OLD | NEW |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
6 | 6 |
7 #include <cert.h> | 7 #include <cert.h> |
8 #include <cryptohi.h> | 8 #include <cryptohi.h> |
9 #include <keyhi.h> | 9 #include <keyhi.h> |
10 #include <secder.h> | 10 #include <secder.h> |
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
87 typedef base::Callback<void(net::NSSCertDatabase* cert_db)> GetCertDBCallback; | 87 typedef base::Callback<void(net::NSSCertDatabase* cert_db)> GetCertDBCallback; |
88 | 88 |
89 // Used by GetCertDatabaseOnIOThread and called back with the requested | 89 // Used by GetCertDatabaseOnIOThread and called back with the requested |
90 // NSSCertDatabase. | 90 // NSSCertDatabase. |
91 // If |token_id| is not empty, sets |slot_| of |state| accordingly and calls | 91 // If |token_id| is not empty, sets |slot_| of |state| accordingly and calls |
92 // |callback| if the database was successfully retrieved. | 92 // |callback| if the database was successfully retrieved. |
93 void DidGetCertDBOnIOThread(const std::string& token_id, | 93 void DidGetCertDBOnIOThread(const std::string& token_id, |
94 const GetCertDBCallback& callback, | 94 const GetCertDBCallback& callback, |
95 NSSOperationState* state, | 95 NSSOperationState* state, |
96 net::NSSCertDatabase* cert_db) { | 96 net::NSSCertDatabase* cert_db) { |
97 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 97 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
98 if (!cert_db) { | 98 if (!cert_db) { |
99 LOG(ERROR) << "Couldn't get NSSCertDatabase."; | 99 LOG(ERROR) << "Couldn't get NSSCertDatabase."; |
100 state->OnError(FROM_HERE, kErrorInternal); | 100 state->OnError(FROM_HERE, kErrorInternal); |
101 return; | 101 return; |
102 } | 102 } |
103 | 103 |
104 if (!token_id.empty()) { | 104 if (!token_id.empty()) { |
105 if (token_id == kTokenIdUser) | 105 if (token_id == kTokenIdUser) |
106 state->slot_ = cert_db->GetPrivateSlot(); | 106 state->slot_ = cert_db->GetPrivateSlot(); |
107 else if (token_id == kTokenIdSystem) | 107 else if (token_id == kTokenIdSystem) |
108 state->slot_ = cert_db->GetSystemSlot(); | 108 state->slot_ = cert_db->GetSystemSlot(); |
109 | 109 |
110 if (!state->slot_) { | 110 if (!state->slot_) { |
111 LOG(ERROR) << "Slot for token id '" << token_id << "' not available."; | 111 LOG(ERROR) << "Slot for token id '" << token_id << "' not available."; |
112 state->OnError(FROM_HERE, kErrorInternal); | 112 state->OnError(FROM_HERE, kErrorInternal); |
113 return; | 113 return; |
114 } | 114 } |
115 } | 115 } |
116 | 116 |
117 callback.Run(cert_db); | 117 callback.Run(cert_db); |
118 } | 118 } |
119 | 119 |
120 // Retrieves the NSSCertDatabase from |context| and, if |token_id| is not empty, | 120 // Retrieves the NSSCertDatabase from |context| and, if |token_id| is not empty, |
121 // the slot for |token_id|. | 121 // the slot for |token_id|. |
122 // Must be called on the IO thread. | 122 // Must be called on the IO thread. |
123 void GetCertDatabaseOnIOThread(const std::string& token_id, | 123 void GetCertDatabaseOnIOThread(const std::string& token_id, |
124 const GetCertDBCallback& callback, | 124 const GetCertDBCallback& callback, |
125 content::ResourceContext* context, | 125 content::ResourceContext* context, |
126 NSSOperationState* state) { | 126 NSSOperationState* state) { |
127 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 127 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
128 net::NSSCertDatabase* cert_db = GetNSSCertDatabaseForResourceContext( | 128 net::NSSCertDatabase* cert_db = GetNSSCertDatabaseForResourceContext( |
129 context, base::Bind(&DidGetCertDBOnIOThread, token_id, callback, state)); | 129 context, base::Bind(&DidGetCertDBOnIOThread, token_id, callback, state)); |
130 | 130 |
131 if (cert_db) | 131 if (cert_db) |
132 DidGetCertDBOnIOThread(token_id, callback, state, cert_db); | 132 DidGetCertDBOnIOThread(token_id, callback, state, cert_db); |
133 } | 133 } |
134 | 134 |
135 // Asynchronously fetches the NSSCertDatabase for |browser_context| and, if | 135 // Asynchronously fetches the NSSCertDatabase for |browser_context| and, if |
136 // |token_id| is not empty, the slot for |token_id|. Stores the slot in |state| | 136 // |token_id| is not empty, the slot for |token_id|. Stores the slot in |state| |
