| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" | 5 #include "chrome/browser/chromeos/platform_keys/platform_keys.h" |
| 6 | 6 |
| 7 #include <cert.h> | 7 #include <cert.h> |
| 8 #include <cryptohi.h> | 8 #include <cryptohi.h> |
| 9 #include <keyhi.h> | 9 #include <keyhi.h> |
| 10 #include <secder.h> | 10 #include <secder.h> |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 87 typedef base::Callback<void(net::NSSCertDatabase* cert_db)> GetCertDBCallback; | 87 typedef base::Callback<void(net::NSSCertDatabase* cert_db)> GetCertDBCallback; |
| 88 | 88 |
| 89 // Used by GetCertDatabaseOnIOThread and called back with the requested | 89 // Used by GetCertDatabaseOnIOThread and called back with the requested |
| 90 // NSSCertDatabase. | 90 // NSSCertDatabase. |
| 91 // If |token_id| is not empty, sets |slot_| of |state| accordingly and calls | 91 // If |token_id| is not empty, sets |slot_| of |state| accordingly and calls |
| 92 // |callback| if the database was successfully retrieved. | 92 // |callback| if the database was successfully retrieved. |
| 93 void DidGetCertDBOnIOThread(const std::string& token_id, | 93 void DidGetCertDBOnIOThread(const std::string& token_id, |
| 94 const GetCertDBCallback& callback, | 94 const GetCertDBCallback& callback, |
| 95 NSSOperationState* state, | 95 NSSOperationState* state, |
| 96 net::NSSCertDatabase* cert_db) { | 96 net::NSSCertDatabase* cert_db) { |
| 97 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 97 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 98 if (!cert_db) { | 98 if (!cert_db) { |
| 99 LOG(ERROR) << "Couldn't get NSSCertDatabase."; | 99 LOG(ERROR) << "Couldn't get NSSCertDatabase."; |
| 100 state->OnError(FROM_HERE, kErrorInternal); | 100 state->OnError(FROM_HERE, kErrorInternal); |
| 101 return; | 101 return; |
| 102 } | 102 } |
| 103 | 103 |
| 104 if (!token_id.empty()) { | 104 if (!token_id.empty()) { |
| 105 if (token_id == kTokenIdUser) | 105 if (token_id == kTokenIdUser) |
| 106 state->slot_ = cert_db->GetPrivateSlot(); | 106 state->slot_ = cert_db->GetPrivateSlot(); |
| 107 else if (token_id == kTokenIdSystem) | 107 else if (token_id == kTokenIdSystem) |
| 108 state->slot_ = cert_db->GetSystemSlot(); | 108 state->slot_ = cert_db->GetSystemSlot(); |
| 109 | 109 |
| 110 if (!state->slot_) { | 110 if (!state->slot_) { |
| 111 LOG(ERROR) << "Slot for token id '" << token_id << "' not available."; | 111 LOG(ERROR) << "Slot for token id '" << token_id << "' not available."; |
| 112 state->OnError(FROM_HERE, kErrorInternal); | 112 state->OnError(FROM_HERE, kErrorInternal); |
| 113 return; | 113 return; |
| 114 } | 114 } |
| 115 } | 115 } |
| 116 | 116 |
| 117 callback.Run(cert_db); | 117 callback.Run(cert_db); |
| 118 } | 118 } |
| 119 | 119 |
| 120 // Retrieves the NSSCertDatabase from |context| and, if |token_id| is not empty, | 120 // Retrieves the NSSCertDatabase from |context| and, if |token_id| is not empty, |
| 121 // the slot for |token_id|. | 121 // the slot for |token_id|. |
| 122 // Must be called on the IO thread. | 122 // Must be called on the IO thread. |
| 123 void GetCertDatabaseOnIOThread(const std::string& token_id, | 123 void GetCertDatabaseOnIOThread(const std::string& token_id, |
| 124 const GetCertDBCallback& callback, | 124 const GetCertDBCallback& callback, |
| 125 content::ResourceContext* context, | 125 content::ResourceContext* context, |
| 126 NSSOperationState* state) { | 126 NSSOperationState* state) { |
| 127 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 127 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 128 net::NSSCertDatabase* cert_db = GetNSSCertDatabaseForResourceContext( | 128 net::NSSCertDatabase* cert_db = GetNSSCertDatabaseForResourceContext( |
| 129 context, base::Bind(&DidGetCertDBOnIOThread, token_id, callback, state)); | 129 context, base::Bind(&DidGetCertDBOnIOThread, token_id, callback, state)); |
