Extract ScopedTestNSSDB from nss_util.

crypto/nss_util.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/nss_util.h"
 #include "crypto/nss_util_internal.h"
 
 #include <nss.h>
 #include <pk11pub.h>
 #include <plarena.h>
@@ skipping 32 matching lines @@
 #include "base/threading/worker_pool.h"
 #include "build/build_config.h"
 
 // USE_NSS means we use NSS for everything crypto-related.  If USE_NSS is not
 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't
 // use NSS for crypto or certificate verification, and we don't use the NSS
 // certificate and key databases.
 #if defined(USE_NSS)
 #include "base/synchronization/lock.h"
 #include "crypto/nss_crypto_module_delegate.h"
+#include "crypto/scoped_test_nss_db.h"
 #endif  // defined(USE_NSS)
 
 namespace crypto {
 
 namespace {
 
 #if defined(OS_CHROMEOS)
 const char kUserNSSDatabaseName[] = "UserNSSDB";
 
 // Constants for loading the Chrome OS TPM-backed PKCS #11 library.
@@ skipping 128 matching lines @@
     PL_ArenaFinish();
     PRStatus prstatus = PR_Cleanup();
     if (prstatus != PR_SUCCESS)
       LOG(ERROR) << "PR_Cleanup failed; was NSPR initialized on wrong thread?";
   }
 };
 
 base::LazyInstance<NSPRInitSingleton>::Leaky
     g_nspr_singleton = LAZY_INSTANCE_INITIALIZER;
 
-// This is a LazyInstance so that it will be deleted automatically when the
-// unittest exits.  NSSInitSingleton is a LeakySingleton, so it would not be
-// deleted if it were a regular member.
-base::LazyInstance<base::ScopedTempDir> g_test_nss_db_dir =
-    LAZY_INSTANCE_INITIALIZER;
-
 // Force a crash with error info on NSS_NoDB_Init failure.
 void CrashOnNSSInitFailure() {
   int nss_error = PR_GetError();
   int os_error = PR_GetOSError();
   base::debug::Alias(&nss_error);
   base::debug::Alias(&os_error);
   LOG(ERROR) << "Error initializing NSS without a persistent database: "
              << GetNSSErrorMessage();
   LOG(FATAL) << "nss_error=" << nss_error << ", os_error=" << os_error;
 }
@@ skipping 63 matching lines @@
  public:
 #if defined(OS_CHROMEOS)
   // Used with PostTaskAndReply to pass handles to worker thread and back.
   struct TPMModuleAndSlot {
     explicit TPMModuleAndSlot(SECMODModule* init_chaps_module)
         : chaps_module(init_chaps_module), tpm_slot(NULL) {}
     SECMODModule* chaps_module;
     PK11SlotInfo* tpm_slot;
   };
 
-  PK11SlotInfo* OpenPersistentNSSDBForPath(const std::string& db_name,
-                                           const base::FilePath& path) {
+  ScopedPK11Slot OpenPersistentNSSDBForPath(const std::string& db_name,
+                                            const base::FilePath& path) {
     DCHECK(thread_checker_.CalledOnValidThread());
     // NSS is allowed to do IO on the current thread since dispatching
     // to a dedicated thread would still have the affect of blocking
     // the current thread, due to NSS's internal locking requirements
     base::ThreadRestrictions::ScopedAllowIO allow_io;
 
     base::FilePath nssdb_path = path.AppendASCII(".pki").AppendASCII("nssdb");
     if (!base::CreateDirectory(nssdb_path)) {
       LOG(ERROR) << "Failed to create " << nssdb_path.value() << " directory.";
-      return NULL;
+      return ScopedPK11Slot();
     }
-    return OpenUserDB(nssdb_path, db_name);
+    return OpenSoftwareNSSDB(nssdb_path, db_name);
   }
 
   void EnableTPMTokenForNSS() {
     DCHECK(thread_checker_.CalledOnValidThread());
 
