Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 1 | // Copyright (c) 2013 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "shill/crypto_util_proxy.h" |
| 6 | |
| 7 | #include <iterator> |
| 8 | #include <string> |
| 9 | #include <vector> |
| 10 | |
| 11 | #include <base/posix/eintr_wrapper.h> |
Ben Chan | a0ddf46 | 2014-02-06 11:32:42 -0800 | [diff] [blame] | 12 | #include <base/strings/string_util.h> |
| 13 | #include <base/strings/stringprintf.h> |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 14 | |
| 15 | #include "shill/event_dispatcher.h" |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 16 | #include "shill/file_io.h" |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 17 | #include "shill/glib.h" |
| 18 | #include "shill/process_killer.h" |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 19 | |
| 20 | using base::Bind; |
| 21 | using base::Callback; |
| 22 | using base::StringPrintf; |
| 23 | using shill_protos::EncryptDataMessage; |
| 24 | using shill_protos::EncryptDataResponse; |
| 25 | using shill_protos::VerifyCredentialsMessage; |
| 26 | using shill_protos::VerifyCredentialsResponse; |
| 27 | using std::distance; |
| 28 | using std::string; |
| 29 | using std::vector; |
| 30 | |
| 31 | namespace shill { |
| 32 | |
| 33 | // statics |
| 34 | const char CryptoUtilProxy::kCommandEncrypt[] = "encrypt"; |
| 35 | const char CryptoUtilProxy::kCommandVerify[] = "verify"; |
| 36 | const char CryptoUtilProxy::kCryptoUtilShimPath[] = SHIMDIR "/crypto-util"; |
Christopher Wiley | 0d05c11 | 2013-03-19 17:49:38 -0700 | [diff] [blame] | 37 | const char CryptoUtilProxy::kDestinationVerificationUser[] = "shill-crypto"; |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 38 | const int CryptoUtilProxy::kShimJobTimeoutMilliseconds = 30 * 1000; |
| 39 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 40 | CryptoUtilProxy::CryptoUtilProxy(EventDispatcher* dispatcher, GLib* glib) |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 41 | : dispatcher_(dispatcher), |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 42 | glib_(glib), |
Utkarsh Sanghi | 83bd64b | 2014-07-29 16:01:43 -0700 | [diff] [blame] | 43 | minijail_(chromeos::Minijail::GetInstance()), |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 44 | process_killer_(ProcessKiller::GetInstance()), |
| 45 | file_io_(FileIO::GetInstance()), |
| 46 | input_buffer_(), |
| 47 | next_input_byte_(), |
| 48 | output_buffer_(), |
| 49 | shim_stdin_(-1), |
| 50 | shim_stdout_(-1), |
| 51 | shim_pid_(0) { |
| 52 | } |
| 53 | |
| 54 | CryptoUtilProxy::~CryptoUtilProxy() { |
| 55 | // Just in case we had a pending operation. |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 56 | HandleShimError(Error(Error::kOperationAborted)); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 57 | } |
| 58 | |
| 59 | bool CryptoUtilProxy::VerifyDestination( |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 60 | const string& certificate, |
| 61 | const string& public_key, |
| 62 | const string& nonce, |
| 63 | const string& signed_data, |
| 64 | const string& destination_udn, |
| 65 | const vector<uint8_t>& ssid, |
| 66 | const string& bssid, |
| 67 | const ResultBoolCallback& result_callback, |
| 68 | Error* error) { |
| 69 | string unsigned_data(reinterpret_cast<const char*>(&ssid[0]), |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 70 | ssid.size()); |
Alex Vakulenko | ccab3f9 | 2015-06-15 12:53:22 -0700 | [diff] [blame] | 71 | string upper_case_bssid(base::StringToUpperASCII(bssid)); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 72 | unsigned_data.append(StringPrintf(",%s,%s,%s,%s", |
| 73 | destination_udn.c_str(), |
Christopher Wiley | c2c22ca | 2013-04-19 11:56:05 -0700 | [diff] [blame] | 74 | upper_case_bssid.c_str(), |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 75 | public_key.c_str(), |
| 76 | nonce.c_str())); |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 77 | string decoded_signed_data; |