| 130 | 130 |
| 131 if (cert_db) | 131 if (cert_db) |
| 132 DidGetCertDBOnIOThread(token_id, callback, state, cert_db); | 132 DidGetCertDBOnIOThread(token_id, callback, state, cert_db); |
| 133 } | 133 } |
| 134 | 134 |
| 135 // Asynchronously fetches the NSSCertDatabase for |browser_context| and, if | 135 // Asynchronously fetches the NSSCertDatabase for |browser_context| and, if |
| 136 // |token_id| is not empty, the slot for |token_id|. Stores the slot in |state| | 136 // |token_id| is not empty, the slot for |token_id|. Stores the slot in |state| |
| 137 // and passes the database to |callback|. Will run |callback| on the IO thread. | 137 // and passes the database to |callback|. Will run |callback| on the IO thread. |
| (...skipping 281 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 419 state->CallBack( | 419 state->CallBack( |
| 420 FROM_HERE, | 420 FROM_HERE, |
| 421 std::string(public_key_spki_der.begin(), public_key_spki_der.end()), | 421 std::string(public_key_spki_der.begin(), public_key_spki_der.end()), |
| 422 std::string() /* no error */); | 422 std::string() /* no error */); |
| 423 } | 423 } |
| 424 | 424 |
| 425 // Continues generating a RSA key with the obtained NSSCertDatabase. Used by | 425 // Continues generating a RSA key with the obtained NSSCertDatabase. Used by |
| 426 // GenerateRSAKey(). | 426 // GenerateRSAKey(). |
| 427 void GenerateRSAKeyWithDB(scoped_ptr<GenerateRSAKeyState> state, | 427 void GenerateRSAKeyWithDB(scoped_ptr<GenerateRSAKeyState> state, |
| 428 net::NSSCertDatabase* cert_db) { | 428 net::NSSCertDatabase* cert_db) { |
| 429 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 429 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 430 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. | 430 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. |
| 431 base::WorkerPool::PostTask( | 431 base::WorkerPool::PostTask( |
| 432 FROM_HERE, | 432 FROM_HERE, |
| 433 base::Bind(&GenerateRSAKeyOnWorkerThread, base::Passed(&state)), | 433 base::Bind(&GenerateRSAKeyOnWorkerThread, base::Passed(&state)), |
| 434 true /*task is slow*/); | 434 true /*task is slow*/); |
| 435 } | 435 } |
| 436 | 436 |
| 437 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). | 437 // Does the actual signing on a worker thread. Used by SignRSAWithDB(). |
| 438 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { | 438 void SignRSAOnWorkerThread(scoped_ptr<SignRSAState> state) { |
| 439 const uint8* public_key_uint8 = | 439 const uint8* public_key_uint8 = |
| (...skipping 70 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 510 state->OnError(FROM_HERE, kErrorInternal); | 510 state->OnError(FROM_HERE, kErrorInternal); |
| 511 return; | 511 return; |
| 512 } | 512 } |
| 513 | 513 |
| 514 state->CallBack(FROM_HERE, signature_str, std::string() /* no error */); | 514 state->CallBack(FROM_HERE, signature_str, std::string() /* no error */); |
| 515 } | 515 } |
| 516 | 516 |
| 517 // Continues signing with the obtained NSSCertDatabase. Used by Sign(). | 517 // Continues signing with the obtained NSSCertDatabase. Used by Sign(). |
| 518 void SignRSAWithDB(scoped_ptr<SignRSAState> state, | 518 void SignRSAWithDB(scoped_ptr<SignRSAState> state, |
| 519 net::NSSCertDatabase* cert_db) { | 519 net::NSSCertDatabase* cert_db) { |
| 520 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 520 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 521 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. | 521 // Only the slot and not the NSSCertDatabase is required. Ignore |cert_db|. |
| 522 base::WorkerPool::PostTask( | 522 base::WorkerPool::PostTask( |
| 523 FROM_HERE, base::Bind(&SignRSAOnWorkerThread, base::Passed(&state)), | 523 FROM_HERE, base::Bind(&SignRSAOnWorkerThread, base::Passed(&state)), |
| 524 true /*task is slow*/); | 524 true /*task is slow*/); |
| 525 } | 525 } |
| 526 | 526 |
