| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/tpm_token_loader.h" | 5 #include "chromeos/tpm_token_loader.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/location.h" | 10 #include "base/location.h" |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 48 crypto::EnableTPMTokenForNSS(); | 48 crypto::EnableTPMTokenForNSS(); |
| 49 } | 49 } |
| 50 | 50 |
| 51 } // namespace | 51 } // namespace |
| 52 | 52 |
| 53 static TPMTokenLoader* g_tpm_token_loader = NULL; | 53 static TPMTokenLoader* g_tpm_token_loader = NULL; |
| 54 | 54 |
| 55 // static | 55 // static |
| 56 void TPMTokenLoader::Initialize() { | 56 void TPMTokenLoader::Initialize() { |
| 57 CHECK(!g_tpm_token_loader); | 57 CHECK(!g_tpm_token_loader); |
| 58 g_tpm_token_loader = new TPMTokenLoader(); | 58 g_tpm_token_loader = new TPMTokenLoader(false /*for_test*/); |
| 59 } | 59 } |
| 60 | 60 |
| 61 // static | 61 // static |
| 62 void TPMTokenLoader::InitializeForTest() { |
| 63 CHECK(!g_tpm_token_loader); |
| 64 g_tpm_token_loader = new TPMTokenLoader(true /*for_test*/); |
| 65 } |
| 66 |
| 67 // static |
| 62 void TPMTokenLoader::Shutdown() { | 68 void TPMTokenLoader::Shutdown() { |
| 63 CHECK(g_tpm_token_loader); | 69 CHECK(g_tpm_token_loader); |
| 64 delete g_tpm_token_loader; | 70 delete g_tpm_token_loader; |
| 65 g_tpm_token_loader = NULL; | 71 g_tpm_token_loader = NULL; |
| 66 } | 72 } |
| 67 | 73 |
| 68 // static | 74 // static |
| 69 TPMTokenLoader* TPMTokenLoader::Get() { | 75 TPMTokenLoader* TPMTokenLoader::Get() { |
| 70 CHECK(g_tpm_token_loader) | 76 CHECK(g_tpm_token_loader) |
| 71 << "TPMTokenLoader::Get() called before Initialize()"; | 77 << "TPMTokenLoader::Get() called before Initialize()"; |
| 72 return g_tpm_token_loader; | 78 return g_tpm_token_loader; |
| 73 } | 79 } |
| 74 | 80 |
| 75 // static | 81 // static |
| 76 bool TPMTokenLoader::IsInitialized() { | 82 bool TPMTokenLoader::IsInitialized() { |
| 77 return g_tpm_token_loader; | 83 return g_tpm_token_loader; |
| 78 } | 84 } |
| 79 | 85 |
| 80 TPMTokenLoader::TPMTokenLoader() | 86 TPMTokenLoader::TPMTokenLoader(bool for_test) |
| 81 : initialize_tpm_for_test_(false), | 87 : initialized_for_test_(for_test), |
| 82 tpm_token_state_(TPM_STATE_UNKNOWN), | 88 tpm_token_state_(TPM_STATE_UNKNOWN), |
| 83 tpm_request_delay_( | 89 tpm_request_delay_( |
| 84 base::TimeDelta::FromMilliseconds(kInitialRequestDelayMs)), | 90 base::TimeDelta::FromMilliseconds(kInitialRequestDelayMs)), |
| 85 tpm_token_slot_id_(-1), | 91 tpm_token_slot_id_(-1), |
| 86 weak_factory_(this) { | 92 weak_factory_(this) { |
| 87 if (LoginState::IsInitialized()) | 93 if (!initialized_for_test_ && LoginState::IsInitialized()) |
| 88 LoginState::Get()->AddObserver(this); | 94 LoginState::Get()->AddObserver(this); |
| 89 } | |
| 90 | 95 |
| 91 void TPMTokenLoader::InitializeTPMForTest() { | 96 if (initialized_for_test_) { |
| 92 initialize_tpm_for_test_ = true; | 97 tpm_token_state_ = TPM_TOKEN_INITIALIZED; |
| 98 tpm_user_pin_ = "111111"; |
| 99 } |
| 93 } | 100 } |
| 94 | 101 |
| 95 void TPMTokenLoader::SetCryptoTaskRunner( | 102 void TPMTokenLoader::SetCryptoTaskRunner( |
| 96 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner) { | 103 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner) { |
| 97 crypto_task_runner_ = crypto_task_runner; | 104 crypto_task_runner_ = crypto_task_runner; |
| 98 MaybeStartTokenInitialization(); | 105 MaybeStartTokenInitialization(); |
| 99 } | 106 } |
| 100 | 107 |
| 101 TPMTokenLoader::~TPMTokenLoader() { | 108 TPMTokenLoader::~TPMTokenLoader() { |
| 102 if (LoginState::IsInitialized()) | 109 if (!initialized_for_test_ && LoginState::IsInitialized()) |
| 103 LoginState::Get()->RemoveObserver(this); | 110 LoginState::Get()->RemoveObserver(this); |
| 104 } | 111 } |
| 105 | 112 |
| 106 void TPMTokenLoader::AddObserver(TPMTokenLoader::Observer* observer) { | 113 void TPMTokenLoader::AddObserver(TPMTokenLoader::Observer* observer) { |
| 107 observers_.AddObserver(observer); | 114 observers_.AddObserver(observer); |
| 108 } | 115 } |
| 109 | 116 |
