easy-signin: Wire GetSignInChallenge.

- Fetch crypthome keys when EasyUnlockServiceSignIn is assocated with a user; - Translate and provide remote devices and challenge from key data; BUG=401636 Review URL: https://codereview.chromium.org/576383002 Cr-Commit-Position: refs/heads/master@{#295610}

easy-signin: Wire GetSignInChallenge.
- Fetch crypthome keys when EasyUnlockServiceSignIn is assocated with a user; - Translate and provide remote devices and challenge from key data; BUG=401636 Review URL: https://codereview.chromium.org/576383002 Cr-Commit-Position: refs/heads/master@{#295610}
048cedfb · xiyuan · Commit bot · a6fa7142 · 048cedfb · 048cedfb
Commit 048cedfb authored Sep 18, 2014 by xiyuan Committed by Commit bot Sep 18, 2014
8 changed files
--- a/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc
+++ b/chrome/browser/chromeos/login/easy_unlock/easy_unlock_create_keys_operation.cc
@@ -35,6 +35,33 @@ const int kEasyUnlockKeyRevision = 1;
 const int kEasyUnlockKeyPrivileges =
    cryptohome::PRIV_MOUNT | cryptohome::PRIV_ADD | cryptohome::PRIV_REMOVE;

+// TODO(xiyuan): Use real keys. http://crbug.com/409027
+const char kTpmPubKey[] = {
+    0x08, 0x02, 0x1a, 0x88, 0x02, 0x0a, 0x81, 0x02, 0x00, 0xdc, 0xfa, 0x10,
+    0xff, 0xa7, 0x46, 0x65, 0xae, 0xef, 0x87, 0x09, 0x74, 0xea, 0x99, 0xb2,
+    0xce, 0x54, 0x54, 0x7c, 0x67, 0xf4, 0x2a, 0xaa, 0x6d, 0xd0, 0x1a, 0x2e,
+    0xd3, 0x1f, 0xd2, 0xc2, 0x42, 0xaf, 0x5d, 0x96, 0x0b, 0x1f, 0x89, 0x6e,
+    0xfb, 0xa3, 0x54, 0x3d, 0x65, 0x54, 0xb7, 0xb1, 0x26, 0x87, 0xa5, 0xc6,
+    0x88, 0x56, 0x8f, 0x32, 0xe0, 0x26, 0xc5, 0x32, 0xd2, 0x59, 0x93, 0xb9,
+    0x7a, 0x7c, 0x28, 0x42, 0xec, 0x2b, 0x8e, 0x12, 0x35, 0xee, 0xe2, 0x41,
+    0x4d, 0x25, 0x80, 0x6c, 0x6f, 0xba, 0xe4, 0x38, 0x95, 0x4e, 0xba, 0x9d,
+    0x27, 0x55, 0xdf, 0xfe, 0xeb, 0x1b, 0x47, 0x70, 0x09, 0x57, 0x81, 0x5a,
+    0x8a, 0x23, 0x3f, 0x97, 0xb1, 0xa2, 0xc7, 0x14, 0xb3, 0xe2, 0xbe, 0x2e,
+    0x42, 0xd8, 0xbe, 0x30, 0xb1, 0x96, 0x15, 0x82, 0xea, 0x99, 0x48, 0x91,
+    0x0e, 0x0c, 0x79, 0x7c, 0x50, 0xfc, 0x4b, 0xb4, 0x55, 0xf0, 0xfc, 0x45,
+    0xe5, 0xe3, 0x4e, 0x63, 0x96, 0xac, 0x5b, 0x2d, 0x46, 0x23, 0x93, 0x65,
+    0xc7, 0xf3, 0xda, 0xaf, 0x09, 0x09, 0x40, 0x0d, 0x61, 0xcf, 0x9e, 0x0c,
+    0xa8, 0x08, 0x3e, 0xaf, 0x33, 0x5a, 0x6f, 0xce, 0xb6, 0x86, 0x3c, 0x1c,
+    0xc0, 0xcf, 0x5a, 0x17, 0x1a, 0xff, 0x35, 0xd9, 0x7e, 0xcb, 0x60, 0xef,
+    0x25, 0x1c, 0x7e, 0xc2, 0xc8, 0xa5, 0x88, 0x36, 0x1d, 0xc4, 0x12, 0x66,
+    0xa4, 0xb7, 0xed, 0x38, 0xb0, 0x26, 0xce, 0x0d, 0x53, 0x78, 0x64, 0x49,
+    0xdb, 0xb1, 0x1a, 0x06, 0xea, 0x33, 0xcc, 0xf1, 0xec, 0xa5, 0x75, 0x20,
+    0x1e, 0xd1, 0xaa, 0x47, 0x3e, 0xd1, 0x18, 0x7e, 0xc1, 0xd8, 0xa7, 0x44,
+    0xea, 0x34, 0x5b, 0xed, 0x7e, 0xa0, 0x0e, 0xe4, 0xe8, 0x1b, 0xba, 0x46,
+    0x48, 0x60, 0x1d, 0xd5, 0x37, 0xdc, 0x91, 0x01, 0x5d, 0x31, 0xf0, 0xc2,
+    0xc1, 0x10, 0x81, 0x80, 0x04
+};
+
 bool WebSafeBase64Decode(const std::string& encoded, std::string* decoded) {
  std::string adjusted_encoded = encoded;
  base::ReplaceChars(adjusted_encoded, "-", "+", &adjusted_encoded);
@@ -276,7 +303,7 @@ void EasyUnlockCreateKeysOperation::CreateKeyForDeviceAtIndex(size_t index) {
  challenge_creator_.reset(new ChallengeCreator(
      user_key,
      raw_session_key,
-      std::string(),
+      kTpmPubKey,
      device,
      base::Bind(&EasyUnlockCreateKeysOperation::OnChallengeCreated,
                 weak_ptr_factory_.GetWeakPtr(),

