Index: chrome/browser/chromeos/net/client_cert_filter_chromeos.cc |
diff --git a/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc |
index 1ff3a786138bd9f7011319eea968f24908b6c16c..e86aa0036719bf6f9100d11243cb4cc5d51645b8 100644 |
--- a/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc |
+++ b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc |
@@ -5,18 +5,15 @@ |
#include "chrome/browser/chromeos/net/client_cert_filter_chromeos.h" |
#include "base/bind.h" |
-#include "crypto/nss_util_internal.h" |
+#include "components/cert_database/cert_database_service_io_part.h" |
+#include "net/cert/nss_cert_database.h" |
#include "net/cert/x509_certificate.h" |
namespace chromeos { |
ClientCertFilterChromeOS::ClientCertFilterChromeOS( |
- bool use_system_slot, |
- const std::string& username_hash) |
- : init_called_(false), |
- use_system_slot_(use_system_slot), |
- username_hash_(username_hash), |
- weak_ptr_factory_(this) { |
+ const base::WeakPtr<cert_database::CertDatabaseServiceIOPart>& cert_db_io) |
+ : init_called_(false), cert_db_io_(cert_db_io), weak_ptr_factory_(this) { |
} |
ClientCertFilterChromeOS::~ClientCertFilterChromeOS() { |
@@ -27,18 +24,23 @@ bool ClientCertFilterChromeOS::Init(const base::Closure& callback) { |
init_called_ = true; |
init_callback_ = callback; |
- if (use_system_slot_) { |
- system_slot_ = crypto::GetSystemNSSKeySlot( |
- base::Bind(&ClientCertFilterChromeOS::GotSystemSlot, |
- weak_ptr_factory_.GetWeakPtr())).Pass(); |
+ |
+ if (!cert_db_io_) { |
+ LOG(WARNING) << "Certificate database already shutdown."; |
+ // Do not call back if we initialized synchronously. |
+ return true; |
+ } |
+ |
+ net::NSSCertDatabase* cert_db = cert_db_io_->GetNSSCertDatabase( |
+ base::Bind(&ClientCertFilterChromeOS::GotNSSCertDatabase, |
+ weak_ptr_factory_.GetWeakPtr())); |
+ if (cert_db) { |
+ InitNSSProfileFilter(cert_db); |
+ // Do not call back if we initialized synchronously. |
+ return true; |
} |
- private_slot_ = |
- crypto::GetPrivateSlotForChromeOSUser( |
- username_hash_, base::Bind(&ClientCertFilterChromeOS::GotPrivateSlot, |
- weak_ptr_factory_.GetWeakPtr())).Pass(); |
- // Do not call back if we initialized synchronously. |
- return InitIfSlotsAvailable(); |
+ return false; |
} |
bool ClientCertFilterChromeOS::IsCertAllowed( |
@@ -46,31 +48,24 @@ bool ClientCertFilterChromeOS::IsCertAllowed( |
return nss_profile_filter_.IsCertAllowed(cert->os_cert_handle()); |
} |
-void ClientCertFilterChromeOS::GotSystemSlot( |
- crypto::ScopedPK11Slot system_slot) { |
- system_slot_ = system_slot.Pass(); |
- if (InitIfSlotsAvailable() && !init_callback_.is_null()) { |
+void ClientCertFilterChromeOS::GotNSSCertDatabase( |
+ net::NSSCertDatabase* nss_cert_db) { |
+ InitNSSProfileFilter(nss_cert_db); |
+ if (!init_callback_.is_null()) { |
init_callback_.Run(); |
init_callback_.Reset(); |
} |
} |
-void ClientCertFilterChromeOS::GotPrivateSlot( |
- crypto::ScopedPK11Slot private_slot) { |
- private_slot_ = private_slot.Pass(); |
- if (InitIfSlotsAvailable() && !init_callback_.is_null()) { |
- init_callback_.Run(); |
- init_callback_.Reset(); |
+void ClientCertFilterChromeOS::InitNSSProfileFilter( |
+ net::NSSCertDatabase* nss_cert_db) { |
+ if (!nss_cert_db) { |
+ LOG(WARNING) << "No NSSCertDatabase available."; |
+ return; |
} |
-} |
- |
-bool ClientCertFilterChromeOS::InitIfSlotsAvailable() { |
- if ((use_system_slot_ && !system_slot_) || !private_slot_) |
- return false; |
- nss_profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_), |
- private_slot_.Pass(), |
- system_slot_.Pass()); |
- return true; |
+ nss_profile_filter_.Init(nss_cert_db->GetPublicSlot(), |
+ nss_cert_db->GetPrivateSlot(), |
+ nss_cert_db->GetSystemSlot()); |
} |
} // namespace chromeos |