CACKey
Check-in [455296a053]
Login
HomeDownloadsSource CodeWiki
Overview
Comment:ChromeOS: Made JavaScript talking to PCSC more robust
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 455296a053b280807ba1149ffe231e21371e5589
User & Date: rkeene on 2016-02-28 21:18:17
Other Links: manifest | tags
Context
2016-02-28
21:22
ChromeOS: Improved cleanup after crash check-in: 789f3b2324 user: rkeene tags: trunk
21:18
ChromeOS: Made JavaScript talking to PCSC more robust check-in: 455296a053 user: rkeene tags: trunk
2016-02-26
21:40
ChromeOS: Deal with CACKey crashing by restarting check-in: f631a1ccb2 user: rkeene tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Modified build/chrome/cackey.js from [fda208ef5f] to [84d3b8d4ee]. 

9
10
11
12
13
14
15

16
17
18
19
20
21
22

9
10
11
12
13
14
15
16
17
18
19
20
21
22
23








+








}

/*
 * Handle for the CACKey NaCl Target
 */
var cackeyHandle = null;
var cackeyPCSCHandle = null;
var cackeyPCSCHandleUsable = false;

/*
 * Handle and ID for outstanding callbacks
 */
var cackeyOutstandingCallbacks = {}
var cackeyOutstandingCallbackCounter = -1;


32
33
34
35
36
37
38





39
40
41
42
43
44
45

33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51








+
+
+
+
+








var cackeyMessagesToRetry = [];

/*
 * Stored PIN for a given certificate
 */
var cackeyCertificateToPINMap = {};

/*
 * Callbacks to perform after PCSC comes online
 */
cackeyCallbackAfterInit = []

/*
 * Compute a text-based handle for a certificate to be hashed by
 */
function cackeyCertificateToPINID(certificate) {
	var id;
	var certificateArray;


65
66
67
68
69
70
71
72

73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89


90
91
92
93
94
95
96
97
98
99
100


101
102
103
104
105
106
107

71
72
73
74
75
76
77

78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117








-
+

















+
+











+
+








	var idx;
	var certificates = [];

	for (idx = 0; idx < message.certificates.length; idx++) {
		certificates.push(
			{
				certificate: message.certificates[idx],
				supportedHashes: ['SHA1', 'SHA256']
				supportedHashes: ['SHA1', 'SHA256', 'MD5_SHA1']
			}
		);
	}

	chromeCallback(certificates,
		function(rejectedCerts) {
			if (chrome.runtime.lastError) {
				return;
			}

			if (rejectedCerts.length !== 0) {
				onCertificatesRejected(rejectedCerts);
			}

			return;
		}
	);

	return;
}

/*
 * Handle a response from the NaCl side regarding signing a message
 */
function cackeyMessageIncomingSignMessage(message, chromeCallback) {
	var payload;

	payload = message.signedData;

	chromeCallback(payload);

	return;
}

/*
 * Handle an incoming message from the NaCl side and pass it off to
 * one of the handlers above for actual formatting and passing to
 * the callback
 *

227
228
229
230
231
232
233

234


235
236
237
238
239
240
241

237
238
239
240
241
242
243
244

245
246
247
248
249
250
251
252
253








+
-
+
+









							cackeyMessageIncoming(tmpMessageEvent);
						} else {
							tmpMessageEvent.data.originalrequest.pin = pinWindowPINValue;

							cackeyCertificateToPINMap[cackeyCertificateToPINID(tmpMessageEvent.data.originalrequest.certificate)] = pinWindowPINValue;

							cackeyInitPCSC(function() {
							cackeyHandle.postMessage(tmpMessageEvent.data.originalrequest);
								cackeyHandle.postMessage(tmpMessageEvent.data.originalrequest);
							});
						}
					}


					/*
					 * Delete the existing handle and create a new one
					 */

297
298
299
300
301
302
303

304
305
306
307
308
309
310







311
312
313


314
315
316
317




318
319
320
321
322
323
324

309
310
311
312
313
314
315
316







317
318
319
320
321
322
323
324


325
326
327



328
329
330
331
332
333
334
335
336
337
338








+
-
-
-
-
-
-
-
+
+
+
+
+
+
+

-
-
+
+

-
-
-
+
+
+
+









	if (GoogleSmartCard.IS_DEBUG_BUILD) {
		console.log("[cackey] Asked to provide a list of certificates -- throwing that request over to the NaCl side... ");
	}

	callbackId = cackeyOutstandingCallbackCounter + 1;

	cackeyInitPCSC(function() {
	cackeyHandle.postMessage(
		{
			'target': "cackey",
			'command': "listcertificates",
			'id': callbackId
		}
	);
		cackeyHandle.postMessage(
			{
				'target': "cackey",
				'command': "listcertificates",
				'id': callbackId
			}
		);

	cackeyOutstandingCallbackCounter = callbackId;
	cackeyOutstandingCallbacks[callbackId] = chromeCallback;
		cackeyOutstandingCallbackCounter = callbackId;
		cackeyOutstandingCallbacks[callbackId] = chromeCallback;

	if (GoogleSmartCard.IS_DEBUG_BUILD) {
		console.log("[cackey] Thrown.");
	}
		if (GoogleSmartCard.IS_DEBUG_BUILD) {
			console.log("[cackey] Thrown.");
		}
	});

	return;
}

/*
 * Handler for messages from Chrome related to signing a hash of some sort
 */

