Implementation of Networking Private API VerifyAndEncryptCredentials …

…method on Windows and Mac OS X. Adds methods to NetworkingPrivateService to verify device credentials and use NetworkingPrivateCredentialsGetter to get wifi password from system. On Windows that requires launching utility process with UAC privilege elevation, which is not implemented yet. BUG=328960 Review URL: https://codereview.chromium.org/102993002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@257209 0039d316-1c4b-4281-b951-d872f2087c98
excellent-media · Mar 14, 2014 · 00c82c9 · 00c82c9
1 parent 326b03e
commit 00c82c9
Show file tree

Hide file tree

Showing 20 changed files with 594 additions and 108 deletions.
diff --git a/chrome/browser/extensions/api/networking_private/networking_private_api_nonchromeos.cc b/chrome/browser/extensions/api/networking_private/networking_private_api_nonchromeos.cc
@@ -410,11 +410,32 @@ bool NetworkingPrivateVerifyAndEncryptCredentialsFunction::RunImpl() {
   scoped_ptr<api::VerifyAndEncryptCredentials::Params> params =
       api::VerifyAndEncryptCredentials::Params::Create(*args_);
   EXTENSION_FUNCTION_VALIDATE(params);
-  SetResult(new base::StringValue("encrypted_credentials"));
-  SendResponse(true);
+  NetworkingPrivateServiceClient* service_client =
+      NetworkingPrivateServiceClientFactory::GetForProfile(GetProfile());
+  service_client->VerifyAndEncryptCredentials(
+      args_.Pass(),
+      base::Bind(
+          &NetworkingPrivateVerifyAndEncryptCredentialsFunction::ResultCallback,
+          this),
+      base::Bind(
+          &NetworkingPrivateVerifyAndEncryptCredentialsFunction::ErrorCallback,
+          this));
   return true;
 }
 
+void NetworkingPrivateVerifyAndEncryptCredentialsFunction::ResultCallback(
+    const std::string& result) {
+  SetResult(new base::StringValue(result));
+  SendResponse(true);
+}
+
+void NetworkingPrivateVerifyAndEncryptCredentialsFunction::ErrorCallback(
+    const std::string& error_name,
+    const std::string& error) {
+  error_ = error_name;
+  SendResponse(false);
+}
+
 ////////////////////////////////////////////////////////////////////////////////
 // NetworkingPrivateVerifyAndEncryptDataFunction
 

diff --git a/chrome/browser/extensions/api/networking_private/networking_private_apitest.cc b/chrome/browser/extensions/api/networking_private/networking_private_apitest.cc
@@ -30,6 +30,7 @@
 #include "policy/policy_constants.h"
 #include "third_party/cros_system_api/dbus/service_constants.h"
 #else  // !defined(OS_CHROMEOS)
+#include "chrome/browser/extensions/api/networking_private/networking_private_credentials_getter.h"
 #include "chrome/browser/extensions/api/networking_private/networking_private_service_client.h"
 #include "chrome/browser/extensions/api/networking_private/networking_private_service_client_factory.h"
 #include "components/wifi/wifi_service.h"
@@ -70,6 +71,13 @@ class CryptoVerifyStub
     *verified = true;
   }
 
+  virtual void VerifyAndEncryptCredentials(
+      scoped_ptr<base::ListValue> args,
+      const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+          VerifyAndEncryptCredentialsCallback& callback) OVERRIDE {
+    callback.Run("encrypted_credentials", "");
+  }
+
   virtual void VerifyAndEncryptData(scoped_ptr<base::ListValue> args,
                                     std::string* encoded_data,
                                     std::string* error) OVERRIDE {

