OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
6 #include "crypto/nss_util_internal.h" | 6 #include "crypto/nss_util_internal.h" |
7 | 7 |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
10 #include <plarena.h> | 10 #include <plarena.h> |
(...skipping 606 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
617 if (!test_slot_) | 617 if (!test_slot_) |
618 return; | 618 return; |
619 SECStatus status = SECMOD_CloseUserDB(test_slot_); | 619 SECStatus status = SECMOD_CloseUserDB(test_slot_); |
620 if (status != SECSuccess) | 620 if (status != SECSuccess) |
621 PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError(); | 621 PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError(); |
622 PK11_FreeSlot(test_slot_); | 622 PK11_FreeSlot(test_slot_); |
623 test_slot_ = NULL; | 623 test_slot_ = NULL; |
624 ignore_result(g_test_nss_db_dir.Get().Delete()); | 624 ignore_result(g_test_nss_db_dir.Get().Delete()); |
625 } | 625 } |
626 | 626 |
627 PK11SlotInfo* GetPublicNSSKeySlot() { | 627 PK11SlotInfo* GetPersistentNSSKeySlot() { |
628 // TODO(mattm): Change to DCHECK when callers have been fixed. | 628 // TODO(mattm): Change to DCHECK when callers have been fixed. |
629 if (!thread_checker_.CalledOnValidThread()) { | 629 if (!thread_checker_.CalledOnValidThread()) { |
630 DVLOG(1) << "Called on wrong thread.\n" | 630 DVLOG(1) << "Called on wrong thread.\n" |
631 << base::debug::StackTrace().ToString(); | 631 << base::debug::StackTrace().ToString(); |
632 } | 632 } |
633 | 633 |
634 if (test_slot_) | 634 if (test_slot_) |
635 return PK11_ReferenceSlot(test_slot_); | 635 return PK11_ReferenceSlot(test_slot_); |
636 return PK11_GetInternalKeySlot(); | 636 return PK11_GetInternalKeySlot(); |
637 } | 637 } |
638 | 638 |
639 PK11SlotInfo* GetPrivateNSSKeySlot() { | 639 #if defined(OS_CHROMEOS) |
640 // TODO(mattm): Change to DCHECK when callers have been fixed. | 640 PK11SlotInfo* GetSystemNSSKeySlot() { |
641 if (!thread_checker_.CalledOnValidThread()) { | 641 DCHECK(thread_checker_.CalledOnValidThread()); |
642 DVLOG(1) << "Called on wrong thread.\n" | |
643 << base::debug::StackTrace().ToString(); | |
644 } | |
645 | 642 |
646 if (test_slot_) | 643 if (test_slot_) |
647 return PK11_ReferenceSlot(test_slot_); | 644 return PK11_ReferenceSlot(test_slot_); |
648 | 645 |
649 #if defined(OS_CHROMEOS) | 646 // TODO(mattm): If the system slot is disabled, InitializeTPMToken would |
pneubeck (no reviews)
2014/07/10 09:44:11
I looked for the cause of this.
IIUC, then TPMToke
mattm
2014/07/10 22:20:45
Done.