| 527 // Called when ClientCertStoreChromeOS::GetClientCerts is done. Builds the list | 527 // Called when ClientCertStoreChromeOS::GetClientCerts is done. Builds the list |
| 528 // of net::CertificateList and calls back. Used by | 528 // of net::CertificateList and calls back. Used by |
| 529 // SelectCertificatesOnIOThread(). | 529 // SelectCertificatesOnIOThread(). |
| 530 void DidSelectCertificatesOnIOThread( | 530 void DidSelectCertificatesOnIOThread( |
| 531 scoped_ptr<SelectCertificatesState> state) { | 531 scoped_ptr<SelectCertificatesState> state) { |
| 532 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 532 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 533 state->CallBack(FROM_HERE, state->certs_.Pass(), | 533 state->CallBack(FROM_HERE, state->certs_.Pass(), |
| 534 std::string() /* no error */); | 534 std::string() /* no error */); |
| 535 } | 535 } |
| 536 | 536 |
| 537 // Continues selecting certificates on the IO thread. Used by | 537 // Continues selecting certificates on the IO thread. Used by |
| 538 // SelectClientCertificates(). | 538 // SelectClientCertificates(). |
| 539 void SelectCertificatesOnIOThread(scoped_ptr<SelectCertificatesState> state) { | 539 void SelectCertificatesOnIOThread(scoped_ptr<SelectCertificatesState> state) { |
| 540 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 540 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 541 state->cert_store_.reset(new net::ClientCertStoreChromeOS( | 541 state->cert_store_.reset(new net::ClientCertStoreChromeOS( |
| 542 make_scoped_ptr(new chromeos::ClientCertFilterChromeOS( | 542 make_scoped_ptr(new chromeos::ClientCertFilterChromeOS( |
| 543 state->use_system_key_slot_, state->username_hash_)), | 543 state->use_system_key_slot_, state->username_hash_)), |
| 544 net::ClientCertStoreChromeOS::PasswordDelegateFactory())); | 544 net::ClientCertStoreChromeOS::PasswordDelegateFactory())); |
| 545 | 545 |
| 546 state->certs_.reset(new net::CertificateList); | 546 state->certs_.reset(new net::CertificateList); |
| 547 | 547 |
| 548 SelectCertificatesState* state_ptr = state.get(); | 548 SelectCertificatesState* state_ptr = state.get(); |
| 549 state_ptr->cert_store_->GetClientCerts( | 549 state_ptr->cert_store_->GetClientCerts( |
| 550 *state_ptr->cert_request_info_, state_ptr->certs_.get(), | 550 *state_ptr->cert_request_info_, state_ptr->certs_.get(), |
| (...skipping 20 matching lines...) Expand all Loading... |
| 571 client_certs->push_back(*it); | 571 client_certs->push_back(*it); |
| 572 } | 572 } |
| 573 | 573 |
| 574 state->CallBack(FROM_HERE, client_certs.Pass(), std::string() /* no error */); | 574 state->CallBack(FROM_HERE, client_certs.Pass(), std::string() /* no error */); |
| 575 } | 575 } |
| 576 | 576 |
| 577 // Passes the obtained certificates to the worker thread for filtering. Used by | 577 // Passes the obtained certificates to the worker thread for filtering. Used by |
| 578 // GetCertificatesWithDB(). | 578 // GetCertificatesWithDB(). |
| 579 void DidGetCertificates(scoped_ptr<GetCertificatesState> state, | 579 void DidGetCertificates(scoped_ptr<GetCertificatesState> state, |
| 580 scoped_ptr<net::CertificateList> all_certs) { | 580 scoped_ptr<net::CertificateList> all_certs) { |
| 581 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 581 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 582 state->certs_ = all_certs.Pass(); | 582 state->certs_ = all_certs.Pass(); |
| 583 base::WorkerPool::PostTask( | 583 base::WorkerPool::PostTask( |
| 584 FROM_HERE, | 584 FROM_HERE, |
| 585 base::Bind(&FilterCertificatesOnWorkerThread, base::Passed(&state)), | 585 base::Bind(&FilterCertificatesOnWorkerThread, base::Passed(&state)), |
| 586 true /*task is slow*/); | 586 true /*task is slow*/); |
| 587 } | 587 } |
| 588 | 588 |
| 589 // Continues getting certificates with the obtained NSSCertDatabase. Used by | 589 // Continues getting certificates with the obtained NSSCertDatabase. Used by |