     // If this gets set, then we'll use the TPM for certs with
     // private keys, otherwise we'll fall back to the software
     // implementation.
     tpm_token_enabled_for_nss_ = true;
   }
@@ skipping 72 matching lines @@
 
   void OnInitializedTPMTokenAndSystemSlot(
       const base::Callback<void(bool)>& callback,
       scoped_ptr<TPMModuleAndSlot> tpm_args) {
     DCHECK(thread_checker_.CalledOnValidThread());
     DVLOG(2) << "Loaded chaps: " << !!tpm_args->chaps_module
              << ", got tpm slot: " << !!tpm_args->tpm_slot;
 
     chaps_module_ = tpm_args->chaps_module;
     tpm_slot_ = tpm_args->tpm_slot;
-    if (!chaps_module_ && test_slot_) {
+    if (!chaps_module_ && test_system_slot_) {
       // chromeos_unittests try to test the TPM initialization process. If we
       // have a test DB open, pretend that it is the TPM slot.
-      tpm_slot_ = PK11_ReferenceSlot(test_slot_);
+      tpm_slot_ = PK11_ReferenceSlot(test_system_slot_.get());
     }
     initializing_tpm_token_ = false;
 
     if (tpm_slot_) {
       TPMReadyCallbackList callback_list;
       callback_list.swap(tpm_ready_callback_list_);
       for (TPMReadyCallbackList::iterator i = callback_list.begin();
            i != callback_list.end();
            ++i) {
         (*i).Run();
@@ skipping 46 matching lines @@
       const std::string& email,
       const std::string& username_hash,
       const base::FilePath& path) {
     DCHECK(thread_checker_.CalledOnValidThread());
     if (chromeos_user_map_.find(username_hash) != chromeos_user_map_.end()) {
       // This user already exists in our mapping.
       DVLOG(2) << username_hash << " already initialized.";
       return false;
     }
 
-    // If test slot is set, slot getter methods will short circuit
-    // checking |chromeos_user_map_|, so there is nothing left to be
-    // initialized.
-    if (test_slot_)
-      return false;
-
     DVLOG(2) << "Opening NSS DB " << path.value();
     std::string db_name = base::StringPrintf(
         "%s %s", kUserNSSDatabaseName, username_hash.c_str());
     ScopedPK11Slot public_slot(OpenPersistentNSSDBForPath(db_name, path));
     chromeos_user_map_[username_hash] =
         new ChromeOSUserData(public_slot.Pass());
     return true;
   }
 
   bool ShouldInitializeTPMForChromeOSUser(const std::string& username_hash) {
@@ skipping 62 matching lines @@
 
   ScopedPK11Slot GetPublicSlotForChromeOSUser(
       const std::string& username_hash) {
     DCHECK(thread_checker_.CalledOnValidThread());
 
     if (username_hash.empty()) {
       DVLOG(2) << "empty username_hash";
       return ScopedPK11Slot();
     }
 
-    if (test_slot_) {
-      DVLOG(2) << "returning test_slot_ for " << username_hash;
-      return ScopedPK11Slot(PK11_ReferenceSlot(test_slot_));
-    }
-
     if (chromeos_user_map_.find(username_hash) == chromeos_user_map_.end()) {
       LOG(ERROR) << username_hash << " not initialized.";
       return ScopedPK11Slot();
     }
     return chromeos_user_map_[username_hash]->GetPublicSlot();
   }
 
   ScopedPK11Slot GetPrivateSlotForChromeOSUser(
       const std::string& username_hash,
       const base::Callback<void(ScopedPK11Slot)>& callback) {
     DCHECK(thread_checker_.CalledOnValidThread());
 
     if (username_hash.empty()) {
       DVLOG(2) << "empty username_hash";
       if (!callback.is_null()) {
         base::MessageLoop::current()->PostTask(
             FROM_HERE, base::Bind(callback, base::Passed(ScopedPK11Slot())));
       }
       return ScopedPK11Slot();
     }
 
