Extract ScopedTestNSSDB from nss_util.

crypto/nss_util.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CRYPTO_NSS_UTIL_H_
 #define CRYPTO_NSS_UTIL_H_
 
 #include <string>
 #include "base/basictypes.h"
 #include "base/callback.h"
 #include "base/compiler_specific.h"
 #include "base/files/scoped_temp_dir.h"
 #include "crypto/crypto_export.h"
 
 namespace base {
 class FilePath;
 class Lock;
 class Time;
 }  // namespace base
 
 // This file specifically doesn't depend on any NSS or NSPR headers because it
 // is included by various (non-crypto) parts of chrome to call the
 // initialization functions.
 namespace crypto {
 
-// The TPMToken name used for the NSS slot opened by ScopedTestNSSDB.
-CRYPTO_EXPORT extern const char kTestTPMTokenName[];
+class ScopedTestNSSDB;
 
 #if defined(USE_NSS)
 // EarlySetupForNSSInit performs lightweight setup which must occur before the
 // process goes multithreaded. This does not initialise NSS. For test, see
 // EnsureNSSInit.
 CRYPTO_EXPORT void EarlySetupForNSSInit();
 #endif
 
 // Initialize NRPR if it isn't already initialized.  This function is
 // thread-safe, and NSPR will only ever be initialized once.
@@ skipping 107 matching lines @@
 
 // Convert a NSS PRTime value into a base::Time object.
 // We use a int64 instead of PRTime here to avoid depending on NSPR headers.
 CRYPTO_EXPORT base::Time PRTimeToBaseTime(int64 prtime);
 
 // Convert a base::Time object into a PRTime value.
 // We use a int64 instead of PRTime here to avoid depending on NSPR headers.
 CRYPTO_EXPORT int64 BaseTimeToPRTime(base::Time time);
 
 #if defined(USE_NSS)
-// Exposed for unittests only.
-// TODO(mattm): When NSS 3.14 is the minimum version required,
-// switch back to using a separate user DB for each test.
-// Because of https://bugzilla.mozilla.org/show_bug.cgi?id=588269 , the
-// opened user DB is not automatically closed.
-class CRYPTO_EXPORT_PRIVATE ScopedTestNSSDB {
+#if defined(OS_CHROMEOS)
+// Exposed for tests only.
+class CRYPTO_EXPORT_PRIVATE ScopedTestSystemNSSKeySlot {

[Ryan Sleevi, 2014/07/22 01:25:32]

1) Document more what this does - and what it affects.
2) This belongs in a test-only file, not the main nss_util. We'd probably roll
it into a crypto_test_support target if it needed to be used outside of
crypto_unittests (which it probably does)

[pneubeck (no reviews), 2014/07/22 08:34:30]

ACK. I only placed it here because of ScopedTestNSSChromeOSUser above. But this
is indeed the wrong place for both.


Considering that this sets a member (test_system_slot_) in the NSSInitSingleton
and doesn't store/restore the old state of that member, I'd like to add a DCHECK
if that member was already set before.
Sounds good?

[pneubeck (no reviews), 2014/07/22 14:11:05]

One other reason why I put it here was that it access the NSSInitSingleton
(similary like ScopedTestNSSChromeOSUser accesses it). NSSInitSingleton however
is .cc local.
Thus, I added *ForTesting functions to expose the required functions of the
singleton.

  public:
-  ScopedTestNSSDB();
-  ~ScopedTestNSSDB();
+  explicit ScopedTestSystemNSSKeySlot();
+  ~ScopedTestSystemNSSKeySlot();
 
-  bool is_open() { return is_open_; }
+  bool ConstructedSuccessfully() const;
 
  private:
-  bool is_open_;
-  DISALLOW_COPY_AND_ASSIGN(ScopedTestNSSDB);
+  scoped_ptr<ScopedTestNSSDB> test_db_;
+
+  DISALLOW_COPY_AND_ASSIGN(ScopedTestSystemNSSKeySlot);
 };
+#endif
 
 // NSS has a bug which can cause a deadlock or stall in some cases when writing
 // to the certDB and keyDB. It also has a bug which causes concurrent key pair
 // generations to scribble over each other. To work around this, we synchronize
 // writes to the NSS databases with a global lock. The lock is hidden beneath a
 // function for easy disabling when the bug is fixed. Callers should allow for
 // it to return NULL in the future.
 //
 // See https://bugzilla.mozilla.org/show_bug.cgi?id=564011
 base::Lock* GetNSSWriteLock();
 
 // A helper class that acquires the NSS write Lock while the AutoNSSWriteLock
 // is in scope.
 class CRYPTO_EXPORT AutoNSSWriteLock {
  public:
   AutoNSSWriteLock();
   ~AutoNSSWriteLock();
  private:
   base::Lock *lock_;
   DISALLOW_COPY_AND_ASSIGN(AutoNSSWriteLock);
 };
 
 #endif  // defined(USE_NSS)
 
 }  // namespace crypto
 
 #endif  // CRYPTO_NSS_UTIL_H_