| Index: chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
|
| diff --git a/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc b/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
|
| index f3ad6512ad43ee63c580ecb2339f387a0db9effe..9a4e2d29a5b39b1a1640573e98e742d965f4d367 100644
|
| --- a/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
|
| +++ b/chrome/browser/extensions/api/platform_keys/platform_keys_api.cc
|
| @@ -8,7 +8,6 @@
|
|
|
| #include "base/bind.h"
|
| #include "base/logging.h"
|
| -#include "base/values.h"
|
| #include "chrome/browser/chromeos/platform_keys/platform_keys.h"
|
| #include "chrome/browser/chromeos/platform_keys/platform_keys_service.h"
|
| #include "chrome/browser/chromeos/platform_keys/platform_keys_service_factory.h"
|
| @@ -21,49 +20,10 @@ namespace extensions {
|
| namespace api_pk = api::platform_keys;
|
| namespace api_pki = api::platform_keys_internal;
|
|
|
| -namespace {
|
| -
|
| -const char kErrorAlgorithmNotSupported[] = "Algorithm not supported.";
|
| -const char kErrorInvalidX509Cert[] =
|
| - "Certificate is not a valid X.509 certificate.";
|
| -
|
| -struct PublicKeyInfo {
|
| - // The X.509 Subject Public Key Info of the key in DER encoding.
|
| - std::string public_key_spki_der;
|
| -
|
| - // The type of the key.
|
| - net::X509Certificate::PublicKeyType key_type =
|
| - net::X509Certificate::kPublicKeyTypeUnknown;
|
| -
|
| - // The size of the key in bits.
|
| - size_t key_size_bits = 0;
|
| -};
|
| -
|
| -// Builds a partial WebCrypto Algorithm object from the parameters available in
|
| -// |key_info|, which must the info of an RSA key. This doesn't include sign/hash
|
| -// parameters and thus isn't complete.
|
| -// platform_keys::GetPublicKey() enforced the public exponent 65537.
|
| -void BuildWebCryptoRSAAlgorithmDictionary(const PublicKeyInfo& key_info,
|
| - base::DictionaryValue* algorithm) {
|
| - CHECK_EQ(net::X509Certificate::kPublicKeyTypeRSA, key_info.key_type);
|
| - algorithm->SetStringWithoutPathExpansion("name", "RSASSA-PKCS1-v1_5");
|
| - algorithm->SetIntegerWithoutPathExpansion("modulusLength",
|
| - key_info.key_size_bits);
|
| -
|
| - // Equals 65537.
|
| - const unsigned char defaultPublicExponent[] = {0x01, 0x00, 0x01};
|
| - algorithm->SetWithoutPathExpansion(
|
| - "publicExponent",
|
| - base::BinaryValue::CreateWithCopiedBuffer(
|
| - reinterpret_cast<const char*>(defaultPublicExponent),
|
| - arraysize(defaultPublicExponent)));
|
| -}
|
| -
|
| -} // namespace
|
| -
|
| namespace platform_keys {
|
|
|
| const char kErrorInvalidToken[] = "The token is not valid.";
|
| +const char kErrorAlgorithmNotSupported[] = "Algorithm not supported.";
|
| const char kTokenIdUser[] = "user";
|
| const char kTokenIdSystem[] = "system";
|
|
|
| @@ -94,43 +54,6 @@ std::string PlatformKeysTokenIdToApiId(
|
|
|
| } // namespace platform_keys
|
|
|
| -PlatformKeysInternalGetPublicKeyFunction::
|
| - ~PlatformKeysInternalGetPublicKeyFunction() {
|
| -}
|
| -
|
| -ExtensionFunction::ResponseAction
|
| -PlatformKeysInternalGetPublicKeyFunction::Run() {
|
| - scoped_ptr<api_pki::GetPublicKey::Params> params(
|
| - api_pki::GetPublicKey::Params::Create(*args_));
|
| - EXTENSION_FUNCTION_VALIDATE(params);
|
| -
|
| - const std::vector<char>& cert_der = params->certificate;
|
| - if (cert_der.empty())
|
| - return RespondNow(Error(kErrorInvalidX509Cert));
|
| - scoped_refptr<net::X509Certificate> cert_x509 =
|
| - net::X509Certificate::CreateFromBytes(vector_as_array(&cert_der),
|
| - cert_der.size());
|
| - if (!cert_x509)
|
| - return RespondNow(Error(kErrorInvalidX509Cert));
|
| -
|
| - PublicKeyInfo key_info;
|
| - if (!chromeos::platform_keys::GetPublicKey(
|
| - cert_x509, &key_info.public_key_spki_der, &key_info.key_type,
|
| - &key_info.key_size_bits) ||
|
| - key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) {
|
| - return RespondNow(Error(kErrorAlgorithmNotSupported));
|
| - }
|
| -
|
| - api_pki::GetPublicKey::Results::Algorithm algorithm;
|
| - BuildWebCryptoRSAAlgorithmDictionary(key_info,
|
| - &algorithm.additional_properties);
|
| -
|
| - return RespondNow(ArgumentList(api_pki::GetPublicKey::Results::Create(
|
| - std::vector<char>(key_info.public_key_spki_der.begin(),
|
| - key_info.public_key_spki_der.end()),
|
| - algorithm)));
|
| -}
|
| -
|
| PlatformKeysInternalSelectClientCertificatesFunction::
