Remove TPMTokenInfoDelegate

chrome/browser/chromeos/cros/cert_library.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/chromeos/cros/cert_library.h"
 
 #include <algorithm>
 
 #include "base/command_line.h"
 #include "base/memory/weak_ptr.h"
@@ skipping 77 matching lines @@
         issued_to,
         l10n_util::GetStringUTF16(IDS_CERT_MANAGER_HARDWARE_BACKED));
   } else {
     return l10n_util::GetStringFUTF16(
         IDS_CERT_MANAGER_KEY_FORMAT_LONG,
         issued_by,
         issued_to);
   }
 }
 
-class RealTPMTokenInfoDelegate : public crypto::TPMTokenInfoDelegate {
- public:
-  RealTPMTokenInfoDelegate();
-  virtual ~RealTPMTokenInfoDelegate();
-
-  // TPMTokenInfoDeleagte overrides:
-  virtual void RequestIsTokenReady(
-      base::Callback<void(bool result)> callback) const OVERRIDE;
-  virtual void GetTokenInfo(std::string* token_name,
-                            std::string* user_pin) const OVERRIDE;
-
- private:
-  // This method is used to implement RequestIsTokenReady.
-  void OnPkcs11IsTpmTokenReady(base::Callback<void(bool result)> callback,
-                               DBusMethodCallStatus call_status,
-                               bool is_tpm_token_ready) const;
-
-  // This method is used to implement RequestIsTokenReady.
-  void OnPkcs11GetTpmTokenInfo(base::Callback<void(bool result)> callback,
-                               DBusMethodCallStatus call_status,
-                               const std::string& token_name,
-                               const std::string& user_pin) const;
-
-  // These are mutable since we need to cache them in IsTokenReady().
-  mutable bool token_ready_;
-  mutable std::string token_name_;
-  mutable std::string user_pin_;
-  mutable base::WeakPtrFactory<RealTPMTokenInfoDelegate> weak_ptr_factory_;
-};
-
-RealTPMTokenInfoDelegate::RealTPMTokenInfoDelegate() : token_ready_(false),
-                                                       weak_ptr_factory_(this) {
-}
-
-RealTPMTokenInfoDelegate::~RealTPMTokenInfoDelegate() {}
-
-void RealTPMTokenInfoDelegate::RequestIsTokenReady(
-    base::Callback<void(bool result)> callback) const {
-  CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
-  if (token_ready_) {
-    BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
-                            base::Bind(callback, true));
-    return;
-  }
-  DBusThreadManager::Get()->GetCryptohomeClient()->Pkcs11IsTpmTokenReady(
-      base::Bind(&RealTPMTokenInfoDelegate::OnPkcs11IsTpmTokenReady,
-                 weak_ptr_factory_.GetWeakPtr(),
-                 callback));
-}
-
-void RealTPMTokenInfoDelegate::GetTokenInfo(std::string* token_name,
-                                            std::string* user_pin) const {
-  // May be called from a non UI thread, but must only be called after
-  // IsTokenReady() returns true.
-  CHECK(token_ready_);
-  if (token_name)
-    *token_name = token_name_;
-  if (user_pin)
-    *user_pin = user_pin_;
-}
-
-void RealTPMTokenInfoDelegate::OnPkcs11IsTpmTokenReady(
-    base::Callback<void(bool result)> callback,
-    DBusMethodCallStatus call_status,
-    bool is_tpm_token_ready) const {
-  if (call_status != DBUS_METHOD_CALL_SUCCESS || !is_tpm_token_ready) {
-    callback.Run(false);
-    return;
-  }
-
-  // Retrieve token_name_ and user_pin_ here since they will never change
-  // and CryptohomeClient calls are not thread safe.
-  DBusThreadManager::Get()->GetCryptohomeClient()->Pkcs11GetTpmTokenInfo(
-      base::Bind(&RealTPMTokenInfoDelegate::OnPkcs11GetTpmTokenInfo,
-                 weak_ptr_factory_.GetWeakPtr(),
-                 callback));
-}
-
-void RealTPMTokenInfoDelegate::OnPkcs11GetTpmTokenInfo(
-    base::Callback<void(bool result)> callback,
-    DBusMethodCallStatus call_status,
-    const std::string& token_name,
-    const std::string& user_pin) const {
-  if (call_status == DBUS_METHOD_CALL_SUCCESS) {
-    token_name_ = token_name;
-    user_pin_ = user_pin;
-    token_ready_ = true;
-  }
-  callback.Run(token_ready_);
-}
-
 }  // namespace
 
 //////////////////////////////////////////////////////////////////////////////
 
 // base::Unretained(this) in the class is safe. By the time this object is
 // deleted as part of CrosLibrary, the DB thread and the UI message loop
 // are already terminated.
 class CertLibraryImpl
     : public CertLibrary,
       public net::CertDatabase::Observer {
  public:
   typedef ObserverListThreadSafe<CertLibrary::Observer> CertLibraryObserverList;
 
