Check-in [64c4c68fa6]
Overview
Comment:ChromeOS: Added support for listing smartcard readers
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 64c4c68fa6638b79e3f13da7a8c1f503b428b829
User & Date: rkeene on 2016-03-09 04:30:30
Other Links: manifest | tags
Context
2016-03-09
04:40
ChromeOS: Fix issue where multiple calls made close together may have used the same ID check-in: 40765d7728 user: rkeene tags: trunk
04:30
ChromeOS: Added support for listing smartcard readers check-in: 64c4c68fa6 user: rkeene tags: trunk
2016-03-08
21:02
ChromeOS: Added support for informing the user if we are a certificate provider or not check-in: 188c4d598f user: rkeene tags: trunk
Changes

Modified build/chrome/cackey-chrome-pkcs11.c from [c7ea100694] to [d840c2c357].

1
2
3
4

5
6
7
8
9
10
11
#ifdef __cplusplus
extern "C" {
#endif


#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>

#include "mypkcs11.h"
#include "cackey-chrome.h"




>







1
2
3
4
5
6
7
8
9
10
11
12
#ifdef __cplusplus
extern "C" {
#endif

#include <stdbool.h>
#include <unistd.h>
#include <stdlib.h>
#include <string.h>
#include <stdio.h>

#include "mypkcs11.h"
#include "cackey-chrome.h"
322
323
324
325
326
327
328



































































329
330
331
332
333
334
335
		if (certificates[idx].certificate) {
			free(certificates[idx].certificate);
		}
	}

	free(certificates);




































































	return;
}

cackey_chrome_returnType cackey_chrome_signMessage(struct cackey_certificate *certificate, void *data, unsigned long dataLength, void *destination, unsigned long *destinationLength, char **pinPrompt, const char *pin) {
	CK_RV chk_rv;
	CK_ULONG numSlots, currSlot;
	CK_SLOT_ID_PTR slots;







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
		if (certificates[idx].certificate) {
			free(certificates[idx].certificate);
		}
	}

	free(certificates);

	return;
}

int cackey_chrome_listReaders(struct cackey_reader **readers) {
	CK_RV chk_rv;
	CK_ULONG numSlots, currSlot;
	CK_SLOT_ID_PTR slots;
	CK_SLOT_INFO slotInfo;

	chk_rv = cackey_chrome_init();
	if (chk_rv != CKR_OK) {
		return(0);
	}

	chk_rv = moduleFunctionList->C_GetSlotList(FALSE, NULL, &numSlots);
	if (chk_rv != CKR_OK) {
		return(0);
	}

	slots = malloc(sizeof(*slots) * numSlots);

	chk_rv = moduleFunctionList->C_GetSlotList(FALSE, slots, &numSlots);
	if (chk_rv != CKR_OK) {
		free(slots);

		return(0);
	}

	*readers = malloc(sizeof(**readers) * numSlots);

	for (currSlot = 0; currSlot < numSlots; currSlot++) {
		chk_rv = moduleFunctionList->C_GetSlotInfo(slots[currSlot], &slotInfo);
		if (chk_rv != CKR_OK) {
			continue;
		}

		(*readers)[currSlot].reader = malloc(sizeof(slotInfo.slotDescription) + 1);
		memcpy((*readers)[currSlot].reader, slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
		(*readers)[currSlot].reader[sizeof(slotInfo.slotDescription)] = '\0';

		if ((slotInfo.flags & CKF_TOKEN_PRESENT) != CKF_TOKEN_PRESENT) {
			(*readers)[currSlot].cardInserted = false;
		} else {
			(*readers)[currSlot].cardInserted = true;
		}
	}

	free(slots);

	return(numSlots);
}

void cackey_chrome_freeReaders(struct cackey_reader *readers, int readersCount) {
	int idx;

	if (readers == NULL) {
		return;
	}

	for (idx = 0; idx < readersCount; idx++) {
		if (readers[idx].reader) {
			free(readers[idx].reader);
		}
	}

	free(readers);

	return;
}

cackey_chrome_returnType cackey_chrome_signMessage(struct cackey_certificate *certificate, void *data, unsigned long dataLength, void *destination, unsigned long *destinationLength, char **pinPrompt, const char *pin) {
	CK_RV chk_rv;
	CK_ULONG numSlots, currSlot;
	CK_SLOT_ID_PTR slots;

Modified build/chrome/cackey-chrome-plugin.cc from [02273309f5] to [cf6e270a5f].

