| Auto-Submit | +1 |
Ken, please take a look. Thank you! ^_^
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
CHECK(!is_ready_);Is there a reason to not hairpin the callback if `is_ready_` is already set? I get that the enclave controller won't do that but I'm asking if it doing so would be bad in some way.
if (cmtg_key_fetcher_ && !cmtg_key_fetcher_->is_ready()) {If this method is called a second time before the keys are ready, it will cause a crash on the `CHECK(!callback)` in `WaitForKeys`. We might want to handle that.
cmtg_key_fetcher_.reset();This means we no longer cache keys across retries. Is that intended?
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
| Commit-Queue | +1 |
Is there a reason to not hairpin the callback if `is_ready_` is already set? I get that the enclave controller won't do that but I'm asking if it doing so would be bad in some way.
I don't think there's anything wrong and this probably makes it easier to use the API. Done.
if (cmtg_key_fetcher_ && !cmtg_key_fetcher_->is_ready()) {If this method is called a second time before the keys are ready, it will cause a crash on the `CHECK(!callback)` in `WaitForKeys`. We might want to handle that.
I think if this happened it would be a bug and can't think of a way to trigger this normally, but the state machine is so complicated I agree we should handle it. Done.
This means we no longer cache keys across retries. Is that intended?
This seems like a mistake, since if the request is restarted we don't get a new `GPMEnclaveController` instance I believe. Removed this line.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Code-Review | +1 |
// when keys are ready. Should only be called if is_ready() is false.This sentence can be removed now.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
| Auto-Submit | +1 |
| Commit-Queue | +2 |
// when keys are ready. Should only be called if is_ready() is false.This sentence can be removed now.
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |
6 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: chrome/browser/webauthn/cmtg_key_fetcher.h
Insertions: 1, Deletions: 1.
@@ -48,7 +48,7 @@
std::optional<std::vector<std::vector<uint8_t>>> keys() { return keys_; }
// Starts the blocking latency timer and registers a callback to be invoked
- // when keys are ready. Should only be called if is_ready() is false.
+ // when keys are ready.
void WaitForKeys(Callback callback);
private:
```
[webauthn] Refactor CMTG key fetching into helper
Extract the CMTG (Credential Manager Trust Group) device key fetching,
timeout, and blocking latency recording logic from
GPMEnclaveController into a new CmtgKeyFetcher helper class.
This refactoring simplifies GPMEnclaveController and makes the CMTG
fetching logic reusable for other controllers.
TAG=agy
CONV=22d5e913-d277-45fc-a0c7-8ebfce14e2e1
| Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings. |