--- a/chrome/browser/extensions/api/easy_unlock_private/easy_unlock_private_api.cc
+++ b/chrome/browser/extensions/api/easy_unlock_private/easy_unlock_private_api.cc
@@ -541,9 +541,14 @@ EasyUnlockPrivateGetSignInChallengeFunction::
    ~EasyUnlockPrivateGetSignInChallengeFunction() {
 }

-bool EasyUnlockPrivateGetSignInChallengeFunction::RunAsync() {
-  SetError("Not implemented");
-  SendResponse(false);
+bool EasyUnlockPrivateGetSignInChallengeFunction::RunSync() {
+  Profile* profile = Profile::FromBrowserContext(browser_context());
+  const std::string challenge =
+      EasyUnlockService::Get(profile)->GetChallenge();
+  if (!challenge.empty()) {
+    results_ =
+        easy_unlock_private::GetSignInChallenge::Results::Create(challenge);
+  }
  return true;
 }


--- a/chrome/browser/extensions/api/easy_unlock_private/easy_unlock_private_api.h
+++ b/chrome/browser/extensions/api/easy_unlock_private/easy_unlock_private_api.h
@@ -279,7 +279,7 @@ class EasyUnlockPrivateGetRemoteDevicesFunction : public SyncExtensionFunction {
 };

 class EasyUnlockPrivateGetSignInChallengeFunction :
-    public AsyncExtensionFunction {
+    public SyncExtensionFunction {
 public:
  DECLARE_EXTENSION_FUNCTION("easyUnlockPrivate.getSignInChallenge",
                             EASYUNLOCKPRIVATE_GETSIGNINCHALLENGE)
@@ -288,8 +288,8 @@ class EasyUnlockPrivateGetSignInChallengeFunction :
 private:
  virtual ~EasyUnlockPrivateGetSignInChallengeFunction();

-  // AsyncExtensionFunction:
-  virtual bool RunAsync() OVERRIDE;
+  // SyncExtensionFunction:
+  virtual bool RunSync() OVERRIDE;

  DISALLOW_COPY_AND_ASSIGN(EasyUnlockPrivateGetSignInChallengeFunction);
 };

--- a/chrome/browser/signin/easy_unlock_service.h
+++ b/chrome/browser/signin/easy_unlock_service.h
@@ -70,9 +70,12 @@ class EasyUnlockService : public KeyedService {
  // Resets the turn off flow if one is in progress.
  virtual void ResetTurnOffFlow() = 0;

