OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_NSS_UTIL_H_ | 5 #ifndef CRYPTO_NSS_UTIL_H_ |
6 #define CRYPTO_NSS_UTIL_H_ | 6 #define CRYPTO_NSS_UTIL_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/callback_forward.h" |
10 #include "crypto/crypto_export.h" | 11 #include "crypto/crypto_export.h" |
11 | 12 |
12 namespace base { | 13 namespace base { |
13 class FilePath; | 14 class FilePath; |
14 class Lock; | 15 class Lock; |
15 class Time; | 16 class Time; |
16 } // namespace base | 17 } // namespace base |
17 | 18 |
18 // This file specifically doesn't depend on any NSS or NSPR headers because it | 19 // This file specifically doesn't depend on any NSS or NSPR headers because it |
19 // is included by various (non-crypto) parts of chrome to call the | 20 // is included by various (non-crypto) parts of chrome to call the |
20 // initialization functions. | 21 // initialization functions. |
21 namespace crypto { | 22 namespace crypto { |
22 | 23 |
| 24 // XXX remove |
| 25 CRYPTO_EXPORT void DumpNSSSlotInfos(); |
| 26 |
23 // The TPMToken name used for the NSS slot opened by ScopedTestNSSDB. | 27 // The TPMToken name used for the NSS slot opened by ScopedTestNSSDB. |
24 CRYPTO_EXPORT extern const char kTestTPMTokenName[]; | 28 CRYPTO_EXPORT extern const char kTestTPMTokenName[]; |
25 | 29 |
26 #if defined(USE_NSS) | 30 #if defined(USE_NSS) |
27 // EarlySetupForNSSInit performs lightweight setup which must occur before the | 31 // EarlySetupForNSSInit performs lightweight setup which must occur before the |
28 // process goes multithreaded. This does not initialise NSS. For test, see | 32 // process goes multithreaded. This does not initialise NSS. For test, see |
29 // EnsureNSSInit. | 33 // EnsureNSSInit. |
30 CRYPTO_EXPORT void EarlySetupForNSSInit(); | 34 CRYPTO_EXPORT void EarlySetupForNSSInit(); |
31 #endif | 35 #endif |
32 | 36 |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
95 // Open the r/w nssdb that's stored inside the user's encrypted home | 99 // Open the r/w nssdb that's stored inside the user's encrypted home |
96 // directory. This is the default slot returned by | 100 // directory. This is the default slot returned by |
97 // GetPublicNSSKeySlot(). | 101 // GetPublicNSSKeySlot(). |
98 CRYPTO_EXPORT void OpenPersistentNSSDB(); | 102 CRYPTO_EXPORT void OpenPersistentNSSDB(); |
99 | 103 |
100 // Indicates that NSS should load the Chaps library so that we | 104 // Indicates that NSS should load the Chaps library so that we |
101 // can access the TPM through NSS. Once this is called, | 105 // can access the TPM through NSS. Once this is called, |
102 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. | 106 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. |
103 CRYPTO_EXPORT void EnableTPMTokenForNSS(); | 107 CRYPTO_EXPORT void EnableTPMTokenForNSS(); |
104 | 108 |
| 109 // Returns true if EnableTPMTokenForNSS has been called. |
| 110 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS(); |
| 111 |
105 // Get name and user PIN for the built-in TPM token on ChromeOS. | 112 // Get name and user PIN for the built-in TPM token on ChromeOS. |
106 // Either one can safely be NULL. Should only be called after | 113 // Either one can safely be NULL. Should only be called after |
107 // EnableTPMTokenForNSS has been called with a non-null delegate. | 114 // EnableTPMTokenForNSS has been called with a non-null delegate. |
108 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name, | 115 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name, |
109 std::string* user_pin); | 116 std::string* user_pin); |
110 | 117 |
111 // Returns true if the TPM is owned and PKCS#11 initialized with the | 118 // Returns true if the TPM is owned and PKCS#11 initialized with the |
112 // user and security officer PINs, and has been enabled in NSS by | 119 // user and security officer PINs, and has been enabled in NSS by |
113 // calling EnableTPMForNSS, and Chaps has been successfully | 120 // calling EnableTPMForNSS, and Chaps has been successfully |
114 // loaded into NSS. | 121 // loaded into NSS. |
115 CRYPTO_EXPORT bool IsTPMTokenReady(); | 122 CRYPTO_EXPORT bool IsTPMTokenReady(); |
116 | 123 |
| 124 // Register a callback to be run when the TPM module is loaded. |
| 125 // If the module is already loaded, the |callback| will be run synchronously. |
| 126 CRYPTO_EXPORT void OnTPMReady(const base::Closure& callback); |
| 127 |
117 // Initialize the TPM token. Does nothing if it is already initialized. | 128 // Initialize the TPM token. Does nothing if it is already initialized. |
118 CRYPTO_EXPORT bool InitializeTPMToken(const std::string& token_name, | 129 CRYPTO_EXPORT bool InitializeTPMToken(const std::string& token_name, |
119 const std::string& user_pin); | 130 const std::string& user_pin, |
| 131 int token_slot_id); |
120 #endif | 132 #endif |
121 | 133 |
122 // Convert a NSS PRTime value into a base::Time object. | 134 // Convert a NSS PRTime value into a base::Time object. |
123 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. | 135 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. |
124 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime); | 136 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime); |
125 | 137 |
126 // Convert a base::Time object into a PRTime value. | 138 // Convert a base::Time object into a PRTime value. |
127 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. | 139 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. |
128 CRYPTO_EXPORT int64 BaseTimeToPRTime(base::Time time); | 140 CRYPTO_EXPORT int64 BaseTimeToPRTime(base::Time time); |
129 | 141 |
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
164 private: | 176 private: |
165 base::Lock *lock_; | 177 base::Lock *lock_; |
166 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); | 178 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
167 }; | 179 }; |
168 | 180 |
169 #endif // defined(USE_NSS) | 181 #endif // defined(USE_NSS) |
170 | 182 |
171 } // namespace crypto | 183 } // namespace crypto |
172 | 184 |
173 #endif // CRYPTO_NSS_UTIL_H_ | 185 #endif // CRYPTO_NSS_UTIL_H_ |
OLD | NEW |