33
34
35
36
37
38
39

40
41
42
43
44
45
46
47
48
49
50
51
		virtual void HandleMessageThread(pp::VarDictionary *message, pp::Var *messagePlain) {
			cackey_chrome_returnType signRet;
			char *pinPrompt = NULL;
			const char *pin;
			const char *smartcardManagerAppId = NULL;
			unsigned char buffer[8192];
			struct cackey_certificate *certificates, incomingCertificateCACKey;

			pp::VarDictionary *reply;
			pp::VarArray certificatesPPArray;
			pp::VarArrayBuffer *certificateContents, *incomingCertificateContents, *incomingData, *outgoingData;
			pp::Var command;
			int numCertificates, i;
			unsigned long outgoingDataLength;

			/*
			 * Extract the command
			 */
			command = message->Get("command");








>
|
|


|







33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
		virtual void HandleMessageThread(pp::VarDictionary *message, pp::Var *messagePlain) {
			cackey_chrome_returnType signRet;
			char *pinPrompt = NULL;
			const char *pin;
			const char *smartcardManagerAppId = NULL;
			unsigned char buffer[8192];
			struct cackey_certificate *certificates, incomingCertificateCACKey;
			struct cackey_reader *readers;
			pp::VarDictionary *reply, *readerInfo;
			pp::VarArray certificatesPPArray, readersPPArray;
			pp::VarArrayBuffer *certificateContents, *incomingCertificateContents, *incomingData, *outgoingData;
			pp::Var command;
			int numCertificates, numReaders, i;
			unsigned long outgoingDataLength;

			/*
			 * Extract the command
			 */
			command = message->Get("command");

83
84
85
86
87
88
89




















90
91
92
93
94
95
96
					delete certificateContents;
				}

				cackey_chrome_freeCertificates(certificates, numCertificates);

				reply->Set("status", "success");
				reply->Set("certificates", certificatesPPArray);




















			} else if (command.AsString() == "sign") {
				if (!message->HasKey("certificate")) {
					reply->Set("status", "error");
					reply->Set("error", "Certificate not supplied");
				} else if (!message->HasKey("data")) {
					reply->Set("status", "error");
					reply->Set("error", "Data not supplied");







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
					delete certificateContents;
				}

				cackey_chrome_freeCertificates(certificates, numCertificates);

				reply->Set("status", "success");
				reply->Set("certificates", certificatesPPArray);
			} else if (command.AsString() == "listreaders") {
				numReaders = cackey_chrome_listReaders(&readers);

				readersPPArray.SetLength(numReaders);

				for (i = 0; i < numReaders; i++) {
					readerInfo = new pp::VarDictionary;

					readerInfo->Set("readerName", readers[i].reader);
					readerInfo->Set("cardInserted", readers[i].cardInserted);

					readersPPArray.Set(i, *readerInfo);

					delete readerInfo;
				}

				cackey_chrome_freeReaders(readers, numReaders);

				reply->Set("status", "success");
				reply->Set("readers", readersPPArray);
			} else if (command.AsString() == "sign") {
				if (!message->HasKey("certificate")) {
					reply->Set("status", "error");
					reply->Set("error", "Certificate not supplied");
				} else if (!message->HasKey("data")) {
					reply->Set("status", "error");
					reply->Set("error", "Data not supplied");

Modified build/chrome/cackey-chrome.h from [ef61e21c1b] to [0278509de3].

1
2
3
4
5
6
7
8
9
10
11
12
13





14
15
16
17
18
19
20
21
22
23
24



25
26
27
28
29
30
31
32
33
#ifndef CACKEY_CHROME_CACKEY_H
#define CACKEY_CHROME_CACKEY_H 1

#  ifdef __cplusplus
extern "C" {
#  endif

#include <stddef.h>

struct cackey_certificate {
	size_t certificate_len;
	void *certificate;
};






typedef enum {
	CACKEY_CHROME_OK,
	CACKEY_CHROME_ERROR,
	CACKEY_CHROME_NEEDLOGIN,
	CACKEY_CHROME_NEEDPROTECTEDLOGIN
} cackey_chrome_returnType;

int cackey_chrome_listCertificates(struct cackey_certificate **certificates);
void cackey_chrome_freeCertificates(struct cackey_certificate *certificates, int certificatesCount);




cackey_chrome_returnType cackey_chrome_signMessage(struct cackey_certificate *certificate, void *data, unsigned long dataLength, void *destination, unsigned long *destinationLength, char **pinPrompt, const char *pin);

void cackey_chrome_terminate(void);

#  ifdef __cplusplus
}
#  endif

#endif













>
>
>
>
>











>
>
>









1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#ifndef CACKEY_CHROME_CACKEY_H
#define CACKEY_CHROME_CACKEY_H 1

#  ifdef __cplusplus
extern "C" {
#  endif

#include <stddef.h>

struct cackey_certificate {
	size_t certificate_len;
	void *certificate;
};

struct cackey_reader {
	char *reader;
	bool cardInserted;
};

typedef enum {
	CACKEY_CHROME_OK,
	CACKEY_CHROME_ERROR,
	CACKEY_CHROME_NEEDLOGIN,
	CACKEY_CHROME_NEEDPROTECTEDLOGIN
} cackey_chrome_returnType;

int cackey_chrome_listCertificates(struct cackey_certificate **certificates);
void cackey_chrome_freeCertificates(struct cackey_certificate *certificates, int certificatesCount);

int cackey_chrome_listReaders(struct cackey_reader **readers);
void cackey_chrome_freeReaders(struct cackey_reader *readers, int readersCount);

cackey_chrome_returnType cackey_chrome_signMessage(struct cackey_certificate *certificate, void *data, unsigned long dataLength, void *destination, unsigned long *destinationLength, char **pinPrompt, const char *pin);

void cackey_chrome_terminate(void);

#  ifdef __cplusplus
}
#  endif

#endif

Modified build/chrome/cackey.js from [6f10afa9df] to [acab99bc2a].

