OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/net/nss_context.h" | 5 #include "chrome/browser/net/nss_context.h" |
6 | 6 |
7 #include "base/memory/weak_ptr.h" | 7 #include "base/memory/weak_ptr.h" |
8 #include "base/supports_user_data.h" | 8 #include "base/supports_user_data.h" |
9 #include "chrome/browser/profiles/profile_io_data.h" | 9 #include "chrome/browser/profiles/profile_io_data.h" |
10 #include "content/public/browser/browser_thread.h" | 10 #include "content/public/browser/browser_thread.h" |
11 #include "crypto/nss_util_internal.h" | 11 #include "crypto/nss_util_internal.h" |
12 #include "net/cert/nss_cert_database_chromeos.h" | 12 #include "net/cert/nss_cert_database_chromeos.h" |
13 | 13 |
14 namespace { | 14 namespace { |
15 | 15 |
16 void* kDatabaseManagerKey = &kDatabaseManagerKey; | 16 void* kDatabaseManagerKey = &kDatabaseManagerKey; |
17 | 17 |
18 class NSSCertDatabaseChromeOSManager : public base::SupportsUserData::Data { | 18 class NSSCertDatabaseChromeOSManager : public base::SupportsUserData::Data { |
19 public: | 19 public: |
| 20 typedef base::Callback<void(net::NSSCertDatabaseChromeOS*)> |
| 21 GetNSSCertDatabaseCallback; |
20 explicit NSSCertDatabaseChromeOSManager(const std::string& username_hash) | 22 explicit NSSCertDatabaseChromeOSManager(const std::string& username_hash) |
21 : username_hash_(username_hash), weak_ptr_factory_(this) { | 23 : username_hash_(username_hash), weak_ptr_factory_(this) { |
22 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 24 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
23 crypto::ScopedPK11Slot private_slot(crypto::GetPrivateSlotForChromeOSUser( | 25 crypto::ScopedPK11Slot private_slot(crypto::GetPrivateSlotForChromeOSUser( |
24 username_hash, | 26 username_hash, |
25 base::Bind(&NSSCertDatabaseChromeOSManager::DidGetPrivateSlot, | 27 base::Bind(&NSSCertDatabaseChromeOSManager::DidGetPrivateSlot, |
26 weak_ptr_factory_.GetWeakPtr()))); | 28 weak_ptr_factory_.GetWeakPtr()))); |
27 if (private_slot) | 29 if (private_slot) |
28 DidGetPrivateSlot(private_slot.Pass()); | 30 DidGetPrivateSlot(private_slot.Pass()); |
29 } | 31 } |
30 | 32 |
31 virtual ~NSSCertDatabaseChromeOSManager() { | 33 virtual ~NSSCertDatabaseChromeOSManager() { |
32 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 34 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
33 } | 35 } |
34 | 36 |
35 net::NSSCertDatabase* GetNSSCertDatabase( | 37 net::NSSCertDatabaseChromeOS* GetNSSCertDatabase( |
36 const base::Callback<void(net::NSSCertDatabase*)>& callback) { | 38 const GetNSSCertDatabaseCallback& callback) { |
37 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 39 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
38 | 40 |
39 if (nss_cert_database_) | 41 if (nss_cert_database_) |
40 return nss_cert_database_.get(); | 42 return nss_cert_database_.get(); |
41 | 43 |
42 ready_callback_list_.push_back(callback); | 44 ready_callback_list_.push_back(callback); |
43 return NULL; | 45 return NULL; |
44 } | 46 } |
45 | 47 |
46 private: | 48 private: |
47 typedef std::vector<base::Callback<void(net::NSSCertDatabase*)> > | 49 typedef std::vector<GetNSSCertDatabaseCallback> ReadyCallbackList; |
48 ReadyCallbackList; | |
49 | 50 |
50 void DidGetPrivateSlot(crypto::ScopedPK11Slot private_slot) { | 51 void DidGetPrivateSlot(crypto::ScopedPK11Slot private_slot) { |
51 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 52 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
52 nss_cert_database_.reset(new net::NSSCertDatabaseChromeOS( | 53 nss_cert_database_.reset(new net::NSSCertDatabaseChromeOS( |
53 crypto::GetPublicSlotForChromeOSUser(username_hash_), | 54 crypto::GetPublicSlotForChromeOSUser(username_hash_), |
54 private_slot.Pass())); | 55 private_slot.Pass())); |
55 | 56 |
56 ReadyCallbackList callback_list; | 57 ReadyCallbackList callback_list; |
57 callback_list.swap(ready_callback_list_); | 58 callback_list.swap(ready_callback_list_); |
58 for (ReadyCallbackList::iterator i = callback_list.begin(); | 59 for (ReadyCallbackList::iterator i = callback_list.begin(); |
59 i != callback_list.end(); | 60 i != callback_list.end(); |
60 ++i) { | 61 ++i) { |
61 (*i).Run(nss_cert_database_.get()); | 62 (*i).Run(nss_cert_database_.get()); |
62 } | 63 } |
63 } | 64 } |
64 | 65 |
65 std::string username_hash_; | 66 std::string username_hash_; |
66 scoped_ptr<net::NSSCertDatabaseChromeOS> nss_cert_database_; | 67 scoped_ptr<net::NSSCertDatabaseChromeOS> nss_cert_database_; |
67 ReadyCallbackList ready_callback_list_; | 68 ReadyCallbackList ready_callback_list_; |
