Chromium Code Reviews Chromium Code Reviews
Issue 383593002:
Add GetSystemNSSKeySlot, merge GetPrivateNSSKeySlot/GetPublicNSSKeySlot to GetPersistentNSSKeySlot. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
| 6 #include "crypto/nss_util_internal.h" | 6 #include "crypto/nss_util_internal.h" |
| 7 | 7 |
| 8 #include <nss.h> | 8 #include <nss.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <plarena.h> | 10 #include <plarena.h> |
| (...skipping 606 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 617 if (!test_slot_) | 617 if (!test_slot_) |
| 618 return; | 618 return; |
| 619 SECStatus status = SECMOD_CloseUserDB(test_slot_); | 619 SECStatus status = SECMOD_CloseUserDB(test_slot_); |
| 620 if (status != SECSuccess) | 620 if (status != SECSuccess) |
| 621 PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError(); | 621 PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError(); |
| 622 PK11_FreeSlot(test_slot_); | 622 PK11_FreeSlot(test_slot_); |
| 623 test_slot_ = NULL; | 623 test_slot_ = NULL; |
| 624 ignore_result(g_test_nss_db_dir.Get().Delete()); | 624 ignore_result(g_test_nss_db_dir.Get().Delete()); |
| 625 } | 625 } |
| 626 | 626 |
| 627 PK11SlotInfo* GetPublicNSSKeySlot() { | 627 PK11SlotInfo* GetPersistentNSSKeySlot() { |
| 628 // TODO(mattm): Change to DCHECK when callers have been fixed. | 628 // TODO(mattm): Change to DCHECK when callers have been fixed. |
| 629 if (!thread_checker_.CalledOnValidThread()) { | 629 if (!thread_checker_.CalledOnValidThread()) { |
| 630 DVLOG(1) << "Called on wrong thread.\n" | 630 DVLOG(1) << "Called on wrong thread.\n" |
| 631 << base::debug::StackTrace().ToString(); | 631 << base::debug::StackTrace().ToString(); |
| 632 } | 632 } |
| 633 | 633 |
| 634 if (test_slot_) | 634 if (test_slot_) |
| 635 return PK11_ReferenceSlot(test_slot_); | 635 return PK11_ReferenceSlot(test_slot_); |
| 636 return PK11_GetInternalKeySlot(); | 636 return PK11_GetInternalKeySlot(); |
| 637 } | 637 } |
| 638 | 638 |
| 639 PK11SlotInfo* GetPrivateNSSKeySlot() { | 639 #if defined(OS_CHROMEOS) |
| 640 // TODO(mattm): Change to DCHECK when callers have been fixed. | 640 PK11SlotInfo* GetSystemNSSKeySlot() { |
| 641 if (!thread_checker_.CalledOnValidThread()) { | 641 DCHECK(thread_checker_.CalledOnValidThread()); |
| 642 DVLOG(1) << "Called on wrong thread.\n" | |
| 643 << base::debug::StackTrace().ToString(); | |
| 644 } | |
| 645 | 642 |
| 646 if (test_slot_) | 643 if (test_slot_) |
| 647 return PK11_ReferenceSlot(test_slot_); | 644 return PK11_ReferenceSlot(test_slot_); |
| 648 | 645 |
| 649 #if defined(OS_CHROMEOS) | 646 // TODO(mattm): If the system slot is disabled, InitializeTPMToken would |
|
pneubeck (no reviews)
2014/07/10 09:44:11
I looked for the cause of this.
IIUC, then TPMToke
mattm
2014/07/10 22:20:45
Done.