| 590 // GetCertificates(). | 590 // GetCertificates(). |
| 591 void GetCertificatesWithDB(scoped_ptr<GetCertificatesState> state, | 591 void GetCertificatesWithDB(scoped_ptr<GetCertificatesState> state, |
| 592 net::NSSCertDatabase* cert_db) { | 592 net::NSSCertDatabase* cert_db) { |
| 593 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 593 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 594 // Get the pointer to slot before base::Passed releases |state|. | 594 // Get the pointer to slot before base::Passed releases |state|. |
| 595 PK11SlotInfo* slot = state->slot_.get(); | 595 PK11SlotInfo* slot = state->slot_.get(); |
| 596 cert_db->ListCertsInSlot( | 596 cert_db->ListCertsInSlot( |
| 597 base::Bind(&DidGetCertificates, base::Passed(&state)), slot); | 597 base::Bind(&DidGetCertificates, base::Passed(&state)), slot); |
| 598 } | 598 } |
| 599 | 599 |
| 600 // Does the actual certificate importing on the IO thread. Used by | 600 // Does the actual certificate importing on the IO thread. Used by |
| 601 // ImportCertificate(). | 601 // ImportCertificate(). |
| 602 void ImportCertificateWithDB(scoped_ptr<ImportCertificateState> state, | 602 void ImportCertificateWithDB(scoped_ptr<ImportCertificateState> state, |
| 603 net::NSSCertDatabase* cert_db) { | 603 net::NSSCertDatabase* cert_db) { |
| 604 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 604 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 605 // TODO(pneubeck): Use |state->slot_| to verify that we're really importing to | 605 // TODO(pneubeck): Use |state->slot_| to verify that we're really importing to |
| 606 // the correct token. | 606 // the correct token. |
| 607 // |cert_db| is not required, ignore it. | 607 // |cert_db| is not required, ignore it. |
| 608 net::CertDatabase* db = net::CertDatabase::GetInstance(); | 608 net::CertDatabase* db = net::CertDatabase::GetInstance(); |
| 609 | 609 |
| 610 const net::Error cert_status = | 610 const net::Error cert_status = |
| 611 static_cast<net::Error>(db->CheckUserCert(state->certificate_.get())); | 611 static_cast<net::Error>(db->CheckUserCert(state->certificate_.get())); |
| 612 if (cert_status == net::ERR_NO_PRIVATE_KEY_FOR_CERT) { | 612 if (cert_status == net::ERR_NO_PRIVATE_KEY_FOR_CERT) { |
| 613 state->OnError(FROM_HERE, kErrorKeyNotFound); | 613 state->OnError(FROM_HERE, kErrorKeyNotFound); |
| 614 return; | 614 return; |
| (...skipping 18 matching lines...) Expand all Loading... |
| 633 return; | 633 return; |
| 634 } | 634 } |
| 635 | 635 |
| 636 state->CallBack(FROM_HERE, std::string() /* no error */); | 636 state->CallBack(FROM_HERE, std::string() /* no error */); |
| 637 } | 637 } |
| 638 | 638 |
| 639 // Called on IO thread after the certificate removal is finished. | 639 // Called on IO thread after the certificate removal is finished. |
| 640 void DidRemoveCertificate(scoped_ptr<RemoveCertificateState> state, | 640 void DidRemoveCertificate(scoped_ptr<RemoveCertificateState> state, |
| 641 bool certificate_found, | 641 bool certificate_found, |
| 642 bool success) { | 642 bool success) { |
| 643 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 643 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 644 // CertificateNotFound error has precedence over an internal error. | 644 // CertificateNotFound error has precedence over an internal error. |
| 645 if (!certificate_found) { | 645 if (!certificate_found) { |
| 646 state->OnError(FROM_HERE, kErrorCertificateNotFound); | 646 state->OnError(FROM_HERE, kErrorCertificateNotFound); |
| 647 return; | 647 return; |
| 648 } | 648 } |
| 649 if (!success) { | 649 if (!success) { |
| 650 state->OnError(FROM_HERE, kErrorInternal); | 650 state->OnError(FROM_HERE, kErrorInternal); |
| 651 return; | 651 return; |
| 652 } | 652 } |
| 653 | 653 |