| 78 | if (!glib_->B64Decode(signed_data, &decoded_signed_data)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 79 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 80 | "Failed to decode signed data."); |
| 81 | return false; |
| 82 | } |
| 83 | |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 84 | VerifyCredentialsMessage message; |
| 85 | message.set_certificate(certificate); |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 86 | message.set_signed_data(decoded_signed_data); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 87 | message.set_unsigned_data(unsigned_data); |
Christopher Wiley | eb7d736 | 2013-03-12 12:00:43 -0700 | [diff] [blame] | 88 | message.set_mac_address(bssid); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 89 | |
| 90 | string raw_bytes; |
| 91 | if (!message.SerializeToString(&raw_bytes)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 92 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 93 | "Failed to send arguments to shim."); |
| 94 | return false; |
| 95 | } |
| 96 | StringCallback wrapped_result_handler = Bind( |
| 97 | &CryptoUtilProxy::HandleVerifyResult, |
| 98 | AsWeakPtr(), result_callback); |
| 99 | if (!StartShimForCommand(kCommandVerify, raw_bytes, |
| 100 | wrapped_result_handler)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 101 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 102 | "Failed to start shim to verify credentials."); |
| 103 | return false; |
| 104 | } |
| 105 | LOG(INFO) << "Started credential verification"; |
| 106 | return true; |
| 107 | } |
| 108 | |
| 109 | bool CryptoUtilProxy::EncryptData( |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 110 | const string& public_key, |
| 111 | const string& data, |
| 112 | const ResultStringCallback& result_callback, |
| 113 | Error* error) { |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 114 | string decoded_public_key; |
| 115 | if (!glib_->B64Decode(public_key, &decoded_public_key)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 116 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 117 | "Unable to decode public key."); |
| 118 | return false; |
| 119 | } |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 120 | |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 121 | EncryptDataMessage message; |
| 122 | message.set_public_key(decoded_public_key); |
| 123 | message.set_data(data); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 124 | string raw_bytes; |
| 125 | if (!message.SerializeToString(&raw_bytes)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 126 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 127 | "Failed to send arguments to shim."); |
| 128 | return false; |
| 129 | } |
| 130 | StringCallback wrapped_result_handler = Bind( |
| 131 | &CryptoUtilProxy::HandleEncryptResult, |
| 132 | AsWeakPtr(), result_callback); |
| 133 | if (!StartShimForCommand(kCommandEncrypt, raw_bytes, |
| 134 | wrapped_result_handler)) { |
Paul Stewart | 34f424e | 2015-01-16 15:30:20 -0800 | [diff] [blame] | 135 | Error::PopulateAndLog(FROM_HERE, error, Error::kOperationFailed, |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 136 | "Failed to start shim to verify credentials."); |
| 137 | return false; |
| 138 | } |
| 139 | LOG(INFO) << "Started data signing"; |
| 140 | return true; |
| 141 | } |
| 142 | |
| 143 | bool CryptoUtilProxy::StartShimForCommand( |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 144 | const string& command, |
| 145 | const string& input, |
| 146 | const StringCallback& result_handler) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 147 | if (shim_pid_) { |
| 148 | LOG(ERROR) << "Can't run concurrent shim operations."; |
| 149 | return false; |
| 150 | } |
| 151 | if (input.length() < 1) { |
| 152 | LOG(ERROR) << "Refusing to start a shim with no input data."; |
| 153 | return false; |
| 154 | } |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 155 | struct minijail* jail = minijail_->New(); |
Utkarsh Sanghi | e4c6aff | 2014-07-30 14:49:03 -0700 | [diff] [blame] | 156 | if (!minijail_->DropRoot(jail, kDestinationVerificationUser, |