| 110 void TPMTokenLoader::RemoveObserver(TPMTokenLoader::Observer* observer) { | 117 void TPMTokenLoader::RemoveObserver(TPMTokenLoader::Observer* observer) { |
| 111 observers_.RemoveObserver(observer); | 118 observers_.RemoveObserver(observer); |
| 112 } | 119 } |
| 113 | 120 |
| 114 bool TPMTokenLoader::IsTPMTokenReady() const { | 121 bool TPMTokenLoader::IsTPMTokenReady() const { |
| 115 return tpm_token_state_ == TPM_DISABLED || | 122 return tpm_token_state_ == TPM_DISABLED || |
| 116 tpm_token_state_ == TPM_TOKEN_INITIALIZED; | 123 tpm_token_state_ == TPM_TOKEN_INITIALIZED; |
| 117 } | 124 } |
| 118 | 125 |
| 119 void TPMTokenLoader::MaybeStartTokenInitialization() { | 126 void TPMTokenLoader::MaybeStartTokenInitialization() { |
| 120 CHECK(thread_checker_.CalledOnValidThread()); | 127 CHECK(thread_checker_.CalledOnValidThread()); |
| 121 | 128 |
| 122 // This is the entry point to the TPM token initialization process, | 129 // This is the entry point to the TPM token initialization process, |
| 123 // which we should do at most once. | 130 // which we should do at most once. |
| 124 if (tpm_token_state_ != TPM_STATE_UNKNOWN || !crypto_task_runner_.get()) | 131 if (tpm_token_state_ != TPM_STATE_UNKNOWN || !crypto_task_runner_.get()) |
| 125 return; | 132 return; |
| 126 | 133 |
| 127 if (!LoginState::IsInitialized()) | 134 if (!LoginState::IsInitialized()) |
| 128 return; | 135 return; |
| 129 | 136 |
| 130 bool request_certificates = LoginState::Get()->IsUserLoggedIn() || | 137 bool start_initialization = LoginState::Get()->IsUserLoggedIn() || |
| 131 LoginState::Get()->IsInSafeMode(); | 138 LoginState::Get()->IsInSafeMode(); |
| 132 | 139 |
| 133 VLOG(1) << "RequestCertificates: " << request_certificates; | 140 VLOG(1) << "StartTokenInitialization: " << start_initialization; |
| 134 if (!request_certificates) | 141 if (!start_initialization) |
| 135 return; | 142 return; |
| 136 | 143 |
| 137 if (!initialize_tpm_for_test_ && !base::SysInfo::IsRunningOnChromeOS()) | 144 if (!base::SysInfo::IsRunningOnChromeOS()) |
| 138 tpm_token_state_ = TPM_DISABLED; | 145 tpm_token_state_ = TPM_DISABLED; |
| 139 | 146 |
| 140 // Treat TPM as disabled for guest users since they do not store certs. | 147 // Treat TPM as disabled for guest users since they do not store certs. |
| 141 if (LoginState::Get()->IsGuestUser()) | 148 if (LoginState::Get()->IsGuestUser()) |
| 142 tpm_token_state_ = TPM_DISABLED; | 149 tpm_token_state_ = TPM_DISABLED; |
| 143 | 150 |
| 144 ContinueTokenInitialization(); | 151 ContinueTokenInitialization(); |
| 145 | 152 |
| 146 DCHECK_NE(tpm_token_state_, TPM_STATE_UNKNOWN); | 153 DCHECK_NE(tpm_token_state_, TPM_STATE_UNKNOWN); |
| 147 } | 154 } |
| (...skipping 122 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 270 VLOG(1) << "OnTPMTokenInitialized: " << success; | 277 VLOG(1) << "OnTPMTokenInitialized: " << success; |
| 271 if (!success) { | 278 if (!success) { |
| 272 RetryTokenInitializationLater(); | 279 RetryTokenInitializationLater(); |
| 273 return; | 280 return; |
| 274 } | 281 } |
| 275 tpm_token_state_ = TPM_TOKEN_INITIALIZED; | 282 tpm_token_state_ = TPM_TOKEN_INITIALIZED; |
| 276 ContinueTokenInitialization(); | 283 ContinueTokenInitialization(); |
| 277 } | 284 } |
| 278 | 285 |
| 279 void TPMTokenLoader::NotifyTPMTokenReady() { | 286 void TPMTokenLoader::NotifyTPMTokenReady() { |
| 280 FOR_EACH_OBSERVER(Observer, observers_, | 287 FOR_EACH_OBSERVER(Observer, observers_, OnTPMTokenReady()); |
| 281 OnTPMTokenReady(tpm_user_pin_, tpm_token_name_, tpm_token_slot_id_)); | |
| 282 } | 288 } |
| 283 | 289 |
| 284 void TPMTokenLoader::LoggedInStateChanged() { | 290 void TPMTokenLoader::LoggedInStateChanged() { |
| 285 VLOG(1) << "LoggedInStateChanged"; | 291 VLOG(1) << "LoggedInStateChanged"; |
| 286 MaybeStartTokenInitialization(); | 292 MaybeStartTokenInitialization(); |
| 287 } | 293 } |
| 288 | 294 |
| 289 } // namespace chromeos | 295 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 135193007:
Use user specific NSSDatabase in CertLoader. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src