 81bdba67ec
			
		
	
	
	
	
	81bdba67ec* feat: Implement password delegate for NSS (#41188) Introduce an app event client-certificate-request-password. It allows the user to display a UI to prompt for the password. An alternative would have been to implement a class similar to CryptoModulePasswordDialogView, to provide the UI. This might have been simpler for the user, comparing to letting them implement the UI. But it seems like electron does not have an i18n framework, so it's not possible to provide a locale aware UI. * fix lint:markdown error * address review comments * use a trampoline handler in JS. The api exposed is now app.setClientCertRequestPasswordHandler * use properties on the Event object instead of positional parameters * remove ChromeNSSCryptoModuleDelegate::OnPassword in favor of args->GetNext(&password_) * address review comments second round - backslash escape parametrized TypeScript - rename hostName param to hostname - use base::ScopedAllowBaseSyncPrimitivesForTesting - and then, rename ChromeNSSCryptoModuleDelegate to ElectronNSSCryptoModuleDelegate * Update docs/api/app.md Co-authored-by: Sam Maddock <samuel.maddock@gmail.com> * Update docs/api/app.md Co-authored-by: Erick Zhao <erick@hotmail.ca> --------- Co-authored-by: Arno Renevier <arnaud@switchboard.app> Co-authored-by: Sam Maddock <samuel.maddock@gmail.com> Co-authored-by: Erick Zhao <erick@hotmail.ca>
		
			
				
	
	
		
			72 lines
		
	
	
	
		
			2.4 KiB
			
		
	
	
	
		
			C++
		
	
	
	
	
	
			
		
		
	
	
			72 lines
		
	
	
	
		
			2.4 KiB
			
		
	
	
	
		
			C++
		
	
	
	
	
	
| // Copyright (c) 2024 Switchboard
 | |
| // Use of this source code is governed by the MIT license that can be
 | |
| // found in the LICENSE file.
 | |
| 
 | |
| #include "shell/browser/electron_crypto_module_delegate_nss.h"
 | |
| 
 | |
| #include "crypto/nss_crypto_module_delegate.h"
 | |
| #include "shell/browser/api/electron_api_app.h"
 | |
| #include "shell/browser/javascript_environment.h"
 | |
| #include "shell/common/gin_converters/callback_converter.h"
 | |
| #include "shell/common/gin_helper/callback.h"
 | |
| #include "shell/common/v8_value_serializer.h"
 | |
| 
 | |
| ElectronNSSCryptoModuleDelegate::ElectronNSSCryptoModuleDelegate(
 | |
|     const net::HostPortPair& server)
 | |
|     : server_(server),
 | |
|       event_(base::WaitableEvent::ResetPolicy::AUTOMATIC,
 | |
|              base::WaitableEvent::InitialState::NOT_SIGNALED) {}
 | |
| 
 | |
| ElectronNSSCryptoModuleDelegate::~ElectronNSSCryptoModuleDelegate() = default;
 | |
| 
 | |
| std::string ElectronNSSCryptoModuleDelegate::RequestPassword(
 | |
|     const std::string& token_name,
 | |
|     bool retry,
 | |
|     bool* cancelled) {
 | |
|   DCHECK(!event_.IsSignaled());
 | |
|   event_.Reset();
 | |
| 
 | |
|   if (content::GetUIThreadTaskRunner({})->PostTask(
 | |
|           FROM_HERE,
 | |
|           base::BindOnce(
 | |
|               &ElectronNSSCryptoModuleDelegate::RequestPasswordOnUIThread, this,
 | |
|               token_name, retry))) {
 | |
|     base::ScopedAllowBaseSyncPrimitivesForTesting allow_wait;
 | |
|     event_.Wait();
 | |
|   }
 | |
|   *cancelled = cancelled_;
 | |
|   return password_;
 | |
| }
 | |
| 
 | |
| void ElectronNSSCryptoModuleDelegate::RequestPasswordOnUIThread(
 | |
|     const std::string& token_name,
 | |
|     bool retry) {
 | |
|   DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
 | |
| 
 | |
|   v8::Isolate* isolate = electron::JavascriptEnvironment::GetIsolate();
 | |
|   v8::HandleScope handle_scope(isolate);
 | |
| 
 | |
|   gin::Handle<gin_helper::internal::Event> event =
 | |
|       gin_helper::internal::Event::New(isolate);
 | |
|   v8::Local<v8::Object> event_object = event.ToV8().As<v8::Object>();
 | |
|   gin_helper::Dictionary dict(isolate, event_object);
 | |
|   dict.Set("hostname", server_.host());
 | |
|   dict.Set("tokenName", token_name);
 | |
|   dict.Set("isRetry", retry);
 | |
| 
 | |
|   electron::api::App::Get()->EmitWithoutEvent(
 | |
|       "-client-certificate-request-password", event_object,
 | |
|       base::BindOnce(&ElectronNSSCryptoModuleDelegate::OnPassword, this));
 | |
| 
 | |
|   if (!event->GetDefaultPrevented()) {
 | |
|     password_ = "";
 | |
|     cancelled_ = true;
 | |
|     event_.Signal();
 | |
|   }
 | |
| }
 | |
| 
 | |
| void ElectronNSSCryptoModuleDelegate::OnPassword(gin::Arguments* args) {
 | |
|   args->GetNext(&password_);
 | |
|   cancelled_ = password_.empty();
 | |
|   event_.Signal();
 | |
| }
 |