     DCHECK(chromeos_user_map_.find(username_hash) != chromeos_user_map_.end());
 
-    if (test_slot_) {
-      DVLOG(2) << "returning test_slot_ for " << username_hash;
-      return ScopedPK11Slot(PK11_ReferenceSlot(test_slot_));
-    }
-
     return chromeos_user_map_[username_hash]->GetPrivateSlot(callback);
   }
 
-  void CloseTestChromeOSUser(const std::string& username_hash) {
+  void CloseChromeOSUserForTesting(const std::string& username_hash) {
     DCHECK(thread_checker_.CalledOnValidThread());
     ChromeOSUserMap::iterator i = chromeos_user_map_.find(username_hash);
     DCHECK(i != chromeos_user_map_.end());
     delete i->second;
     chromeos_user_map_.erase(i);
   }
+
+  void SetTestSystemKeySlot(ScopedPK11Slot slot) {
+    // Ensure that a previous value of test_system_slot_ is not overwritten.
+    // Unsetting, i.e. setting a NULL, however is allowed.
+    DCHECK(!slot || !test_system_slot_);
+    test_system_slot_ = slot.Pass();
+  }
 #endif  // defined(OS_CHROMEOS)
 
-
-  bool OpenTestNSSDB() {
-    DCHECK(thread_checker_.CalledOnValidThread());
-    // NSS is allowed to do IO on the current thread since dispatching
-    // to a dedicated thread would still have the affect of blocking
-    // the current thread, due to NSS's internal locking requirements
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
-
-    if (test_slot_)
-      return true;
-    if (!g_test_nss_db_dir.Get().CreateUniqueTempDir())
-      return false;
-    test_slot_ = OpenUserDB(g_test_nss_db_dir.Get().path(), kTestTPMTokenName);
-    return !!test_slot_;
-  }
-
-  void CloseTestNSSDB() {
-    DCHECK(thread_checker_.CalledOnValidThread());
-    // NSS is allowed to do IO on the current thread since dispatching
-    // to a dedicated thread would still have the affect of blocking
-    // the current thread, due to NSS's internal locking requirements
-    base::ThreadRestrictions::ScopedAllowIO allow_io;
-
-    if (!test_slot_)
-      return;
-    SECStatus status = SECMOD_CloseUserDB(test_slot_);
-    if (status != SECSuccess)
-      PLOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError();
-    PK11_FreeSlot(test_slot_);
-    test_slot_ = NULL;
-    ignore_result(g_test_nss_db_dir.Get().Delete());
-  }
-
+#if !defined(OS_CHROMEOS)
   PK11SlotInfo* GetPersistentNSSKeySlot() {
     // TODO(mattm): Change to DCHECK when callers have been fixed.
     if (!thread_checker_.CalledOnValidThread()) {
       DVLOG(1) << "Called on wrong thread.\n"
                << base::debug::StackTrace().ToString();
     }
 
-    if (test_slot_)
-      return PK11_ReferenceSlot(test_slot_);
     return PK11_GetInternalKeySlot();
   }
+#endif
 
 #if defined(OS_CHROMEOS)
   PK11SlotInfo* GetSystemNSSKeySlot() {
     DCHECK(thread_checker_.CalledOnValidThread());
 
-    if (test_slot_)
-      return PK11_ReferenceSlot(test_slot_);
-
     // TODO(mattm): chromeos::TPMTokenloader always calls
     // InitializeTPMTokenAndSystemSlot with slot 0.  If the system slot is
     // disabled, tpm_slot_ will be the first user's slot instead. Can that be
     // detected and return NULL instead?
     if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure()))
       return PK11_ReferenceSlot(tpm_slot_);
     // If we were supposed to get the hardware token, but were
     // unable to, return NULL rather than fall back to sofware.
     return NULL;
   }
@@ skipping 11 matching lines @@
     force_nodb_init_ = true;
   }
 
  private:
   friend struct base::DefaultLazyInstanceTraits<NSSInitSingleton>;
 