137 // and passes the database to |callback|. Will run |callback| on the IO thread. | 137 // and passes the database to |callback|. Will run |callback| on the IO thread. |
(...skipping 281 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
419 state->CallBack( | 419 state->CallBack( |
420 FROM_HERE, | 420 FROM_HERE, |
421 std::string(public_key_spki_der.begin(), public_key_spki_der.end()), | 421 std::string(public_key_spki_der.begin(), public_key_spki_der.end()), |
422 std::string() /* no error */); | 422 std::string() /* no error */); |
423 } | 423 } |
424 | 424 |
425 // Continues generating a RSA key with the obtained NSSCertDatabase. Used by | 425 // Continues generating a RSA key with the obtained NSSCertDatabase. Used by |
426 // GenerateRSAKey(). | 426 // GenerateRSAKey(). |
427 void GenerateRSAKeyWithDB(scoped_ptr<GenerateRSAKeyState> state, | 427 void GenerateRSAKeyWithDB(scoped_ptr<GenerateRSAKeyState> state, |
428 net::NSSCertDatabase* cert_db) { | 428 net::NSSCertDatabase* cert_db) { |
429 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 429 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
430 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. | 430 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. |
431 base::WorkerPool::PostTask( | 431 base::WorkerPool::PostTask( |
432 FROM_HERE, | 432 FROM_HERE, |
433 base::Bind(&GenerateRSAKeyOnWorkerThread, base::Passed(&state)), | 433 base::Bind(&GenerateRSAKeyOnWorkerThread, base::Passed(&state)), |
434 true /*task is slow*/); | 434 true /*task is slow*/); |
435 } | 435 } |
436 | 436 |
437 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). | 437 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). |
438 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { | 438 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { |
439 const uint8* public_key_uint8 = | 439 const uint8* public_key_uint8 = |
(...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
510 state->OnError(FROM_HERE, kErrorInternal); | 510 state->OnError(FROM_HERE, kErrorInternal); |
511 return; | 511 return; |
512 } | 512 } |
513 | 513 |
514 state->CallBack(FROM_HERE, signature_str, std::string() /* no error */); | 514 state->CallBack(FROM_HERE, signature_str, std::string() /* no error */); |
515 } | 515 } |
516 | 516 |
517 // Continues signing with the obtained NSSCertDatabase. Used by Sign(). | 517 // Continues signing with the obtained NSSCertDatabase. Used by Sign(). |
518 void SignRSAWithDB(scoped_ptr<SignRSAState> state, | 518 void SignRSAWithDB(scoped_ptr<SignRSAState> state, |
519 net::NSSCertDatabase* cert_db) { | 519 net::NSSCertDatabase* cert_db) { |
520 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 520 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
521 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. | 521 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. |
522 base::WorkerPool::PostTask( | 522 base::WorkerPool::PostTask( |
523 FROM_HERE, base::Bind(&SignRSAOnWorkerThread, base::Passed(&state)), | 523 FROM_HERE, base::Bind(&SignRSAOnWorkerThread, base::Passed(&state)), |
524 true /*task is slow*/); | 524 true /*task is slow*/); |
525 } | 525 } |
526 | 526 |
527 // Called when ClientCertStoreChromeOS::GetClientCerts is done. Builds the list | 527 // Called when ClientCertStoreChromeOS::GetClientCerts is done. Builds the list |
528 // of net::CertificateList and calls back. Used by | 528 // of net::CertificateList and calls back. Used by |
529 // SelectCertificatesOnIOThread(). | 529 // SelectCertificatesOnIOThread(). |
530 void DidSelectCertificatesOnIOThread( | 530 void DidSelectCertificatesOnIOThread( |
531 scoped_ptr<SelectCertificatesState> state) { | 531 scoped_ptr<SelectCertificatesState> state) { |
532 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 532 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
533 state->CallBack(FROM_HERE, state->certs_.Pass(), | 533 state->CallBack(FROM_HERE, state->certs_.Pass(), |
534 std::string() /* no error */); | 534 std::string() /* no error */); |
535 } | 535 } |
536 | 536 |
537 // Continues selecting certificates on the IO thread. Used by | 537 // Continues selecting certificates on the IO thread. Used by |
538 // SelectClientCertificates(). | 538 // SelectClientCertificates(). |
