Check-in [036113d051]
Overview
SHA1:036113d0513f7c3b9831984c55834cfc7e275a04
Date: 2016-02-15 07:22:53
User: rkeene
Comment:ChromeOS: Try to supply the user PIN to the card
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2016-02-15
07:31
[7879121689] ChromeOS: Attempt to sign the correctly prefixed data (user: rkeene, tags: trunk)
07:22
[036113d051] ChromeOS: Try to supply the user PIN to the card (user: rkeene, tags: trunk)
06:45
[4509382d11] ChromeOS: Removed extraneous PIN clearing (user: rkeene, tags: trunk)
Changes

Modified build/chrome/cackey.js from [79b6d25629] to [bf69054466].

    25     25   var pinWindowPINValue = "";
    26     26   var pinWindowPreviousHandle = null;
    27     27   
    28     28   /*
    29     29    * Messages that may need to be retried after getting a PIN
    30     30    */
    31     31   var cackeyMessagesToRetry = [];
           32  +
           33  +/*
           34  + * Stored PIN for a given certificate
           35  + */
           36  +var cackeyCertificateToPINMap = {};
           37  +
           38  +/*
           39  + * Compute a text-based handle for a certificate to be hashed by
           40  + */
           41  +function cackeyCertificateToPINID(certificate) {
           42  +	var id;
           43  +	var certificateArray;
           44  +
           45  +	id = "";
           46  +
           47  +	certificateArray = new Uint8Array(certificate);
           48  +
           49  +	certificateArray.map(
           50  +		function(byte) {
           51  +			id += ("0" + byte.toString(16)).slice(-2);
           52  +		}
           53  +	);
           54  +
           55  +	delete certificateArray;
           56  +
           57  +	return(id);
           58  +}
    32     59   
    33     60   /*
    34     61    * Handle a response from the NaCl side regarding certificates available
    35     62    */
    36     63   function cackeyMessageIncomingListCertificates(message, chromeCallback) {
    37     64   	var idx;
    38     65   	var certificates = [];
................................................................................
    86    113   	if (messageEvent.data.target != "cackey") {
    87    114   		return;
    88    115   	}
    89    116   
    90    117   	console.log("START MESSAGE");
    91    118   	console.log(messageEvent.data);
    92    119   	console.log("END MESSAGE");
          120  +
          121  +	/*
          122  +	 * If we failed for some reason and we have a certificate in the original
          123  +	 * request then forget any PIN associated with that certificate
          124  +	 */
          125  +	if (messageEvent.data.status != "success") {
          126  +		if (messageEvent.data.originalrequest.certificate) {
          127  +			delete cackeyCertificateToPINMap[cackeyCertificateToPINID(messageEvent.data.originalrequest.certificate)];
          128  +		}
          129  +	}
    93    130   
    94    131   	if (messageEvent.data.id == null) {
    95    132   		return;
    96    133   	}
    97    134   
    98    135   	chromeCallback = cackeyOutstandingCallbacks[messageEvent.data.id];
    99    136   
................................................................................
   181    218   							tmpMessageEvent.data.status = "error";
   182    219   							tmpMessageEvent.data.error = "PIN window closed without a PIN being provided";
   183    220   
   184    221   							cackeyMessageIncoming(tmpMessageEvent);
   185    222   						} else {
   186    223   							tmpMessageEvent.data.originalrequest.pin = pinWindowPINValue;
   187    224   
          225  +							cackeyCertificateToPINMap[cackeyCertificateToPINID(tmpMessageEvent.data.originalrequest.certificate)] = pinWindowPINValue;
          226  +
   188    227   							cackeyHandle.postMessage(tmpMessageEvent.data.originalrequest);
   189    228   						}
   190    229   
   191    230   						delete cackeyMessagesToRetry[messageIdx];
   192    231   					}
   193    232   
          233  +					/*
          234  +					 * We are done fetching the user PIN, clear the value
          235  +					 */
          236  +					pinWindowPINValue = "";
          237  +
   194    238   					return;
   195    239   				})
   196    240   
   197    241   				/*
   198    242   				 * Pass this message off to the other window so that it may resubmit the request.
   199    243   				 */
   200    244   				pinWindow.contentWindow.parentWindow = window;
................................................................................
   259    303   }
   260    304   
   261    305   /*
   262    306    * Handler for messages from Chrome related to signing a hash of some sort
   263    307    */
   264    308   function cackeySignMessage(signRequest, chromeCallback) {
   265    309   	var callbackId;
          310  +	var command;
          311  +	var certificateId;
   266    312   
   267    313   	console.log("[cackey] Asked to sign a message -- throwing that request over to the NaCl side... ");
   268    314   
   269    315   	callbackId = cackeyOutstandingCallbackCounter + 1;
   270    316   
   271         -	cackeyHandle.postMessage(
   272         -		{
   273         -			'target': "cackey",
   274         -			'command': "sign",
   275         -			'id': callbackId,
   276         -			'certificate': signRequest.certificate,
   277         -			'data': signRequest.digest /* XXX:TODO: This needs to be prefixed based on the signRequest.hash */
   278         -		}
   279         -	);
          317  +	command = {
          318  +		'target': "cackey",
          319  +		'command': "sign",
          320  +		'id': callbackId,
          321  +		'certificate': signRequest.certificate,
          322  +		'data': signRequest.digest /* XXX:TODO: This needs to be prefixed based on the signRequest.hash */
          323  +	};
          324  +
          325  +	certificateId = cackeyCertificateToPINID(command.certificate);
          326  +
          327  +	if (cackeyCertificateToPINMap[certificateId]) {
          328  +		command.pin = cackeyCertificateToPINMap[certificateId];
          329  +	}
          330  +
          331  +	cackeyHandle.postMessage(command);
   280    332   
   281    333   	cackeyOutstandingCallbackCounter = callbackId;
   282    334   	cackeyOutstandingCallbacks[callbackId] = chromeCallback;
   283    335   
   284    336   	console.log("[cackey] Thrown.");
   285    337   
   286    338   	return;