| |
| 650 if (tpm_token_enabled_for_nss_) { | 647 // have been called with the first user's slot instead. Can that be |
| 651 if (IsTPMTokenReady(base::Closure())) { | 648 // detected and return NULL instead? |
| 652 return PK11_ReferenceSlot(tpm_slot_); | 649 if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure())) |
| 653 } else { | 650 return PK11_ReferenceSlot(tpm_slot_); |
| 654 // If we were supposed to get the hardware token, but were | 651 // If we were supposed to get the hardware token, but were |
| 655 // unable to, return NULL rather than fall back to sofware. | 652 // unable to, return NULL rather than fall back to sofware. |
| 656 return NULL; | 653 return NULL; |
| 657 } | 654 } |
| 658 } | |
| 659 #endif | 655 #endif |
| 660 return PK11_GetInternalKeySlot(); | |
| 661 } | |
| 662 | 656 |
| 663 #if defined(USE_NSS) | 657 #if defined(USE_NSS) |
| 664 base::Lock* write_lock() { | 658 base::Lock* write_lock() { |
| 665 return &write_lock_; | 659 return &write_lock_; |
| 666 } | 660 } |
| 667 #endif // defined(USE_NSS) | 661 #endif // defined(USE_NSS) |
| 668 | 662 |
| 669 // This method is used to force NSS to be initialized without a DB. | 663 // This method is used to force NSS to be initialized without a DB. |
| 670 // Call this method before NSSInitSingleton() is constructed. | 664 // Call this method before NSSInitSingleton() is constructed. |
| 671 static void ForceNoDBInit() { | 665 static void ForceNoDBInit() { |
| (...skipping 390 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1062 SECMOD_GetReadLock(lock_); | 1056 SECMOD_GetReadLock(lock_); |
| 1063 } | 1057 } |
| 1064 | 1058 |
| 1065 AutoSECMODListReadLock::~AutoSECMODListReadLock() { | 1059 AutoSECMODListReadLock::~AutoSECMODListReadLock() { |
| 1066 SECMOD_ReleaseReadLock(lock_); | 1060 SECMOD_ReleaseReadLock(lock_); |
| 1067 } | 1061 } |
| 1068 | 1062 |
| 1069 #endif // defined(USE_NSS) | 1063 #endif // defined(USE_NSS) |
| 1070 | 1064 |
| 1071 #if defined(OS_CHROMEOS) | 1065 #if defined(OS_CHROMEOS) |
| 1066 PK11SlotInfo* GetSystemNSSKeySlot() { | |
| 1067 return g_nss_singleton.Get().GetSystemNSSKeySlot(); | |
| 1068 } | |
| 1069 | |
| 1072 void EnableTPMTokenForNSS() { | 1070 void EnableTPMTokenForNSS() { |
| 1073 g_nss_singleton.Get().EnableTPMTokenForNSS(); | 1071 g_nss_singleton.Get().EnableTPMTokenForNSS(); |
| 1074 } | 1072 } |
| 1075 | 1073 |
| 1076 bool IsTPMTokenEnabledForNSS() { | 1074 bool IsTPMTokenEnabledForNSS() { |
| 1077 return g_nss_singleton.Get().IsTPMTokenEnabledForNSS(); | 1075 return g_nss_singleton.Get().IsTPMTokenEnabledForNSS(); |
| 1078 } | 1076 } |
| 1079 | 1077 |
| 1080 bool IsTPMTokenReady(const base::Closure& callback) { | 1078 bool IsTPMTokenReady(const base::Closure& callback) { |
| 1081 return g_nss_singleton.Get().IsTPMTokenReady(callback); | 1079 return g_nss_singleton.Get().IsTPMTokenReady(callback); |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1150 | 1148 |
| 1151 base::Time PRTimeToBaseTime(PRTime prtime) { | 1149 base::Time PRTimeToBaseTime(PRTime prtime) { |
| 1152 return base::Time::FromInternalValue( | 1150 return base::Time::FromInternalValue( |
| 1153 prtime + base::Time::UnixEpoch().ToInternalValue()); | 1151 prtime + base::Time::UnixEpoch().ToInternalValue()); |
| 1154 } | 1152 } |
| 1155 | 1153 |
| 1156 PRTime BaseTimeToPRTime(base::Time time) { | 1154 PRTime BaseTimeToPRTime(base::Time time) { |
| 1157 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 1155 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
| 1158 } | 1156 } |
| 1159 | 1157 |
| 1160 PK11SlotInfo* GetPublicNSSKeySlot() { | 1158 PK11SlotInfo* GetPersistentNSSKeySlot() { |
| 1161 return g_nss_singleton.Get().GetPublicNSSKeySlot(); | 1159 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
| 1162 } | |
| 1163 | |
| 1164 PK11SlotInfo* GetPrivateNSSKeySlot() { | |
| 1165 return g_nss_singleton.Get().GetPrivateNSSKeySlot(); | |
| 1166 } | 1160 } |
| 1167 | 1161 |
| 1168 } // namespace crypto | 1162 } // namespace crypto |
| OLD | NEW |