539 void SelectCertificatesOnIOThread(scoped_ptr<SelectCertificatesState> state) { | 539 void SelectCertificatesOnIOThread(scoped_ptr<SelectCertificatesState> state) { |
540 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 540 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
541 state->cert_store_.reset(new net::ClientCertStoreChromeOS( | 541 state->cert_store_.reset(new net::ClientCertStoreChromeOS( |
542 make_scoped_ptr(new chromeos::ClientCertFilterChromeOS( | 542 make_scoped_ptr(new chromeos::ClientCertFilterChromeOS( |
543 state->use_system_key_slot_, state->username_hash_)), | 543 state->use_system_key_slot_, state->username_hash_)), |
544 net::ClientCertStoreChromeOS::PasswordDelegateFactory())); | 544 net::ClientCertStoreChromeOS::PasswordDelegateFactory())); |
545 | 545 |
546 state->certs_.reset(new net::CertificateList); | 546 state->certs_.reset(new net::CertificateList); |
547 | 547 |
548 SelectCertificatesState* state_ptr = state.get(); | 548 SelectCertificatesState* state_ptr = state.get(); |
549 state_ptr->cert_store_->GetClientCerts( | 549 state_ptr->cert_store_->GetClientCerts( |
550 *state_ptr->cert_request_info_, state_ptr->certs_.get(), | 550 *state_ptr->cert_request_info_, state_ptr->certs_.get(), |
(...skipping 20 matching lines...) Expand all Loading... |
571 client_certs->push_back(*it); | 571 client_certs->push_back(*it); |
572 } | 572 } |
573 | 573 |
574 state->CallBack(FROM_HERE, client_certs.Pass(), std::string() /* no error */); | 574 state->CallBack(FROM_HERE, client_certs.Pass(), std::string() /* no error */); |
575 } | 575 } |
576 | 576 |
577 // Passes the obtained certificates to the worker thread for filtering. Used by | 577 // Passes the obtained certificates to the worker thread for filtering. Used by |
578 // GetCertificatesWithDB(). | 578 // GetCertificatesWithDB(). |
579 void DidGetCertificates(scoped_ptr<GetCertificatesState> state, | 579 void DidGetCertificates(scoped_ptr<GetCertificatesState> state, |
580 scoped_ptr<net::CertificateList> all_certs) { | 580 scoped_ptr<net::CertificateList> all_certs) { |
581 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 581 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
582 state->certs_ = all_certs.Pass(); | 582 state->certs_ = all_certs.Pass(); |
583 base::WorkerPool::PostTask( | 583 base::WorkerPool::PostTask( |
584 FROM_HERE, | 584 FROM_HERE, |
585 base::Bind(&FilterCertificatesOnWorkerThread, base::Passed(&state)), | 585 base::Bind(&FilterCertificatesOnWorkerThread, base::Passed(&state)), |
586 true /*task is slow*/); | 586 true /*task is slow*/); |
587 } | 587 } |
588 | 588 |
589 // Continues getting certificates with the obtained NSSCertDatabase. Used by | 589 // Continues getting certificates with the obtained NSSCertDatabase. Used by |
590 // GetCertificates(). | 590 // GetCertificates(). |
591 void GetCertificatesWithDB(scoped_ptr<GetCertificatesState> state, | 591 void GetCertificatesWithDB(scoped_ptr<GetCertificatesState> state, |
592 net::NSSCertDatabase* cert_db) { | 592 net::NSSCertDatabase* cert_db) { |
593 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 593 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
594 // Get the pointer to slot before base::Passed releases |state|. | 594 // Get the pointer to slot before base::Passed releases |state|. |
595 PK11SlotInfo* slot = state->slot_.get(); | 595 PK11SlotInfo* slot = state->slot_.get(); |
596 cert_db->ListCertsInSlot( | 596 cert_db->ListCertsInSlot( |
597 base::Bind(&DidGetCertificates, base::Passed(&state)), slot); | 597 base::Bind(&DidGetCertificates, base::Passed(&state)), slot); |
598 } | 598 } |
599 | 599 |
600 // Does the actual certificate importing on the IO thread. Used by | 600 // Does the actual certificate importing on the IO thread. Used by |
601 // ImportCertificate(). | 601 // ImportCertificate(). |
602 void ImportCertificateWithDB(scoped_ptr<ImportCertificateState> state, | 602 void ImportCertificateWithDB(scoped_ptr<ImportCertificateState> state, |
603 net::NSSCertDatabase* cert_db) { | 603 net::NSSCertDatabase* cert_db) { |
604 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 604 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
605 // TODO(pneubeck): Use |state->slot_| to verify that we're really importing to | 605 // TODO(pneubeck): Use |state->slot_| to verify that we're really importing to |
