Allow whitelisted component extensions to call key challenge APIs

This affects chrome.enterprise.platformKeys.challengeMachineKey and
chrome.enterprise.platformKeys.challengeUserKey

Bug: crbug.com/854695
Change-Id: I7c1cd9a42c218b0266f297cf95cad9ca268944e6
Reviewed-on: https://chromium-review.googlesource.com/1108930Reviewed-by: Yves Arrouye <drcrash@chromium.org>
Commit-Queue: Jimmy Hastings <jhastings@chromium.org>
Cr-Commit-Position: refs/heads/master@{#569073}

chrome/browser/extensions/api/enterprise_platform_keys_private/enterprise_platform_keys_private_api.cc

@@ -147,6 +147,11 @@ bool EPKPChallengeKeyBase::IsExtensionWhitelisted() const {
     // TODO(drcrash): Use a separate device-wide policy for the API.
     return Manifest::IsPolicyLocation(extension_->location());
   }
+  if (Manifest::IsComponentLocation(extension_->location())) {
+    // Note: For this to even be called, the component extension must also be
+    // whitelisted in chrome/common/extensions/api/_permission_features.json
+    return true;
+  }
   const base::ListValue* list =
       profile_->GetPrefs()->GetList(prefs::kAttestationExtensionWhitelist);
   base::Value value(extension_->id());