   CertLibraryImpl() :
       observer_list_(new CertLibraryObserverList),
+      tpm_token_ready_(false),
       user_logged_in_(false),
       certificates_requested_(false),
       certificates_loaded_(false),
       key_store_loaded_(false),
       ALLOW_THIS_IN_INITIALIZER_LIST(certs_(this)),
       ALLOW_THIS_IN_INITIALIZER_LIST(user_certs_(this)),
       ALLOW_THIS_IN_INITIALIZER_LIST(server_certs_(this)),
       ALLOW_THIS_IN_INITIALIZER_LIST(server_ca_certs_(this)),
       ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) {
     CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
@@ skipping 25 matching lines @@
 
     // Only load the Opencryptoki library into NSS if we have this switch.
     // TODO(gspencer): Remove this switch once cryptohomed work is finished:
     // http://crosbug.com/12295 and 12304
     // Note: ChromeOS login with or without loginmanager will crash when
     // the CertLibrary is not there (http://crosbug.com/121456). Before removing
     // make sure that that case still works.
     if (CommandLine::ForCurrentProcess()->HasSwitch(
             switches::kLoadOpencryptoki) ||
         CommandLine::ForCurrentProcess()->HasSwitch(switches::kStubCros)) {
-      crypto::EnableTPMTokenForNSS(new RealTPMTokenInfoDelegate());
+      crypto::EnableTPMTokenForNSS();

[Ryan Sleevi, 2012/05/16 17:02:16]

See comments in crypto/

       // Note: this calls crypto::EnsureTPMTokenReady()
       RequestCertificates();
     }
     key_store_loaded_ = true;
   }
 
   virtual bool CertificatesLoading() const OVERRIDE {
     return certificates_requested_ && !certificates_loaded_;
   }
 
@@ skipping 120 matching lines @@
       string16 rhs_name = GetDisplayString(rhs.get(), false);
       if (collator_ == NULL)
         return lhs_name < rhs_name;
       return l10n_util::CompareString16WithCollator(
           collator_, lhs_name, rhs_name) == UCOL_LESS;
     }
    private:
     icu::Collator* collator_;
   };
 
-  void RequestCertificatesTask() {
-    CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
-        << __FUNCTION__ << " should be called on UI thread.";
-    // Reset the task to the initial state so is_null() returns true.
-    request_task_ = base::Closure();
-    RequestCertificates();
-  }
-
   void NotifyCertificatesLoaded(bool initial_load) {
     observer_list_->Notify(
         &CertLibrary::Observer::OnCertificatesLoaded, initial_load);
   }
 
   // |cert_list| is allocated in LoadCertificates() and must be deleted here.
   void UpdateCertificates(net::CertificateList* cert_list) {
     CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
         << __FUNCTION__ << " should be called on UI thread.";
     DCHECK(cert_list);
@@ skipping 91 matching lines @@
     }
 
     if (!user_logged_in_) {
       user_logged_in_ = true;
       certificates_loaded_ = false;
       supplemental_user_key_.reset(NULL);
     }
 
     VLOG(1) << "Requesting Certificates.";
     DBusThreadManager::Get()->GetCryptohomeClient()->TpmIsEnabled(
-        base::Bind(&CertLibraryImpl::RequestCertificatesInternal,
+        base::Bind(&CertLibraryImpl::OnTpmIsEnabled,
                    weak_ptr_factory_.GetWeakPtr()));
   }
 
   // This method is used to implement RequestCertificates.
-  void RequestCertificatesInternal(DBusMethodCallStatus call_status,
-                                   bool tpm_is_enabled) {
+  void OnTpmIsEnabled(DBusMethodCallStatus call_status, bool tpm_is_enabled) {
     CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
         << __FUNCTION__ << " should be called on UI thread.";
     if (call_status != DBUS_METHOD_CALL_SUCCESS || !tpm_is_enabled) {
       // TPM is not enabled, so proceed with empty tpm token name.
       VLOG(1) << "TPM not available.";
       BrowserThread::PostTask(
           BrowserThread::DB, FROM_HERE,
           base::Bind(&CertLibraryImpl::LoadCertificates,
                      base::Unretained(this)));
-    } else if (crypto::IsTPMTokenReady()) {
-      // Need TPM token name to filter user certificates.
-      const bool tpm_token_ready = true;
-      GetTPMTokenName(tpm_token_ready);
+    } else if (tpm_token_ready_) {
+      InitializeTPMToken();
     } else {
-      crypto::InitializeTPMToken(
-          base::Bind(&CertLibraryImpl::GetTPMTokenName,
+      DBusThreadManager::Get()->GetCryptohomeClient()->Pkcs11IsTpmTokenReady(
+          base::Bind(&CertLibraryImpl::OnPkcs11IsTpmTokenReady,
                      weak_ptr_factory_.GetWeakPtr()));
     }
   }
 