606 // the correct token. | 606 // the correct token. |
607 // |cert_db| is not required, ignore it. | 607 // |cert_db| is not required, ignore it. |
608 net::CertDatabase* db = net::CertDatabase::GetInstance(); | 608 net::CertDatabase* db = net::CertDatabase::GetInstance(); |
609 | 609 |
610 const net::Error cert_status = | 610 const net::Error cert_status = |
611 static_cast<net::Error>(db->CheckUserCert(state->certificate_.get())); | 611 static_cast<net::Error>(db->CheckUserCert(state->certificate_.get())); |
612 if (cert_status == net::ERR_NO_PRIVATE_KEY_FOR_CERT) { | 612 if (cert_status == net::ERR_NO_PRIVATE_KEY_FOR_CERT) { |
613 state->OnError(FROM_HERE, kErrorKeyNotFound); | 613 state->OnError(FROM_HERE, kErrorKeyNotFound); |
614 return; | 614 return; |
(...skipping 18 matching lines...) Expand all Loading... |
633 return; | 633 return; |
634 } | 634 } |
635 | 635 |
636 state->CallBack(FROM_HERE, std::string() /* no error */); | 636 state->CallBack(FROM_HERE, std::string() /* no error */); |
637 } | 637 } |
638 | 638 |
639 // Called on IO thread after the certificate removal is finished. | 639 // Called on IO thread after the certificate removal is finished. |
640 void DidRemoveCertificate(scoped_ptr<RemoveCertificateState> state, | 640 void DidRemoveCertificate(scoped_ptr<RemoveCertificateState> state, |
641 bool certificate_found, | 641 bool certificate_found, |
642 bool success) { | 642 bool success) { |
643 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 643 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
644 // CertificateNotFound error has precedence over an internal error. | 644 // CertificateNotFound error has precedence over an internal error. |
645 if (!certificate_found) { | 645 if (!certificate_found) { |
646 state->OnError(FROM_HERE, kErrorCertificateNotFound); | 646 state->OnError(FROM_HERE, kErrorCertificateNotFound); |
647 return; | 647 return; |
648 } | 648 } |
649 if (!success) { | 649 if (!success) { |
650 state->OnError(FROM_HERE, kErrorInternal); | 650 state->OnError(FROM_HERE, kErrorInternal); |
651 return; | 651 return; |
652 } | 652 } |
653 | 653 |
654 state->CallBack(FROM_HERE, std::string() /* no error */); | 654 state->CallBack(FROM_HERE, std::string() /* no error */); |
655 } | 655 } |
656 | 656 |
657 // Does the actual certificate removal on the IO thread. Used by | 657 // Does the actual certificate removal on the IO thread. Used by |
658 // RemoveCertificate(). | 658 // RemoveCertificate(). |
659 void RemoveCertificateWithDB(scoped_ptr<RemoveCertificateState> state, | 659 void RemoveCertificateWithDB(scoped_ptr<RemoveCertificateState> state, |
660 net::NSSCertDatabase* cert_db) { | 660 net::NSSCertDatabase* cert_db) { |
661 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 661 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
662 // Get the pointer before base::Passed clears |state|. | 662 // Get the pointer before base::Passed clears |state|. |
663 scoped_refptr<net::X509Certificate> certificate = state->certificate_; | 663 scoped_refptr<net::X509Certificate> certificate = state->certificate_; |
664 bool certificate_found = certificate->os_cert_handle()->isperm; | 664 bool certificate_found = certificate->os_cert_handle()->isperm; |
665 cert_db->DeleteCertAndKeyAsync( | 665 cert_db->DeleteCertAndKeyAsync( |
666 certificate, | 666 certificate, |
667 base::Bind( | 667 base::Bind( |
668 &DidRemoveCertificate, base::Passed(&state), certificate_found)); | 668 &DidRemoveCertificate, base::Passed(&state), certificate_found)); |
669 } | 669 } |
670 | 670 |
671 // Does the actual work to determine which tokens are available. | 671 // Does the actual work to determine which tokens are available. |
672 void GetTokensWithDB(scoped_ptr<GetTokensState> state, | 672 void GetTokensWithDB(scoped_ptr<GetTokensState> state, |
673 net::NSSCertDatabase* cert_db) { | 673 net::NSSCertDatabase* cert_db) { |
674 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 674 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
675 scoped_ptr<std::vector<std::string> > token_ids(new std::vector<std::string>); | 675 scoped_ptr<std::vector<std::string> > token_ids(new std::vector<std::string>); |
676 | 676 |
677 // The user's token is always available. | 677 // The user's token is always available. |