| 654 state->CallBack(FROM_HERE, std::string() /* no error */); | 654 state->CallBack(FROM_HERE, std::string() /* no error */); |
| 655 } | 655 } |
| 656 | 656 |
| 657 // Does the actual certificate removal on the IO thread. Used by | 657 // Does the actual certificate removal on the IO thread. Used by |
| 658 // RemoveCertificate(). | 658 // RemoveCertificate(). |
| 659 void RemoveCertificateWithDB(scoped_ptr<RemoveCertificateState> state, | 659 void RemoveCertificateWithDB(scoped_ptr<RemoveCertificateState> state, |
| 660 net::NSSCertDatabase* cert_db) { | 660 net::NSSCertDatabase* cert_db) { |
| 661 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 661 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 662 // Get the pointer before base::Passed clears |state|. | 662 // Get the pointer before base::Passed clears |state|. |
| 663 scoped_refptr<net::X509Certificate> certificate = state->certificate_; | 663 scoped_refptr<net::X509Certificate> certificate = state->certificate_; |
| 664 bool certificate_found = certificate->os_cert_handle()->isperm; | 664 bool certificate_found = certificate->os_cert_handle()->isperm; |
| 665 cert_db->DeleteCertAndKeyAsync( | 665 cert_db->DeleteCertAndKeyAsync( |
| 666 certificate, | 666 certificate, |
| 667 base::Bind( | 667 base::Bind( |
| 668 &DidRemoveCertificate, base::Passed(&state), certificate_found)); | 668 &DidRemoveCertificate, base::Passed(&state), certificate_found)); |
| 669 } | 669 } |
| 670 | 670 |
| 671 // Does the actual work to determine which tokens are available. | 671 // Does the actual work to determine which tokens are available. |
| 672 void GetTokensWithDB(scoped_ptr<GetTokensState> state, | 672 void GetTokensWithDB(scoped_ptr<GetTokensState> state, |
| 673 net::NSSCertDatabase* cert_db) { | 673 net::NSSCertDatabase* cert_db) { |
| 674 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO)); | 674 DCHECK_CURRENTLY_ON(BrowserThread::IO); |
| 675 scoped_ptr<std::vector<std::string> > token_ids(new std::vector<std::string>); | 675 scoped_ptr<std::vector<std::string> > token_ids(new std::vector<std::string>); |
| 676 | 676 |
| 677 // The user's token is always available. | 677 // The user's token is always available. |
| 678 token_ids->push_back(kTokenIdUser); | 678 token_ids->push_back(kTokenIdUser); |
| 679 if (cert_db->GetSystemSlot()) | 679 if (cert_db->GetSystemSlot()) |
| 680 token_ids->push_back(kTokenIdSystem); | 680 token_ids->push_back(kTokenIdSystem); |
| 681 | 681 |
| 682 state->CallBack(FROM_HERE, token_ids.Pass(), std::string() /* no error */); | 682 state->CallBack(FROM_HERE, token_ids.Pass(), std::string() /* no error */); |
| 683 } | 683 } |
| 684 | 684 |
| 685 } // namespace | 685 } // namespace |
| 686 | 686 |
| 687 namespace subtle { | 687 namespace subtle { |
| 688 | 688 |
| 689 void GenerateRSAKey(const std::string& token_id, | 689 void GenerateRSAKey(const std::string& token_id, |
| 690 unsigned int modulus_length_bits, | 690 unsigned int modulus_length_bits, |
| 691 const GenerateKeyCallback& callback, | 691 const GenerateKeyCallback& callback, |
| 692 BrowserContext* browser_context) { | 692 BrowserContext* browser_context) { |
| 693 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 693 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 694 scoped_ptr<GenerateRSAKeyState> state( | 694 scoped_ptr<GenerateRSAKeyState> state( |
| 695 new GenerateRSAKeyState(modulus_length_bits, callback)); | 695 new GenerateRSAKeyState(modulus_length_bits, callback)); |
| 696 | 696 |
| 697 if (modulus_length_bits > kMaxRSAModulusLengthBits) { | 697 if (modulus_length_bits > kMaxRSAModulusLengthBits) { |
| 698 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); | 698 state->OnError(FROM_HERE, kErrorAlgorithmNotSupported); |
| 699 return; | 699 return; |
| 700 } | 700 } |
| 701 | 701 |
| 702 // Get the pointer to |state| before base::Passed releases |state|. | 702 // Get the pointer to |state| before base::Passed releases |state|. |
