgumentList(api_pki::GetPublicKey::Results::Create( |
| 129 std::vector<char>(key_info.public_key_spki_der.begin(), | 130 std::vector<char>(key_info.public_key_spki_der.begin(), |
| (...skipping 17 matching lines...) Expand all Loading... |
| 147 DCHECK(service); | 148 DCHECK(service); |
| 148 | 149 |
| 149 chromeos::platform_keys::ClientCertificateRequest request; | 150 chromeos::platform_keys::ClientCertificateRequest request; |
| 150 for (const std::vector<char>& cert_authority : | 151 for (const std::vector<char>& cert_authority : |
| 151 params->details.request.certificate_authorities) { | 152 params->details.request.certificate_authorities) { |
| 152 request.certificate_authorities.push_back( | 153 request.certificate_authorities.push_back( |
| 153 std::string(cert_authority.begin(), cert_authority.end())); | 154 std::string(cert_authority.begin(), cert_authority.end())); |
| 154 } | 155 } |
| 155 | 156 |
| 156 service->SelectClientCertificates( | 157 service->SelectClientCertificates( |
| 157 request, extension_id(), | 158 request, params->details.interactive, extension_id(), |
| 158 base::Bind(&PlatformKeysInternalSelectClientCertificatesFunction:: | 159 base::Bind(&PlatformKeysInternalSelectClientCertificatesFunction:: |
| 159 OnSelectedCertificates, | 160 OnSelectedCertificates, |
| 160 this)); | 161 this)); |
| 161 return RespondLater(); | 162 return RespondLater(); |
| 162 } | 163 } |
| 163 | 164 |
| 164 void PlatformKeysInternalSelectClientCertificatesFunction:: | 165 void PlatformKeysInternalSelectClientCertificatesFunction:: |
| 165 OnSelectedCertificates(scoped_ptr<net::CertificateList> matches, | 166 OnSelectedCertificates(scoped_ptr<net::CertificateList> matches, |
| 166 const std::string& error_message) { | 167 const std::string& error_message) { |
| 167 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); | 168 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); |
| 168 if (!error_message.empty()) { | 169 if (!error_message.empty()) { |
| 169 Respond(Error(error_message)); | 170 Respond(Error(error_message)); |
| 170 return; | 171 return; |
| 171 } | 172 } |
| 172 DCHECK(matches); | 173 DCHECK(matches); |
| 173 std::vector<linked_ptr<api_pk::Match>> result_matches; | 174 std::vector<linked_ptr<api_pk::Match>> result_matches; |
| 174 for (const scoped_refptr<net::X509Certificate>& match : *matches) { | 175 for (const scoped_refptr<net::X509Certificate>& match : *matches) { |
| 175 PublicKeyInfo key_info; | 176 PublicKeyInfo key_info; |
| 176 if (!chromeos::platform_keys::GetPublicKey( | 177 key_info.public_key_spki_der = |
| 177 match, &key_info.public_key_spki_der, &key_info.key_type, | 178 chromeos::platform_keys::GetSubjectPublicKeyInfo(match); |
| 178 &key_info.key_size_bits)) { | 179 if (!chromeos::platform_keys::GetPublicKey(match, &key_info.key_type, |
| 180 &key_info.key_size_bits)) { |
| 179 LOG(ERROR) << "Could not retrieve public key info."; | 181 LOG(ERROR) << "Could not retrieve public key info."; |
| 180 continue; | 182 continue; |
| 181 } | 183 } |
| 182 if (key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) { | 184 if (key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) { |
| 183 LOG(ERROR) << "Skipping unsupported certificate with non-RSA key."; | 185 LOG(ERROR) << "Skipping unsupported certificate with non-RSA key."; |
| 184 continue; | 186 continue; |
| 185 } | 187 } |
| 186 | 188 |
| 187 linked_ptr<api_pk::Match> result_match(new api_pk::Match); | 189 linked_ptr<api_pk::Match> result_match(new api_pk::Match); |
| 188 std::string der_encoded_cert; | 190 std::string der_encoded_cert; |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 254 const std::string& error_message) { | 256 const std::string& error_message) { |
| 255 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); | 257 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::UI)); |
| 256 if (error_message.empty()) | 258 if (error_message.empty()) |
| 257 Respond(ArgumentList(api_pki::Sign::Results::Create( | 259 Respond(ArgumentList(api_pki::Sign::Results::Create( |
| 258 std::vector<char>(signature.begin(), signature.end())))); | 260 std::vector<char>(signature.begin(), signature.end())))); |
| 259 else | 261 else |
| 260 Respond(Error(error_message)); | 262 Respond(Error(error_message)); |
| 261 } | 263 } |
| 262 | 264 |
| 263 } // namespace extensions | 265 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 905523002:
platformKeys: Add per-extension sign permissions. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@pks_sign_task