OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
6 #include "crypto/nss_util_internal.h" | 6 #include "crypto/nss_util_internal.h" |
7 | 7 |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
10 #include <plarena.h> | 10 #include <plarena.h> |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); | 66 FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb"); |
67 #endif // defined(OS_CHROMEOS) | 67 #endif // defined(OS_CHROMEOS) |
68 | 68 |
69 std::string GetNSSErrorMessage() { | 69 std::string GetNSSErrorMessage() { |
70 std::string result; | 70 std::string result; |
71 if (PR_GetErrorTextLength()) { | 71 if (PR_GetErrorTextLength()) { |
72 scoped_array<char> error_text(new char[PR_GetErrorTextLength() + 1]); | 72 scoped_array<char> error_text(new char[PR_GetErrorTextLength() + 1]); |
73 PRInt32 copied = PR_GetErrorText(error_text.get()); | 73 PRInt32 copied = PR_GetErrorText(error_text.get()); |
74 result = std::string(error_text.get(), copied); | 74 result = std::string(error_text.get(), copied); |
75 } else { | 75 } else { |
76 result = StringPrintf("NSS error code: %d", PR_GetError()); | 76 result = base::StringPrintf("NSS error code: %d", PR_GetError()); |
77 } | 77 } |
78 return result; | 78 return result; |
79 } | 79 } |
80 | 80 |
81 #if defined(USE_NSS) | 81 #if defined(USE_NSS) |
82 base::FilePath GetDefaultConfigDirectory() { | 82 base::FilePath GetDefaultConfigDirectory() { |
83 base::FilePath dir = file_util::GetHomeDir(); | 83 base::FilePath dir = file_util::GetHomeDir(); |
84 if (dir.empty()) { | 84 if (dir.empty()) { |
85 LOG(ERROR) << "Failed to get home directory."; | 85 LOG(ERROR) << "Failed to get home directory."; |
86 return dir; | 86 return dir; |
(...skipping 388 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
475 base::FilePath database_dir = GetInitialConfigDirectory(); | 475 base::FilePath database_dir = GetInitialConfigDirectory(); |
476 if (!database_dir.empty()) { | 476 if (!database_dir.empty()) { |
477 // This duplicates the work which should have been done in | 477 // This duplicates the work which should have been done in |
478 // EarlySetupForNSSInit. However, this function is idempotent so | 478 // EarlySetupForNSSInit. However, this function is idempotent so |
479 // there's no harm done. | 479 // there's no harm done. |
480 UseLocalCacheOfNSSDatabaseIfNFS(database_dir); | 480 UseLocalCacheOfNSSDatabaseIfNFS(database_dir); |
481 | 481 |
482 // Initialize with a persistent database (likely, ~/.pki/nssdb). | 482 // Initialize with a persistent database (likely, ~/.pki/nssdb). |
483 // Use "sql:" which can be shared by multiple processes safely. | 483 // Use "sql:" which can be shared by multiple processes safely. |
484 std::string nss_config_dir = | 484 std::string nss_config_dir = |
485 StringPrintf("sql:%s", database_dir.value().c_str()); | 485 base::StringPrintf("sql:%s", database_dir.value().c_str()); |
486 #if defined(OS_CHROMEOS) | 486 #if defined(OS_CHROMEOS) |
487 status = NSS_Init(nss_config_dir.c_str()); | 487 status = NSS_Init(nss_config_dir.c_str()); |
488 #else | 488 #else |
489 status = NSS_InitReadWrite(nss_config_dir.c_str()); | 489 status = NSS_InitReadWrite(nss_config_dir.c_str()); |
490 #endif | 490 #endif |
491 if (status != SECSuccess) { | 491 if (status != SECSuccess) { |
492 LOG(ERROR) << "Error initializing NSS with a persistent " | 492 LOG(ERROR) << "Error initializing NSS with a persistent " |
493 "database (" << nss_config_dir | 493 "database (" << nss_config_dir |
494 << "): " << GetNSSErrorMessage(); | 494 << "): " << GetNSSErrorMessage(); |
495 } | 495 } |
(...skipping 83 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
579 // Aw, snap. Can't find/load root cert shared library. | 579 // Aw, snap. Can't find/load root cert shared library. |