| |
650 if (tpm_token_enabled_for_nss_) { | 647 // have been called with the first user's slot instead. Can that be |
651 if (IsTPMTokenReady(base::Closure())) { | 648 // detected and return NULL instead? |
652 return PK11_ReferenceSlot(tpm_slot_); | 649 if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure())) |
653 } else { | 650 return PK11_ReferenceSlot(tpm_slot_); |
654 // If we were supposed to get the hardware token, but were | 651 // If we were supposed to get the hardware token, but were |
655 // unable to, return NULL rather than fall back to sofware. | 652 // unable to, return NULL rather than fall back to sofware. |
656 return NULL; | 653 return NULL; |
657 } | 654 } |
658 } | |
659 #endif | 655 #endif |
660 return PK11_GetInternalKeySlot(); | |
661 } | |
662 | 656 |
663 #if defined(USE_NSS) | 657 #if defined(USE_NSS) |
664 base::Lock* write_lock() { | 658 base::Lock* write_lock() { |
665 return &write_lock_; | 659 return &write_lock_; |
666 } | 660 } |
667 #endif // defined(USE_NSS) | 661 #endif // defined(USE_NSS) |
668 | 662 |
669 // This method is used to force NSS to be initialized without a DB. | 663 // This method is used to force NSS to be initialized without a DB. |
670 // Call this method before NSSInitSingleton() is constructed. | 664 // Call this method before NSSInitSingleton() is constructed. |
671 static void ForceNoDBInit() { | 665 static void ForceNoDBInit() { |
(...skipping 390 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1062 SECMOD_GetReadLock(lock_); | 1056 SECMOD_GetReadLock(lock_); |
1063 } | 1057 } |
1064 | 1058 |
1065 AutoSECMODListReadLock::~AutoSECMODListReadLock() { | 1059 AutoSECMODListReadLock::~AutoSECMODListReadLock() { |
1066 SECMOD_ReleaseReadLock(lock_); | 1060 SECMOD_ReleaseReadLock(lock_); |
1067 } | 1061 } |
1068 | 1062 |
1069 #endif // defined(USE_NSS) | 1063 #endif // defined(USE_NSS) |
1070 | 1064 |
1071 #if defined(OS_CHROMEOS) | 1065 #if defined(OS_CHROMEOS) |
1066 PK11SlotInfo* GetSystemNSSKeySlot() { | |
1067 return g_nss_singleton.Get().GetSystemNSSKeySlot(); | |
1068 } | |
1069 | |
1072 void EnableTPMTokenForNSS() { | 1070 void EnableTPMTokenForNSS() { |
1073 g_nss_singleton.Get().EnableTPMTokenForNSS(); | 1071 g_nss_singleton.Get().EnableTPMTokenForNSS(); |
1074 } | 1072 } |
1075 | 1073 |
1076 bool IsTPMTokenEnabledForNSS() { | 1074 bool IsTPMTokenEnabledForNSS() { |
1077 return g_nss_singleton.Get().IsTPMTokenEnabledForNSS(); | 1075 return g_nss_singleton.Get().IsTPMTokenEnabledForNSS(); |
1078 } | 1076 } |
1079 | 1077 |
1080 bool IsTPMTokenReady(const base::Closure& callback) { | 1078 bool IsTPMTokenReady(const base::Closure& callback) { |
1081 return g_nss_singleton.Get().IsTPMTokenReady(callback); | 1079 return g_nss_singleton.Get().IsTPMTokenReady(callback); |
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
1150 | 1148 |
1151 base::Time PRTimeToBaseTime(PRTime prtime) { | 1149 base::Time PRTimeToBaseTime(PRTime prtime) { |
1152 return base::Time::FromInternalValue( | 1150 return base::Time::FromInternalValue( |
1153 prtime + base::Time::UnixEpoch().ToInternalValue()); | 1151 prtime + base::Time::UnixEpoch().ToInternalValue()); |
1154 } | 1152 } |
1155 | 1153 |
1156 PRTime BaseTimeToPRTime(base::Time time) { | 1154 PRTime BaseTimeToPRTime(base::Time time) { |
1157 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 1155 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
1158 } | 1156 } |
1159 | 1157 |
1160 PK11SlotInfo* GetPublicNSSKeySlot() { | 1158 PK11SlotInfo* GetPersistentNSSKeySlot() { |
1161 return g_nss_singleton.Get().GetPublicNSSKeySlot(); | 1159 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
1162 } | |
1163 | |
1164 PK11SlotInfo* GetPrivateNSSKeySlot() { | |
1165 return g_nss_singleton.Get().GetPrivateNSSKeySlot(); | |
1166 } | 1160 } |
1167 | 1161 |
1168 } // namespace crypto | 1162 } // namespace crypto |
OLD | NEW |