| 157 | kDestinationVerificationUser)) { |
| 158 | LOG(ERROR) << "Minijail failed to drop root privileges?"; |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 159 | return false; |
| 160 | } |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 161 | vector<char*> args; |
| 162 | args.push_back(const_cast<char*>(kCryptoUtilShimPath)); |
| 163 | args.push_back(const_cast<char*>(command.c_str())); |
Ben Chan | cc225ef | 2014-09-30 13:26:51 -0700 | [diff] [blame] | 164 | args.push_back(nullptr); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 165 | if (!minijail_->RunPipesAndDestroy(jail, args, &shim_pid_, |
Ben Chan | cc225ef | 2014-09-30 13:26:51 -0700 | [diff] [blame] | 166 | &shim_stdin_, &shim_stdout_, nullptr)) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 167 | LOG(ERROR) << "Minijail couldn't run our child process"; |
| 168 | return false; |
| 169 | } |
| 170 | // Invariant: if the shim process could be in flight, shim_pid_ != 0 and we |
| 171 | // have a callback scheduled to kill the shim process. |
| 172 | input_buffer_ = input; |
| 173 | next_input_byte_ = input_buffer_.begin(); |
| 174 | output_buffer_.clear(); |
| 175 | result_handler_ = result_handler; |
| 176 | shim_job_timeout_callback_.Reset(Bind(&CryptoUtilProxy::HandleShimTimeout, |
| 177 | AsWeakPtr())); |
| 178 | dispatcher_->PostDelayedTask(shim_job_timeout_callback_.callback(), |
| 179 | kShimJobTimeoutMilliseconds); |
| 180 | do { |
| 181 | if (file_io_->SetFdNonBlocking(shim_stdin_) || |
| 182 | file_io_->SetFdNonBlocking(shim_stdout_)) { |
| 183 | LOG(ERROR) << "Unable to set shim pipes to be non blocking."; |
| 184 | break; |
| 185 | } |
| 186 | shim_stdout_handler_.reset(dispatcher_->CreateInputHandler( |
| 187 | shim_stdout_, |
| 188 | Bind(&CryptoUtilProxy::HandleShimOutput, AsWeakPtr()), |
Peter Qiu | 3161caa | 2014-10-29 09:47:22 -0700 | [diff] [blame] | 189 | Bind(&CryptoUtilProxy::HandleShimReadError, AsWeakPtr()))); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 190 | shim_stdin_handler_.reset(dispatcher_->CreateReadyHandler( |
| 191 | shim_stdin_, |
| 192 | IOHandler::kModeOutput, |
| 193 | Bind(&CryptoUtilProxy::HandleShimStdinReady, AsWeakPtr()))); |
| 194 | LOG(INFO) << "Started crypto-util shim at " << shim_pid_; |
| 195 | return true; |
| 196 | } while (false); |
| 197 | // We've started a shim, but failed to set up the plumbing to communicate |
| 198 | // with it. Since we can't go forward, go backward and clean it up. |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 199 | // Kill the callback, since we're signalling failure by returning false. |
| 200 | result_handler_.Reset(); |
| 201 | HandleShimError(Error(Error::kOperationAborted)); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 202 | return false; |
| 203 | } |
| 204 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 205 | void CryptoUtilProxy::CleanupShim(const Error& shim_result) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 206 | LOG(INFO) << __func__; |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 207 | shim_result_.CopyFrom(shim_result); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 208 | if (shim_stdin_ > -1) { |
| 209 | file_io_->Close(shim_stdin_); |
| 210 | shim_stdin_ = -1; |
| 211 | } |
| 212 | if (shim_stdout_ > -1) { |
| 213 | file_io_->Close(shim_stdout_); |
| 214 | shim_stdout_ = -1; |
| 215 | } |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 216 | // Leave the output buffer so that we use it with the result handler. |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 217 | input_buffer_.clear(); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 218 | |
| 219 | shim_stdout_handler_.reset(); |
| 220 | shim_stdin_handler_.reset(); |
| 221 | |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 222 | // TODO(wiley) Change dhcp_config.cc to use the process killer. Change the |
| 223 | // process killer to send TERM before KILL a la dhcp_config.cc. |
| 224 | if (shim_pid_) { |
