OLD | NEW |
---|---|
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chromeos/cert_loader.h" | 5 #include "chromeos/cert_loader.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/location.h" | 10 #include "base/location.h" |
(...skipping 117 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
128 CERTCertificateStr* cert_handle = cert.os_cert_handle(); | 128 CERTCertificateStr* cert_handle = cert.os_cert_handle(); |
129 SECKEYPrivateKey *priv_key = | 129 SECKEYPrivateKey *priv_key = |
130 PK11_FindKeyByAnyCert(cert_handle, NULL /* wincx */); | 130 PK11_FindKeyByAnyCert(cert_handle, NULL /* wincx */); |
131 if (!priv_key) | 131 if (!priv_key) |
132 return std::string(); | 132 return std::string(); |
133 | 133 |
134 // Get the CKA_ID attribute for a key. | 134 // Get the CKA_ID attribute for a key. |
135 SECItem* sec_item = PK11_GetLowLevelKeyIDForPrivateKey(priv_key); | 135 SECItem* sec_item = PK11_GetLowLevelKeyIDForPrivateKey(priv_key); |
136 std::string pkcs11_id; | 136 std::string pkcs11_id; |
137 if (sec_item) { | 137 if (sec_item) { |
138 pkcs11_id = base::HexEncode(sec_item->data, sec_item->len); | 138 PK11SlotInfo* slot = PK11_GetSlotFromPrivateKey(priv_key); |
139 // If the key is on the TPM, include the TPM slot id. | |
pneubeck (no reviews)
2014/06/13 12:40:42
Does that mean, that in tests and in fake non-Chro
| |
140 if (PK11_IsHW(slot)) { | |
141 pkcs11_id = base::IntToString(PK11_GetSlotID(slot)); | |
142 pkcs11_id += ':'; | |
143 } | |
144 PK11_FreeSlot(slot); | |
145 pkcs11_id += base::HexEncode(sec_item->data, sec_item->len); | |
139 SECITEM_FreeItem(sec_item, PR_TRUE); | 146 SECITEM_FreeItem(sec_item, PR_TRUE); |
140 } | 147 } |
141 SECKEY_DestroyPrivateKey(priv_key); | 148 SECKEY_DestroyPrivateKey(priv_key); |
142 | 149 |
143 return pkcs11_id; | 150 return pkcs11_id; |
144 } | 151 } |
145 | 152 |
146 void CertLoader::LoadCertificates() { | 153 void CertLoader::LoadCertificates() { |
147 CHECK(thread_checker_.CalledOnValidThread()); | 154 CHECK(thread_checker_.CalledOnValidThread()); |
148 VLOG(1) << "LoadCertificates: " << certificates_update_running_; | 155 VLOG(1) << "LoadCertificates: " << certificates_update_running_; |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
193 VLOG(1) << "OnCertAdded"; | 200 VLOG(1) << "OnCertAdded"; |
194 LoadCertificates(); | 201 LoadCertificates(); |
195 } | 202 } |
196 | 203 |
197 void CertLoader::OnCertRemoved(const net::X509Certificate* cert) { | 204 void CertLoader::OnCertRemoved(const net::X509Certificate* cert) { |
198 VLOG(1) << "OnCertRemoved"; | 205 VLOG(1) << "OnCertRemoved"; |
199 LoadCertificates(); | 206 LoadCertificates(); |
200 } | 207 } |
201 | 208 |
202 } // namespace chromeos | 209 } // namespace chromeos |
OLD | NEW |