-  // Returns the cirernt turn off flow status.
+  // Returns the current turn off flow status.
  virtual TurnOffFlowStatus GetTurnOffFlowStatus() const = 0;

+  // Gets the challenge bytes for the currently associated user.
+  virtual std::string GetChallenge() const = 0;
+
  // Gets |screenlock_state_handler_|. Returns NULL if Easy Unlock is not
  // allowed. Otherwise, if |screenlock_state_handler_| is not set, an instance
  // is created. Do not cache the returned value, as it may go away if Easy

--- a/chrome/browser/signin/easy_unlock_service_regular.cc
+++ b/chrome/browser/signin/easy_unlock_service_regular.cc
@@ -152,6 +152,10 @@ EasyUnlockService::TurnOffFlowStatus
  return turn_off_flow_status_;
 }

+std::string EasyUnlockServiceRegular::GetChallenge() const {
+  return std::string();
+}
+
 void EasyUnlockServiceRegular::InitializeInternal() {
  registrar_.Init(profile()->GetPrefs());
  registrar_.Add(

--- a/chrome/browser/signin/easy_unlock_service_regular.h
+++ b/chrome/browser/signin/easy_unlock_service_regular.h
@@ -41,6 +41,7 @@ class EasyUnlockServiceRegular : public EasyUnlockService {
  virtual void RunTurnOffFlow() OVERRIDE;
  virtual void ResetTurnOffFlow() OVERRIDE;
  virtual TurnOffFlowStatus GetTurnOffFlowStatus() const OVERRIDE;
+  virtual std::string GetChallenge() const OVERRIDE;
  virtual void InitializeInternal() OVERRIDE;
  virtual bool IsAllowedInternal() OVERRIDE;


--- a/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
+++ b/chrome/browser/signin/easy_unlock_service_signin_chromeos.cc
@@ -4,20 +4,37 @@

 #include "chrome/browser/signin/easy_unlock_service_signin_chromeos.h"

+#include "base/bind.h"
+#include "base/command_line.h"
+#include "base/logging.h"
+#include "base/values.h"
+#include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_key_manager.h"
+#include "chrome/browser/chromeos/login/session/user_session_manager.h"
+#include "chromeos/chromeos_switches.h"
+#include "chromeos/login/auth/user_context.h"
+
 EasyUnlockServiceSignin::EasyUnlockServiceSignin(Profile* profile)
-    : EasyUnlockService(profile) {
+    : EasyUnlockService(profile),
+      weak_ptr_factory_(this) {
 }

 EasyUnlockServiceSignin::~EasyUnlockServiceSignin() {
 }

+void EasyUnlockServiceSignin::SetAssociatedUser(const std::string& user_id) {
+  if (user_id_ == user_id)
+    return;
+
+  user_id_ = user_id;
+  FetchCryptohomeKeys();
+}
+
 EasyUnlockService::Type EasyUnlockServiceSignin::GetType() const {
  return EasyUnlockService::TYPE_SIGNIN;
 }

 std::string EasyUnlockServiceSignin::GetUserEmail() const {
-  // TODO(tbarzic): Implement this (http://crbug.com/401634).
-  return "";
+  return user_id_;
 }

 void EasyUnlockServiceSignin::LaunchSetup() {
@@ -39,8 +56,7 @@ void EasyUnlockServiceSignin::ClearPermitAccess() {
 }

 const base::ListValue* EasyUnlockServiceSignin::GetRemoteDevices() const {
-  // TODO(tbarzic): Implement this (http://crbug.com/401634).
-  return NULL;
+  return remote_devices_value_.get();
 }

 void EasyUnlockServiceSignin::SetRemoteDevices(
@@ -65,11 +81,53 @@ EasyUnlockService::TurnOffFlowStatus
  return EasyUnlockService::IDLE;
 }

