"KEY_AES": "KEY_AES"
};
+var AccessControlType = {
+ "READ": "READ",
+ "READ_REMOVE": "READ_REMOVE"
+};
+
function Key(name, password, extractable, keyType, rawKey) {
Object.defineProperties(this, {
name: {
};
KeyManager.prototype.allowAccessControl = function() {
-
+ var args = validator.validateArgs(arguments, [
+ {
+ name: "dataName",
+ type: validator.Types.STRING
+ },
+ {
+ name: "id",
+ type: validator.Types.STRING
+ },
+ {
+ name: 'accessControlType',
+ type: validator.Types.ENUM,
+ values: Object.keys(AccessControlType)
+ },
+ {
+ name: 'successCallback',
+ type: validator.Types.FUNCTION,
+ nullable: true
+ },
+ {
+ name: 'errorCallback',
+ type: validator.Types.FUNCTION,
+ optional: true,
+ nullable: true
+ }
+ ]);
+ native.call('KeyManager_allowAccessControl', {
+ dataName: args.dataName,
+ id: args.id,
+ accessControlType: args.accessControlType
+ }, function(msg) {
+ if (native.isFailure(msg)) {
+ native.callIfPossible(args.errorCallback, native.getErrorObject(msg));
+ } else {
+ native.callIfPossible(args.successCallback);
+ }
+ });
};
KeyManager.prototype.denyAccessControl = function() {
-
+ var args = validator.validateArgs(arguments, [
+ {
+ name: "dataName",
+ type: validator.Types.STRING
+ },
+ {
+ name: "id",
+ type: validator.Types.STRING
+ },
+ {
+ name: 'successCallback',
+ type: validator.Types.FUNCTION,
+ nullable: true
+ },
+ {
+ name: 'errorCallback',
+ type: validator.Types.FUNCTION,
+ optional: true,
+ nullable: true
+ }
+ ]);
+ native.call('KeyManager_denyAccessControl', {
+ dataName: args.dataName,
+ id: args.id
+ }, function(msg) {
+ if (native.isFailure(msg)) {
+ native.callIfPossible(args.errorCallback, native.getErrorObject(msg));
+ } else {
+ native.callIfPossible(args.successCallback);
+ }
+ });
};
KeyManager.prototype.createSignature = function() {
std::bind(&KeyManagerInstance::VerifySignature, this, _1, _2));
RegisterSyncHandler("KeyManager_loadFromPKCS12File",
std::bind(&KeyManagerInstance::LoadFromPKCS12File, this, _1, _2));
+ RegisterSyncHandler("KeyManager_allowAccessControl",
+ std::bind(&KeyManagerInstance::AllowAccessControl, this, _1, _2));
+ RegisterSyncHandler("KeyManager_denyAccessControl",
+ std::bind(&KeyManagerInstance::DenyAccessControl, this, _1, _2));
}
KeyManagerInstance::~KeyManagerInstance() {
PostMessage(res.serialize().c_str());
}
+void KeyManagerInstance::AllowAccessControl(const picojson::value& args,
+ picojson::object& out) {
+ LoggerD("Enter");
+
+ const std::string& dataName = args.get("dataName").get<std::string>();
+ const std::string& id = args.get("id").get<std::string>();
+ const std::string& access = args.get("accessControlType").get<std::string>();
+ CKM::PermissionMask mask = CKM::Permission::READ;
+ if (access == "READ_REMOVE") {
+ mask = mask | CKM::Permission::REMOVE;
+ }
+ CKM::ManagerAsync::ObserverPtr observer(new AllowAccessObserver(this,
+ args.get("callbackId").get<double>()));
+ m_manager.setPermission(observer, dataName, id, mask);
+
+ ReportSuccess(out);
+}
+
+void KeyManagerInstance::OnAllowAccess(double callbackId,
+ const common::PlatformResult& result) {
+ LoggerD("Enter");
+
+ picojson::value::object dict;
+ dict["callbackId"] = picojson::value(callbackId);
+ if (result.IsError()) {
+ LoggerE("There was an error");
+ ReportError(result, &dict);
+ }
+ picojson::value res(dict);
+ PostMessage(res.serialize().c_str());
+}
+
+void KeyManagerInstance::DenyAccessControl(const picojson::value& args,
+ picojson::object& out) {
+ LoggerD("Enter");
+
+ const std::string& dataName = args.get("dataName").get<std::string>();
+ const std::string& id = args.get("id").get<std::string>();
+ CKM::PermissionMask mask = CKM::Permission::NONE;
+ CKM::ManagerAsync::ObserverPtr observer(new DenyAccessObserver(this,
+ args.get("callbackId").get<double>()));
+ m_manager.setPermission(observer, dataName, id, mask);