68 base::WeakPtrFactory<NSSCertDatabaseChromeOSManager> weak_ptr_factory_; | 69 base::WeakPtrFactory<NSSCertDatabaseChromeOSManager> weak_ptr_factory_; |
69 | 70 |
70 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabaseChromeOSManager); | 71 DISALLOW_COPY_AND_ASSIGN(NSSCertDatabaseChromeOSManager); |
71 }; | 72 }; |
72 | 73 |
73 std::string GetUsername(content::ResourceContext* context) { | 74 std::string GetUsername(content::ResourceContext* context) { |
74 return ProfileIOData::FromResourceContext(context)->username_hash(); | 75 return ProfileIOData::FromResourceContext(context)->username_hash(); |
75 } | 76 } |
76 | 77 |
| 78 net::NSSCertDatabaseChromeOS* GetNSSCertDatabaseChromeOS( |
| 79 content::ResourceContext* context, |
| 80 const NSSCertDatabaseChromeOSManager::GetNSSCertDatabaseCallback& |
| 81 callback) { |
| 82 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
| 83 NSSCertDatabaseChromeOSManager* manager = |
| 84 static_cast<NSSCertDatabaseChromeOSManager*>( |
| 85 context->GetUserData(kDatabaseManagerKey)); |
| 86 if (!manager) { |
| 87 manager = new NSSCertDatabaseChromeOSManager(GetUsername(context)); |
| 88 context->SetUserData(kDatabaseManagerKey, manager); |
| 89 } |
| 90 return manager->GetNSSCertDatabase(callback); |
| 91 } |
| 92 |
| 93 void CallWithNSSCertDatabase( |
| 94 const base::Callback<void(net::NSSCertDatabase*)>& callback, |
| 95 net::NSSCertDatabaseChromeOS* db) { |
| 96 callback.Run(db); |
| 97 } |
| 98 |
| 99 void SetSystemSlot(crypto::ScopedPK11Slot system_slot, |
| 100 net::NSSCertDatabaseChromeOS* db) { |
| 101 db->SetSystemSlot(system_slot.Pass()); |
| 102 } |
| 103 |
| 104 void SetSystemSlotOfDBForResourceContext(content::ResourceContext* context, |
| 105 crypto::ScopedPK11Slot system_slot) { |
| 106 base::Callback<void(net::NSSCertDatabaseChromeOS*)> callback = |
| 107 base::Bind(&SetSystemSlot, base::Passed(&system_slot)); |
| 108 |
| 109 net::NSSCertDatabaseChromeOS* db = |
| 110 GetNSSCertDatabaseChromeOS(context, callback); |
| 111 if (db) |
| 112 callback.Run(db); |
| 113 } |
| 114 |
77 } // namespace | 115 } // namespace |
78 | 116 |
79 crypto::ScopedPK11Slot GetPublicNSSKeySlotForResourceContext( | 117 crypto::ScopedPK11Slot GetPublicNSSKeySlotForResourceContext( |
80 content::ResourceContext* context) { | 118 content::ResourceContext* context) { |
81 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 119 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
82 return crypto::GetPublicSlotForChromeOSUser(GetUsername(context)); | 120 return crypto::GetPublicSlotForChromeOSUser(GetUsername(context)); |
83 } | 121 } |
84 | 122 |
85 crypto::ScopedPK11Slot GetPrivateNSSKeySlotForResourceContext( | 123 crypto::ScopedPK11Slot GetPrivateNSSKeySlotForResourceContext( |
86 content::ResourceContext* context, | 124 content::ResourceContext* context, |
87 const base::Callback<void(crypto::ScopedPK11Slot)>& callback) { | 125 const base::Callback<void(crypto::ScopedPK11Slot)>& callback) { |
88 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 126 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
89 return crypto::GetPrivateSlotForChromeOSUser(GetUsername(context), callback); | 127 return crypto::GetPrivateSlotForChromeOSUser(GetUsername(context), callback); |
90 } | 128 } |
91 | 129 |
92 net::NSSCertDatabase* GetNSSCertDatabaseForResourceContext( | 130 net::NSSCertDatabase* GetNSSCertDatabaseForResourceContext( |
93 content::ResourceContext* context, | 131 content::ResourceContext* context, |
94 const base::Callback<void(net::NSSCertDatabase*)>& callback) { | 132 const base::Callback<void(net::NSSCertDatabase*)>& callback) { |
| 133 return GetNSSCertDatabaseChromeOS( |
| 134 context, base::Bind(&CallWithNSSCertDatabase, callback)); |
| 135 } |
| 136 |
| 137 void EnableNSSSystemKeySlotForResourceContext( |
| 138 content::ResourceContext* context) { |
95 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); | 139 DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO)); |
96 NSSCertDatabaseChromeOSManager* manager = | 140 base::Callback<void(crypto::ScopedPK11Slot)> callback = |
97 static_cast<NSSCertDatabaseChromeOSManager*>( | 141 base::Bind(&SetSystemSlotOfDBForResourceContext, context); |
98 context->GetUserData(kDatabaseManagerKey)); | 142 crypto::ScopedPK11Slot system_slot = crypto::GetSystemNSSKeySlot(callback); |
99 if (!manager) { | 143 if (system_slot) |
100 manager = new NSSCertDatabaseChromeOSManager(GetUsername(context)); | 144 callback.Run(system_slot.Pass()); |
101 context->SetUserData(kDatabaseManagerKey, manager); | |
102 } | |
103 return manager->GetNSSCertDatabase(callback); | |
104 } | 145 } |
OLD | NEW |