Index: net/base/keygen_handler.h |
diff --git a/net/base/keygen_handler.h b/net/base/keygen_handler.h |
index 5ca6027ba2c3164f3a0ba1b86f522c507876a58c..cd3da7653244be121e51b0a7bb034e73f90d510f 100644 |
--- a/net/base/keygen_handler.h |
+++ b/net/base/keygen_handler.h |
@@ -8,8 +8,14 @@ |
#include <string> |
+#include "base/scoped_ptr.h" |
+#include "build/build_config.h" |
#include "googleurl/src/gurl.h" |
+namespace base { |
+class PK11BlockingPasswordDelegate; |
wtc
2010/12/15 20:54:36
Nit: put this forward declaration inside #if defin
mattm
2011/01/12 01:22:07
Done.
|
+}; |
+ |
namespace net { |
// This class handles keypair generation for generating client |
@@ -22,9 +28,10 @@ class KeygenHandler { |
// Creates a handler that will generate a key with the given key size and |
// incorporate the |challenge| into the Netscape SPKAC structure. The request |
// for the key originated from |url|. |
- inline KeygenHandler(int key_size_in_bits, |
- const std::string& challenge, |
- const GURL& url); |
+ KeygenHandler(int key_size_in_bits, |
+ const std::string& challenge, |
+ const GURL& url); |
+ ~KeygenHandler(); |
// Actually generates the key-pair and the cert request (SPKAC), and returns |
// a base64-encoded string suitable for use as the form value of <keygen>. |
@@ -33,22 +40,24 @@ class KeygenHandler { |
// Exposed only for unit tests. |
void set_stores_key(bool store) { stores_key_ = store;} |
+#if defined(USE_NSS) |
+ // On NSS, the token may be unauthenticated. We pass the blocking delegate for |
wtc
2010/12/15 20:54:36
Question: does this mean there is also a non-block
mattm
2011/01/12 01:22:07
no, just the alternate strategy of using the non-b
|
+ // simplicity; GenKeyAndSignChallenge will block on generating a key anyway, |
+ // so this is used on a worker thread. Takes ownership of the delegate. |
+ void set_pk11_password_delegate(base::PK11BlockingPasswordDelegate* delegate); |
+#endif // defined(USE_NSS) |
+ |
private: |
int key_size_in_bits_; // key size in bits (usually 2048) |
std::string challenge_; // challenge string sent by server |
GURL url_; // the URL that requested the key |
bool stores_key_; // should the generated key-pair be stored persistently? |
+#if defined(USE_NSS) |
+ // The callback for requesting a password to the PKCS#11 store. |
wtc
2010/12/15 20:54:36
Nit: store => token
mattm
2011/01/12 01:22:07
Done.
|
+ scoped_ptr<base::PK11BlockingPasswordDelegate> pk11_password_delegate_; |
+#endif // defined(USE_NSS) |
}; |
-KeygenHandler::KeygenHandler(int key_size_in_bits, |
- const std::string& challenge, |
- const GURL& url) |
- : key_size_in_bits_(key_size_in_bits), |
- challenge_(challenge), |
- url_(url), |
- stores_key_(true) { |
-} |
- |
} // namespace net |
#endif // NET_BASE_KEYGEN_HANDLER_H_ |