| 703 NSSOperationState* state_ptr = state.get(); | 703 NSSOperationState* state_ptr = state.get(); |
| 704 GetCertDatabase(token_id, | 704 GetCertDatabase(token_id, |
| 705 base::Bind(&GenerateRSAKeyWithDB, base::Passed(&state)), | 705 base::Bind(&GenerateRSAKeyWithDB, base::Passed(&state)), |
| 706 browser_context, | 706 browser_context, |
| 707 state_ptr); | 707 state_ptr); |
| 708 } | 708 } |
| 709 | 709 |
| 710 void SignRSAPKCS1Digest(const std::string& token_id, | 710 void SignRSAPKCS1Digest(const std::string& token_id, |
| 711 const std::string& data, | 711 const std::string& data, |
| 712 const std::string& public_key, | 712 const std::string& public_key, |
| 713 HashAlgorithm hash_algorithm, | 713 HashAlgorithm hash_algorithm, |
| 714 const SignCallback& callback, | 714 const SignCallback& callback, |
| 715 content::BrowserContext* browser_context) { | 715 content::BrowserContext* browser_context) { |
| 716 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 716 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 717 scoped_ptr<SignRSAState> state( | 717 scoped_ptr<SignRSAState> state( |
| 718 new SignRSAState(data, public_key, false /* digest before signing */, | 718 new SignRSAState(data, public_key, false /* digest before signing */, |
| 719 hash_algorithm, callback)); | 719 hash_algorithm, callback)); |
| 720 // Get the pointer to |state| before base::Passed releases |state|. | 720 // Get the pointer to |state| before base::Passed releases |state|. |
| 721 NSSOperationState* state_ptr = state.get(); | 721 NSSOperationState* state_ptr = state.get(); |
| 722 | 722 |
| 723 // The NSSCertDatabase object is not required. But in case it's not available | 723 // The NSSCertDatabase object is not required. But in case it's not available |
| 724 // we would get more informative error messages and we can double check that | 724 // we would get more informative error messages and we can double check that |
| 725 // we use a key of the correct token. | 725 // we use a key of the correct token. |
| 726 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), | 726 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), |
| 727 browser_context, state_ptr); | 727 browser_context, state_ptr); |
| 728 } | 728 } |
| 729 | 729 |
| 730 void SignRSAPKCS1Raw(const std::string& token_id, | 730 void SignRSAPKCS1Raw(const std::string& token_id, |
| 731 const std::string& data, | 731 const std::string& data, |
| 732 const std::string& public_key, | 732 const std::string& public_key, |
| 733 const SignCallback& callback, | 733 const SignCallback& callback, |
| 734 content::BrowserContext* browser_context) { | 734 content::BrowserContext* browser_context) { |
| 735 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 735 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 736 scoped_ptr<SignRSAState> state(new SignRSAState( | 736 scoped_ptr<SignRSAState> state(new SignRSAState( |
| 737 data, public_key, true /* sign directly without hashing */, | 737 data, public_key, true /* sign directly without hashing */, |
| 738 HASH_ALGORITHM_NONE, callback)); | 738 HASH_ALGORITHM_NONE, callback)); |
| 739 // Get the pointer to |state| before base::Passed releases |state|. | 739 // Get the pointer to |state| before base::Passed releases |state|. |
| 740 NSSOperationState* state_ptr = state.get(); | 740 NSSOperationState* state_ptr = state.get(); |
| 741 | 741 |
| 742 // The NSSCertDatabase object is not required. But in case it's not available | 742 // The NSSCertDatabase object is not required. But in case it's not available |
| 743 // we would get more informative error messages and we can double check that | 743 // we would get more informative error messages and we can double check that |
| 744 // we use a key of the correct token. | 744 // we use a key of the correct token. |