   // This method is used to implement RequestCertificates.
-  void GetTPMTokenName(bool tpm_token_ready) {
-    CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
-        << __FUNCTION__ << " should be called on UI thread.";
-    if (tpm_token_ready) {
-      std::string unused_pin;
-      crypto::GetTPMTokenInfo(&tpm_token_name_, &unused_pin);
-    } else {
-      VLOG(1) << "TPM token not ready.";
-      if (request_task_.is_null()) {
-        // Cryptohome does not notify us when the token is ready, so call
-        // this again after a delay.
-        request_task_ = base::Bind(&CertLibraryImpl::RequestCertificatesTask,
-                                   weak_ptr_factory_.GetWeakPtr());
-        BrowserThread::PostDelayedTask(
-            BrowserThread::UI, FROM_HERE, request_task_,
-            base::TimeDelta::FromMilliseconds(kRequestDelayMs));
-      }
+  void OnPkcs11IsTpmTokenReady(DBusMethodCallStatus call_status,
+                               bool is_tpm_token_ready) {
+    if (call_status != DBUS_METHOD_CALL_SUCCESS || !is_tpm_token_ready) {
+      MaybeRetryRequestCertificates();
       return;
     }
 
+    // Retrieve token_name_ and user_pin_ here since they will never change
+    // and CryptohomeClient calls are not thread safe.
+    DBusThreadManager::Get()->GetCryptohomeClient()->Pkcs11GetTpmTokenInfo(
+        base::Bind(&CertLibraryImpl::OnPkcs11GetTpmTokenInfo,
+                   weak_ptr_factory_.GetWeakPtr()));
+  }
+
+  // This method is used to implement RequestCertificates.
+  void OnPkcs11GetTpmTokenInfo(DBusMethodCallStatus call_status,
+                               const std::string& token_name,
+                               const std::string& user_pin) {
+    if (call_status != DBUS_METHOD_CALL_SUCCESS) {
+      MaybeRetryRequestCertificates();
+      return;
+    }
+    tpm_token_name_ = token_name;
+    tpm_user_pin_ = user_pin;
+    tpm_token_ready_ = true;
+
+    InitializeTPMToken();
+  }
+
+  // This method is used to implement RequestCertificates.
+  void InitializeTPMToken() {
+    CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
+        << __FUNCTION__ << " should be called on UI thread.";

[Ryan Sleevi, 2012/05/16 17:02:16]

nit: These strings will not get optimized out in a release build, but will not
show up in crashdumps either.

If a user runs into them, they'll either be able to get a backtrace (if using
ChromiumOS) or it'll just crash.

Just wanted to make sure it was intentional to include the extra messaging -
normally the CHECK itself (which includes the file & line, IIRC) is sufficient.

Same elsewhere in this file as well.

[hashimoto, 2012/05/17 07:35:07]

Agree, CHECK itself is sufficient, removed the strings.

+    if (!crypto::InitializeTPMToken(tpm_token_name_, tpm_user_pin_)) {
+      MaybeRetryRequestCertificates();
+      return;
+    }
+
     // tpm_token_name_ is set, load the certificates on the DB thread.
     BrowserThread::PostTask(
         BrowserThread::DB, FROM_HERE,
         base::Bind(&CertLibraryImpl::LoadCertificates, base::Unretained(this)));
   }
 
+  void MaybeRetryRequestCertificates() {
+    if (!request_task_.is_null())
+      return;
+    // Cryptohome does not notify us when the token is ready, so call
+    // this again after a delay.
+    request_task_ = base::Bind(&CertLibraryImpl::RequestCertificatesTask,
+                               weak_ptr_factory_.GetWeakPtr());
+    BrowserThread::PostDelayedTask(
+        BrowserThread::UI, FROM_HERE, request_task_,
+        base::TimeDelta::FromMilliseconds(kRequestDelayMs));
+  }
+
+  void RequestCertificatesTask() {
+    CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI))
+        << __FUNCTION__ << " should be called on UI thread.";
+    // Reset the task to the initial state so is_null() returns true.
+    request_task_ = base::Closure();
+    RequestCertificates();
+  }
+
   // Observers.
   const scoped_refptr<CertLibraryObserverList> observer_list_;
 
   // Active request task for re-requests while waiting for TPM init.
   base::Closure request_task_;
 
+  bool tpm_token_ready_;
+
   // Cached TPM token name.
   std::string tpm_token_name_;
 
+  // Cached TPM user pin.
+  std::string tpm_user_pin_;
+
   // Supplemental user key.
   scoped_ptr<crypto::SymmetricKey> supplemental_user_key_;
 
   // Local state.
   bool user_logged_in_;
   bool certificates_requested_;
   bool certificates_loaded_;
   // The key store for the current user has been loaded. This flag is needed to
   // ensure that the key store will not be loaded twice in the policy recovery
   // "safe-mode".
@@ skipping 73 matching lines @@
     net::X509Certificate* cert = GetCertificateAt(index);
     net::X509Certificate::OSCertHandle cert_handle = cert->os_cert_handle();
     std::string id = x509_certificate_model::GetPkcs11Id(cert_handle);
     if (id == pkcs11_id)
       return index;
   }
   return -1;  // Not found.
 }
 
 }  // chromeos