Add GetSystemNSSKeySlot, merge GetPrivateNSSKeySlot/GetPublicNSSKeySlot to GetPersistentNSSKeySlot.

crypto/nss_util_internal.h

Index: crypto/nss_util_internal.h
diff --git a/crypto/nss_util_internal.h b/crypto/nss_util_internal.h
index 8175604e0dfcf75b54e9e63ca7858e92ca9797f6..e9d4870daf6bb9119e5865d7ac7205f01e1a7e60 100644
--- a/crypto/nss_util_internal.h
+++ b/crypto/nss_util_internal.h
@@ -21,17 +21,11 @@ class FilePath;
 
 namespace crypto {
 
-// Returns a reference to the default NSS key slot for storing
-// public-key data only (e.g. server certs). Caller must release
-// returned reference with PK11_FreeSlot.
-CRYPTO_EXPORT PK11SlotInfo* GetPublicNSSKeySlot() WARN_UNUSED_RESULT;
-
-// Returns a reference to the default slot for storing private-key and
-// mixed private-key/public-key data.  Returns a hardware (TPM) NSS
-// key slot if on ChromeOS and EnableTPMForNSS() has been called
-// successfully. Caller must release returned reference with
-// PK11_FreeSlot.
-CRYPTO_EXPORT PK11SlotInfo* GetPrivateNSSKeySlot() WARN_UNUSED_RESULT;
+// Returns a reference to the default NSS key slot for storing persistent data.
+// Caller must release returned reference with PK11_FreeSlot.
+// TODO(mattm): this should be if !defined(OS_CHROMEOS), but some tests need to
+// be fixed first.
+CRYPTO_EXPORT PK11SlotInfo* GetPersistentNSSKeySlot() WARN_UNUSED_RESULT;
 
 // A helper class that acquires the SECMOD list read lock while the
 // AutoSECMODListReadLock is in scope.
@@ -46,6 +40,10 @@ class CRYPTO_EXPORT AutoSECMODListReadLock {
 };
 
 #if defined(OS_CHROMEOS)
+// Returns a reference to the system-wide TPM slot.  Caller must release
+// returned reference with PK11_FreeSlot.
+CRYPTO_EXPORT PK11SlotInfo* GetSystemNSSKeySlot() WARN_UNUSED_RESULT;
+
 // Prepare per-user NSS slot mapping. It is safe to call this function multiple
 // times. Returns true if the user was added, or false if it already existed.
 CRYPTO_EXPORT bool InitializeNSSForChromeOSUser(