371
372
373
374
375
376
377

378

379
380
381


382
383
384
385

























386
387
388
389
390
391
392
393


394


395
396
397
398
399
400

401
402
403



404
405
406
407
408
409
410
411
412
413




414
415
416
417
418
419
420
421


422
423
424
425
426
427
428
429
430
431
432
433
434
























435
436

437
438
439






440






441
442
443
444

























445
446
447
448
449
450
451
452
453
454
455
456
457
458
459

460
461



















462
463
464
465
466
467
468

385
386
387
388
389
390
391
392

393
394


395
396
397



398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439


440
441


442
443
444


445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477


478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502

503
504


505
506
507
508
509
510
511
512
513
514
515
516
517




518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556

557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585








+
-
+

-
-
+
+

-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+








+
+

+
+




-
-
+

-
-
+
+
+
-
-








+
+
+
+








+
+











-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+

-
+

-
-
+
+
+
+
+
+

+
+
+
+
+
+
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+














-
+


+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+









	certificateId = cackeyCertificateToPINID(command.certificate);

	if (cackeyCertificateToPINMap[certificateId]) {
		command.pin = cackeyCertificateToPINMap[certificateId];
	}

	cackeyInitPCSC(function() {
	cackeyHandle.postMessage(command);
		cackeyHandle.postMessage(command);

	cackeyOutstandingCallbackCounter = callbackId;
	cackeyOutstandingCallbacks[callbackId] = chromeCallback;
		cackeyOutstandingCallbackCounter = callbackId;
		cackeyOutstandingCallbacks[callbackId] = chromeCallback;

	if (GoogleSmartCard.IS_DEBUG_BUILD) {
		console.log("[cackey] Thrown.");
	}
		if (GoogleSmartCard.IS_DEBUG_BUILD) {
			console.log("[cackey] Thrown.");
		}
	});

	return;
}

/*
 * Unititalizes the CACKey PCSC connection
 */
function cackeyUninitPCSC() {
	console.log("[cackey] cackeyUninitPCSC() called");

	if (cackeyPCSCHandle != null) {
		console.log("[cackey] Deleting PCSC handle");

		delete cackeyPCSCHandle;

		cackeyPCSCHandle = null;
	}

	cackeyPCSCHandleUsable = false;

	console.log("[cackey] cackeyUninitPCSC() returning");

	return;
}

/*
 * Uninitializes CACKey (probably due to a crash)
 */
function cackeyUninit() {
	console.log("[cackey] cackeyUninit() called");

	if (chrome.certificateProvider) {
		console.log("[cackey] Unregistered Chrome certificate handlers");

		chrome.certificateProvider.onCertificatesRequested.removeListener(cackeyListCertificates);
		chrome.certificateProvider.onSignDigestRequested.removeListener(cackeySignMessage);
	}

	if (cackeyPCSCHandle != null) {
		delete cackeyPCSCHandle;
	cackeyUninitPCSC();

		cackeyPCSCHandle = null;
	}
	if (cackeyHandle != null) {
		console.log("[cackey] Deleting PNaCl module");


	if (cackeyHandle != null) {
		try {
			document.body.removeChild(cackeyHandle);
		} catch (e) { }

		delete cackeyHandle;

		cackeyHandle = null;
	}

	console.log("[cackey] cackeyUninit() complete");

	return;
}

/*
 * Restarts CACKey
 */
function cackeyRestart() {
	cackeyUninit();
	cackeyInit();

	return;
}

/*
 * Handle a CACKey crash (probably due to loss of connectivity to the PCSC daemon)
 */
function cackeyCrash() {
	/*
	 * Schedule the restart to occur in 30 seconds in case we really are
	 * not working.
	 */
	setTimeout(cackeyRestart, 30000);
}


	return;
}

function cackeyInitPCSCCompleted() {
	var idx;

	cackeyPCSCHandleUsable = true;

	for (idx = 0; idx < cackeyCallbackAfterInit.length; idx++) {
		if (!cackeyCallbackAfterInit[idx]) {
			continue;
		}

		cackeyCallbackAfterInit[idx]();
	}

	delete cackeyCallbackAfterInit;

	cackeyCallbackAfterInit = [];

	return;
}

/*
 * Finish performing initialization that must wait until we have loaded the CACKey module
 * Initialize the PCSC connection
 */
function cackeyInitLoaded(messageEvent) {
	console.log("[cackey] Loaded CACKey PNaCl Module");
function cackeyInitPCSC(callbackAfterInit) {
	/*
	 * Start the Google PCSC Interface
	 */

	console.log("[cackey] cackeyInitPCSC() called");