diff --git a/chrome/browser/extensions/api/networking_private/networking_private_credentials_getter.h b/chrome/browser/extensions/api/networking_private/networking_private_credentials_getter.h
@@ -0,0 +1,48 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CREDENTIALS_GETTER_H_
+#define CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CREDENTIALS_GETTER_H_
+
+#include <string>
+#include <vector>
+
+#include "base/basictypes.h"
+#include "chrome/browser/extensions/api/networking_private/networking_private_service_client.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/utility_process_host_client.h"
+
+namespace extensions {
+
+// NetworkingPrivateCredentialsGetter gets plain-text WiFi credentials from the
+// system and encrypts it with public key.
+class NetworkingPrivateCredentialsGetter {
+ public:
+  static NetworkingPrivateCredentialsGetter* Create();
+
+  NetworkingPrivateCredentialsGetter() {}
+
+  virtual ~NetworkingPrivateCredentialsGetter() {}
+
+  // Starts getting credentials. The credentials and, in case of an error, the
+  // error code are returned using |callback|.
+  // The NetworkingPrivateCredentialsGetter implementation should ensure that
+  // the credentials request can be successfully processed even if |this| gets
+  // deleted immediately after calling this method.
+  // Note that there are no guarantees about the thread on which |callback| is
+  // run. The caller should make sure that the result is processed on the right
+  // thread.
+  virtual void Start(
+      const std::string& network_guid,
+      const std::string& public_key,
+      const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+          VerifyAndEncryptCredentialsCallback& callback) = 0;
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCredentialsGetter);
+};
+
+}  // namespace extensions
+
+#endif  // CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CREDENTIALS_GETTER_H_
diff --git a/...me/browser/extensions/api/networking_private/networking_private_credentials_getter_mac.cc b/...me/browser/extensions/api/networking_private/networking_private_credentials_getter_mac.cc
@@ -0,0 +1,78 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/extensions/api/networking_private/networking_private_credentials_getter.h"
+
+#include <Security/Security.h>
+
+#include "base/base64.h"
+#include "base/bind.h"
+#include "chrome/common/extensions/api/networking_private/networking_private_crypto.h"
+#include "content/public/browser/browser_thread.h"
+
+const char kErrorEncryption[] = "Error.Encryption";
+
+using content::BrowserThread;
+
+namespace extensions {
+
+class NetworkingPrivateCredentialsGetterMac
+    : public NetworkingPrivateCredentialsGetter {
+ public:
+  explicit NetworkingPrivateCredentialsGetterMac();
+
+  virtual void Start(
+      const std::string& network_guid,
+      const std::string& public_key,
+      const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+          VerifyAndEncryptCredentialsCallback& callback) OVERRIDE;
+
+ private:
+  virtual ~NetworkingPrivateCredentialsGetterMac();
+
+  DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCredentialsGetterMac);
+};
+
+NetworkingPrivateCredentialsGetterMac::NetworkingPrivateCredentialsGetterMac() {
+}
+
+NetworkingPrivateCredentialsGetterMac::
+    ~NetworkingPrivateCredentialsGetterMac() {}
+
+void NetworkingPrivateCredentialsGetterMac::Start(
+    const std::string& network_guid,
+    const std::string& public_key,
+    const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+        VerifyAndEncryptCredentialsCallback& callback) {
+  scoped_ptr<wifi::WiFiService> wifi_service(wifi::WiFiService::Create());
+  wifi_service->Initialize(NULL);
+  std::string key_data;
+  std::string error;
+  wifi_service->GetKeyFromSystem(network_guid, &key_data, &error);
+
+  if (!error.empty()) {
+    callback.Run("", error);
+    return;
+  }
+
+  NetworkingPrivateCrypto crypto;
+  std::vector<uint8> public_key_data(public_key.begin(), public_key.end());
+  std::vector<uint8> ciphertext;
+  if (!crypto.EncryptByteString(public_key_data, key_data, &ciphertext)) {
+    callback.Run("", kErrorEncryption);
+    return;
+  }
+
+  std::string base64_encoded_ciphertext;
+  base::Base64Encode(std::string(ciphertext.begin(), ciphertext.end()),
+                     &base64_encoded_ciphertext);
+  callback.Run(base64_encoded_ciphertext, "");
+}
+
+NetworkingPrivateCredentialsGetter*
+NetworkingPrivateCredentialsGetter::Create() {
+  return new NetworkingPrivateCredentialsGetterMac();
+}
+
+}  // namespace extensions
diff --git a/...me/browser/extensions/api/networking_private/networking_private_credentials_getter_win.cc b/...me/browser/extensions/api/networking_private/networking_private_credentials_getter_win.cc
@@ -0,0 +1,150 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/extensions/api/networking_private/networking_private_credentials_getter.h"
