Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(81)

Side by Side Diff: crypto/nss_util.h

Issue 18121007: *WIP* Store NSS slots per profile. Move keygen to chrome. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: cert manager basics working Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « content/public/browser/content_browser_client.cc ('k') | crypto/nss_util.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CRYPTO_NSS_UTIL_H_ 5 #ifndef CRYPTO_NSS_UTIL_H_
6 #define CRYPTO_NSS_UTIL_H_ 6 #define CRYPTO_NSS_UTIL_H_
7 7
8 #include <string> 8 #include <string>
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "base/callback_forward.h"
10 #include "crypto/crypto_export.h" 11 #include "crypto/crypto_export.h"
11 12
12 namespace base { 13 namespace base {
13 class FilePath; 14 class FilePath;
14 class Lock; 15 class Lock;
15 class Time; 16 class Time;
16 } // namespace base 17 } // namespace base
17 18
18 // This file specifically doesn't depend on any NSS or NSPR headers because it 19 // This file specifically doesn't depend on any NSS or NSPR headers because it
19 // is included by various (non-crypto) parts of chrome to call the 20 // is included by various (non-crypto) parts of chrome to call the
20 // initialization functions. 21 // initialization functions.
21 namespace crypto { 22 namespace crypto {
22 23
24 // XXX remove
25 CRYPTO_EXPORT void DumpNSSSlotInfos();
26
23 // The TPMToken name used for the NSS slot opened by ScopedTestNSSDB. 27 // The TPMToken name used for the NSS slot opened by ScopedTestNSSDB.
24 CRYPTO_EXPORT extern const char kTestTPMTokenName[]; 28 CRYPTO_EXPORT extern const char kTestTPMTokenName[];
25 29
26 #if defined(USE_NSS) 30 #if defined(USE_NSS)
27 // EarlySetupForNSSInit performs lightweight setup which must occur before the 31 // EarlySetupForNSSInit performs lightweight setup which must occur before the
28 // process goes multithreaded. This does not initialise NSS. For test, see 32 // process goes multithreaded. This does not initialise NSS. For test, see
29 // EnsureNSSInit. 33 // EnsureNSSInit.
30 CRYPTO_EXPORT void EarlySetupForNSSInit(); 34 CRYPTO_EXPORT void EarlySetupForNSSInit();
31 #endif 35 #endif
32 36
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
95 // Open the r/w nssdb that's stored inside the user's encrypted home 99 // Open the r/w nssdb that's stored inside the user's encrypted home
96 // directory. This is the default slot returned by 100 // directory. This is the default slot returned by
97 // GetPublicNSSKeySlot(). 101 // GetPublicNSSKeySlot().
98 CRYPTO_EXPORT void OpenPersistentNSSDB(); 102 CRYPTO_EXPORT void OpenPersistentNSSDB();
99 103
100 // Indicates that NSS should load the Chaps library so that we 104 // Indicates that NSS should load the Chaps library so that we
101 // can access the TPM through NSS. Once this is called, 105 // can access the TPM through NSS. Once this is called,
102 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. 106 // GetPrivateNSSKeySlot() will return the TPM slot if one was found.
103 CRYPTO_EXPORT void EnableTPMTokenForNSS(); 107 CRYPTO_EXPORT void EnableTPMTokenForNSS();
104 108
109 // Returns true if EnableTPMTokenForNSS has been called.
110 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS();
111
105 // Get name and user PIN for the built-in TPM token on ChromeOS. 112 // Get name and user PIN for the built-in TPM token on ChromeOS.
106 // Either one can safely be NULL. Should only be called after 113 // Either one can safely be NULL. Should only be called after
107 // EnableTPMTokenForNSS has been called with a non-null delegate. 114 // EnableTPMTokenForNSS has been called with a non-null delegate.
108 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name, 115 CRYPTO_EXPORT void GetTPMTokenInfo(std::string* token_name,
109 std::string* user_pin); 116 std::string* user_pin);
110 117
111 // Returns true if the TPM is owned and PKCS#11 initialized with the 118 // Returns true if the TPM is owned and PKCS#11 initialized with the
112 // user and security officer PINs, and has been enabled in NSS by 119 // user and security officer PINs, and has been enabled in NSS by
113 // calling EnableTPMForNSS, and Chaps has been successfully 120 // calling EnableTPMForNSS, and Chaps has been successfully
114 // loaded into NSS. 121 // loaded into NSS.
115 CRYPTO_EXPORT bool IsTPMTokenReady(); 122 CRYPTO_EXPORT bool IsTPMTokenReady();
116 123
124 // Register a callback to be run when the TPM module is loaded.
125 // If the module is already loaded, the |callback| will be run synchronously.
126 CRYPTO_EXPORT void OnTPMReady(const base::Closure& callback);
127
117 // Initialize the TPM token. Does nothing if it is already initialized. 128 // Initialize the TPM token. Does nothing if it is already initialized.
118 CRYPTO_EXPORT bool InitializeTPMToken(const std::string& token_name, 129 CRYPTO_EXPORT bool InitializeTPMToken(const std::string& token_name,
119 const std::string& user_pin); 130 const std::string& user_pin,
131 int token_slot_id);
120 #endif 132 #endif
121 133
122 // Convert a NSS PRTime value into a base::Time object. 134 // Convert a NSS PRTime value into a base::Time object.
123 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. 135 // We use a int64 instead of PRTime here to avoid depending on NSPR headers.
124 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime); 136 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime);
125 137
126 // Convert a base::Time object into a PRTime value. 138 // Convert a base::Time object into a PRTime value.
127 // We use a int64 instead of PRTime here to avoid depending on NSPR headers. 139 // We use a int64 instead of PRTime here to avoid depending on NSPR headers.
128 CRYPTO_EXPORT int64 BaseTimeToPRTime(base::Time time); 140 CRYPTO_EXPORT int64 BaseTimeToPRTime(base::Time time);
129 141
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
164 private: 176 private:
165 base::Lock *lock_; 177 base::Lock *lock_;
166 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); 178 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock);
167 }; 179 };
168 180
169 #endif // defined(USE_NSS) 181 #endif // defined(USE_NSS)
170 182
171 } // namespace crypto 183 } // namespace crypto
172 184
173 #endif // CRYPTO_NSS_UTIL_H_ 185 #endif // CRYPTO_NSS_UTIL_H_
OLDNEW
« no previous file with comments | « content/public/browser/content_browser_client.cc ('k') | crypto/nss_util.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698