Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(181)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: crypto/nss_crypto_module_delegate.h

Issue 2898573002: Refactor client cert private key handling. (Closed)
Patch Set: . Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« content/public/browser/content_browser_client.h ('K') | « content/shell/browser/shell_content_browser_client.cc ('k') | net/BUILD.gn » ('j') | net/ssl/client_cert_store_mac.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ 5 #ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
6 #define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ 6 #define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
7 7
8 #include <string> 8 #include <string>
9 9
10 #include "base/callback_forward.h" 10 #include "base/callback_forward.h"
11 #include "base/memory/ref_counted.h"
11 #include "crypto/scoped_nss_types.h" 12 #include "crypto/scoped_nss_types.h"
12 13
13 namespace crypto { 14 namespace crypto {
14 15
15 // PK11_SetPasswordFunc is a global setting. An implementation of 16 // PK11_SetPasswordFunc is a global setting. An implementation of
16 // CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the 17 // CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the
17 // user data argument (|wincx|) to relevant NSS functions, which the global 18 // user data argument (|wincx|) to relevant NSS functions, which the global
18 // password handler will call to do the actual work. This delegate should only 19 // password handler will call to do the actual work. This delegate should only
19 // be used in NSS calls on worker threads due to the blocking nature. 20 // be used in NSS calls on worker threads due to the blocking nature.
20 class CryptoModuleBlockingPasswordDelegate { 21 class CryptoModuleBlockingPasswordDelegate
22 : public base::RefCountedThreadSafe<CryptoModuleBlockingPasswordDelegate> {
21 public: 23 public:
22 virtual ~CryptoModuleBlockingPasswordDelegate() {}
23 24
24 // Return a value suitable for passing to the |wincx| argument of relevant NSS 25 // Return a value suitable for passing to the |wincx| argument of relevant NSS
25 // functions. This should be used instead of passing the object pointer 26 // functions. This should be used instead of passing the object pointer
26 // directly to avoid accidentally casting a pointer to a subclass to void* and 27 // directly to avoid accidentally casting a pointer to a subclass to void* and
27 // then casting back to a pointer of the base class 28 // then casting back to a pointer of the base class
28 void* wincx() { return this; } 29 void* wincx() { return this; }
29 30
30 // Requests a password to unlock |slot_name|. The interface is synchronous 31 // Requests a password to unlock |slot_name|. The interface is synchronous
31 // because NSS cannot issue an asynchronous request. |retry| is true if this 32 // because NSS cannot issue an asynchronous request. |retry| is true if this
32 // is a request for the retry and we previously returned the wrong password. 33 // is a request for the retry and we previously returned the wrong password.
33 // The implementation should set |*cancelled| to true if the user cancelled 34 // The implementation should set |*cancelled| to true if the user cancelled
34 // instead of entering a password, otherwise it should return the password the 35 // instead of entering a password, otherwise it should return the password the
35 // user entered. 36 // user entered.
36 virtual std::string RequestPassword(const std::string& slot_name, bool retry, 37 virtual std::string RequestPassword(const std::string& slot_name, bool retry,
37 bool* cancelled) = 0; 38 bool* cancelled) = 0;
39
40 protected:
41 friend class base::RefCountedThreadSafe<CryptoModuleBlockingPasswordDelegate>;
42
43 virtual ~CryptoModuleBlockingPasswordDelegate() {}
38 }; 44 };
39 45
40 // Extends CryptoModuleBlockingPasswordDelegate with the ability to return a 46 // Extends CryptoModuleBlockingPasswordDelegate with the ability to return a
41 // slot in which to act. (Eg, which slot to store a generated key in.) 47 // slot in which to act. (Eg, which slot to store a generated key in.)
42 class NSSCryptoModuleDelegate : public CryptoModuleBlockingPasswordDelegate { 48 class NSSCryptoModuleDelegate : public CryptoModuleBlockingPasswordDelegate {
43 public: 49 public:
44 ~NSSCryptoModuleDelegate() override {}
45
46 // Get the slot to store the generated key. 50 // Get the slot to store the generated key.
47 virtual ScopedPK11Slot RequestSlot() = 0; 51 virtual ScopedPK11Slot RequestSlot() = 0;
52
53 protected:
54 friend class base::RefCountedThreadSafe<NSSCryptoModuleDelegate>;
55
56 ~NSSCryptoModuleDelegate() override {}
48 }; 57 };
49 58
50 } // namespace crypto 59 } // namespace crypto
51 60
52 #endif // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ 61 #endif // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
OLDNEW
« content/public/browser/content_browser_client.h ('K') | « content/shell/browser/shell_content_browser_client.cc ('k') | net/BUILD.gn » ('j') | net/ssl/client_cert_store_mac.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698