Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(100)

Unified Diff: net/ssl/client_cert_store_chromeos.cc

Issue 424523002: Enable system NSS key slot. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix compilation of profile_io_data on !OS_CHROMEOS. Created 6 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/ssl/client_cert_store_chromeos.h ('k') | net/ssl/client_cert_store_chromeos_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/ssl/client_cert_store_chromeos.cc
diff --git a/net/ssl/client_cert_store_chromeos.cc b/net/ssl/client_cert_store_chromeos.cc
index bd4a5c47ccbacc55a2560b959155bd2b4c3af274..6dacd4569207e6591bb5bba057388d44e3d802ce 100644
--- a/net/ssl/client_cert_store_chromeos.cc
+++ b/net/ssl/client_cert_store_chromeos.cc
@@ -12,11 +12,46 @@
namespace net {
+namespace {
+
+typedef base::Callback<void(crypto::ScopedPK11Slot system_slot,
+ crypto::ScopedPK11Slot private_slot)>
+ GetSystemAndPrivateSlotCallback;
+
+// Gets the private slot for the user with the username hash |username_hash| and
+// calls |callback| with both |system_slot| and the obtained private slot.
+void GetPrivateSlotAndCallBack(const std::string& username_hash,
+ const GetSystemAndPrivateSlotCallback& callback,
+ crypto::ScopedPK11Slot system_slot) {
+ base::Callback<void(crypto::ScopedPK11Slot)> wrapped_callback =
+ base::Bind(callback, base::Passed(&system_slot));
+
+ crypto::ScopedPK11Slot slot(
+ crypto::GetPrivateSlotForChromeOSUser(username_hash, wrapped_callback));
+ if (slot)
+ wrapped_callback.Run(slot.Pass());
+}
+
+// Gets the system slot, then the private slot for the user with the username
+// hash |username_hash|, and finally calls |callback| with both slots.
+void GetSystemAndPrivateSlot(const std::string& username_hash,
+ const GetSystemAndPrivateSlotCallback& callback) {
+ crypto::ScopedPK11Slot system_slot(crypto::GetSystemNSSKeySlot(
+ base::Bind(&GetPrivateSlotAndCallBack, username_hash, callback)));
+ if (system_slot)
+ GetPrivateSlotAndCallBack(username_hash, callback, system_slot.Pass());
+}
+
+} // namespace
+
ClientCertStoreChromeOS::ClientCertStoreChromeOS(
+ bool use_system_slot,
const std::string& username_hash,
const PasswordDelegateFactory& password_delegate_factory)
: ClientCertStoreNSS(password_delegate_factory),
- username_hash_(username_hash) {}
+ use_system_slot_(use_system_slot),
+ username_hash_(username_hash) {
+}
ClientCertStoreChromeOS::~ClientCertStoreChromeOS() {}
@@ -24,24 +59,29 @@ void ClientCertStoreChromeOS::GetClientCerts(
const SSLCertRequestInfo& cert_request_info,
CertificateList* selected_certs,
const base::Closure& callback) {
- crypto::ScopedPK11Slot private_slot(crypto::GetPrivateSlotForChromeOSUser(
- username_hash_,
- base::Bind(&ClientCertStoreChromeOS::DidGetPrivateSlot,
+ GetSystemAndPrivateSlotCallback bound_callback =
+ base::Bind(&ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot,
// Caller is responsible for keeping the ClientCertStore alive
// until the callback is run.
base::Unretained(this),
&cert_request_info,
selected_certs,
- callback)));
- if (private_slot)
- DidGetPrivateSlot(
- &cert_request_info, selected_certs, callback, private_slot.Pass());
+ callback);
+
+ if (use_system_slot_) {
+ GetSystemAndPrivateSlot(username_hash_, bound_callback);
+ } else {
+ // Skip getting the system slot.
+ GetPrivateSlotAndCallBack(
+ username_hash_, bound_callback, crypto::ScopedPK11Slot());
+ }
}
-void ClientCertStoreChromeOS::GetClientCertsImpl(CERTCertList* cert_list,
- const SSLCertRequestInfo& request,
- bool query_nssdb,
- CertificateList* selected_certs) {
+void ClientCertStoreChromeOS::GetClientCertsImpl(
+ CERTCertList* cert_list,
+ const SSLCertRequestInfo& request,
+ bool query_nssdb,
+ CertificateList* selected_certs) {
ClientCertStoreNSS::GetClientCertsImpl(
cert_list, request, query_nssdb, selected_certs);
@@ -57,13 +97,15 @@ void ClientCertStoreChromeOS::GetClientCertsImpl(CERTCertList* cert_list,
<< pre_size << " certs";
}
-void ClientCertStoreChromeOS::DidGetPrivateSlot(
+void ClientCertStoreChromeOS::DidGetSystemAndPrivateSlot(
const SSLCertRequestInfo* request,
CertificateList* selected_certs,
const base::Closure& callback,
+ crypto::ScopedPK11Slot system_slot,
crypto::ScopedPK11Slot private_slot) {
profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_),
- private_slot.Pass());
+ private_slot.Pass(),
+ system_slot.Pass());
ClientCertStoreNSS::GetClientCerts(*request, selected_certs, callback);
}
« no previous file with comments | « net/ssl/client_cert_store_chromeos.h ('k') | net/ssl/client_cert_store_chromeos_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698