+std::string EasyUnlockServiceSignin::GetChallenge() const {
+  // TODO(xiyuan): Use correct remote device instead of hard coded first one.
+  size_t device_index = 0;
+  return device_index < remote_devices_.size()
+             ? remote_devices_[device_index].challenge
+             : std::string();
+}
+
 void EasyUnlockServiceSignin::InitializeInternal() {
 }

 bool EasyUnlockServiceSignin::IsAllowedInternal() {
-  // TODO(tbarzic): Implement this (http://crbug.com/401634).
-  return false;
+  return !user_id_.empty() && !remote_devices_.empty() &&
+         CommandLine::ForCurrentProcess()->HasSwitch(
+             chromeos::switches::kEnableEasySignin);
+}
+
+void EasyUnlockServiceSignin::FetchCryptohomeKeys() {
+  remote_devices_.clear();
+  remote_devices_value_.reset();
+  if (user_id_.empty()) {
+    UpdateAppState();
+    return;
+  }
+
+  chromeos::EasyUnlockKeyManager* key_manager =
+      chromeos::UserSessionManager::GetInstance()->GetEasyUnlockKeyManager();
+  DCHECK(key_manager);
+  key_manager->GetDeviceDataList(
+      chromeos::UserContext(user_id_),
+      base::Bind(&EasyUnlockServiceSignin::OnCryptohomeKeysFetched,
+                 weak_ptr_factory_.GetWeakPtr()));
+}
+
+void EasyUnlockServiceSignin::OnCryptohomeKeysFetched(
+    bool success,
+    const chromeos::EasyUnlockDeviceKeyDataList& devices) {
+  if (!success) {
+    LOG(WARNING) << "Easy unlock cryptohome keys not found for user "
+                 << user_id_;
+    return;
+  }
+
+  remote_devices_ = devices;
+  remote_devices_value_.reset(new base::ListValue);
+  chromeos::EasyUnlockKeyManager::DeviceDataListToRemoteDeviceList(
+      remote_devices_, remote_devices_value_.get());
+
+  UpdateAppState();
 }
-
--- a/chrome/browser/signin/easy_unlock_service_signin_chromeos.h
+++ b/chrome/browser/signin/easy_unlock_service_signin_chromeos.h
@@ -8,14 +8,24 @@
 #include <string>

 #include "base/macros.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/memory/weak_ptr.h"
+#include "chrome/browser/chromeos/login/easy_unlock/easy_unlock_types.h"
 #include "chrome/browser/signin/easy_unlock_service.h"

+namespace base {
+class DictionaryValue;
+class ListValue;
+}
+
 // EasyUnlockService instance that should be used for signin profile.
 class EasyUnlockServiceSignin : public EasyUnlockService {
 public:
  explicit EasyUnlockServiceSignin(Profile* profile);
  virtual ~EasyUnlockServiceSignin();

+  void SetAssociatedUser(const std::string& user_id);
+
 private:
  // EasyUnlockService implementation:
  virtual EasyUnlockService::Type GetType() const OVERRIDE;
@@ -30,9 +40,27 @@ class EasyUnlockServiceSignin : public EasyUnlockService {
  virtual void RunTurnOffFlow() OVERRIDE;
  virtual void ResetTurnOffFlow() OVERRIDE;
  virtual TurnOffFlowStatus GetTurnOffFlowStatus() const OVERRIDE;
+  virtual std::string GetChallenge() const OVERRIDE;
  virtual bool IsAllowedInternal() OVERRIDE;
  virtual void InitializeInternal() OVERRIDE;

+  // Fetches |remote_devices_| info from cryptohome keys.
+  void FetchCryptohomeKeys();
+
+  // Callback invoked when the cryptohome keys are fetched.
+  void OnCryptohomeKeysFetched(
+      bool success,
+      const chromeos::EasyUnlockDeviceKeyDataList& devices);
+
+  // User id of the associated user.
+  std::string user_id_;
+
+  // Remote devices of the associated user.
+  chromeos::EasyUnlockDeviceKeyDataList remote_devices_;
+  scoped_ptr<base::ListValue> remote_devices_value_;
+
+  base::WeakPtrFactory<EasyUnlockServiceSignin> weak_ptr_factory_;
+
  DISALLOW_COPY_AND_ASSIGN(EasyUnlockServiceSignin);
 };