OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/net/keygen_handler.h" |
| 6 |
| 7 #include "base/logging.h" |
| 8 #include "base/threading/worker_pool.h" |
| 9 #include "chrome/browser/profiles/profile_io_data.h" |
| 10 #include "chrome/browser/ui/crypto_module_password_dialog.h" |
| 11 #include "crypto/crypto_module_blocking_password_delegate.h" |
| 12 #include "crypto/nss_util.h" |
| 13 #include "crypto/nss_util_internal.h" |
| 14 #include "crypto/scoped_nss_types.h" |
| 15 #include "net/base/keygen_handler.h" |
| 16 |
| 17 namespace { |
| 18 |
| 19 void KeygenOnWorkerThread( |
| 20 int key_size_in_bits, |
| 21 const std::string& challenge, |
| 22 const GURL& url, |
| 23 bool stores_key, |
| 24 crypto::ScopedPK11Slot slot, |
| 25 std::string* result) { |
| 26 scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate> |
| 27 crypto_module_password_delegate( |
| 28 chrome::NewCryptoModuleBlockingDialogDelegate( |
| 29 chrome::kCryptoModulePasswordKeygen, url.host())); |
| 30 // Authenticate to the token. |
| 31 if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE, |
| 32 crypto_module_password_delegate.get())) { |
| 33 LOG(ERROR) << "Couldn't authenticate to private key slot!"; |
| 34 } |
| 35 |
| 36 net::KeygenHandler handler(key_size_in_bits, challenge, url); |
| 37 handler.set_stores_key(stores_key); |
| 38 handler.set_key_slot(slot.Pass()); |
| 39 *result = handler.GenKeyAndSignChallenge(); |
| 40 } |
| 41 |
| 42 } // namespace |
| 43 |
| 44 namespace chrome_browser_net { |
| 45 |
| 46 void Keygen(content::ResourceContext* context, |
| 47 int key_size_in_bits, |
| 48 const std::string& challenge, |
| 49 const GURL& url, |
| 50 bool stores_key, |
| 51 const base::Callback<void(const std::string*)>& callback) { |
| 52 ProfileIOData* io_data = ProfileIOData::FromResourceContext(context); |
| 53 |
| 54 // TODO(mattm): allow choosing which slot to generate and store the key. |
| 55 crypto::ScopedPK11Slot slot(io_data->GetPrivateNSSKeySlot()); |
| 56 if (!slot.get()) { |
| 57 LOG(ERROR) << "Couldn't get private key slot from NSS!"; |
| 58 callback.Run(NULL); |
| 59 return; |
| 60 } |
| 61 |
| 62 VLOG(1) << "Dispatching keygen task to worker pool."; |
| 63 std::string* result(new std::string()); |
| 64 // Dispatch to worker pool, so we do not block the IO thread. |
| 65 if (!base::WorkerPool::PostTaskAndReply( |
| 66 FROM_HERE, |
| 67 base::Bind(&KeygenOnWorkerThread, |
| 68 key_size_in_bits, |
| 69 challenge, |
| 70 url, |
| 71 stores_key, |
| 72 base::Passed(&slot), |
| 73 result), |
| 74 base::Bind(callback, base::Owned(result)), |
| 75 true)) { |
| 76 NOTREACHED() << "Failed to dispatch keygen task to worker pool"; |
| 77 callback.Run(NULL); |
| 78 return; |
| 79 } |
| 80 } |
| 81 |
| 82 } // namespace chrome_browser_net |
OLD | NEW |