Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Side by Side Diff: net/cert/nss_cert_database_chromeos.cc

Issue 424523002: Enable system NSS key slot. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix compilation of profile_io_data on !OS_CHROMEOS. Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/nss_cert_database_chromeos.h ('k') | net/cert/nss_profile_filter_chromeos.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/nss_cert_database_chromeos.h" 5 #include "net/cert/nss_cert_database_chromeos.h"
6 6
7 #include <cert.h> 7 #include <cert.h>
8 #include <pk11pub.h> 8 #include <pk11pub.h>
9 9
10 #include <algorithm> 10 #include <algorithm>
11 11
12 #include "base/bind.h" 12 #include "base/bind.h"
13 #include "base/callback.h" 13 #include "base/callback.h"
14 #include "base/location.h" 14 #include "base/location.h"
15 #include "base/task_runner.h" 15 #include "base/task_runner.h"
16 #include "net/base/crypto_module.h" 16 #include "net/base/crypto_module.h"
17 #include "net/cert/x509_certificate.h" 17 #include "net/cert/x509_certificate.h"
18 18
19 namespace net { 19 namespace net {
20 20
21 NSSCertDatabaseChromeOS::NSSCertDatabaseChromeOS( 21 NSSCertDatabaseChromeOS::NSSCertDatabaseChromeOS(
22 crypto::ScopedPK11Slot public_slot, 22 crypto::ScopedPK11Slot public_slot,
23 crypto::ScopedPK11Slot private_slot) 23 crypto::ScopedPK11Slot private_slot)
24 : NSSCertDatabase(public_slot.Pass(), private_slot.Pass()) { 24 : NSSCertDatabase(public_slot.Pass(), private_slot.Pass()) {
25 profile_filter_.Init(GetPublicSlot(), GetPrivateSlot()); 25 // By default, don't use a system slot. Only if explicitly set by
26 // SetSystemSlot, the system slot will be used.
27 profile_filter_.Init(GetPublicSlot(),
28 GetPrivateSlot(),
29 crypto::ScopedPK11Slot() /* no system slot */);
26 } 30 }
27 31
28 NSSCertDatabaseChromeOS::~NSSCertDatabaseChromeOS() {} 32 NSSCertDatabaseChromeOS::~NSSCertDatabaseChromeOS() {}
29 33
34 void NSSCertDatabaseChromeOS::SetSystemSlot(
35 crypto::ScopedPK11Slot system_slot) {
36 system_slot_ = system_slot.Pass();
37 profile_filter_.Init(GetPublicSlot(), GetPrivateSlot(), GetSystemSlot());
38 }
39
30 void NSSCertDatabaseChromeOS::ListCertsSync(CertificateList* certs) { 40 void NSSCertDatabaseChromeOS::ListCertsSync(CertificateList* certs) {
31 ListCertsImpl(profile_filter_, certs); 41 ListCertsImpl(profile_filter_, certs);
32 } 42 }
33 43
34 void NSSCertDatabaseChromeOS::ListCerts( 44 void NSSCertDatabaseChromeOS::ListCerts(
35 const base::Callback<void(scoped_ptr<CertificateList> certs)>& callback) { 45 const base::Callback<void(scoped_ptr<CertificateList> certs)>& callback) {
36 scoped_ptr<CertificateList> certs(new CertificateList()); 46 scoped_ptr<CertificateList> certs(new CertificateList());
37 47
38 // base::Pased will NULL out |certs|, so cache the underlying pointer here. 48 // base::Pased will NULL out |certs|, so cache the underlying pointer here.
39 CertificateList* raw_certs = certs.get(); 49 CertificateList* raw_certs = certs.get();
40 GetSlowTaskRunner()->PostTaskAndReply( 50 GetSlowTaskRunner()->PostTaskAndReply(
41 FROM_HERE, 51 FROM_HERE,
42 base::Bind(&NSSCertDatabaseChromeOS::ListCertsImpl, 52 base::Bind(&NSSCertDatabaseChromeOS::ListCertsImpl,
43 profile_filter_, 53 profile_filter_,
44 base::Unretained(raw_certs)), 54 base::Unretained(raw_certs)),
45 base::Bind(callback, base::Passed(&certs))); 55 base::Bind(callback, base::Passed(&certs)));
46 } 56 }
47 57
58 crypto::ScopedPK11Slot NSSCertDatabaseChromeOS::GetSystemSlot() const {
59 if (system_slot_)
60 return crypto::ScopedPK11Slot(PK11_ReferenceSlot(system_slot_.get()));
61 return crypto::ScopedPK11Slot();
62 }
63
48 void NSSCertDatabaseChromeOS::ListModules(CryptoModuleList* modules, 64 void NSSCertDatabaseChromeOS::ListModules(CryptoModuleList* modules,
49 bool need_rw) const { 65 bool need_rw) const {
50 NSSCertDatabase::ListModules(modules, need_rw); 66 NSSCertDatabase::ListModules(modules, need_rw);
51 67
52 size_t pre_size = modules->size(); 68 size_t pre_size = modules->size();
53 modules->erase( 69 modules->erase(
54 std::remove_if( 70 std::remove_if(
55 modules->begin(), 71 modules->begin(),
56 modules->end(), 72 modules->end(),
57 NSSProfileFilterChromeOS::ModuleNotAllowedForProfilePredicate( 73 NSSProfileFilterChromeOS::ModuleNotAllowedForProfilePredicate(
(...skipping 13 matching lines...) Expand all
71 certs->begin(), 87 certs->begin(),
72 certs->end(), 88 certs->end(),
73 NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate( 89 NSSProfileFilterChromeOS::CertNotAllowedForProfilePredicate(
74 profile_filter)), 90 profile_filter)),
75 certs->end()); 91 certs->end());
76 DVLOG(1) << "filtered " << pre_size - certs->size() << " of " << pre_size 92 DVLOG(1) << "filtered " << pre_size - certs->size() << " of " << pre_size
77 << " certs"; 93 << " certs";
78 } 94 }
79 95
80 } // namespace net 96 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/nss_cert_database_chromeos.h ('k') | net/cert/nss_profile_filter_chromeos.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698