+
+ ReportSuccess(out);
+}
+
+void KeyManagerInstance::OnDenyAccess(double callbackId,
+ const common::PlatformResult& result) {
+ LoggerD("Enter");
+
+ picojson::value::object dict;
+ dict["callbackId"] = picojson::value(callbackId);
+ if (result.IsError()) {
+ LoggerE("There was an error");
+ ReportError(result, &dict);
+ }
+ picojson::value res(dict);
+ PostMessage(res.serialize().c_str());
+}
+
} // namespace keymanager
} // namespace extension
void OnVerifySignature(double callbackId, const common::PlatformResult& result);
void OnPKCS12FileLoaded(LoadFilePKCS12* reader, const common::PlatformResult& result);
void OnSavePKCS12(double callbackId, const common::PlatformResult& result);
+ void OnAllowAccess(double callbackId, const common::PlatformResult& result);
+ void OnDenyAccess(double callbackId, const common::PlatformResult& result);
private:
void GetAliasList(std::function<int(CKM::AliasVector&)> coreFunc,
void CreateSignature(const picojson::value& args, picojson::object& out);
void VerifySignature(const picojson::value& args, picojson::object& out);
void LoadFromPKCS12File(const picojson::value& args, picojson::object& out);
+ void AllowAccessControl(const picojson::value& args, picojson::object& out);
+ void DenyAccessControl(const picojson::value& args, picojson::object& out);
CKM::ManagerAsync m_manager;
};
}
}
+AllowAccessObserver::AllowAccessObserver(KeyManagerListener* listener, double callbackId):
+ CommonObserver(listener, callbackId) {
+}
+
+void AllowAccessObserver::ReceivedError(int error) {
+ LoggerD("Enter, error: %d", error);
+ ErrorCode code = ErrorCode::UNKNOWN_ERR;
+ if (error == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
+ code = ErrorCode::NOT_FOUND_ERR;
+ }
+ common::TaskQueue::GetInstance().Async(std::bind(
+ &KeyManagerListener::OnAllowAccess, listener, callbackId,
+ PlatformResult(code, "Failed to grant access")));
+}
+
+void AllowAccessObserver::ReceivedSetPermission() {
+ LoggerD("Enter");
+ common::TaskQueue::GetInstance().Async(std::bind(
+ &KeyManagerListener::OnAllowAccess, listener, callbackId,
+ PlatformResult(ErrorCode::NO_ERROR)));
+}
+
+DenyAccessObserver::DenyAccessObserver(KeyManagerListener* listener, double callbackId):
+ CommonObserver(listener, callbackId) {
+}
+
+void DenyAccessObserver::ReceivedError(int error) {
+ LoggerD("Enter, error: %d", error);
+ ErrorCode code = ErrorCode::UNKNOWN_ERR;
+ if (error == CKM_API_ERROR_DB_ALIAS_UNKNOWN) {
+ code = ErrorCode::NOT_FOUND_ERR;
+ }
+ common::TaskQueue::GetInstance().Async(std::bind(
+ &KeyManagerListener::OnDenyAccess, listener, callbackId,
+ PlatformResult(code, "Failed to deny access")));
+}
+
+void DenyAccessObserver::ReceivedSetPermission() {
+ LoggerD("Enter");
+ common::TaskQueue::GetInstance().Async(std::bind(
+ &KeyManagerListener::OnDenyAccess, listener, callbackId,
+ PlatformResult(ErrorCode::NO_ERROR)));
+}
+
} // namespace keymanager
} // namespace extension
virtual void OnPKCS12FileLoaded(LoadFilePKCS12* reader,
const common::PlatformResult& result) = 0;
virtual void OnSavePKCS12(double callbackId, const common::PlatformResult& result) = 0;
+ virtual void OnAllowAccess(double callbackId, const common::PlatformResult& result) = 0;
+ virtual void OnDenyAccess(double callbackId, const common::PlatformResult& result) = 0;
virtual ~KeyManagerListener() {}
};
bool key_saved;
};
+struct AllowAccessObserver: public CommonObserver {
+ AllowAccessObserver(KeyManagerListener* listener, double callbackId);
+ void ReceivedError(int error);
+ void ReceivedSetPermission();
+};
+
+struct DenyAccessObserver: public CommonObserver {
+ DenyAccessObserver(KeyManagerListener* listener, double callbackId);
+ void ReceivedError(int error);
+ void ReceivedSetPermission();
+};
+
} // namespace keymanager
} // namespace extension