580 // This will make it hard to talk to anybody via https. | 580 // This will make it hard to talk to anybody via https. |
581 NOTREACHED(); | 581 NOTREACHED(); |
582 return NULL; | 582 return NULL; |
583 } | 583 } |
584 | 584 |
585 // Load the given module for this NSS session. | 585 // Load the given module for this NSS session. |
586 SECMODModule* LoadModule(const char* name, | 586 SECMODModule* LoadModule(const char* name, |
587 const char* library_path, | 587 const char* library_path, |
588 const char* params) { | 588 const char* params) { |
589 std::string modparams = StringPrintf( | 589 std::string modparams = base::StringPrintf( |
590 "name=\"%s\" library=\"%s\" %s", | 590 "name=\"%s\" library=\"%s\" %s", |
591 name, library_path, params ? params : ""); | 591 name, library_path, params ? params : ""); |
592 | 592 |
593 // Shouldn't need to const_cast here, but SECMOD doesn't properly | 593 // Shouldn't need to const_cast here, but SECMOD doesn't properly |
594 // declare input string arguments as const. Bug | 594 // declare input string arguments as const. Bug |
595 // https://bugzilla.mozilla.org/show_bug.cgi?id=642546 was filed | 595 // https://bugzilla.mozilla.org/show_bug.cgi?id=642546 was filed |
596 // on NSS codebase to address this. | 596 // on NSS codebase to address this. |
597 SECMODModule* module = SECMOD_LoadUserModule( | 597 SECMODModule* module = SECMOD_LoadUserModule( |
598 const_cast<char*>(modparams.c_str()), NULL, PR_FALSE); | 598 const_cast<char*>(modparams.c_str()), NULL, PR_FALSE); |
599 if (!module) { | 599 if (!module) { |
600 LOG(ERROR) << "Error loading " << name << " module into NSS: " | 600 LOG(ERROR) << "Error loading " << name << " module into NSS: " |
601 << GetNSSErrorMessage(); | 601 << GetNSSErrorMessage(); |
602 return NULL; | 602 return NULL; |
603 } | 603 } |
604 return module; | 604 return module; |
605 } | 605 } |
606 #endif | 606 #endif |
607 | 607 |
608 static PK11SlotInfo* OpenUserDB(const base::FilePath& path, | 608 static PK11SlotInfo* OpenUserDB(const base::FilePath& path, |
609 const char* description) { | 609 const char* description) { |
610 const std::string modspec = | 610 const std::string modspec = |
611 StringPrintf("configDir='sql:%s' tokenDescription='%s'", | 611 base::StringPrintf("configDir='sql:%s' tokenDescription='%s'", |
612 path.value().c_str(), description); | 612 path.value().c_str(), description); |
613 PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str()); | 613 PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str()); |
614 if (db_slot) { | 614 if (db_slot) { |
615 if (PK11_NeedUserInit(db_slot)) | 615 if (PK11_NeedUserInit(db_slot)) |
616 PK11_InitPin(db_slot, NULL, NULL); | 616 PK11_InitPin(db_slot, NULL, NULL); |
617 } | 617 } |
618 else { | 618 else { |
619 LOG(ERROR) << "Error opening persistent database (" << modspec | 619 LOG(ERROR) << "Error opening persistent database (" << modspec |
620 << "): " << GetNSSErrorMessage(); | 620 << "): " << GetNSSErrorMessage(); |
621 } | 621 } |
622 return db_slot; | 622 return db_slot; |
(...skipping 194 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
817 | 817 |
818 PK11SlotInfo* GetPublicNSSKeySlot() { | 818 PK11SlotInfo* GetPublicNSSKeySlot() { |
819 return g_nss_singleton.Get().GetPublicNSSKeySlot(); | 819 return g_nss_singleton.Get().GetPublicNSSKeySlot(); |
820 } | 820 } |
821 | 821 |
822 PK11SlotInfo* GetPrivateNSSKeySlot() { | 822 PK11SlotInfo* GetPrivateNSSKeySlot() { |
823 return g_nss_singleton.Get().GetPrivateNSSKeySlot(); | 823 return g_nss_singleton.Get().GetPrivateNSSKeySlot(); |
824 } | 824 } |
825 | 825 |
826 } // namespace crypto | 826 } // namespace crypto |
OLD | NEW |