| 225 | process_killer_->Kill(shim_pid_, Bind(&CryptoUtilProxy::OnShimDeath, |
| 226 | AsWeakPtr())); |
| 227 | } else { |
| 228 | OnShimDeath(); |
| 229 | } |
| 230 | } |
| 231 | |
| 232 | void CryptoUtilProxy::OnShimDeath() { |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 233 | // Make sure the proxy is completely clean before calling back out. This |
| 234 | // requires we copy some state locally. |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 235 | shim_pid_ = 0; |
| 236 | shim_job_timeout_callback_.Cancel(); |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 237 | StringCallback handler(result_handler_); |
| 238 | result_handler_.Reset(); |
| 239 | string output(output_buffer_); |
| 240 | output_buffer_.clear(); |
| 241 | Error result; |
| 242 | result.CopyFrom(shim_result_); |
| 243 | shim_result_.Reset(); |
| 244 | if (!handler.is_null()) { |
| 245 | handler.Run(output, result); |
| 246 | } |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 247 | } |
| 248 | |
| 249 | void CryptoUtilProxy::HandleShimStdinReady(int fd) { |
| 250 | CHECK(fd == shim_stdin_); |
| 251 | CHECK(shim_pid_); |
| 252 | size_t bytes_to_write = distance<string::const_iterator>(next_input_byte_, |
| 253 | input_buffer_.end()); |
| 254 | ssize_t bytes_written = file_io_->Write(shim_stdin_, |
Christopher Wiley | b3e70d2 | 2013-04-26 17:28:37 -0700 | [diff] [blame] | 255 | &(*next_input_byte_), |
| 256 | bytes_to_write); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 257 | if (bytes_written < 0) { |
| 258 | HandleShimError(Error(Error::kOperationFailed, |
Christopher Wiley | b3e70d2 | 2013-04-26 17:28:37 -0700 | [diff] [blame] | 259 | "Failed to write any bytes to output buffer")); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 260 | return; |
| 261 | } |
| 262 | next_input_byte_ += bytes_written; |
| 263 | if (next_input_byte_ == input_buffer_.end()) { |
Christopher Wiley | 956400a | 2013-04-05 10:47:25 -0700 | [diff] [blame] | 264 | LOG(INFO) << "Finished writing output buffer to shim."; |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 265 | // Done writing out the proto buffer, close the pipe so that the shim |
| 266 | // knows that's all there is. Close our handler first. |
| 267 | shim_stdin_handler_.reset(); |
| 268 | file_io_->Close(shim_stdin_); |
| 269 | shim_stdin_ = -1; |
| 270 | input_buffer_.clear(); |
| 271 | next_input_byte_ = input_buffer_.begin(); |
| 272 | } |
| 273 | } |
| 274 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 275 | void CryptoUtilProxy::HandleShimOutput(InputData* data) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 276 | CHECK(shim_pid_); |
| 277 | CHECK(!result_handler_.is_null()); |
| 278 | if (data->len > 0) { |
| 279 | // Everyone is shipping features and I'm just here copying bytes from one |
| 280 | // buffer to another. |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 281 | output_buffer_.append(reinterpret_cast<char*>(data->buf), data->len); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 282 | return; |
| 283 | } |
| 284 | // EOF -> we're done! |
Christopher Wiley | 956400a | 2013-04-05 10:47:25 -0700 | [diff] [blame] | 285 | LOG(INFO) << "Finished reading " << output_buffer_.length() |
| 286 | << " bytes from shim."; |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 287 | shim_stdout_handler_.reset(); |
| 288 | file_io_->Close(shim_stdout_); |
| 289 | shim_stdout_ = -1; |
| 290 | Error no_error; |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 291 | CleanupShim(no_error); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 292 | } |
| 293 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 294 | void CryptoUtilProxy::HandleShimError(const Error& error) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 295 | // Abort abort abort. There is very little we can do here. |
Christopher Wiley | 67e425e | 2013-05-02 15:54:51 -0700 | [diff] [blame] | 296 | output_buffer_.clear(); |
| 297 | CleanupShim(error); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 298 | } |
