OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/nss_util.h" | 5 #include "base/nss_util.h" |
6 #include "base/nss_util_internal.h" | 6 #include "base/nss_util_internal.h" |
7 | 7 |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <plarena.h> | 9 #include <plarena.h> |
10 #include <prerror.h> | 10 #include <prerror.h> |
(...skipping 11 matching lines...) Expand all Loading... |
22 #include "base/lazy_instance.h" | 22 #include "base/lazy_instance.h" |
23 #include "base/logging.h" | 23 #include "base/logging.h" |
24 #include "base/stringprintf.h" | 24 #include "base/stringprintf.h" |
25 #include "base/threading/thread_restrictions.h" | 25 #include "base/threading/thread_restrictions.h" |
26 | 26 |
27 // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not | 27 // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not |
28 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't | 28 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't |
29 // use NSS for crypto or certificate verification, and we don't use the NSS | 29 // use NSS for crypto or certificate verification, and we don't use the NSS |
30 // certificate and key databases. | 30 // certificate and key databases. |
31 #if defined(USE_NSS) | 31 #if defined(USE_NSS) |
32 #include "base/crypto/pk11_blocking_password_delegate.h" | 32 #include "base/crypto/crypto_module_blocking_password_delegate.h" |
33 #include "base/environment.h" | 33 #include "base/environment.h" |
34 #include "base/lock.h" | 34 #include "base/lock.h" |
35 #include "base/scoped_ptr.h" | 35 #include "base/scoped_ptr.h" |
36 #endif // defined(USE_NSS) | 36 #endif // defined(USE_NSS) |
37 | 37 |
38 namespace base { | 38 namespace base { |
39 | 39 |
40 namespace { | 40 namespace { |
41 | 41 |
42 #if defined(USE_NSS) | 42 #if defined(USE_NSS) |
(...skipping 21 matching lines...) Expand all Loading... |
64 #if defined(OS_CHROMEOS) | 64 #if defined(OS_CHROMEOS) |
65 static const FilePath::CharType kReadOnlyCertDB[] = | 65 static const FilePath::CharType kReadOnlyCertDB[] = |
66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); | 66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); |
67 return FilePath(kReadOnlyCertDB); | 67 return FilePath(kReadOnlyCertDB); |
68 #else | 68 #else |
69 return GetDefaultConfigDirectory(); | 69 return GetDefaultConfigDirectory(); |
70 #endif // defined(OS_CHROMEOS) | 70 #endif // defined(OS_CHROMEOS) |
71 } | 71 } |
72 | 72 |
73 // This callback for NSS forwards all requests to a caller-specified | 73 // This callback for NSS forwards all requests to a caller-specified |
74 // PK11BlockingPasswordDelegate object. | 74 // CryptoModuleBlockingPasswordDelegate object. |
75 char* PK11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { | 75 char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) { |
76 base::PK11BlockingPasswordDelegate* delegate = | 76 base::CryptoModuleBlockingPasswordDelegate* delegate = |
77 reinterpret_cast<base::PK11BlockingPasswordDelegate*>(arg); | 77 reinterpret_cast<base::CryptoModuleBlockingPasswordDelegate*>(arg); |
78 if (delegate) { | 78 if (delegate) { |
79 bool cancelled = false; | 79 bool cancelled = false; |
80 std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), | 80 std::string password = delegate->RequestPassword(PK11_GetTokenName(slot), |
81 retry != PR_FALSE, | 81 retry != PR_FALSE, |
82 &cancelled); | 82 &cancelled); |
83 if (cancelled) | 83 if (cancelled) |
84 return NULL; | 84 return NULL; |
85 char* result = PORT_Strdup(password.c_str()); | 85 char* result = PORT_Strdup(password.c_str()); |
86 password.replace(0, password.size(), password.size(), 0); | 86 password.replace(0, password.size(), password.size(), 0); |
87 return result; | 87 return result; |
(...skipping 173 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
261 LOG(WARNING) << "Initialize NSS without a persistent database " | 261 LOG(WARNING) << "Initialize NSS without a persistent database " |
262 "(~/.pki/nssdb)."; | 262 "(~/.pki/nssdb)."; |
263 status = NSS_NoDB_Init(NULL); | 263 status = NSS_NoDB_Init(NULL); |
264 if (status != SECSuccess) { | 264 if (status != SECSuccess) { |
265 LOG(ERROR) << "Error initializing NSS without a persistent " | 265 LOG(ERROR) << "Error initializing NSS without a persistent " |
266 "database: NSS error code " << PR_GetError(); | 266 "database: NSS error code " << PR_GetError(); |
267 return; | 267 return; |
268 } | 268 } |
269 } | 269 } |
270 | 270 |
271 PK11_SetPasswordFunc(PK11PasswordFunc); | 271 PK11_SetPasswordFunc(PKCS11PasswordFunc); |
272 | 272 |
273 // If we haven't initialized the password for the NSS databases, | 273 // If we haven't initialized the password for the NSS databases, |
274 // initialize an empty-string password so that we don't need to | 274 // initialize an empty-string password so that we don't need to |
275 // log in. | 275 // log in. |
276 PK11SlotInfo* slot = PK11_GetInternalKeySlot(); | 276 PK11SlotInfo* slot = PK11_GetInternalKeySlot(); |
277 if (slot) { | 277 if (slot) { |
278 // PK11_InitPin may write to the keyDB, but no other thread can use NSS | 278 // PK11_InitPin may write to the keyDB, but no other thread can use NSS |
279 // yet, so we don't need to lock. | 279 // yet, so we don't need to lock. |
280 if (PK11_NeedUserInit(slot)) | 280 if (PK11_NeedUserInit(slot)) |
281 PK11_InitPin(slot, NULL, NULL); | 281 PK11_InitPin(slot, NULL, NULL); |
(...skipping 128 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
410 exploded.millisecond = prxtime.tm_usec / 1000; | 410 exploded.millisecond = prxtime.tm_usec / 1000; |
411 | 411 |
412 return Time::FromUTCExploded(exploded); | 412 return Time::FromUTCExploded(exploded); |
413 } | 413 } |
414 | 414 |
415 PK11SlotInfo* GetDefaultNSSKeySlot() { | 415 PK11SlotInfo* GetDefaultNSSKeySlot() { |
416 return g_nss_singleton.Get().GetDefaultKeySlot(); | 416 return g_nss_singleton.Get().GetDefaultKeySlot(); |
417 } | 417 } |
418 | 418 |
419 } // namespace base | 419 } // namespace base |
OLD | NEW |