   NSSInitSingleton()
       : tpm_token_enabled_for_nss_(false),
         initializing_tpm_token_(false),
         chaps_module_(NULL),
-        test_slot_(NULL),
         tpm_slot_(NULL),
         root_(NULL) {
     base::TimeTicks start_time = base::TimeTicks::Now();
 
     // It's safe to construct on any thread, since LazyInstance will prevent any
     // other threads from accessing until the constructor is done.
     thread_checker_.DetachFromThread();
 
     DisableAESNIIfNeeded();
 
@@ skipping 101 matching lines @@
   // prevent non-joinable threads from using NSS after it's already been shut
   // down.
   ~NSSInitSingleton() {
 #if defined(OS_CHROMEOS)
     STLDeleteValues(&chromeos_user_map_);
 #endif
     if (tpm_slot_) {
       PK11_FreeSlot(tpm_slot_);
       tpm_slot_ = NULL;
     }
-    CloseTestNSSDB();
     if (root_) {
       SECMOD_UnloadUserModule(root_);
       SECMOD_DestroyModule(root_);
       root_ = NULL;
     }
     if (chaps_module_) {
       SECMOD_UnloadUserModule(chaps_module_);
       SECMOD_DestroyModule(chaps_module_);
       chaps_module_ = NULL;
     }
@@ skipping 41 matching lines @@
     if (!module->loaded) {
       LOG(ERROR) << "After loading " << name << ", loaded==false: "
                  << GetNSSErrorMessage();
       SECMOD_DestroyModule(module);
       return NULL;
     }
     return module;
   }
 #endif
 
-  static PK11SlotInfo* OpenUserDB(const base::FilePath& path,
-                                  const std::string& description) {
-    const std::string modspec =
-        base::StringPrintf("configDir='sql:%s' tokenDescription='%s'",
-                           path.value().c_str(),
-                           description.c_str());
-    PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str());
-    if (db_slot) {
-      if (PK11_NeedUserInit(db_slot))
-        PK11_InitPin(db_slot, NULL, NULL);
-    } else {
-      LOG(ERROR) << "Error opening persistent database (" << modspec
-                 << "): " << GetNSSErrorMessage();
-    }
-    return db_slot;
-  }
-
   static void DisableAESNIIfNeeded() {
     if (NSS_VersionCheck("3.15") && !NSS_VersionCheck("3.15.4")) {
       // Some versions of NSS have a bug that causes AVX instructions to be
       // used without testing whether XSAVE is enabled by the operating system.
       // In order to work around this, we disable AES-NI in NSS when we find
       // that |has_avx()| is false (which includes the XSAVE test). See
       // https://bugzilla.mozilla.org/show_bug.cgi?id=940794
       base::CPU cpu;
 
       if (cpu.has_avx_hardware() && !cpu.has_avx()) {
         base::Environment::Create()->SetVar("NSS_DISABLE_HW_AES", "1");
       }
     }
   }
 
   // If this is set to true NSS is forced to be initialized without a DB.
   static bool force_nodb_init_;
 
   bool tpm_token_enabled_for_nss_;
   bool initializing_tpm_token_;
   typedef std::vector<base::Closure> TPMReadyCallbackList;
   TPMReadyCallbackList tpm_ready_callback_list_;
   SECMODModule* chaps_module_;
-  PK11SlotInfo* test_slot_;
   PK11SlotInfo* tpm_slot_;
   SECMODModule* root_;
 #if defined(OS_CHROMEOS)
   typedef std::map<std::string, ChromeOSUserData*> ChromeOSUserMap;
   ChromeOSUserMap chromeos_user_map_;
+  ScopedPK11Slot test_system_slot_;
 #endif
 #if defined(USE_NSS)
   // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011
   // is fixed, we will no longer need the lock.
   base::Lock write_lock_;
 #endif  // defined(USE_NSS)
 
   base::ThreadChecker thread_checker_;
 };
 