| 745 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), | 745 GetCertDatabase(token_id, base::Bind(&SignRSAWithDB, base::Passed(&state)), |
| 746 browser_context, state_ptr); | 746 browser_context, state_ptr); |
| 747 } | 747 } |
| 748 | 748 |
| 749 void SelectClientCertificates(const ClientCertificateRequest& request, | 749 void SelectClientCertificates(const ClientCertificateRequest& request, |
| 750 const SelectCertificatesCallback& callback, | 750 const SelectCertificatesCallback& callback, |
| 751 content::BrowserContext* browser_context) { | 751 content::BrowserContext* browser_context) { |
| 752 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 752 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 753 | 753 |
| 754 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( | 754 scoped_refptr<net::SSLCertRequestInfo> cert_request_info( |
| 755 new net::SSLCertRequestInfo); | 755 new net::SSLCertRequestInfo); |
| 756 cert_request_info->cert_key_types = request.certificate_key_types; | 756 cert_request_info->cert_key_types = request.certificate_key_types; |
| 757 cert_request_info->cert_authorities = request.certificate_authorities; | 757 cert_request_info->cert_authorities = request.certificate_authorities; |
| 758 | 758 |
| 759 const user_manager::User* user = | 759 const user_manager::User* user = |
| 760 chromeos::ProfileHelper::Get()->GetUserByProfile( | 760 chromeos::ProfileHelper::Get()->GetUserByProfile( |
| 761 Profile::FromBrowserContext(browser_context)); | 761 Profile::FromBrowserContext(browser_context)); |
| 762 | 762 |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 814 } | 814 } |
| 815 | 815 |
| 816 *key_type = key_type_tmp; | 816 *key_type = key_type_tmp; |
| 817 *key_size_bits = key_size_bits_tmp; | 817 *key_size_bits = key_size_bits_tmp; |
| 818 return true; | 818 return true; |
| 819 } | 819 } |
| 820 | 820 |
| 821 void GetCertificates(const std::string& token_id, | 821 void GetCertificates(const std::string& token_id, |
| 822 const GetCertificatesCallback& callback, | 822 const GetCertificatesCallback& callback, |
| 823 BrowserContext* browser_context) { | 823 BrowserContext* browser_context) { |
| 824 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 824 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 825 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); | 825 scoped_ptr<GetCertificatesState> state(new GetCertificatesState(callback)); |
| 826 // Get the pointer to |state| before base::Passed releases |state|. | 826 // Get the pointer to |state| before base::Passed releases |state|. |
| 827 NSSOperationState* state_ptr = state.get(); | 827 NSSOperationState* state_ptr = state.get(); |
| 828 GetCertDatabase(token_id, | 828 GetCertDatabase(token_id, |
| 829 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), | 829 base::Bind(&GetCertificatesWithDB, base::Passed(&state)), |
| 830 browser_context, | 830 browser_context, |
| 831 state_ptr); | 831 state_ptr); |
| 832 } | 832 } |
| 833 | 833 |
| 834 void ImportCertificate(const std::string& token_id, | 834 void ImportCertificate(const std::string& token_id, |
| 835 const scoped_refptr<net::X509Certificate>& certificate, | 835 const scoped_refptr<net::X509Certificate>& certificate, |
| 836 const ImportCertificateCallback& callback, | 836 const ImportCertificateCallback& callback, |
| 837 BrowserContext* browser_context) { | 837 BrowserContext* browser_context) { |
| 838 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 838 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 839 scoped_ptr<ImportCertificateState> state( | 839 scoped_ptr<ImportCertificateState> state( |
| 840 new ImportCertificateState(certificate, callback)); | 840 new ImportCertificateState(certificate, callback)); |
| 841 // Get the pointer to |state| before base::Passed releases |state|. | 841 // Get the pointer to |state| before base::Passed releases |state|. |