|
| ~PlatformKeysInternalSelectClientCertificatesFunction() {
|
| }
|
| @@ -172,27 +95,12 @@ void PlatformKeysInternalSelectClientCertificatesFunction::
|
| DCHECK(matches);
|
| std::vector<linked_ptr<api_pk::Match>> result_matches;
|
| for (const scoped_refptr<net::X509Certificate>& match : *matches) {
|
| - PublicKeyInfo key_info;
|
| - if (!chromeos::platform_keys::GetPublicKey(
|
| - match, &key_info.public_key_spki_der, &key_info.key_type,
|
| - &key_info.key_size_bits)) {
|
| - LOG(ERROR) << "Could not retrieve public key info.";
|
| - continue;
|
| - }
|
| - if (key_info.key_type != net::X509Certificate::kPublicKeyTypeRSA) {
|
| - LOG(ERROR) << "Skipping unsupported certificate with non-RSA key.";
|
| - continue;
|
| - }
|
| -
|
| linked_ptr<api_pk::Match> result_match(new api_pk::Match);
|
| std::string der_encoded_cert;
|
| net::X509Certificate::GetDEREncoded(match->os_cert_handle(),
|
| &der_encoded_cert);
|
| result_match->certificate.assign(der_encoded_cert.begin(),
|
| der_encoded_cert.end());
|
| -
|
| - BuildWebCryptoRSAAlgorithmDictionary(
|
| - key_info, &result_match->key_algorithm.additional_properties);
|
| result_matches.push_back(result_match);
|
| }
|
| Respond(ArgumentList(
|
| @@ -207,45 +115,32 @@ ExtensionFunction::ResponseAction PlatformKeysInternalSignFunction::Run() {
|
| api_pki::Sign::Params::Create(*args_));
|
| EXTENSION_FUNCTION_VALIDATE(params);
|
| std::string platform_keys_token_id;
|
| - if (!params->token_id.empty() &&
|
| - !platform_keys::ValidateToken(params->token_id,
|
| - &platform_keys_token_id)) {
|
| + if (!platform_keys::ValidateToken(params->token_id, &platform_keys_token_id))
|
| return RespondNow(Error(platform_keys::kErrorInvalidToken));
|
| - }
|
| +
|
| + chromeos::platform_keys::HashAlgorithm hash_algorithm;
|
| + if (params->hash_algorithm_name == "SHA-1")
|
| + hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA1;
|
| + else if (params->hash_algorithm_name == "SHA-256")
|
| + hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA256;
|
| + else if (params->hash_algorithm_name == "SHA-384")
|
| + hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA384;
|
| + else if (params->hash_algorithm_name == "SHA-512")
|
| + hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA512;
|
| + else
|
| + return RespondNow(Error(platform_keys::kErrorAlgorithmNotSupported));
|
|
|
| chromeos::PlatformKeysService* service =
|
| chromeos::PlatformKeysServiceFactory::GetForBrowserContext(
|
| browser_context());
|
| DCHECK(service);
|
|
|
| - if (params->hash_algorithm_name == "none") {
|
| - service->SignRSAPKCS1Raw(
|
| - platform_keys_token_id,
|
| - std::string(params->data.begin(), params->data.end()),
|
| - std::string(params->public_key.begin(), params->public_key.end()),
|
| - extension_id(),
|
| - base::Bind(&PlatformKeysInternalSignFunction::OnSigned, this));
|
| - } else {
|
| - chromeos::platform_keys::HashAlgorithm hash_algorithm;
|
| - if (params->hash_algorithm_name == "SHA-1") {
|
| - hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA1;
|
| - } else if (params->hash_algorithm_name == "SHA-256") {
|
| - hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA256;
|
| - } else if (params->hash_algorithm_name == "SHA-384") {
|
| - hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA384;
|
| - } else if (params->hash_algorithm_name == "SHA-512") {
|
| - hash_algorithm = chromeos::platform_keys::HASH_ALGORITHM_SHA512;
|
| - } else {
|
| - return RespondNow(Error(kErrorAlgorithmNotSupported));
|
| - }
|
| - service->SignRSAPKCS1Digest(
|
| - platform_keys_token_id,
|
| - std::string(params->data.begin(), params->data.end()),
|
| - std::string(params->public_key.begin(), params->public_key.end()),
|
| - hash_algorithm, extension_id(),
|
| - base::Bind(&PlatformKeysInternalSignFunction::OnSigned, this));
|
| - }
|
| -
|
| + service->Sign(
|
| + platform_keys_token_id,
|
| + std::string(params->public_key.begin(), params->public_key.end()),
|
| + hash_algorithm, std::string(params->data.begin(), params->data.end()),
|
| + extension_id(),
|
| + base::Bind(&PlatformKeysInternalSignFunction::OnSigned, this));
|
| return RespondLater();
|
| }
|
|
|
|
|
Chromium Code Reviews
Issue 929683002:
Revert "Implement chrome.platformKeys.getKeyPair()." (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master