Index: net/ssl/client_cert_store_chromeos.cc |
diff --git a/net/ssl/client_cert_store_chromeos.cc b/net/ssl/client_cert_store_chromeos.cc |
index bd4a5c47ccbacc55a2560b959155bd2b4c3af274..6dacd4569207e6591bb5bba057388d44e3d802ce 100644 |
--- a/net/ssl/client_cert_store_chromeos.cc |
+++ b/net/ssl/client_cert_store_chromeos.cc |
@@ -12,11 +12,46 @@ |
namespace net { |
+namespace { |
+ |
+typedef base::Callback<void(crypto::ScopedPK11Slot system_slot, |
+ crypto::ScopedPK11Slot private_slot)> |
+ GetSystemAndPrivateSlotCallback; |
+ |
+// Gets the private slot for the user with the username hash |username_hash| and |
+// calls |callback| with both |system_slot| and the obtained private slot. |
+void GetPrivateSlotAndCallBack(const std::string& username_hash, |
+ const GetSystemAndPrivateSlotCallback& callback, |
+ crypto::ScopedPK11Slot system_slot) { |
+ base::Callback<void(crypto::ScopedPK11Slot)> wrapped_callback = |
+ base::Bind(callback, base::Passed(&system_slot)); |
+ |
+ crypto::ScopedPK11Slot slot( |
+ crypto::GetPrivateSlotForChromeOSUser(username_hash, wrapped_callback)); |
+ if (slot) |
+ wrapped_callback.Run(slot.Pass()); |
+} |
+ |
+// Gets the system slot, then the private slot for the user with the username |
+// hash |username_hash|, and finally calls |callback| with both slots. |
+void GetSystemAndPrivateSlot(const std::string& username_hash, |
+ const GetSystemAndPrivateSlotCallback& callback) { |
+ crypto::ScopedPK11Slot system_slot(crypto::GetSystemNSSKeySlot( |
+ base::Bind(&GetPrivateSlotAndCallBack, username_hash, callback))); |
+ if (system_slot) |
+ GetPrivateSlotAndCallBack(username_hash, callback, system_slot.Pass()); |
+} |
+ |
+} // namespace |
+ |
ClientCertStoreChromeOS::ClientCertStoreChromeOS( |
+ bool use_system_slot, |
const std::string& username_hash, |
const PasswordDelegateFactory& password_delegate_factory) |
: ClientCertStoreNSS(password_delegate_factory), |
- username_hash_(username_hash) {} |
+ use_system_slot_(use_system_slot), |
+ username_hash_(username_hash) { |
+} |
ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {} |
@@ -24,24 +59,29 @@ void ClientCertStoreChromeOS::GetClientCerts( |
const SSLCertRequestInfo& cert_request_info, |
CertificateList* selected_certs, |
const base::Closure& callback) { |
- crypto::ScopedPK11Slot private_slot(crypto::GetPrivateSlotForChromeOSUser( |
- username_hash_, |
- base::Bind(&ClientCertStoreChromeOS::DidGetPrivateSlot, |
+ GetSystemAndPrivateSlotCallback bound_callback = |
+ base::Bind(&ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot, |
// Caller is responsible for keeping the ClientCertStore alive |
// until the callback is run. |
base::Unretained(this), |
&cert_request_info, |
selected_certs, |
- callback))); |
- if (private_slot) |
- DidGetPrivateSlot( |
- &cert_request_info, selected_certs, callback, private_slot.Pass()); |
+ callback); |
+ |
+ if (use_system_slot_) { |
+ GetSystemAndPrivateSlot(username_hash_, bound_callback); |
+ } else { |
+ // Skip getting the system slot. |
+ GetPrivateSlotAndCallBack( |
+ username_hash_, bound_callback, crypto::ScopedPK11Slot()); |
+ } |
} |
-void ClientCertStoreChromeOS::GetClientCertsImpl(CERTCertList* cert_list, |
- const SSLCertRequestInfo& request, |
- bool query_nssdb, |
- CertificateList* selected_certs) { |
+void ClientCertStoreChromeOS::GetClientCertsImpl( |
+ CERTCertList* cert_list, |
+ const SSLCertRequestInfo& request, |
+ bool query_nssdb, |
+ CertificateList* selected_certs) { |
ClientCertStoreNSS::GetClientCertsImpl( |
cert_list, request, query_nssdb, selected_certs); |
@@ -57,13 +97,15 @@ void ClientCertStoreChromeOS::GetClientCertsImpl(CERTCertList* cert_list, |
<< pre_size << " certs"; |
} |
-void ClientCertStoreChromeOS::DidGetPrivateSlot( |
+void ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot( |
const SSLCertRequestInfo* request, |
CertificateList* selected_certs, |
const base::Closure& callback, |
+ crypto::ScopedPK11Slot system_slot, |
crypto::ScopedPK11Slot private_slot) { |
profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_), |
- private_slot.Pass()); |
+ private_slot.Pass(), |
+ system_slot.Pass()); |
ClientCertStoreNSS::GetClientCerts(*request, selected_certs, callback); |
} |