678 token_ids->push_back(kTokenIdUser); | 678 token_ids->push_back(kTokenIdUser); |
679 if (cert_db->GetSystemSlot()) | 679 if (cert_db->GetSystemSlot()) |
680 token_ids->push_back(kTokenIdSystem); | 680 token_ids->push_back(kTokenIdSystem); |
681 | 681 |
682 state->CallBack(FROM_HERE, token_ids.Pass(), std::string() /* no error */); | 682 state->CallBack(FROM_HERE, token_ids.Pass(), std::string() /* no error */); |
683 } | 683 } |
684 | 684 |
685 } // namespace | 685 } // namespace |
686 | 686 |
687 namespace subtle { | 687 namespace subtle { |
688 | 688 |
689 void GenerateRSAKey(const std::string& token_id, | 689 void GenerateRSAKey(const std::string& token_id, |
690 unsigned int modulus_length_bits, | 690 unsigned int modulus_length_bits, |
691 const GenerateKeyCallback& callback, | 691 const GenerateKeyCallback& callback, |
692 BrowserContext* browser_context) { | 692 BrowserContext* browser_context) { |
693 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 693 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
694 scoped_ptr<GenerateRSAKeyState> state( | 694 scoped_ptr<GenerateRSAKeyState> state( |
695 new GenerateRSAKeyState(modulus_length_bits, callback)); | 695 new GenerateRSAKeyState(modulus_length_bits, callback)); |
696 | 696 |
697 if (modulus_length_bits > kMaxRSAModulusLengthBits) { | 697 if (modulus_length_bits > kMaxRSAModulusLengthBits) { |
698 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); | 698 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); |
699 return; | 699 return; |
700 } | 700 } |
701 | 701 |
702 // Get the pointer to |state| before base::Passed releases |state|. | 702 // Get the pointer to |state| before base::Passed releases |state|. |
703 NSSOperationState* state_ptr = state.get(); | 703 NSSOperationState* state_ptr = state.get(); |
704 GetCertDatabase(token_id, | 704 GetCertDatabase(token_id, |
705 base::Bind(&GenerateRSAKeyWithDB, base::Passed(&state)), | 705 base::Bind(&GenerateRSAKeyWithDB, base::Passed(&state)), |
706 browser_context, | 706 browser_context, |
707 state_ptr); | 707 state_ptr); |
708 } | 708 } |
709 | 709 |
710 void SignRSAPKCS1Digest(const std::string& token_id, | 710 void SignRSAPKCS1Digest(const std::string& token_id, |
711 const std::string& data, | 711 const std::string& data, |
712 const std::string& public_key, | 712 const std::string& public_key, |
713 HashAlgorithm hash_algorithm, | 713 HashAlgorithm hash_algorithm, |
714 const SignCallback& callback, | 714 const SignCallback& callback, |
715 content::BrowserContext* browser_context) { | 715 content::BrowserContext* browser_context) { |
716 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 716 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
717 scoped_ptr<SignRSAState> state( | 717 scoped_ptr<SignRSAState> state( |
718 new SignRSAState(data, public_key, false /* digest before signing */, | 718 new SignRSAState(data, public_key, false /* digest before signing */, |
719 hash_algorithm, callback)); | 719 hash_algorithm, callback)); |
720 // Get the pointer to |state| before base::Passed releases |state|. | 720 // Get the pointer to |state| before base::Passed releases |state|. |
721 NSSOperationState* state_ptr = state.get(); | 721 NSSOperationState* state_ptr = state.get(); |
722 | 722 |
723 // The NSSCertDatabase object is not required. But in case it's not available | 723 // The NSSCertDatabase object is not required. But in case it's not available |
724 // we would get more informative error messages and we can double check that | 724 // we would get more informative error messages and we can double check that |
725 // we use a key of the correct token. | 725 // we use a key of the correct token. |
726 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), | 726 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), |
727 browser_context, state_ptr); | 727 browser_context, state_ptr); |
728 } | 728 } |
729 | 729 |
730 void SignRSAPKCS1Raw(const std::string& token_id, | 730 void SignRSAPKCS1Raw(const std::string& token_id, |
731 const std::string& data, | 731 const std::string& data, |
732 const std::string& public_key, | 732 const std::string& public_key, |
733 const SignCallback& callback, | 733 const SignCallback& callback, |
