| blob | ebda03529962d1a5e2d19b48ac382b3f32449e70 |
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 /**
6 * @fileoverview A single gnubby signer wraps the process of opening a gnubby,
7 * signing each challenge in an array of challenges until a success condition
8 * is satisfied, and finally yielding the gnubby upon success.
9 *
10 */
14 /**
15 * @typedef {{
16 * code: number,
17 * gnubby: (Gnubby|undefined),
18 * challenge: (SignHelperChallenge|undefined),
19 * info: (ArrayBuffer|undefined)
20 * }}
21 */
24 /**
25 * Creates a new sign handler with a gnubby. This handler will perform a sign
26 * operation using each challenge in an array of challenges until its success
27 * condition is satisified, or an error or timeout occurs. The success condition
28 * is defined differently depending whether this signer is used for enrolling
29 * or for signing:
30 *
31 * For enroll, success is defined as each challenge yielding wrong data. This
32 * means this gnubby is not currently enrolled for any of the appIds in any
33 * challenge.
34 *
35 * For sign, success is defined as any challenge yielding ok.
36 *
37 * The complete callback is called only when the signer reaches success or
38 * failure, i.e. when there is no need for this signer to continue trying new
39 * challenges.
40 *
41 * @param {GnubbyDeviceId} gnubbyId Which gnubby to open.
42 * @param {boolean} forEnroll Whether this signer is signing for an attempted
43 * enroll operation.
44 * @param {function(SingleSignerResult)}
45 * completeCb Called when this signer completes, i.e. no further results are
46 * possible.
47 * @param {Countdown} timer An advisory timer, beyond whose expiration the
48 * signer will not attempt any new operations, assuming the caller is no
49 * longer interested in the outcome.
50 * @param {string=} opt_logMsgUrl A URL to post log messages to.
51 * @constructor
52 */
54 opt_logMsgUrl) {
55 /** @private {GnubbyDeviceId} */
57 /** @private {SingleGnubbySigner.State} */
59 /** @private {boolean} */
61 /** @private {function(SingleSignerResult)} */
63 /** @private {Countdown} */
65 /** @private {string|undefined} */
68 /** @private {!Array<!SignHelperChallenge>} */
70 /** @private {number} */
72 /** @private {boolean} */
75 /** @private {!Object<number>} */
77 }
79 /** @enum {number} */
81 /** Initial state. */
83 /** The signer is attempting to open a gnubby. */
85 /** The signer's gnubby opened, but is busy. */
87 /** The signer has an open gnubby, but no challenges to sign. */
89 /** The signer is currently signing a challenge. */
91 /** The signer got a final outcome. */
93 /** The signer is closing its gnubby. */
95 /** The signer is closed. */
97 };
99 /**
100 * @return {GnubbyDeviceId} This device id of the gnubby for this signer.
101 */
104 };
106 /**
107 * Closes this signer's gnubby, if it's held.
108 */
113 };
115 /**
116 * Called when this signer's gnubby is closed.
117 * @private
118 */
122 };
124 /**
125 * Begins signing the given challenges.
126 * @param {Array<SignHelperChallenge>} challenges The challenges to sign.
127 * @return {boolean} Whether the challenges were accepted.
128 */
131 // Can't add new challenges once they've been set.
133 }
140 }
141 }
149 // The open has already commenced, so accept the challenges, but don't do
150 // anything.
154 // Challenges set: start signing.
157 // An empty list of challenges can be set during enroll, when the user
158 // has no existing enrolled gnubbies. It's unexpected during sign, but
159 // returning WRONG_DATA satisfies the caller in either case.
164 }
167 // Already signing, so don't kick off a new sign, but accept the added
168 // challenges.
172 }
174 };
176 /**
177 * Attempts to open this signer's gnubby, if it's not already open.
178 * @private
179 */
183 // Assume the first challenge's appId is representative of all of them.
185 }
192 appIdHash,
194 }
195 };
197 /**
198 * How long to delay retrying a failed open.
199 */
202 /**
203 * How long to delay retrying a sign requiring touch.
204 */
207 /**
208 * @param {number} rc The result of the open operation.
209 * @param {Gnubby=} gnubby The opened gnubby, if open was successful (or busy).
210 * @private
211 */
215 // Open completed after close, perhaps? Ignore.
217 }
226 }
231 // If there's still time, retry the open.
241 }
245 }
248 // TODO: This won't be confused with success, but should it be
249 // part of the same namespace as the other error codes, which are
250 // always in DeviceStatusCodes.*?
252 }
253 };
255 /**
256 * Called with the result of a version command.
257 * @param {number} rc Result of version command.
258 * @param {ArrayBuffer=} opt_data Version.
259 * @private
260 */
266 }
267 // There's still time: resync and retry.
273 }
275 });
277 }
281 }
285 };
287 /**
288 * @param {number} challengeIndex Index of challenge to sign
289 * @private
290 */
293 // Already closed? Nothing to do.
295 }
297 // If the timer is expired, that means we never got a success response.
298 // We could have gotten wrong data on a partial set of challenges, but this
299 // means we don't yet know the final outcome. In any event, we don't yet
300 // know the final outcome: return timeout.
303 }
307 }
314 }
321 // Cache hit: return wrong data again.
324 // Sign challenge for a different version of gnubby: return wrong data.
330 nowink);
331 }
332 };
334 /**
335 * @param {number} code The result of a sign operation.
336 * @return {boolean} Whether the error indicates the key handle is invalid
337 * for this gnubby.
338 */
343 };
345 /**
346 * Called with the result of a single sign operation.
347 * @param {number} challengeIndex the index of the challenge just attempted
348 * @param {number} code the result of the sign operation
349 * @param {ArrayBuffer=} opt_info Optional result data
350 * @private
351 */
358 // We're done, the caller's no longer interested.
360 }
362 // Cache certain idempotent errors, re-asking the gnubby to sign it
363 // won't produce different results.
369 }
370 }
371 }
388 // Lower bound on the minimum length, signature length can vary.
393 }
398 }
416 }
426 }
427 }
428 };
430 /**
431 * Called with the response of a sync command, called when a sign yields a
432 * timeout to reassert control over the gnubby.
433 * @param {number} code Error code
434 * @private
435 */
440 }
442 };
444 /**
445 * Switches to the error state, and notifies caller.
446 * @param {number} code Error code
447 * @param {boolean=} opt_warn Whether to warn in the console about the error.
448 * @private
449 */
456 // When a device yields WRONG_DATA to all sign challenges, and this is a
457 // sign request, we don't want to yield to the web page that it's not
458 // enrolled just yet: we want the user to tap the device first. We'll
459 // report the gnubby to the caller and let it close it instead of closing
460 // it here.
463 // Since this gnubby can no longer produce a useful result, go ahead and
464 // close it.
466 }
468 };
470 /**
471 * Switches to the success state, and notifies caller.
472 * @param {number} code Status code
473 * @param {SignHelperChallenge=} opt_challenge The challenge signed
474 * @param {ArrayBuffer=} opt_info Optional result data
475 * @private
476 */
485 }
488 }
489 }
491 // this.gnubby_ is now owned by completeCb_.
493 };