| Index: chrome/browser/net/keygen_handler_nss.cc
|
| diff --git a/chrome/browser/net/keygen_handler_nss.cc b/chrome/browser/net/keygen_handler_nss.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..b501c6e20b9dfe6be111b336cdc0cb5185c80d1b
|
| --- /dev/null
|
| +++ b/chrome/browser/net/keygen_handler_nss.cc
|
| @@ -0,0 +1,87 @@
|
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/net/keygen_handler.h"
|
| +
|
| +#include "base/logging.h"
|
| +#include "base/threading/worker_pool.h"
|
| +#include "chrome/browser/profiles/profile_io_data.h"
|
| +#include "chrome/browser/ui/crypto_module_password_dialog.h"
|
| +#include "crypto/crypto_module_blocking_password_delegate.h"
|
| +#include "crypto/nss_util.h"
|
| +#include "crypto/nss_util_internal.h"
|
| +#include "crypto/scoped_nss_types.h"
|
| +#include "net/base/keygen_handler.h"
|
| +
|
| +namespace {
|
| +
|
| +void KeygenOnWorkerThread(
|
| + int key_size_in_bits,
|
| + const std::string& challenge,
|
| + const GURL& url,
|
| + bool stores_key,
|
| + crypto::ScopedPK11Slot slot,
|
| + std::string* result) {
|
| +
|
| + // XXX simplify this
|
| + scoped_ptr<crypto::CryptoModuleBlockingPasswordDelegate>
|
| + crypto_module_password_delegate(
|
| + chrome::NewCryptoModuleBlockingDialogDelegate(
|
| + chrome::kCryptoModulePasswordKeygen, url.host()));
|
| + // Authenticate to the token.
|
| + if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE,
|
| + crypto_module_password_delegate.get())) {
|
| + LOG(ERROR) << "Couldn't authenticate to private key slot!";
|
| + }
|
| +
|
| + net::KeygenHandler handler(key_size_in_bits, challenge, url);
|
| + handler.set_stores_key(stores_key);
|
| + handler.set_key_slot(slot.Pass());
|
| + *result = handler.GenKeyAndSignChallenge();
|
| +}
|
| +
|
| +} // namespace
|
| +
|
| +namespace chrome {
|
| +
|
| +void Keygen(content::ResourceContext* context,
|
| + int key_size_in_bits,
|
| + const std::string& challenge,
|
| + const GURL& url,
|
| + bool stores_key,
|
| + const base::Callback<void(const std::string*)>& callback) {
|
| + ProfileIOData* io_data = ProfileIOData::FromResourceContext(context);
|
| +
|
| + // Ensure NSS is initialized.
|
| + //crypto::EnsureNSSInit();
|
| +
|
| + // TODO(mattm): allow choosing which slot to generate and store the key.
|
| + crypto::ScopedPK11Slot slot(io_data->GetPrivateNSSKeySlot());
|
| + if (!slot.get()) {
|
| + LOG(ERROR) << "Couldn't get private key slot from NSS!";
|
| + callback.Run(NULL);
|
| + return;
|
| + }
|
| +
|
| + VLOG(1) << "Dispatching keygen task to worker pool.";
|
| + std::string* result(new std::string());
|
| + // Dispatch to worker pool, so we do not block the IO thread.
|
| + if (!base::WorkerPool::PostTaskAndReply(
|
| + FROM_HERE,
|
| + base::Bind(&KeygenOnWorkerThread,
|
| + key_size_in_bits,
|
| + challenge,
|
| + url,
|
| + stores_key,
|
| + base::Passed(&slot),
|
| + result),
|
| + base::Bind(callback, base::Owned(result)),
|
| + true)) {
|
| + NOTREACHED() << "Failed to dispatch keygen task to worker pool";
|
| + callback.Run(NULL);
|
| + return;
|
| + }
|
| +}
|
| +
|
| +} // namespace chrome
|
|
|
Chromium Code Reviews
Issue 18121007:
*WIP* Store NSS slots per profile. Move keygen to chrome. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src