Chromium Code Reviews Chromium Code Reviews
Issue 7756025:
Changed OAuth token+secret encryption to use supplemental user key. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_NSS_UTIL_H_ | 5 #ifndef CRYPTO_NSS_UTIL_H_ |
| 6 #define CRYPTO_NSS_UTIL_H_ | 6 #define CRYPTO_NSS_UTIL_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 126 | 126 |
| 127 // Returns true if the TPM is owned and PKCS#11 initialized with the | 127 // Returns true if the TPM is owned and PKCS#11 initialized with the |
| 128 // user and security officer PINs, and has been enabled in NSS by | 128 // user and security officer PINs, and has been enabled in NSS by |
| 129 // calling EnableTPMForNSS, and opencryptoki has been successfully | 129 // calling EnableTPMForNSS, and opencryptoki has been successfully |
| 130 // loaded into NSS. | 130 // loaded into NSS. |
| 131 CRYPTO_EXPORT bool IsTPMTokenReady(); | 131 CRYPTO_EXPORT bool IsTPMTokenReady(); |
| 132 | 132 |
| 133 // Same as IsTPMTokenReady() except this attempts to initialize the token | 133 // Same as IsTPMTokenReady() except this attempts to initialize the token |
| 134 // if necessary. | 134 // if necessary. |
| 135 CRYPTO_EXPORT bool EnsureTPMTokenReady(); | 135 CRYPTO_EXPORT bool EnsureTPMTokenReady(); |
| 136 | |
| 137 // Gets supplemental user key. Creates one in NSS database if it does not exist. | |
| 138 CRYPTO_EXPORT bool GetSupplementalUserKey(std::string* user_key); | |
| 139 | |
| 140 // Encrypt/decrypt |data| with supplemental user key. | |
| 141 CRYPTO_EXPORT bool EncryptWithSupplementalUserKey(const std::string& data, | |
| 142 std::string* encryped_data); | |
| 143 CRYPTO_EXPORT bool DecryptWithSupplementalUserKey(const std::string& data, | |
| 144 std::string* encryped_data); | |
|
wtc
2011/09/02 22:31:08
It seems better to move these functions to some ot
| |
| 136 #endif | 145 #endif |
| 137 | 146 |
| 138 // Convert a NSS PRTime value into a base::Time object. | 147 // Convert a NSS PRTime value into a base::Time object. |
| 139 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. | 148 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. |
| 140 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime); | 149 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime); |
| 141 | 150 |
| 142 #if defined(USE_NSS) | 151 #if defined(USE_NSS) |
| 143 // Exposed for unittests only. |path| should be an existing directory under | 152 // Exposed for unittests only. |path| should be an existing directory under |
| 144 // which the DB files will be placed. |description| is a user-visible name for | 153 // which the DB files will be placed. |description| is a user-visible name for |
| 145 // the DB, as a utf8 string, which will be truncated at 32 bytes. | 154 // the DB, as a utf8 string, which will be truncated at 32 bytes. |
| (...skipping 19 matching lines...) Expand all Loading... | |
| 165 private: | 174 private: |
| 166 base::Lock *lock_; | 175 base::Lock *lock_; |
| 167 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); | 176 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
| 168 }; | 177 }; |
| 169 | 178 |
| 170 #endif // defined(USE_NSS) | 179 #endif // defined(USE_NSS) |
| 171 | 180 |
| 172 } // namespace crypto | 181 } // namespace crypto |
| 173 | 182 |
| 174 #endif // CRYPTO_NSS_UTIL_H_ | 183 #endif // CRYPTO_NSS_UTIL_H_ |
| OLD | NEW |