 // static
 bool NSSInitSingleton::force_nodb_init_ = false;
 
 base::LazyInstance<NSSInitSingleton>::Leaky
     g_nss_singleton = LAZY_INSTANCE_INITIALIZER;
 }  // namespace
 
-const char kTestTPMTokenName[] = "Test DB";
+#if defined(USE_NSS)
+ScopedPK11Slot OpenSoftwareNSSDB(const base::FilePath& path,
+                                 const std::string& description) {
+  const std::string modspec =
+      base::StringPrintf("configDir='sql:%s' tokenDescription='%s'",
+                         path.value().c_str(),
+                         description.c_str());
+  PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str());
+  if (db_slot) {
+    if (PK11_NeedUserInit(db_slot))
+      PK11_InitPin(db_slot, NULL, NULL);
+  } else {
+    LOG(ERROR) << "Error opening persistent database (" << modspec
+               << "): " << GetNSSErrorMessage();
+  }
+  return ScopedPK11Slot(db_slot);
+}
 
-#if defined(USE_NSS)
 void EarlySetupForNSSInit() {
   base::FilePath database_dir = GetInitialConfigDirectory();
   if (!database_dir.empty())
     UseLocalCacheOfNSSDatabaseIfNFS(database_dir);
 }
 #endif
 
 void EnsureNSPRInit() {
   g_nspr_singleton.Get();
 }
@@ skipping 78 matching lines @@
     LOG(ERROR) << "Failed to load NSS libraries.";
   }
 #endif  // defined(USE_NSS)
 }
 
 bool CheckNSSVersion(const char* version) {
   return !!NSS_VersionCheck(version);
 }
 
 #if defined(USE_NSS)
-ScopedTestNSSDB::ScopedTestNSSDB()
-  : is_open_(g_nss_singleton.Get().OpenTestNSSDB()) {
-}
-
-ScopedTestNSSDB::~ScopedTestNSSDB() {
-  // Don't close when NSS is < 3.15.1, because it would require an additional
-  // sleep for 1 second after closing the database, due to
-  // http://bugzil.la/875601.
-  if (NSS_VersionCheck("3.15.1")) {
-    g_nss_singleton.Get().CloseTestNSSDB();
-  }
-}
-
 base::Lock* GetNSSWriteLock() {
   return g_nss_singleton.Get().write_lock();
 }
 
 AutoNSSWriteLock::AutoNSSWriteLock() : lock_(GetNSSWriteLock()) {
   // May be NULL if the lock is not needed in our version of NSS.
   if (lock_)
     lock_->Acquire();
 }
 
 AutoNSSWriteLock::~AutoNSSWriteLock() {
   if (lock_) {
     lock_->AssertAcquired();
     lock_->Release();
   }
 }
 
 AutoSECMODListReadLock::AutoSECMODListReadLock()
       : lock_(SECMOD_GetDefaultModuleListLock()) {
     SECMOD_GetReadLock(lock_);
   }
 
 AutoSECMODListReadLock::~AutoSECMODListReadLock() {
   SECMOD_ReleaseReadLock(lock_);
 }
-
 #endif  // defined(USE_NSS)
 
 #if defined(OS_CHROMEOS)
 PK11SlotInfo* GetSystemNSSKeySlot() {
   return g_nss_singleton.Get().GetSystemNSSKeySlot();
 }
 
+void SetTestSystemKeySlot(ScopedPK11Slot slot) {

[Ryan Sleevi, 2014/07/23 02:15:28]

SetSystemKeySlotForTesting - that way presubmit scripts will verify it's only
called from unittests.

[pneubeck (no reviews), 2014/07/23 14:34:17]

Done.

