OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_NSS_UTIL_H_ | 5 #ifndef CRYPTO_NSS_UTIL_H_ |
6 #define CRYPTO_NSS_UTIL_H_ | 6 #define CRYPTO_NSS_UTIL_H_ |
7 | 7 |
8 #include <string> | 8 #include <string> |
9 #include "base/basictypes.h" | 9 #include "base/basictypes.h" |
10 #include "base/callback.h" | 10 #include "base/callback.h" |
(...skipping 77 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
88 // | 88 // |
89 // Note that this does not load libnssckbi.so which contains the root | 89 // Note that this does not load libnssckbi.so which contains the root |
90 // certificates. | 90 // certificates. |
91 CRYPTO_EXPORT void LoadNSSLibraries(); | 91 CRYPTO_EXPORT void LoadNSSLibraries(); |
92 | 92 |
93 // Check if the current NSS version is greater than or equals to |version|. | 93 // Check if the current NSS version is greater than or equals to |version|. |
94 // A sample version string is "3.12.3". | 94 // A sample version string is "3.12.3". |
95 bool CheckNSSVersion(const char* version); | 95 bool CheckNSSVersion(const char* version); |
96 | 96 |
97 #if defined(OS_CHROMEOS) | 97 #if defined(OS_CHROMEOS) |
98 // Indicates that NSS should load the Chaps library so that we | 98 // Indicates that NSS should use the Chaps library so that we |
99 // can access the TPM through NSS. Once this is called, | 99 // can access the TPM through NSS. InitializeTPMTokenAndSystemSlot and |
100 // GetPrivateNSSKeySlot() will return the TPM slot if one was found. | 100 // InitializeTPMForChromeOSUser must still be called to load the slots. |
101 CRYPTO_EXPORT void EnableTPMTokenForNSS(); | 101 CRYPTO_EXPORT void EnableTPMTokenForNSS(); |
102 | 102 |
103 // Returns true if EnableTPMTokenForNSS has been called. | 103 // Returns true if EnableTPMTokenForNSS has been called. |
104 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS(); | 104 CRYPTO_EXPORT bool IsTPMTokenEnabledForNSS(); |
105 | 105 |
106 // Returns true if the TPM is owned and PKCS#11 initialized with the | 106 // Returns true if the TPM is owned and PKCS#11 initialized with the |
107 // user and security officer PINs, and has been enabled in NSS by | 107 // user and security officer PINs, and has been enabled in NSS by |
108 // calling EnableTPMForNSS, and Chaps has been successfully | 108 // calling EnableTPMForNSS, and Chaps has been successfully |
109 // loaded into NSS. | 109 // loaded into NSS. |
110 // If |callback| is non-null and the function returns false, the |callback| will | 110 // If |callback| is non-null and the function returns false, the |callback| will |
111 // be run once the TPM is ready. |callback| will never be run if the function | 111 // be run once the TPM is ready. |callback| will never be run if the function |
112 // returns true. | 112 // returns true. |
113 CRYPTO_EXPORT bool IsTPMTokenReady(const base::Closure& callback) | 113 CRYPTO_EXPORT bool IsTPMTokenReady(const base::Closure& callback) |
114 WARN_UNUSED_RESULT; | 114 WARN_UNUSED_RESULT; |
115 | 115 |
116 // Initialize the TPM token. The |callback| will run on the same thread with | 116 // Initialize the TPM token and system slot. The |callback| will run on the same |
117 // true if the token and slot were successfully loaded or were already | 117 // thread with true if the token and slot were successfully loaded or were |
118 // initialized. |callback| will be passed false if loading failed. | 118 // already initialized. |callback| will be passed false if loading failed. Once |
119 // Once called, InitializeTPMToken must not be called again until the |callback| | 119 // called, InitializeTPMTokenAndSystemSlot must not be called again until the |
120 // has been run. | 120 // |callback| has been run. |
121 CRYPTO_EXPORT void InitializeTPMToken( | 121 CRYPTO_EXPORT void InitializeTPMTokenAndSystemSlot( |
122 int token_slot_id, | 122 int system_slot_id, |
123 const base::Callback<void(bool)>& callback); | 123 const base::Callback<void(bool)>& callback); |
124 | 124 |
125 // Exposed for unittests only. | 125 // Exposed for unittests only. |
126 class CRYPTO_EXPORT_PRIVATE ScopedTestNSSChromeOSUser { | 126 class CRYPTO_EXPORT_PRIVATE ScopedTestNSSChromeOSUser { |
127 public: | 127 public: |
128 explicit ScopedTestNSSChromeOSUser(const std::string& username_hash); | 128 explicit ScopedTestNSSChromeOSUser(const std::string& username_hash); |
129 ~ScopedTestNSSChromeOSUser(); | 129 ~ScopedTestNSSChromeOSUser(); |
130 | 130 |
131 std::string username_hash() const { return username_hash_; } | 131 std::string username_hash() const { return username_hash_; } |
132 bool constructed_successfully() const { return constructed_successfully_; } | 132 bool constructed_successfully() const { return constructed_successfully_; } |
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
188 private: | 188 private: |
189 base::Lock *lock_; | 189 base::Lock *lock_; |
190 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); | 190 DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock); |
191 }; | 191 }; |
192 | 192 |
193 #endif // defined(USE_NSS) | 193 #endif // defined(USE_NSS) |
194 | 194 |
195 } // namespace crypto | 195 } // namespace crypto |
196 | 196 |
197 #endif // CRYPTO_NSS_UTIL_H_ | 197 #endif // CRYPTO_NSS_UTIL_H_ |
OLD | NEW |