| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_NSS_UTIL_H_ | 5 #ifndef CRYPTO_NSS_UTIL_H_ |
| 6 #define CRYPTO_NSS_UTIL_H_ | 6 #define CRYPTO_NSS_UTIL_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| (...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 88 // | 88 // |
| 89 // Note that this does not load libnssckbi.so which contains the root | 89 // Note that this does not load libnssckbi.so which contains the root |
| 90 // certificates. | 90 // certificates. |
| 91 CRYPTO_EXPORT void LoadNSSLibraries(); | 91 CRYPTO_EXPORT void LoadNSSLibraries(); |
| 92 | 92 |
| 93 // Check if the current NSS version is greater than or equals to |version|. | 93 // Check if the current NSS version is greater than or equals to |version|. |
| 94 // A sample version string is "3.12.3". | 94 // A sample version string is "3.12.3". |
| 95 bool CheckNSSVersion(const char* version); | 95 bool CheckNSSVersion(const char* version); |
| 96 | 96 |
| 97 #if defined(OS_CHROMEOS) | 97 #if defined(OS_CHROMEOS) |
| 98 // Indicates that NSS should load the Chaps library so that we | 98 // Indicates that NSS should use the Chaps library so that we |
| 99 // can access the TPM through NSS. Once this is called, | 99 // can access the TPM through NSS. InitializeTPMTokenAndSystemSlot and |
| 100 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. | 100 // InitializeTPMForChromeOSUser must still be called to load the slots. |
| 101 CRYPTO_EXPORT void EnableTPMTokenForNSS(); | 101 CRYPTO_EXPORT void EnableTPMTokenForNSS(); |
| 102 | 102 |
| 103 // Returns true if EnableTPMTokenForNSS has been called. | 103 // Returns true if EnableTPMTokenForNSS has been called. |
| 104 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS(); | 104 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS(); |
| 105 | 105 |
| 106 // Returns true if the TPM is owned and PKCS#11 initialized with the | 106 // Returns true if the TPM is owned and PKCS#11 initialized with the |
| 107 // user and security officer PINs, and has been enabled in NSS by | 107 // user and security officer PINs, and has been enabled in NSS by |
| 108 // calling EnableTPMForNSS, and Chaps has been successfully | 108 // calling EnableTPMForNSS, and Chaps has been successfully |
| 109 // loaded into NSS. | 109 // loaded into NSS. |
| 110 // If |callback| is non-null and the function returns false, the |callback| will | 110 // If |callback| is non-null and the function returns false, the |callback| will |
| 111 // be run once the TPM is ready. |callback| will never be run if the function | 111 // be run once the TPM is ready. |callback| will never be run if the function |
| 112 // returns true. | 112 // returns true. |
| 113 CRYPTO_EXPORT bool IsTPMTokenReady(const base::Closure& callback) | 113 CRYPTO_EXPORT bool IsTPMTokenReady(const base::Closure& callback) |
| 114 WARN_UNUSED_RESULT; | 114 WARN_UNUSED_RESULT; |
| 115 | 115 |
| 116 // Initialize the TPM token. The |callback| will run on the same thread with | 116 // Initialize the TPM token and system slot. The |callback| will run on the same |
| 117 // true if the token and slot were successfully loaded or were already | 117 // thread with true if the token and slot were successfully loaded or were |
| 118 // initialized. |callback| will be passed false if loading failed. | 118 // already initialized. |callback| will be passed false if loading failed. Once |
| 119 // Once called, InitializeTPMToken must not be called again until the |callback| | 119 // called, InitializeTPMTokenAndSystemSlot must not be called again until the |
| 120 // has been run. | 120 // |callback| has been run. |
| 121 CRYPTO_EXPORT void InitializeTPMToken( | 121 CRYPTO_EXPORT void InitializeTPMTokenAndSystemSlot( |
| 122 int token_slot_id, | 122 int system_slot_id, |
| 123 const base::Callback<void(bool)>& callback); | 123 const base::Callback<void(bool)>& callback); |
| 124 | 124 |
| 125 // Exposed for unittests only. | 125 // Exposed for unittests only. |
| 126 class CRYPTO_EXPORT_PRIVATE ScopedTestNSSChromeOSUser { | 126 class CRYPTO_EXPORT_PRIVATE ScopedTestNSSChromeOSUser { |
| 127 public: | 127 public: |
| 128 explicit ScopedTestNSSChromeOSUser(const std::string& username_hash); | 128 explicit ScopedTestNSSChromeOSUser(const std::string& username_hash); |
| 129 ~ScopedTestNSSChromeOSUser(); | 129 ~ScopedTestNSSChromeOSUser(); |
| 130 | 130 |
| 131 std::string username_hash() const { return username_hash_; } | 131 std::string username_hash() const { return username_hash_; } |
| 132 bool constructed_successfully() const { return constructed_successfully_; } | 132 bool constructed_successfully() const { return constructed_successfully_; } |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 188 private: | 188 private: |
| 189 base::Lock *lock_; | 189 base::Lock *lock_; |
| 190 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); | 190 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
| 191 }; | 191 }; |
| 192 | 192 |
| 193 #endif // defined(USE_NSS) | 193 #endif // defined(USE_NSS) |
| 194 | 194 |
| 195 } // namespace crypto | 195 } // namespace crypto |
| 196 | 196 |
| 197 #endif // CRYPTO_NSS_UTIL_H_ | 197 #endif // CRYPTO_NSS_UTIL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 383593002:
Add GetSystemNSSKeySlot, merge GetPrivateNSSKeySlot/GetPublicNSSKeySlot to GetPersistentNSSKeySlot. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src