Implemented profile-aware owner key loading.

chrome/browser/chromeos/settings/session_manager_operation.cc

Index: chrome/browser/chromeos/settings/session_manager_operation.cc
diff --git a/chrome/browser/chromeos/settings/session_manager_operation.cc b/chrome/browser/chromeos/settings/session_manager_operation.cc
index b95d28357e9a0d5bc374c2f13e5898320c1e07ee..863bfd23f69d3f42ec8decf434f5d2028c0080d4 100644
--- a/chrome/browser/chromeos/settings/session_manager_operation.cc
+++ b/chrome/browser/chromeos/settings/session_manager_operation.cc
@@ -11,8 +11,11 @@
 #include "base/stl_util.h"
 #include "base/task_runner_util.h"
 #include "base/threading/sequenced_worker_pool.h"
+#include "chrome/browser/chromeos/login/user.h"
+#include "chrome/browser/chromeos/login/user_manager.h"
 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
 #include "chrome/browser/chromeos/settings/owner_key_util.h"
+#include "chrome/browser/net/nss_context.h"
 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
 #include "content/public/browser/browser_thread.h"
 #include "crypto/rsa_private_key.h"
@@ -23,6 +26,20 @@ namespace em = enterprise_management;
 
 namespace chromeos {
 
+namespace {
+
+Profile* GetProfileByUsername(const std::string& username) {
+  if (!UserManager::IsInitialized())
+    return NULL;
+  UserManager* manager = UserManager::Get();
+  const User* user = manager->FindUser(username);
+  if (!user || !user->is_profile_created())
+    return NULL;
+  return manager->GetProfileByUser(user);
+}
+
+}  // namespace
+
 SessionManagerOperation::SessionManagerOperation(const Callback& callback)
     : session_manager_client_(NULL),
       weak_factory_(this),
@@ -71,26 +88,58 @@ void SessionManagerOperation::ReportResult(
 
 void SessionManagerOperation::EnsureOwnerKey(const base::Closure& callback) {
   if (force_key_load_ || !owner_key_.get() || !owner_key_->public_key()) {
-    scoped_refptr<base::TaskRunner> task_runner =
-        content::BrowserThread::GetBlockingPool()->
-        GetTaskRunnerWithShutdownBehavior(
-            base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
-    base::PostTaskAndReplyWithResult(
-        task_runner.get(),
-        FROM_HERE,
-        base::Bind(&SessionManagerOperation::LoadOwnerKey,
-                   owner_key_util_, owner_key_),
-        base::Bind(&SessionManagerOperation::StoreOwnerKey,
-                   weak_factory_.GetWeakPtr(), callback));
+    Profile* profile = GetProfileByUsername(username_);
+    content::ResourceContext* context =
+        profile ? profile->GetResourceContext() : NULL;
+    if (!context) {
+      crypto::ScopedPK11Slot slot;
+      LoadAndStoreOwnerKey(weak_factory_.GetWeakPtr(),
+                           owner_key_util_,
+                           owner_key_,
+                           callback,
+                           slot.Pass());
+    } else {
+      content::BrowserThread::PostTaskAndReplyWithResult(
+          content::BrowserThread::IO,
+          FROM_HERE,
+          base::Bind(&GetPublicNSSKeySlotForResourceContext, context),
+          base::Bind(&SessionManagerOperation::LoadAndStoreOwnerKey,
+                     weak_factory_.GetWeakPtr(),
+                     owner_key_util_,
+                     owner_key_,
+                     callback));
+    }
   } else {
     callback.Run();
   }
 }
 
 // static
+void SessionManagerOperation::LoadAndStoreOwnerKey(
+    base::WeakPtr<SessionManagerOperation> weak_ptr,
+    scoped_refptr<OwnerKeyUtil> util,
+    scoped_refptr<OwnerKey> current_key,
+    const base::Closure& callback,
+    crypto::ScopedPK11Slot slot) {
+  scoped_refptr<base::TaskRunner> task_runner =
+      content::BrowserThread::GetBlockingPool()
+          ->GetTaskRunnerWithShutdownBehavior(
+              base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
+  base::PostTaskAndReplyWithResult(
+      task_runner.get(),
+      FROM_HERE,
+      base::Bind(&SessionManagerOperation::LoadOwnerKey,
+                 util,
+                 current_key,
+                 base::Passed(&slot)),
+      base::Bind(&SessionManagerOperation::StoreOwnerKey, weak_ptr, callback));
+}
+
+// static
 scoped_refptr<OwnerKey> SessionManagerOperation::LoadOwnerKey(
     scoped_refptr<OwnerKeyUtil> util,
-    scoped_refptr<OwnerKey> current_key) {
+    scoped_refptr<OwnerKey> current_key,
+    crypto::ScopedPK11Slot slot) {
   scoped_ptr<std::vector<uint8> > public_key;
   scoped_ptr<crypto::RSAPrivateKey> private_key;
 
@@ -109,7 +158,7 @@ scoped_refptr<OwnerKey> SessionManagerOperation::LoadOwnerKey(
   }
 
   if (public_key.get() && !private_key.get()) {
-    private_key.reset(util->FindPrivateKey(*public_key));
+    private_key.reset(util->FindPrivateKeyInSlot(*public_key, slot.get()));
     if (!private_key.get())
       VLOG(1) << "Failed to load private owner key.";
   }