| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_NSS_UTIL_H_ | 5 #ifndef CRYPTO_NSS_UTIL_H_ |
| 6 #define CRYPTO_NSS_UTIL_H_ | 6 #define CRYPTO_NSS_UTIL_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <string> | 9 #include <string> |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 // If IsTokenAvailable() is false this should return false. | 103 // If IsTokenAvailable() is false this should return false. |
| 104 // If IsTokenAvailable() is true, this should eventually return true. | 104 // If IsTokenAvailable() is true, this should eventually return true. |
| 105 virtual bool IsTokenReady() const = 0; | 105 virtual bool IsTokenReady() const = 0; |
| 106 | 106 |
| 107 // Fetches token properties. TODO(stevenjb): make this interface asynchronous | 107 // Fetches token properties. TODO(stevenjb): make this interface asynchronous |
| 108 // so that the implementation does not have to be blocking. | 108 // so that the implementation does not have to be blocking. |
| 109 virtual void GetTokenInfo(std::string* token_name, | 109 virtual void GetTokenInfo(std::string* token_name, |
| 110 std::string* user_pin) const = 0; | 110 std::string* user_pin) const = 0; |
| 111 }; | 111 }; |
| 112 | 112 |
| 113 // Indicates that NSS should load the opencryptoki library so that we | 113 // Indicates that NSS should load the Chaps library so that we |
| 114 // can access the TPM through NSS. Once this is called, | 114 // can access the TPM through NSS. Once this is called, |
| 115 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. | 115 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. |
| 116 // Takes ownership of the passed-in delegate object so it can access | 116 // Takes ownership of the passed-in delegate object so it can access |
| 117 // the cros library to talk to cryptohomed. | 117 // the cros library to talk to cryptohomed. |
| 118 CRYPTO_EXPORT void EnableTPMTokenForNSS(TPMTokenInfoDelegate* delegate); | 118 CRYPTO_EXPORT void EnableTPMTokenForNSS(TPMTokenInfoDelegate* delegate); |
| 119 | 119 |
| 120 // Get name and user PIN for the built-in TPM token on ChromeOS. | 120 // Get name and user PIN for the built-in TPM token on ChromeOS. |
| 121 // Either one can safely be NULL. Should only be called after | 121 // Either one can safely be NULL. Should only be called after |
| 122 // EnableTPMTokenForNSS has been called with a non-null delegate. | 122 // EnableTPMTokenForNSS has been called with a non-null delegate. |
| 123 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name, | 123 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name, |
| 124 std::string* user_pin); | 124 std::string* user_pin); |
| 125 | 125 |
| 126 // Returns true if the machine has a TPM and it can be used to store tokens. | 126 // Returns true if the machine has a TPM and it can be used to store tokens. |
| 127 CRYPTO_EXPORT bool IsTPMTokenAvailable(); | 127 CRYPTO_EXPORT bool IsTPMTokenAvailable(); |
| 128 | 128 |
| 129 // Returns true if the TPM is owned and PKCS#11 initialized with the | 129 // Returns true if the TPM is owned and PKCS#11 initialized with the |
| 130 // user and security officer PINs, and has been enabled in NSS by | 130 // user and security officer PINs, and has been enabled in NSS by |
| 131 // calling EnableTPMForNSS, and opencryptoki has been successfully | 131 // calling EnableTPMForNSS, and Chaps has been successfully |
| 132 // loaded into NSS. | 132 // loaded into NSS. |
| 133 CRYPTO_EXPORT bool IsTPMTokenReady(); | 133 CRYPTO_EXPORT bool IsTPMTokenReady(); |
| 134 | 134 |
| 135 // Same as IsTPMTokenReady() except this attempts to initialize the token | 135 // Same as IsTPMTokenReady() except this attempts to initialize the token |
| 136 // if necessary. | 136 // if necessary. |
| 137 CRYPTO_EXPORT bool EnsureTPMTokenReady(); | 137 CRYPTO_EXPORT bool EnsureTPMTokenReady(); |
| 138 | 138 |
| 139 // Gets supplemental user key. Creates one in NSS database if it does not exist. | 139 // Gets supplemental user key. Creates one in NSS database if it does not exist. |
| 140 // The supplemental user key is used for AES encryption of user data that is | 140 // The supplemental user key is used for AES encryption of user data that is |
| 141 // stored and protected by cryptohome. This additional layer of encryption of | 141 // stored and protected by cryptohome. This additional layer of encryption of |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 175 private: | 175 private: |
| 176 base::Lock *lock_; | 176 base::Lock *lock_; |
| 177 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); | 177 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
| 178 }; | 178 }; |
| 179 | 179 |
| 180 #endif // defined(USE_NSS) | 180 #endif // defined(USE_NSS) |
| 181 | 181 |
| 182 } // namespace crypto | 182 } // namespace crypto |
| 183 | 183 |
| 184 #endif // CRYPTO_NSS_UTIL_H_ | 184 #endif // CRYPTO_NSS_UTIL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8527006:
Change the Chrome OS PKCS #11 module from libopencryptoki.so to libchaps.so. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src