Index: chrome/browser/net/cert_database_service_factory.cc |
diff --git a/chrome/browser/net/cert_database_service_factory.cc b/chrome/browser/net/cert_database_service_factory.cc |
new file mode 100644 |
index 0000000000000000000000000000000000000000..ecefd9ae0af4be5ef532217eddaa29b4473e0851 |
--- /dev/null |
+++ b/chrome/browser/net/cert_database_service_factory.cc |
@@ -0,0 +1,139 @@ |
+// Copyright 2014 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#include "chrome/browser/net/cert_database_service_factory.h" |
+ |
+#include "base/memory/singleton.h" |
+#include "chrome/browser/profiles/incognito_helpers.h" |
+#include "chrome/browser/profiles/profile.h" |
+#include "components/cert_database/public/cert_database_service.h" |
+#include "components/keyed_service/content/browser_context_dependency_manager.h" |
+#include "content/public/browser/browser_thread.h" |
+ |
+#if defined(OS_CHROMEOS) |
+#include "chrome/browser/browser_process.h" |
+#include "chrome/browser/browser_process_platform_part.h" |
+#include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
+#include "chrome/browser/chromeos/profiles/profile_helper.h" |
+#include "chromeos/cert_loader.h" |
+#include "chromeos/tpm_token_loader.h" |
+#include "components/cert_database/public/chromeos/cert_database_service_io_part_chromeos.h" |
+#include "components/user_manager/user.h" |
+#include "components/user_manager/user_manager.h" |
+#else |
+#include "components/cert_database/public/linux/cert_database_service_io_part_linux.h" |
+#endif |
+ |
+namespace { |
+ |
+#if defined(OS_CHROMEOS) |
+void OnSystemTPMTokenReady( |
+ const base::WeakPtr<CertDatabaseServiceIOPartChromeOS>& io_part, |
+ bool system_tpm_token_enabled) { |
+ content::BrowserThread::PostTask( |
+ content::BrowserThread::IO, |
+ FROM_HERE, |
+ base::Bind(&CertDatabaseServiceIOPartChromeOS::OnSystemTPMTokenReady, |
+ io_part, |
+ system_tpm_token_enabled)); |
+} |
+#endif |
+ |
+} // namespace |
+ |
+// static |
+CertDatabaseService* CertDatabaseServiceFactory::GetForBrowserContext( |
+ content::BrowserContext* context) { |
+ return static_cast<CertDatabaseService*>( |
+ GetInstance()->GetServiceForBrowserContext(context, true)); |
+} |
+ |
+// static |
+CertDatabaseServiceFactory* CertDatabaseServiceFactory::GetInstance() { |
+ return Singleton<CertDatabaseServiceFactory>::get(); |
+} |
+ |
+CertDatabaseServiceFactory::CertDatabaseServiceFactory() |
+ : BrowserContextKeyedServiceFactory( |
+ "CertDatabaseService", |
+ BrowserContextDependencyManager::GetInstance()) { |
+} |
+ |
+CertDatabaseServiceFactory::~CertDatabaseServiceFactory() { |
+} |
+ |
+content::BrowserContext* CertDatabaseServiceFactory::GetBrowserContextToUse( |
+ content::BrowserContext* context) const { |
+ // return chrome::GetBrowserContextOwnInstanceInIncognito(context); |
+ return chrome::GetBrowserContextRedirectedInIncognito(context); |
+} |
+ |
+bool CertDatabaseServiceFactory::ServiceIsCreatedWithBrowserContext() const { |
+ return true; |
+} |
+ |
+KeyedService* CertDatabaseServiceFactory::BuildServiceInstanceFor( |
+ content::BrowserContext* context) const { |
+#if defined(OS_CHROMEOS) |
+ Profile* profile = static_cast<Profile*>(context); |
+ |
+ // No cert database for the sign-in profile. |
+ if (chromeos::ProfileHelper::IsSigninProfile(profile)) |
+ return NULL; |
+ |
+ user_manager::User* user = |
+ chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
+ |
+ // Use the device-wide system key slot only if the user is of the same |
+ // domain as the device is registered to. |
+ policy::BrowserPolicyConnectorChromeOS* connector = |
+ g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
+ bool use_system_key_slot = connector->GetUserAffiliation(user->email()) == |
+ policy::USER_AFFILIATION_MANAGED; |
+ VLOG(1) << "Use system key slot " << use_system_key_slot; |
+ |
+ scoped_ptr<CertDatabaseServiceIOPartChromeOS> io_part( |
+ new CertDatabaseServiceIOPartChromeOS( |
+ user->email(), |
+ user->username_hash(), |
+ use_system_key_slot, |
+ profile->GetPath(), |
+ content::BrowserThread::GetMessageLoopProxyForThread( |
+ content::BrowserThread::UI) // Thread for DBus calls |
+ )); |
+#else |
+ scoped_ptr<CertDatabaseServiceIOPart> io_part( |
+ new CertDatabaseServiceIOPartLinux()); |
+#endif |
+ |
+ scoped_ptr<CertDatabaseService> service(new CertDatabaseService( |
+ content::BrowserThread::GetMessageLoopProxyForThread( |
+ content::BrowserThread::IO))); |
+ service->SetIOPart(io_part.PassAs<CertDatabaseServiceIOPart>()); |
+ |
+#if defined(OS_CHROMEOS) |
+ chromeos::TPMTokenLoader::TPMTokenStatus tpm_token_status = |
+ chromeos::TPMTokenLoader::Get()->IsTPMTokenEnabled( |
+ base::Bind(&OnSystemTPMTokenReady, service->GetIOPart())); |
+ if (tpm_token_status != |
+ chromeos::TPMTokenLoader::TPM_TOKEN_STATUS_UNDETERMINED) { |
+ OnSystemTPMTokenReady( |
+ service->GetIOPart(), |
+ tpm_token_status == chromeos::TPMTokenLoader::TPM_TOKEN_STATUS_ENABLED); |
+ } |
+ |
+ if (chromeos::CertLoader::IsInitialized()) { |
+ user_manager::UserManager* user_manager = user_manager::UserManager::Get(); |
+ bool is_primary_user = |
+ user_manager && user == user_manager->GetPrimaryUser(); |
+ if (is_primary_user) { |
+ service->GetNSSCertDatabase( |
+ base::Bind(&chromeos::CertLoader::StartWithNSSDB, |
+ base::Unretained(chromeos::CertLoader::Get()))); |
+ } |
+ } |
+#endif |
+ |
+ return service.release(); |
+} |