| 299 | |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 300 | void CryptoUtilProxy::HandleShimReadError(const string& error_msg) { |
Peter Qiu | 3161caa | 2014-10-29 09:47:22 -0700 | [diff] [blame] | 301 | Error e(Error::kOperationFailed, error_msg); |
| 302 | HandleShimError(e); |
| 303 | } |
| 304 | |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 305 | void CryptoUtilProxy::HandleShimTimeout() { |
| 306 | Error e(Error::kOperationTimeout); |
| 307 | HandleShimError(e); |
| 308 | } |
| 309 | |
| 310 | void CryptoUtilProxy::HandleVerifyResult( |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 311 | const ResultBoolCallback& result_handler, |
| 312 | const std::string& result, |
| 313 | const Error& error) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 314 | if (!error.IsSuccess()) { |
| 315 | result_handler.Run(error, false); |
| 316 | return; |
| 317 | } |
| 318 | VerifyCredentialsResponse response; |
| 319 | Error e; |
| 320 | |
| 321 | if (!response.ParseFromString(result) || !response.has_ret()) { |
| 322 | e.Populate(Error::kInternalError, "Failed parsing shim result."); |
| 323 | result_handler.Run(e, false); |
| 324 | return; |
| 325 | } |
| 326 | |
| 327 | result_handler.Run(e, ParseResponseReturnCode(response.ret(), &e)); |
| 328 | } |
| 329 | |
| 330 | // static |
| 331 | bool CryptoUtilProxy::ParseResponseReturnCode(int proto_return_code, |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 332 | Error* e) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 333 | bool success = false; |
| 334 | switch (proto_return_code) { |
| 335 | case shill_protos::OK: |
| 336 | success = true; |
| 337 | break; |
| 338 | case shill_protos::ERROR_UNKNOWN: |
| 339 | e->Populate(Error::kInternalError, "Internal shim error."); |
| 340 | break; |
| 341 | case shill_protos::ERROR_OUT_OF_MEMORY: |
| 342 | e->Populate(Error::kInternalError, "Shim is out of memory."); |
| 343 | break; |
| 344 | case shill_protos::ERROR_CRYPTO_OPERATION_FAILED: |
| 345 | e->Populate(Error::kOperationFailed, "Invalid credentials."); |
| 346 | break; |
| 347 | case shill_protos::ERROR_INVALID_ARGUMENTS: |
| 348 | e->Populate(Error::kInvalidArguments, "Invalid arguments."); |
| 349 | break; |
| 350 | default: |
| 351 | e->Populate(Error::kInternalError, "Unknown error."); |
| 352 | break; |
| 353 | } |
| 354 | return success; |
| 355 | } |
| 356 | |
| 357 | void CryptoUtilProxy::HandleEncryptResult( |
Paul Stewart | a794cd6 | 2015-06-16 13:13:10 -0700 | [diff] [blame] | 358 | const ResultStringCallback& result_handler, |
| 359 | const std::string& result, |
| 360 | const Error& error) { |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 361 | if (!error.IsSuccess()) { |
| 362 | result_handler.Run(error, ""); |
| 363 | return; |
| 364 | } |
| 365 | EncryptDataResponse response; |
| 366 | Error e; |
| 367 | |
| 368 | if (!response.ParseFromString(result) || !response.has_ret()) { |
| 369 | e.Populate(Error::kInternalError, "Failed parsing shim result."); |
| 370 | result_handler.Run(e, ""); |
| 371 | return; |
| 372 | } |
| 373 | |
| 374 | if (!ParseResponseReturnCode(response.ret(), &e)) { |
| 375 | result_handler.Run(e, ""); |
| 376 | return; |
| 377 | } |
| 378 | |
| 379 | if (!response.has_encrypted_data() || |
| 380 | response.encrypted_data().empty()) { |
| 381 | e.Populate(Error::kInternalError, |
| 382 | "Shim returned successfully, but included no encrypted data."); |
| 383 | result_handler.Run(e, ""); |
| 384 | return; |
| 385 | } |
| 386 | |
Christopher Wiley | 5447d2e | 2013-03-19 17:46:03 -0700 | [diff] [blame] | 387 | string encoded_data; |
| 388 | if (!glib_->B64Encode(response.encrypted_data(), &encoded_data)) { |
| 389 | e.Populate(Error::kInternalError, "Failed to encode result."); |
| 390 | result_handler.Run(e, ""); |
| 391 | return; |
| 392 | } |
| 393 | |
| 394 | result_handler.Run(e, encoded_data); |
Christopher Wiley | 5a3f23a | 2013-02-20 17:29:57 -0800 | [diff] [blame] | 395 | } |
| 396 | |
| 397 | } // namespace shill |