734 content::BrowserContext* browser_context) { | 734 content::BrowserContext* browser_context) { |
735 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 735 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
736 scoped_ptr<SignRSAState> state(new SignRSAState( | 736 scoped_ptr<SignRSAState> state(new SignRSAState( |
737 data, public_key, true /* sign directly without hashing */, | 737 data, public_key, true /* sign directly without hashing */, |
738 HASH_ALGORITHM_NONE, callback)); | 738 HASH_ALGORITHM_NONE, callback)); |
739 // Get the pointer to |state| before base::Passed releases |state|. | 739 // Get the pointer to |state| before base::Passed releases |state|. |
740 NSSOperationState* state_ptr = state.get(); | 740 NSSOperationState* state_ptr = state.get(); |
741 | 741 |
742 // The NSSCertDatabase object is not required. But in case it's not available | 742 // The NSSCertDatabase object is not required. But in case it's not available |
743 // we would get more informative error messages and we can double check that | 743 // we would get more informative error messages and we can double check that |
744 // we use a key of the correct token. | 744 // we use a key of the correct token. |
745 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), | 745 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), |
746 browser_context, state_ptr); | 746 browser_context, state_ptr); |
747 } | 747 } |
748 | 748 |
749 void SelectClientCertificates(const ClientCertificateRequest& request, | 749 void SelectClientCertificates(const ClientCertificateRequest& request, |
750 const SelectCertificatesCallback& callback, | 750 const SelectCertificatesCallback& callback, |
751 content::BrowserContext* browser_context) { | 751 content::BrowserContext* browser_context) { |
752 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 752 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
753 | 753 |
754 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( | 754 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( |
755 new net::SSLCertRequestInfo); | 755 new net::SSLCertRequestInfo); |
756 cert_request_info->cert_key_types = request.certificate_key_types; | 756 cert_request_info->cert_key_types = request.certificate_key_types; |
757 cert_request_info->cert_authorities = request.certificate_authorities; | 757 cert_request_info->cert_authorities = request.certificate_authorities; |
758 | 758 |
759 const user_manager::User* user = | 759 const user_manager::User* user = |
760 chromeos::ProfileHelper::Get()->GetUserByProfile( | 760 chromeos::ProfileHelper::Get()->GetUserByProfile( |
761 Profile::FromBrowserContext(browser_context)); | 761 Profile::FromBrowserContext(browser_context)); |
762 | 762 |
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
814 } | 814 } |
815 | 815 |
816 *key_type = key_type_tmp; | 816 *key_type = key_type_tmp; |
817 *key_size_bits = key_size_bits_tmp; | 817 *key_size_bits = key_size_bits_tmp; |
818 return true; | 818 return true; |
819 } | 819 } |
820 | 820 |
821 void GetCertificates(const std::string& token_id, | 821 void GetCertificates(const std::string& token_id, |
822 const GetCertificatesCallback& callback, | 822 const GetCertificatesCallback& callback, |
823 BrowserContext* browser_context) { | 823 BrowserContext* browser_context) { |
824 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 824 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
825 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); | 825 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); |
826 // Get the pointer to |state| before base::Passed releases |state|. | 826 // Get the pointer to |state| before base::Passed releases |state|. |
827 NSSOperationState* state_ptr = state.get(); | 827 NSSOperationState* state_ptr = state.get(); |
828 GetCertDatabase(token_id, | 828 GetCertDatabase(token_id, |
829 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), | 829 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), |
830 browser_context, | 830 browser_context, |
831 state_ptr); | 831 state_ptr); |
832 } | 832 } |
833 | 833 |
834 void ImportCertificate(const std::string& token_id, | 834 void ImportCertificate(const std::string& token_id, |
835 const scoped_refptr<net::X509Certificate>& certificate, | 835 const scoped_refptr<net::X509Certificate>& certificate, |