+
+#include "base/base64.h"
+#include "base/bind.h"
+#include "base/memory/scoped_handle.h"
+#include "base/message_loop/message_loop.h"
+#include "base/threading/sequenced_worker_pool.h"
+#include "chrome/common/chrome_utility_messages.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/utility_process_host.h"
+
+using content::BrowserThread;
+using content::UtilityProcessHost;
+using extensions::NetworkingPrivateCredentialsGetter;
+
+namespace {
+
+class CredentialsGetterHostClient : public content::UtilityProcessHostClient {
+ public:
+  CredentialsGetterHostClient();
+
+  virtual ~CredentialsGetterHostClient();
+
+  // UtilityProcessHostClient
+  virtual bool OnMessageReceived(const IPC::Message& message) OVERRIDE;
+  virtual void OnProcessCrashed(int exit_code) OVERRIDE;
+  virtual void OnProcessLaunchFailed() OVERRIDE;
+
+  // IPC message handlers.
+  void OnGotEncryptedCredentials(const std::vector<uint8>& key_data,
+                                 bool success);
+
+  // Starts the utility process that gets wifi passphrase from system.
+  void StartProcessOnIOThread(
+      const std::string& network_guid,
+      const std::string& public_key,
+      const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+          VerifyAndEncryptCredentialsCallback& callback);
+
+ private:
+  // Callback for reporting the result.
+  extensions::NetworkingPrivateServiceClient::CryptoVerify::
+      VerifyAndEncryptCredentialsCallback callback_;
+
+  DISALLOW_COPY_AND_ASSIGN(CredentialsGetterHostClient);
+};
+
+CredentialsGetterHostClient::CredentialsGetterHostClient() {}
+
+CredentialsGetterHostClient::~CredentialsGetterHostClient() {}
+
+bool CredentialsGetterHostClient::OnMessageReceived(
+    const IPC::Message& message) {
+  bool handled = true;
+  IPC_BEGIN_MESSAGE_MAP(CredentialsGetterHostClient, message)
+  IPC_MESSAGE_HANDLER(ChromeUtilityHostMsg_GotEncryptedWiFiCredentials,
+                      OnGotEncryptedCredentials)
+  IPC_MESSAGE_UNHANDLED(handled = false)
+  IPC_END_MESSAGE_MAP()
+  return handled;
+}
+
+void CredentialsGetterHostClient::OnProcessCrashed(int exit_code) {
+  callback_.Run("", "Process Crashed");
+}
+
+void CredentialsGetterHostClient::OnProcessLaunchFailed() {
+  callback_.Run("", "Process Launch Failed");
+}
+
+void CredentialsGetterHostClient::OnGotEncryptedCredentials(
+    const std::vector<uint8>& key_data,
+    bool success) {
+  if (success) {
+    std::string base64_encoded_key_data;
+    base::Base64Encode(std::string(key_data.begin(), key_data.end()),
+                       &base64_encoded_key_data);
+    callback_.Run(base64_encoded_key_data, "");
+  } else {
+    callback_.Run("", "Get Credentials Failed");
+  }
+}
+
+void CredentialsGetterHostClient::StartProcessOnIOThread(
+    const std::string& network_guid,
+    const std::string& public_key,
+    const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+        VerifyAndEncryptCredentialsCallback& callback) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+  std::vector<uint8> public_key_data(public_key.begin(), public_key.end());
+  UtilityProcessHost* host =
+      UtilityProcessHost::Create(this, base::MessageLoopProxy::current());
+  callback_ = callback;
+  host->ElevatePrivileges();
+  host->Send(new ChromeUtilityHostMsg_GetAndEncryptWiFiCredentials(
+      network_guid, public_key_data));
+}
+
+}  // namespace
+
+namespace extensions {
+
+class NetworkingPrivateCredentialsGetterWin
+    : public NetworkingPrivateCredentialsGetter {
+ public:
+  NetworkingPrivateCredentialsGetterWin();
+
+  virtual void Start(
+      const std::string& network_guid,
+      const std::string& public_key,
+      const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+          VerifyAndEncryptCredentialsCallback& callback) OVERRIDE;
+
+ private:
+  virtual ~NetworkingPrivateCredentialsGetterWin();
+
+  DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCredentialsGetterWin);
+};
+
+NetworkingPrivateCredentialsGetterWin::NetworkingPrivateCredentialsGetterWin() {
+}
+
+void NetworkingPrivateCredentialsGetterWin::Start(
+    const std::string& network_guid,
+    const std::string& public_key,
+    const extensions::NetworkingPrivateServiceClient::CryptoVerify::
+        VerifyAndEncryptCredentialsCallback& callback) {
+  BrowserThread::PostTask(
+      BrowserThread::IO,
+      FROM_HERE,
+      base::Bind(&CredentialsGetterHostClient::StartProcessOnIOThread,
+                 new CredentialsGetterHostClient(),
+                 network_guid,
+                 public_key,
+                 callback));
+}
+
+NetworkingPrivateCredentialsGetterWin::
+    ~NetworkingPrivateCredentialsGetterWin() {}
+
+NetworkingPrivateCredentialsGetter*
+NetworkingPrivateCredentialsGetter::Create() {
+  return new NetworkingPrivateCredentialsGetterWin();
+}
+
+}  // namespace extensions