*WIP* Store NSS slots per profile. Move keygen to chrome.

net/base/keygen_handler_nss.cc

Index: net/base/keygen_handler_nss.cc
diff --git a/net/base/keygen_handler_nss.cc b/net/base/keygen_handler_nss.cc
index 5e97807866ab3bbfd70e2d32779ad0eb91c8a227..5c447a5b7a9c9d14c136c696a9ba4352dd4a0b3d 100644
--- a/net/base/keygen_handler_nss.cc
+++ b/net/base/keygen_handler_nss.cc
@@ -5,10 +5,6 @@
 #include "net/base/keygen_handler.h"
 
 #include "base/logging.h"
-#include "crypto/crypto_module_blocking_password_delegate.h"
-#include "crypto/nss_util.h"
-#include "crypto/nss_util_internal.h"
-#include "crypto/scoped_nss_types.h"
 #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h"
 
 // PSM = Mozilla's Personal Security Manager.
@@ -17,30 +13,13 @@ namespace psm = mozilla_security_manager;
 namespace net {
 
 std::string KeygenHandler::GenKeyAndSignChallenge() {
-  // Ensure NSS is initialized.
-  crypto::EnsureNSSInit();
-
-  // TODO(mattm): allow choosing which slot to generate and store the key.
-  crypto::ScopedPK11Slot slot(crypto::GetPrivateNSSKeySlot());
-  if (!slot.get()) {
-    LOG(ERROR) << "Couldn't get private key slot from NSS!";
-    return std::string();
-  }
-
-  // Authenticate to the token.
-  if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE,
-                                      crypto_module_password_delegate_.get())) {
-    LOG(ERROR) << "Couldn't authenticate to private key slot!";
-    return std::string();
-  }
-
+  DCHECK(slot_.get());
   return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_,
-                                     slot.get(), stores_key_);
+                                     slot_.get(), stores_key_);
 }
 
-void KeygenHandler::set_crypto_module_password_delegate(
-    crypto::CryptoModuleBlockingPasswordDelegate* delegate) {
-  crypto_module_password_delegate_.reset(delegate);
+void KeygenHandler::set_key_slot(crypto::ScopedPK11Slot slot) {
+  slot_ = slot.Pass();
 }
 
 }  // namespace net