836 const ImportCertificateCallback& callback, | 836 const ImportCertificateCallback& callback, |
837 BrowserContext* browser_context) { | 837 BrowserContext* browser_context) { |
838 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 838 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
839 scoped_ptr<ImportCertificateState> state( | 839 scoped_ptr<ImportCertificateState> state( |
840 new ImportCertificateState(certificate, callback)); | 840 new ImportCertificateState(certificate, callback)); |
841 // Get the pointer to |state| before base::Passed releases |state|. | 841 // Get the pointer to |state| before base::Passed releases |state|. |
842 NSSOperationState* state_ptr = state.get(); | 842 NSSOperationState* state_ptr = state.get(); |
843 | 843 |
844 // The NSSCertDatabase object is not required. But in case it's not available | 844 // The NSSCertDatabase object is not required. But in case it's not available |
845 // we would get more informative error messages and we can double check that | 845 // we would get more informative error messages and we can double check that |
846 // we use a key of the correct token. | 846 // we use a key of the correct token. |
847 GetCertDatabase(token_id, | 847 GetCertDatabase(token_id, |
848 base::Bind(&ImportCertificateWithDB, base::Passed(&state)), | 848 base::Bind(&ImportCertificateWithDB, base::Passed(&state)), |
849 browser_context, | 849 browser_context, |
850 state_ptr); | 850 state_ptr); |
851 } | 851 } |
852 | 852 |
853 void RemoveCertificate(const std::string& token_id, | 853 void RemoveCertificate(const std::string& token_id, |
854 const scoped_refptr<net::X509Certificate>& certificate, | 854 const scoped_refptr<net::X509Certificate>& certificate, |
855 const RemoveCertificateCallback& callback, | 855 const RemoveCertificateCallback& callback, |
856 BrowserContext* browser_context) { | 856 BrowserContext* browser_context) { |
857 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 857 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
858 scoped_ptr<RemoveCertificateState> state( | 858 scoped_ptr<RemoveCertificateState> state( |
859 new RemoveCertificateState(certificate, callback)); | 859 new RemoveCertificateState(certificate, callback)); |
860 // Get the pointer to |state| before base::Passed releases |state|. | 860 // Get the pointer to |state| before base::Passed releases |state|. |
861 NSSOperationState* state_ptr = state.get(); | 861 NSSOperationState* state_ptr = state.get(); |
862 | 862 |
863 // The NSSCertDatabase object is not required. But in case it's not available | 863 // The NSSCertDatabase object is not required. But in case it's not available |
864 // we would get more informative error messages. | 864 // we would get more informative error messages. |
865 GetCertDatabase(token_id, | 865 GetCertDatabase(token_id, |
866 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), | 866 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), |
867 browser_context, | 867 browser_context, |
868 state_ptr); | 868 state_ptr); |
869 } | 869 } |
870 | 870 |
871 void GetTokens(const GetTokensCallback& callback, | 871 void GetTokens(const GetTokensCallback& callback, |
872 content::BrowserContext* browser_context) { | 872 content::BrowserContext* browser_context) { |
873 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 873 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
874 scoped_ptr<GetTokensState> state(new GetTokensState(callback)); | 874 scoped_ptr<GetTokensState> state(new GetTokensState(callback)); |
875 // Get the pointer to |state| before base::Passed releases |state|. | 875 // Get the pointer to |state| before base::Passed releases |state|. |
876 NSSOperationState* state_ptr = state.get(); | 876 NSSOperationState* state_ptr = state.get(); |
877 GetCertDatabase(std::string() /* don't get any specific slot */, | 877 GetCertDatabase(std::string() /* don't get any specific slot */, |
878 base::Bind(&GetTokensWithDB, base::Passed(&state)), | 878 base::Bind(&GetTokensWithDB, base::Passed(&state)), |
879 browser_context, | 879 browser_context, |
880 state_ptr); | 880 state_ptr); |
881 } | 881 } |
882 | 882 |
883 } // namespace platform_keys | 883 } // namespace platform_keys |
884 | 884 |
885 } // namespace chromeos | 885 } // namespace chromeos |
OLD | NEW |