| Index: chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| diff --git a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| index 29b91ffb7be7255fee5d61f82100c73c5a2433b0..b4912e2fcca64cd5292374369a7410aa1d96732e 100644
|
| --- a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| +++ b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc
|
| @@ -8,6 +8,7 @@
|
| #include <stdint.h>
|
|
|
| #include <algorithm>
|
| +#include <memory>
|
| #include <string>
|
| #include <utility>
|
|
|
| @@ -65,18 +66,25 @@ bool IsOwnerInTests(const std::string& user_id) {
|
| return static_cast<const base::Value*>(value)->GetString() == user_id;
|
| }
|
|
|
| -void LoadPrivateKeyByPublicKey(
|
| +void LoadPrivateKeyByPublicKeyOnWorkerThread(
|
| const scoped_refptr<OwnerKeyUtil>& owner_key_util,
|
| - scoped_refptr<PublicKey> public_key,
|
| - const std::string& username_hash,
|
| + crypto::ScopedPK11Slot public_slot,
|
| + crypto::ScopedPK11Slot private_slot,
|
| const base::Callback<void(const scoped_refptr<PublicKey>& public_key,
|
| const scoped_refptr<PrivateKey>& private_key)>&
|
| callback) {
|
| - crypto::EnsureNSSInit();
|
| - crypto::ScopedPK11Slot public_slot =
|
| - crypto::GetPublicSlotForChromeOSUser(username_hash);
|
| - crypto::ScopedPK11Slot private_slot = crypto::GetPrivateSlotForChromeOSUser(
|
| - username_hash, base::Callback<void(crypto::ScopedPK11Slot)>());
|
| + DCHECK(BrowserThread::GetBlockingPool()->RunsTasksOnCurrentThread());
|
| +
|
| + std::vector<uint8_t> public_key_data;
|
| + scoped_refptr<PublicKey> public_key;
|
| + if (!owner_key_util->ImportPublicKey(&public_key_data)) {
|
| + scoped_refptr<PrivateKey> private_key;
|
| + BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
|
| + base::Bind(callback, public_key, private_key));
|
| + return;
|
| + }
|
| + public_key = new PublicKey();
|
| + public_key->data().swap(public_key_data);
|
|
|
| // If private slot is already available, this will check it. If not, we'll get
|
| // called again later when the TPM Token is ready, and the slot will be
|
| @@ -98,36 +106,28 @@ void LoadPrivateKeyByPublicKey(
|
| base::Bind(callback, public_key, private_key));
|
| }
|
|
|
| -void LoadPrivateKey(
|
| +void LoadPrivateKeyOnIOThread(
|
| const scoped_refptr<OwnerKeyUtil>& owner_key_util,
|
| const std::string username_hash,
|
| const base::Callback<void(const scoped_refptr<PublicKey>& public_key,
|
| const scoped_refptr<PrivateKey>& private_key)>&
|
| callback) {
|
| - std::vector<uint8_t> public_key_data;
|
| - scoped_refptr<PublicKey> public_key;
|
| - if (!owner_key_util->ImportPublicKey(&public_key_data)) {
|
| - scoped_refptr<PrivateKey> private_key;
|
| - BrowserThread::PostTask(BrowserThread::UI,
|
| - FROM_HERE,
|
| - base::Bind(callback, public_key, private_key));
|
| - return;
|
| - }
|
| - public_key = new PublicKey();
|
| - public_key->data().swap(public_key_data);
|
| - bool rv = BrowserThread::PostTask(BrowserThread::IO,
|
| - FROM_HERE,
|
| - base::Bind(&LoadPrivateKeyByPublicKey,
|
| - owner_key_util,
|
| - public_key,
|
| - username_hash,
|
| - callback));
|
| - if (!rv) {
|
| - // IO thread doesn't exists in unit tests, but it's safe to use NSS from
|
| - // BlockingPool in unit tests.
|
| - LoadPrivateKeyByPublicKey(
|
| - owner_key_util, public_key, username_hash, callback);
|
| - }
|
| + DCHECK_CURRENTLY_ON(BrowserThread::IO);
|
| +
|
| + crypto::EnsureNSSInit();
|
| + crypto::ScopedPK11Slot public_slot =
|
| + crypto::GetPublicSlotForChromeOSUser(username_hash);
|
| + crypto::ScopedPK11Slot private_slot = crypto::GetPrivateSlotForChromeOSUser(
|
| + username_hash, base::Callback<void(crypto::ScopedPK11Slot)>());
|
| +
|
| + scoped_refptr<base::TaskRunner> task_runner =
|
| + BrowserThread::GetBlockingPool()->GetTaskRunnerWithShutdownBehavior(
|
| + base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
|
| + task_runner->PostTask(
|
| + FROM_HERE,
|
| + base::Bind(&LoadPrivateKeyByPublicKeyOnWorkerThread, owner_key_util,
|
| + base::Passed(std::move(public_slot)),
|
| + base::Passed(std::move(private_slot)), callback));
|
| }
|
|
|
| bool DoesPrivateKeyExistAsyncHelper(
|
| @@ -662,15 +662,18 @@ void OwnerSettingsServiceChromeOS::ReloadKeypairImpl(const base::Callback<
|
|
|
| if (waiting_for_profile_creation_ || waiting_for_tpm_token_)
|
| return;
|
| - scoped_refptr<base::TaskRunner> task_runner =
|
| - BrowserThread::GetBlockingPool()->GetTaskRunnerWithShutdownBehavior(
|
| - base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
|
| - task_runner->PostTask(
|
| - FROM_HERE,
|
| - base::Bind(&LoadPrivateKey,
|
| - owner_key_util_,
|
| - ProfileHelper::GetUserIdHashFromProfile(profile_),
|
| - callback));
|
| +
|
| + bool rv = BrowserThread::PostTask(
|
| + BrowserThread::IO, FROM_HERE,
|
| + base::Bind(&LoadPrivateKeyOnIOThread, owner_key_util_,
|
| + ProfileHelper::GetUserIdHashFromProfile(profile_), callback));
|
| + if (!rv) {
|
| + // IO thread doesn't exists in unit tests, but it's safe to use NSS from
|
| + // BlockingPool in unit tests.
|
| + LoadPrivateKeyOnIOThread(owner_key_util_,
|
| + ProfileHelper::GetUserIdHashFromProfile(profile_),
|
| + callback);
|
| + }
|
| }
|
|
|
| void OwnerSettingsServiceChromeOS::StorePendingChanges() {
|
|
|
Chromium Code Reviews
Issue 2761353003:
Call OwnerKeyUtil::FindPrivateKeyInSlot() in the blocking pool. (Closed)
