Enable system NSS key slot.

crypto/nss_util.cc

Index: crypto/nss_util.cc
diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc
index 29a0b6686fe21d30c4152359a54252b3b4408701..0f10bd196d9acae199b7e9183311023ad3a1c1c3 100644
--- a/crypto/nss_util.cc
+++ b/crypto/nss_util.cc
@@ -579,6 +579,12 @@ class NSSInitSingleton {
     // Unsetting, i.e. setting a NULL, however is allowed.
     DCHECK(!slot || !test_system_slot_);
     test_system_slot_ = slot.Pass();
+    if (test_system_slot_) {
+      EnableTPMTokenForNSS();

[pneubeck (no reviews), 2014/07/31 06:31:25]

This one should actually not be necessary and I'll remove it.
Then, all effects of the ScopedTestSystemNSSKeySlot should be reverted on
destrction.

+      tpm_slot_.reset(PK11_ReferenceSlot(test_system_slot_.get()));

[mattm, 2014/07/30 22:57:34]

need to call tpm_ready_callback_list_ callbacks too?

[pneubeck (no reviews), 2014/07/31 06:31:25]

These callbacks are usually triggered by a InitializeTPMTokenAndSystemSlot call
from TPMTokenLoader.
However, in all tests that we currently have, the TPMTokenLoader skips this
initialization, see tpm_token_loader.cc:139 
  if (!base::SysInfo::IsRunningOnChromeOS())
    tpm_token_state_ = TPM_DISABLED;

Accordingly, currently no test can rely on the callbacks to be called, instead
they all assume that the TPM is disabled and instead software slots are set.

IMO very ugly, but I can't fix this in this CL.

[mattm, 2014/07/31 10:29:30]

Right, my point was when the test uses software slots for the system slot, the
code being tested that uses GetSystemNSSKeySlot would expect the callbacks to be
called.  Is the issue that tpm_ready_callback_list_ is used for signalling both
"tpm ready" and "system slot ready"?

[pneubeck (no reviews), 2014/07/31 10:48:54]

Setting tpm_slot_ toggles IsTPMTokenReady to true (which actually means "TPM
token for system slot is ready") and thus GetSsytemNSSKeySlot immediately
returns without using tpm_ready_callback_list_ .

[pneubeck (no reviews), 2014/08/01 10:02:28]

Thinking about this again, I see now what you mean.
I changed it to call the callbacks of tpm_ready_callback_list_.

+    } else {
+      tpm_slot_.reset();
+    }
   }
 #endif  // defined(OS_CHROMEOS)
 
@@ -1014,7 +1020,7 @@ ScopedPK11Slot GetSystemNSSKeySlot(
 }
 
 void SetSystemKeySlotForTesting(ScopedPK11Slot slot) {
-  g_nss_singleton.Get().SetSystemKeySlotForTesting(ScopedPK11Slot());
+  g_nss_singleton.Get().SetSystemKeySlotForTesting(slot.Pass());
 }
 
 void EnableTPMTokenForNSS() {