	/*
	 * Queue this callback to be completed when initialization is complete
	 */
	if (callbackAfterInit) {
		cackeyCallbackAfterInit.push(callbackAfterInit);
	}
	/* Register listeners with Chrome */
	if (chrome.certificateProvider) {
		chrome.certificateProvider.onCertificatesRequested.addListener(cackeyListCertificates);
		chrome.certificateProvider.onSignDigestRequested.addListener(cackeySignMessage);

	/*
	 * No additional work is required
	 */

	if (cackeyPCSCHandle) {
		console.log("[cackey] PCSC handle is already valid, nothing to do.");

		if (cackeyPCSCHandleUsable) {
			cackeyInitPCSCCompleted();
		}

		return;
	}

	/*
	 * Sanely initialize this
	 */
	cackeyPCSCHandleUsable = false;

	/*
	 * Initialize the CACKey PNaCl module if needed
	 */
	if (cackeyHandle == null) {
		cackeyInit();
	}

	/*
	 * Initialize CACKey with the correct handle to talk to the Google Smartcard Manager App
	 */
	cackeyHandle.postMessage(
		{
			"target": "cackey",
			"command": "init",
			"smartcardManagerAppId": "khpfeaanjngmcnplbdlpegiifgpfgdco"
		}
	);

	/*
	 * Start the Google PCSC Interface
	 * Initialize the PCSC NaCl interface
	 */
	cackeyPCSCHandle = new GoogleSmartCard.PcscNacl(cackeyHandle);

	console.log("[cackey] cackeyInitPCSC() complete");

	return;
}

/*
 * Finish performing initialization that must wait until we have loaded the CACKey module
 */
function cackeyInitLoaded(messageEvent) {
	console.log("[cackey] Loaded CACKey PNaCl Module");

	/* Register listeners with Chrome */
	if (chrome.certificateProvider) {
		console.log("[cackey] Registered Certificate handlers with Chrome");

		chrome.certificateProvider.onCertificatesRequested.addListener(cackeyListCertificates);
		chrome.certificateProvider.onSignDigestRequested.addListener(cackeySignMessage);
	}

	return;
}

/*
 * Initialize CACKey and the PCSC library from Google
 */

511
512
513
514
515
516
517


518
519
520
521
522
523



524
525
526
527
528
529
530
531
532
533
534
535
536
537
538


























539
540
541
542
543

628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691








+
+






+
+
+















+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+






	/*
	 * Force the browser to load the element
	 * by requesting its position
	 */
	forceLoadElement = cackeyHandle.offsetTop;

	console.log("[cackey] cackeyInit(): Completed.  Returning.");

	return;
}

/*
 * Initialize the CACKey Chrome Application
 */
function cackeyAppInit() {
	var oldOnPortDisconnectedFunction;
	var oldPCSCInitializationCallback;

	/*
	 * Create a handler for starting the application UI
	 */
	chrome.app.runtime.onLaunched.addListener(function() {
		chrome.app.window.create('ui.html', {
			"id": "cackeyUI",
			"focused": true,
			"innerBounds": {
				"width": 350,
				"minWidth": 350,
				"height": 135,
				"minHeight": 135
			}
		});
	});

	/*
	 * Register a handler for dealing with the PCSC port being disconnected
	 */
	oldOnPortDisconnectedFunction = GoogleSmartCard.Pcsc.prototype.onPortDisconnected_;
	GoogleSmartCard.Pcsc.prototype.onPortDisconnected_ = function() {
		oldOnPortDisconnectedFunction.apply(this);

		cackeyRestart();

		return;
	};

	/*
	 * Register a handler for dealing with the PCSC port being available
	 */
	oldPCSCInitializationCallback = GoogleSmartCard.PcscNacl.prototype.pcscInitializationCallback_;
	GoogleSmartCard.PcscNacl.prototype.pcscInitializationCallback_ = function(requestId, instanceId, instance, error) {
		oldPCSCInitializationCallback.apply(this, [requestId, instanceId, instance, error]);

		cackeyInitPCSCCompleted();

		return;
	};

	return;
}

/* Initialize CACKey */
cackeyAppInit();
cackeyInit();

Powered by Fossil · RSS