+  g_nss_singleton.Get().SetTestSystemKeySlot(ScopedPK11Slot());
+}
+
 void EnableTPMTokenForNSS() {
   g_nss_singleton.Get().EnableTPMTokenForNSS();
 }
 
 bool IsTPMTokenEnabledForNSS() {
   return g_nss_singleton.Get().IsTPMTokenEnabledForNSS();
 }
 
 bool IsTPMTokenReady(const base::Closure& callback) {
   return g_nss_singleton.Get().IsTPMTokenReady(callback);
 }
 
 void InitializeTPMTokenAndSystemSlot(
     int token_slot_id,
     const base::Callback<void(bool)>& callback) {
   g_nss_singleton.Get().InitializeTPMTokenAndSystemSlot(token_slot_id,
                                                         callback);
 }
 
-ScopedTestNSSChromeOSUser::ScopedTestNSSChromeOSUser(
-    const std::string& username_hash)
-    : username_hash_(username_hash), constructed_successfully_(false) {
-  if (!temp_dir_.CreateUniqueTempDir())
-    return;
-  constructed_successfully_ =
-      InitializeNSSForChromeOSUser(username_hash,
-                                   username_hash,
-                                   temp_dir_.path());
-}
-
-ScopedTestNSSChromeOSUser::~ScopedTestNSSChromeOSUser() {
-  if (constructed_successfully_)
-    g_nss_singleton.Get().CloseTestChromeOSUser(username_hash_);
-}
-
-void ScopedTestNSSChromeOSUser::FinishInit() {
-  DCHECK(constructed_successfully_);
-  if (!ShouldInitializeTPMForChromeOSUser(username_hash_))
-    return;
-  WillInitializeTPMForChromeOSUser(username_hash_);
-  InitializePrivateSoftwareSlotForChromeOSUser(username_hash_);
-}
-
 bool InitializeNSSForChromeOSUser(
     const std::string& email,
     const std::string& username_hash,
     const base::FilePath& path) {
   return g_nss_singleton.Get().InitializeNSSForChromeOSUser(
       email, username_hash, path);
 }
 
 bool ShouldInitializeTPMForChromeOSUser(const std::string& username_hash) {
   return g_nss_singleton.Get().ShouldInitializeTPMForChromeOSUser(
       username_hash);
 }
 
 void WillInitializeTPMForChromeOSUser(const std::string& username_hash) {
   g_nss_singleton.Get().WillInitializeTPMForChromeOSUser(username_hash);
 }
 
 void InitializeTPMForChromeOSUser(
     const std::string& username_hash,
     CK_SLOT_ID slot_id) {
   g_nss_singleton.Get().InitializeTPMForChromeOSUser(username_hash, slot_id);
 }
+
 void InitializePrivateSoftwareSlotForChromeOSUser(
     const std::string& username_hash) {
   g_nss_singleton.Get().InitializePrivateSoftwareSlotForChromeOSUser(
       username_hash);
 }
+
 ScopedPK11Slot GetPublicSlotForChromeOSUser(const std::string& username_hash) {
   return g_nss_singleton.Get().GetPublicSlotForChromeOSUser(username_hash);
 }
+
 ScopedPK11Slot GetPrivateSlotForChromeOSUser(
     const std::string& username_hash,
     const base::Callback<void(ScopedPK11Slot)>& callback) {
   return g_nss_singleton.Get().GetPrivateSlotForChromeOSUser(username_hash,
                                                              callback);
 }
+
+void CloseChromeOSUserForTesting(const std::string& username_hash) {
+  g_nss_singleton.Get().CloseChromeOSUserForTesting(username_hash);
+}
 #endif  // defined(OS_CHROMEOS)
 
 base::Time PRTimeToBaseTime(PRTime prtime) {
   return base::Time::FromInternalValue(
       prtime + base::Time::UnixEpoch().ToInternalValue());
 }
 
 PRTime BaseTimeToPRTime(base::Time time) {
   return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue();
 }
 
+#if !defined(OS_CHROMEOS)
 PK11SlotInfo* GetPersistentNSSKeySlot() {
   return g_nss_singleton.Get().GetPersistentNSSKeySlot();
 }
+#endif
 
 }  // namespace crypto