*WIP* Store NSS slots per profile. Move keygen to chrome.

content/browser/net/keygen_handler.cc

+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "content/browser/net/keygen_handler.h"
+
+#include "base/bind.h"
+#include "base/task_runner_util.h"
+#include "base/threading/worker_pool.h"
+#include "content/public/browser/browser_thread.h"
+#include "content/public/browser/content_browser_client.h"
+#include "content/public/browser/resource_context.h"
+#include "content/public/common/content_client.h"
+#include "net/base/keygen_handler.h"
+
+#if defined(USE_NSS)
+#include "content/public/browser/nss_context.h"
+#endif
+
+namespace content {
+
+namespace {
+
+std::string GenerateKeyOnWorkerThread(
+    int key_size_in_bits,
+    const std::string& challenge,
+    const GURL& url
+#if defined(USE_NSS)
+    , crypto::ScopedPK11Slot slot
+#endif
+    ) {
+  // Generate a signed public key and challenge, then send it back.
+  net::KeygenHandler keygen_handler(key_size_in_bits, challenge, url);
+
+#if defined(USE_NSS)
+  // Set slot and attach password delegate so we can authenticate.
+  keygen_handler.set_key_slot(
+      slot.Pass(),
+      GetContentClient()->browser()->GetCryptoPasswordDelegate(url));
+#endif  // defined(USE_NSS)
+
+  return keygen_handler.GenKeyAndSignChallenge();
+}
+
+void PostGenerateKeyTask(
+    int key_size_in_bits,
+    const std::string& challenge,
+    const GURL& url,
+    const base::Callback<void(const std::string&)>& callback
+#if defined(USE_NSS)
+    , crypto::ScopedPK11Slot slot
+#endif
+    ) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+  VLOG(1) << "Dispatching keygen task to worker pool.";
+  // Dispatch to worker pool, so we do not block the IO thread.
+  if (!base::PostTaskAndReplyWithResult(base::WorkerPool::GetTaskRunner(true),
+                                        FROM_HERE,
+                                        base::Bind(GenerateKeyOnWorkerThread,
+                                                   key_size_in_bits,
+                                                   challenge,
+                                                   url
+#if defined(USE_NSS)
+                                                   , base::Passed(&slot)
+#endif
+                                                   ),
+                                        callback)) {
+    NOTREACHED() << "Failed to dispatch keygen task to worker pool";
+    callback.Run(NULL);
+  }
+}
+
+}  // namespace
+
+void GenerateKey(ResourceContext* context,
+                 int key_size_in_bits,
+                 const std::string& challenge,
+                 const GURL& url,
+                 const base::Callback<void(const std::string&)>& callback) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
+#if defined(USE_NSS)
+  // TODO(mattm): allow choosing which slot to generate and store the key.
+  OnPrivateNSSKeySlotForResourceContextReady(context,
+                                             base::Bind(&PostGenerateKeyTask,
+                                                        key_size_in_bits,
+                                                        challenge,
+                                                        url,
+                                                        callback));
+#else
+  PostGenerateKeyTask(key_size_in_bits, challenge, url, stores_key, callback);
+#endif
+}
+
+}  // namespace content