| 842 NSSOperationState* state_ptr = state.get(); | 842 NSSOperationState* state_ptr = state.get(); |
| 843 | 843 |
| 844 // The NSSCertDatabase object is not required. But in case it's not available | 844 // The NSSCertDatabase object is not required. But in case it's not available |
| 845 // we would get more informative error messages and we can double check that | 845 // we would get more informative error messages and we can double check that |
| 846 // we use a key of the correct token. | 846 // we use a key of the correct token. |
| 847 GetCertDatabase(token_id, | 847 GetCertDatabase(token_id, |
| 848 base::Bind(&ImportCertificateWithDB, base::Passed(&state)), | 848 base::Bind(&ImportCertificateWithDB, base::Passed(&state)), |
| 849 browser_context, | 849 browser_context, |
| 850 state_ptr); | 850 state_ptr); |
| 851 } | 851 } |
| 852 | 852 |
| 853 void RemoveCertificate(const std::string& token_id, | 853 void RemoveCertificate(const std::string& token_id, |
| 854 const scoped_refptr<net::X509Certificate>& certificate, | 854 const scoped_refptr<net::X509Certificate>& certificate, |
| 855 const RemoveCertificateCallback& callback, | 855 const RemoveCertificateCallback& callback, |
| 856 BrowserContext* browser_context) { | 856 BrowserContext* browser_context) { |
| 857 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 857 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 858 scoped_ptr<RemoveCertificateState> state( | 858 scoped_ptr<RemoveCertificateState> state( |
| 859 new RemoveCertificateState(certificate, callback)); | 859 new RemoveCertificateState(certificate, callback)); |
| 860 // Get the pointer to |state| before base::Passed releases |state|. | 860 // Get the pointer to |state| before base::Passed releases |state|. |
| 861 NSSOperationState* state_ptr = state.get(); | 861 NSSOperationState* state_ptr = state.get(); |
| 862 | 862 |
| 863 // The NSSCertDatabase object is not required. But in case it's not available | 863 // The NSSCertDatabase object is not required. But in case it's not available |
| 864 // we would get more informative error messages. | 864 // we would get more informative error messages. |
| 865 GetCertDatabase(token_id, | 865 GetCertDatabase(token_id, |
| 866 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), | 866 base::Bind(&RemoveCertificateWithDB, base::Passed(&state)), |
| 867 browser_context, | 867 browser_context, |
| 868 state_ptr); | 868 state_ptr); |
| 869 } | 869 } |
| 870 | 870 |
| 871 void GetTokens(const GetTokensCallback& callback, | 871 void GetTokens(const GetTokensCallback& callback, |
| 872 content::BrowserContext* browser_context) { | 872 content::BrowserContext* browser_context) { |
| 873 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); | 873 DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| 874 scoped_ptr<GetTokensState> state(new GetTokensState(callback)); | 874 scoped_ptr<GetTokensState> state(new GetTokensState(callback)); |
| 875 // Get the pointer to |state| before base::Passed releases |state|. | 875 // Get the pointer to |state| before base::Passed releases |state|. |
| 876 NSSOperationState* state_ptr = state.get(); | 876 NSSOperationState* state_ptr = state.get(); |
| 877 GetCertDatabase(std::string() /* don't get any specific slot */, | 877 GetCertDatabase(std::string() /* don't get any specific slot */, |
| 878 base::Bind(&GetTokensWithDB, base::Passed(&state)), | 878 base::Bind(&GetTokensWithDB, base::Passed(&state)), |
| 879 browser_context, | 879 browser_context, |
| 880 state_ptr); | 880 state_ptr); |
| 881 } | 881 } |
| 882 | 882 |
| 883 } // namespace platform_keys | 883 } // namespace platform_keys |
| 884 | 884 |
| 885 } // namespace chromeos | 885 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1036723003:
favor DCHECK_CURRENTLY_ON for better logs in chrome/browser/chromeos/ (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master