OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/nss_util.h" | 5 #include "base/nss_util.h" |
6 #include "base/nss_util_internal.h" | 6 #include "base/nss_util_internal.h" |
7 | 7 |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <plarena.h> | 9 #include <plarena.h> |
10 #include <prerror.h> | 10 #include <prerror.h> |
(...skipping 11 matching lines...) Expand all Loading... |
22 #include "base/lazy_instance.h" | 22 #include "base/lazy_instance.h" |
23 #include "base/logging.h" | 23 #include "base/logging.h" |
24 #include "base/stringprintf.h" | 24 #include "base/stringprintf.h" |
25 #include "base/threading/thread_restrictions.h" | 25 #include "base/threading/thread_restrictions.h" |
26 | 26 |
27 // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not | 27 // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not |
28 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't | 28 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't |
29 // use NSS for crypto or certificate verification, and we don't use the NSS | 29 // use NSS for crypto or certificate verification, and we don't use the NSS |
30 // certificate and key databases. | 30 // certificate and key databases. |
31 #if defined(USE_NSS) | 31 #if defined(USE_NSS) |
32 #include "base/crypto/pk11_blocking_password_delegate.h" | 32 #include "base/crypto/crypto_module_blocking_password_delegate.h" |
33 #include "base/environment.h" | 33 #include "base/environment.h" |
34 #include "base/lock.h" | 34 #include "base/lock.h" |
35 #include "base/scoped_ptr.h" | 35 #include "base/scoped_ptr.h" |
36 #endif // defined(USE_NSS) | 36 #endif // defined(USE_NSS) |
37 | 37 |
38 namespace base { | 38 namespace base { |
39 | 39 |
40 namespace { | 40 namespace { |
41 | 41 |
42 #if defined(USE_NSS) | 42 #if defined(USE_NSS) |
(...skipping 21 matching lines...) Expand all Loading... |
64 #if defined(OS_CHROMEOS) | 64 #if defined(OS_CHROMEOS) |
65 static const FilePath::CharType kReadOnlyCertDB[] = | 65 static const FilePath::CharType kReadOnlyCertDB[] = |
66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); | 66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); |
67 return FilePath(kReadOnlyCertDB); | 67 return FilePath(kReadOnlyCertDB); |
68 #else | 68 #else |
69 return GetDefaultConfigDirectory(); | 69 return GetDefaultConfigDirectory(); |
70 #endif // defined(OS_CHROMEOS) | 70 #endif // defined(OS_CHROMEOS) |
71 } | 71 } |
72 | 72 |
73 // This callback for NSS forwards all requests to a caller-specified | 73 // This callback for NSS forwards all requests to a caller-specified |
74 // PK11BlockingPasswordDelegate object. | 74 // CryptoModuleBlockingPasswordDelegate object. |
75 char* PK11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { | 75 char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { |
76 base::PK11BlockingPasswordDelegate* delegate = | 76 base::CryptoModuleBlockingPasswordDelegate* delegate = |
77 reinterpret_cast<base::PK11BlockingPasswordDelegate*>(arg); | 77 reinterpret_cast<base::CryptoModuleBlockingPasswordDelegate*>(arg); |
78 if (delegate) { | 78 if (delegate) { |
79 bool cancelled = false; | 79 bool cancelled = false; |
80 std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), | 80 std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), |
81 retry != PR_FALSE, | 81 retry != PR_FALSE, |
82 &cancelled); | 82 &cancelled); |
83 if (cancelled) | 83 if (cancelled) |
84 return NULL; | 84 return NULL; |
85 char* result = PORT_Strdup(password.c_str()); | 85 char* result = PORT_Strdup(password.c_str()); |
86 password.replace(0, password.size(), password.size(), 0); | 86 password.replace(0, password.size(), password.size(), 0); |
87 return result; | 87 return result; |
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
267 LOG(WARNING) << "Initialize NSS without a persistent database " | 267 LOG(WARNING) << "Initialize NSS without a persistent database " |
268 "(~/.pki/nssdb)."; | 268 "(~/.pki/nssdb)."; |
269 status = NSS_NoDB_Init(NULL); | 269 status = NSS_NoDB_Init(NULL); |
270 if (status != SECSuccess) { | 270 if (status != SECSuccess) { |
271 LOG(ERROR) << "Error initializing NSS without a persistent " | 271 LOG(ERROR) << "Error initializing NSS without a persistent " |
272 "database: NSS error code " << PR_GetError(); | 272 "database: NSS error code " << PR_GetError(); |
273 return; | 273 return; |
274 } | 274 } |
275 } | 275 } |
276 | 276 |
277 PK11_SetPasswordFunc(PK11PasswordFunc); | 277 PK11_SetPasswordFunc(PKCS11PasswordFunc); |
278 | 278 |
279 // If we haven't initialized the password for the NSS databases, | 279 // If we haven't initialized the password for the NSS databases, |
280 // initialize an empty-string password so that we don't need to | 280 // initialize an empty-string password so that we don't need to |
281 // log in. | 281 // log in. |
282 PK11SlotInfo* slot = PK11_GetInternalKeySlot(); | 282 PK11SlotInfo* slot = PK11_GetInternalKeySlot(); |
283 if (slot) { | 283 if (slot) { |
284 // PK11_InitPin may write to the keyDB, but no other thread can use NSS | 284 // PK11_InitPin may write to the keyDB, but no other thread can use NSS |
285 // yet, so we don't need to lock. | 285 // yet, so we don't need to lock. |
286 if (PK11_NeedUserInit(slot)) | 286 if (PK11_NeedUserInit(slot)) |
287 PK11_InitPin(slot, NULL, NULL); | 287 PK11_InitPin(slot, NULL, NULL); |
(...skipping 136 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
424 exploded.millisecond = prxtime.tm_usec / 1000; | 424 exploded.millisecond = prxtime.tm_usec / 1000; |
425 | 425 |
426 return Time::FromUTCExploded(exploded); | 426 return Time::FromUTCExploded(exploded); |
427 } | 427 } |
428 | 428 |
429 PK11SlotInfo* GetDefaultNSSKeySlot() { | 429 PK11SlotInfo* GetDefaultNSSKeySlot() { |
430 return g_nss_singleton.Get().GetDefaultKeySlot(); | 430 return g_nss_singleton.Get().GetDefaultKeySlot(); |
431 } | 431 } |
432 | 432 |
433 } // namespace base | 433 } // namespace base |
OLD | NEW |