67
68
69
70
71
72
73




74
75
76
77
78
79
80

/*
 * Handle a response from the NaCl side regarding certificates available
 */
function cackeyMessageIncomingListCertificates(message, chromeCallback) {
	var idx;
	var certificates = [];





	for (idx = 0; idx < message.certificates.length; idx++) {
		certificates.push(
			{
				certificate: message.certificates[idx],
				supportedHashes: ['SHA1', 'SHA256', 'MD5_SHA1']
			}







>
>
>
>







67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84

/*
 * Handle a response from the NaCl side regarding certificates available
 */
function cackeyMessageIncomingListCertificates(message, chromeCallback) {
	var idx;
	var certificates = [];

	if (!chromeCallback) {
		return;
	}

	for (idx = 0; idx < message.certificates.length; idx++) {
		certificates.push(
			{
				certificate: message.certificates[idx],
				supportedHashes: ['SHA1', 'SHA256', 'MD5_SHA1']
			}
93
94
95
96
97
98
99













100
101
102
103
104
105




106
107
108
109
110
111
112

			return;
		}
	);

	return;
}














/*
 * Handle a response from the NaCl side regarding signing a message
 */
function cackeyMessageIncomingSignMessage(message, chromeCallback) {
	var payload;





	payload = message.signedData;

	chromeCallback(payload);

	return;
}







>
>
>
>
>
>
>
>
>
>
>
>
>






>
>
>
>







97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

			return;
		}
	);

	return;
}

/*
 * Handle a response from the NaCl side regarding a list of readers
 */
function cackeyMessageIncomingListReaders(message, chromeCallback) {
	if (!chromeCallback) {
		return;
	}

	chromeCallback(message.readers);

	return;
}

/*
 * Handle a response from the NaCl side regarding signing a message
 */
function cackeyMessageIncomingSignMessage(message, chromeCallback) {
	var payload;

	if (!chromeCallback) {
		return;
	}

	payload = message.signedData;

	chromeCallback(payload);

	return;
}
353
354
355
356
357
358
359




360
361
362
363
364
365
366
			 */
			return;
		case "success":
			switch (messageEvent.data.command) {
				case "listcertificates":
					nextFunction = cackeyMessageIncomingListCertificates;





					break;
				case "sign":
					nextFunction = cackeyMessageIncomingSignMessage;

					break;
			}








>
>
>
>







374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
			 */
			return;
		case "success":
			switch (messageEvent.data.command) {
				case "listcertificates":
					nextFunction = cackeyMessageIncomingListCertificates;

					break;
				case "listreaders":
					nextFunction = cackeyMessageIncomingListReaders;

					break;
				case "sign":
					nextFunction = cackeyMessageIncomingSignMessage;

					break;
			}

392
393
394
395
396
397
398
































399
400
401
402
403
404
405
		cackeyHandle.postMessage(
			{
				'target': "cackey",
				'command': "listcertificates",
				'id': callbackId
			}
		);

































		cackeyOutstandingCallbackCounter = callbackId;
		cackeyOutstandingCallbacks[callbackId] = chromeCallback;

		if (GoogleSmartCard.IS_DEBUG_BUILD) {
			console.log("[cackey] Thrown.");
		}







>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>







417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
		cackeyHandle.postMessage(
			{
				'target': "cackey",
				'command': "listcertificates",
				'id': callbackId
			}
		);

		cackeyOutstandingCallbackCounter = callbackId;
		cackeyOutstandingCallbacks[callbackId] = chromeCallback;

		if (GoogleSmartCard.IS_DEBUG_BUILD) {
			console.log("[cackey] Thrown.");
		}
	}, chromeCallback);

	return;
}

/*
 * Handler for messages from Chrome related to listing readers
 */
function cackeyListReaders(chromeCallback) {
	var callbackId;

	if (GoogleSmartCard.IS_DEBUG_BUILD) {
		console.log("[cackey] Asked to provide a list of readers -- throwing that request over to the NaCl side... ");
	}

	callbackId = cackeyOutstandingCallbackCounter + 1;

	cackeyInitPCSC(function() {
		cackeyHandle.postMessage(
			{
				'target': "cackey",
				'command': "listreaders",
				'id': callbackId
			}
		);

		cackeyOutstandingCallbackCounter = callbackId;
		cackeyOutstandingCallbacks[callbackId] = chromeCallback;

		if (GoogleSmartCard.IS_DEBUG_BUILD) {
			console.log("[cackey] Thrown.");
		}