Index: base_policy/policy-utils.js |
diff --git a/base_policy/policy-utils.js b/base_policy/policy-utils.js |
index a021237199204655846f4bc293153dd1d487dc71..7679578db3d3be97c2510799aa587e861612ec0a 100644 |
--- a/base_policy/policy-utils.js |
+++ b/base_policy/policy-utils.js |
@@ -102,9 +102,6 @@ function Policy(manifest) { |
this.callbacks = new Policy.Callbacks(this); |
} |
-// Store keys and certificates in the TPM |
-Policy.USE_TPM = true; |
- |
// Well known user PIN for the TPM |
Policy.PKCS11_USER_PIN = '111111'; |
@@ -242,13 +239,8 @@ function PolicyCertificate(policy, id, params) { |
this.status = this.isInstalled() ? 'Installed' : 'Not Installed'; |
- if (this.isInstalled() && typeof this.onInstall == "function") { |
- try { |
- this.onInstall(/* firstInstall: */ false); |
- } catch (ex) { |
- this.error('Exception re-running post-install callback: ' + ex); |
- } |
- } |
+ if (this.isInstalled()) |
+ this.onInstall_(/* firstInstall: */ false); |
}; |
/** |
@@ -333,6 +325,31 @@ function findSlotByLabel(label) { |
} |
/** |
+ * Finalize certificate installation and invoke any user specific onInstall |
+ * function. |
+ * |
+ * @param {boolean} firstInstall True if this is the first time the certificate |
+ * has been installed. False if the certificate was already there when we |
+ * started. |
+ */ |
+Policy.Certificate.prototype.onInstall_ = |
+function onInstall(firstInstall) { |
+ this.path = 'SETTINGS:key_id=' + this.key_identifier + |
+ ',cert_id=' + this.key_identifier + |
+ ',pin=' + Policy.PKCS11_USER_PIN; |
+ |
+ this.info('Certificate installed to: ' + this.path); |
+ |
+ if (typeof this.onInstall == 'function') { |
+ try { |
+ this.onInstall(firstOnstall); |
+ } catch (ex) { |
+ this.error('Exception running post-install callback: ' + ex); |
+ } |
+ } |
+}; |
+ |
+/** |
* Determine if this certificate definition has been successfully installed. |
* |
* @return {boolean} A boolean indicating whether or not this certificate |
@@ -498,25 +515,7 @@ function onIssuanceComplete(request, response) { |
slot.addCertificate(cert); |
- if (Policy.USE_TPM) { |
- this.path = "SETTINGS:" |
- + "key_id=" + this.key_identifier |
- + ",cert_id=" + this.key_identifier |
- + ",pin=" + Policy.PKCS11_USER_PIN; |
- } else { |
- this.path = "/home/chronos/user/Downloads/" + this.label + ".pem"; |
- // Note: This requires entd to be run with --allow-write-to-file |
- writeToFile(cert.toString(), this.path); |
- } |
- this.info('Certificate installed to: ' + this.path); |
- |
- if (typeof request.certificate.onInstall == "function") { |
- try { |
- request.certificate.onInstall(/* firstInstall: */ true); |
- } catch (ex) { |
- this.error('Exception running post-install callback: ' + ex); |
- } |
- } |
+ this.onInstall_(/* firstInstall: */ true); |
}; |