| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/cert_loader.h" | 5 #include "chromeos/cert_loader.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/chromeos/chromeos_version.h" | 9 #include "base/chromeos/chromeos_version.h" |
| 10 #include "base/message_loop/message_loop_proxy.h" | 10 #include "base/message_loop/message_loop_proxy.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 LoginState::Get()->AddObserver(this); | 103 LoginState::Get()->AddObserver(this); |
| 104 } | 104 } |
| 105 | 105 |
| 106 void CertLoader::SetCryptoTaskRunner( | 106 void CertLoader::SetCryptoTaskRunner( |
| 107 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner) { | 107 const scoped_refptr<base::SequencedTaskRunner>& crypto_task_runner) { |
| 108 crypto_task_runner_ = crypto_task_runner; | 108 crypto_task_runner_ = crypto_task_runner; |
| 109 MaybeRequestCertificates(); | 109 MaybeRequestCertificates(); |
| 110 } | 110 } |
| 111 | 111 |
| 112 void CertLoader::SetSlowTaskRunnerForTest( | 112 void CertLoader::SetSlowTaskRunnerForTest( |
| 113 const scoped_refptr<base::SequencedTaskRunner>& task_runner) { | 113 const scoped_refptr<base::TaskRunner>& task_runner) { |
| 114 slow_task_runner_for_test_ = task_runner; | 114 slow_task_runner_for_test_ = task_runner; |
| 115 } | 115 } |
| 116 | 116 |
| 117 CertLoader::~CertLoader() { | 117 CertLoader::~CertLoader() { |
| 118 net::CertDatabase::GetInstance()->RemoveObserver(this); | 118 net::CertDatabase::GetInstance()->RemoveObserver(this); |
| 119 if (LoginState::IsInitialized()) | 119 if (LoginState::IsInitialized()) |
| 120 LoginState::Get()->RemoveObserver(this); | 120 LoginState::Get()->RemoveObserver(this); |
| 121 } | 121 } |
| 122 | 122 |
| 123 void CertLoader::AddObserver(CertLoader::Observer* observer) { | 123 void CertLoader::AddObserver(CertLoader::Observer* observer) { |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 231 tpm_request_delay_); | 231 tpm_request_delay_); |
| 232 tpm_request_delay_ = GetNextRequestDelayMs(tpm_request_delay_); | 232 tpm_request_delay_ = GetNextRequestDelayMs(tpm_request_delay_); |
| 233 } | 233 } |
| 234 | 234 |
| 235 void CertLoader::OnPersistentNSSDBOpened() { | 235 void CertLoader::OnPersistentNSSDBOpened() { |
| 236 VLOG(1) << "PersistentNSSDBOpened"; | 236 VLOG(1) << "PersistentNSSDBOpened"; |
| 237 tpm_token_state_ = TPM_DB_OPENED; | 237 tpm_token_state_ = TPM_DB_OPENED; |
| 238 InitializeTokenAndLoadCertificates(); | 238 InitializeTokenAndLoadCertificates(); |
| 239 } | 239 } |
| 240 | 240 |
| 241 // This is copied from chrome/common/net/x509_certificate_model_nss.cc. |
| 241 // For background see this discussion on dev-tech-crypto.lists.mozilla.org: | 242 // For background see this discussion on dev-tech-crypto.lists.mozilla.org: |
| 242 // http://web.archiveorange.com/archive/v/6JJW7E40sypfZGtbkzxX | 243 // http://web.archiveorange.com/archive/v/6JJW7E40sypfZGtbkzxX |
| 243 // | 244 // |
| 244 // NOTE: This function relies on the convention that the same PKCS#11 ID | 245 // NOTE: This function relies on the convention that the same PKCS#11 ID |
| 245 // is shared between a certificate and its associated private and public | 246 // is shared between a certificate and its associated private and public |
| 246 // keys. I tried to implement this with PK11_GetLowLevelKeyIDForCert(), | 247 // keys. I tried to implement this with PK11_GetLowLevelKeyIDForCert(), |
| 247 // but that always returns NULL on Chrome OS for me. | 248 // but that always returns NULL on Chrome OS for me. |
| 248 std::string CertLoader::GetPkcs11IdForCert( | |
| 249 const net::X509Certificate& cert) const { | |
| 250 if (!IsHardwareBacked()) | |
| 251 return std::string(); | |
| 252 | 249 |
| 250 // static |
| 251 std::string CertLoader::GetPkcs11IdForCert(const net::X509Certificate& cert) { |
| 253 CERTCertificateStr* cert_handle = cert.os_cert_handle(); | 252 CERTCertificateStr* cert_handle = cert.os_cert_handle(); |
| 254 SECKEYPrivateKey *priv_key = | 253 SECKEYPrivateKey *priv_key = |
| 255 PK11_FindKeyByAnyCert(cert_handle, NULL /* wincx */); | 254 PK11_FindKeyByAnyCert(cert_handle, NULL /* wincx */); |
| 256 if (!priv_key) | 255 if (!priv_key) |
| 257 return std::string(); | 256 return std::string(); |
| 258 | 257 |
| 259 // Get the CKA_ID attribute for a key. | 258 // Get the CKA_ID attribute for a key. |
| 260 SECItem* sec_item = PK11_GetLowLevelKeyIDForPrivateKey(priv_key); | 259 SECItem* sec_item = PK11_GetLowLevelKeyIDForPrivateKey(priv_key); |
| 261 std::string pkcs11_id; | 260 std::string pkcs11_id; |
| 262 if (sec_item) { | 261 if (sec_item) { |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 382 VLOG(1) << "OnCertRemoved"; | 381 VLOG(1) << "OnCertRemoved"; |
| 383 StartLoadCertificates(); | 382 StartLoadCertificates(); |
| 384 } | 383 } |
| 385 | 384 |
| 386 void CertLoader::LoggedInStateChanged(LoginState::LoggedInState state) { | 385 void CertLoader::LoggedInStateChanged(LoginState::LoggedInState state) { |
| 387 VLOG(1) << "LoggedInStateChanged: " << state; | 386 VLOG(1) << "LoggedInStateChanged: " << state; |
| 388 MaybeRequestCertificates(); | 387 MaybeRequestCertificates(); |
| 389 } | 388 } |
| 390 | 389 |
| 391 } // namespace chromeos | 390 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 22588002:
Refactor the client certificate code in chromeos/network/. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src