OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
6 #include "crypto/nss_util_internal.h" | 6 #include "crypto/nss_util_internal.h" |
7 | 7 |
8 #include <nss.h> | 8 #include <nss.h> |
9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
10 #include <plarena.h> | 10 #include <plarena.h> |
(...skipping 576 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
587 if (!thread_checker_.CalledOnValidThread()) { | 587 if (!thread_checker_.CalledOnValidThread()) { |
588 DVLOG(1) << "Called on wrong thread.\n" | 588 DVLOG(1) << "Called on wrong thread.\n" |
589 << base::debug::StackTrace().ToString(); | 589 << base::debug::StackTrace().ToString(); |
590 } | 590 } |
591 | 591 |
592 return PK11_GetInternalKeySlot(); | 592 return PK11_GetInternalKeySlot(); |
593 } | 593 } |
594 #endif | 594 #endif |
595 | 595 |
596 #if defined(OS_CHROMEOS) | 596 #if defined(OS_CHROMEOS) |
597 PK11SlotInfo* GetSystemNSSKeySlot() { | 597 void GetSystemNSSKeySlotCallback( |
| 598 const base::Callback<void(ScopedPK11Slot)>& callback) { |
| 599 callback.Run(ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_))); |
| 600 } |
| 601 |
| 602 ScopedPK11Slot GetSystemNSSKeySlot( |
| 603 const base::Callback<void(ScopedPK11Slot)>& callback) { |
598 DCHECK(thread_checker_.CalledOnValidThread()); | 604 DCHECK(thread_checker_.CalledOnValidThread()); |
599 | |
600 // TODO(mattm): chromeos::TPMTokenloader always calls | 605 // TODO(mattm): chromeos::TPMTokenloader always calls |
601 // InitializeTPMTokenAndSystemSlot with slot 0. If the system slot is | 606 // InitializeTPMTokenAndSystemSlot with slot 0. If the system slot is |
602 // disabled, tpm_slot_ will be the first user's slot instead. Can that be | 607 // disabled, tpm_slot_ will be the first user's slot instead. Can that be |
603 // detected and return NULL instead? | 608 // detected and return NULL instead? |
604 if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure())) | 609 |
605 return PK11_ReferenceSlot(tpm_slot_); | 610 base::Closure wrapped_callback; |
606 // If we were supposed to get the hardware token, but were | 611 if (!callback.is_null()) { |
607 // unable to, return NULL rather than fall back to sofware. | 612 wrapped_callback = |
608 return NULL; | 613 base::Bind(&NSSInitSingleton::GetSystemNSSKeySlotCallback, |
| 614 base::Unretained(this) /* singleton is leaky */, |
| 615 callback); |
| 616 } |
| 617 if (IsTPMTokenReady(wrapped_callback)) |
| 618 return ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_)); |
| 619 return ScopedPK11Slot(); |
609 } | 620 } |
610 #endif | 621 #endif |
611 | 622 |
612 #if defined(USE_NSS) | 623 #if defined(USE_NSS) |
613 base::Lock* write_lock() { | 624 base::Lock* write_lock() { |
614 return &write_lock_; | 625 return &write_lock_; |
615 } | 626 } |
616 #endif // defined(USE_NSS) | 627 #endif // defined(USE_NSS) |
617 | 628 |
618 // This method is used to force NSS to be initialized without a DB. | 629 // This method is used to force NSS to be initialized without a DB. |
(...skipping 374 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
993 : lock_(SECMOD_GetDefaultModuleListLock()) { | 1004 : lock_(SECMOD_GetDefaultModuleListLock()) { |
994 SECMOD_GetReadLock(lock_); | 1005 SECMOD_GetReadLock(lock_); |
995 } | 1006 } |
996 | 1007 |
997 AutoSECMODListReadLock::~AutoSECMODListReadLock() { | 1008 AutoSECMODListReadLock::~AutoSECMODListReadLock() { |
998 SECMOD_ReleaseReadLock(lock_); | 1009 SECMOD_ReleaseReadLock(lock_); |
999 } | 1010 } |
1000 #endif // defined(USE_NSS) | 1011 #endif // defined(USE_NSS) |
1001 | 1012 |
1002 #if defined(OS_CHROMEOS) | 1013 #if defined(OS_CHROMEOS) |
1003 PK11SlotInfo* GetSystemNSSKeySlot() { | 1014 ScopedPK11Slot GetSystemNSSKeySlot( |
1004 return g_nss_singleton.Get().GetSystemNSSKeySlot(); | 1015 const base::Callback<void(ScopedPK11Slot)>& callback) { |
| 1016 return g_nss_singleton.Get().GetSystemNSSKeySlot(callback); |
1005 } | 1017 } |
1006 | 1018 |
1007 void SetSystemKeySlotForTesting(ScopedPK11Slot slot) { | 1019 void SetSystemKeySlotForTesting(ScopedPK11Slot slot) { |
1008 g_nss_singleton.Get().SetSystemKeySlotForTesting(ScopedPK11Slot()); | 1020 g_nss_singleton.Get().SetSystemKeySlotForTesting(ScopedPK11Slot()); |
1009 } | 1021 } |
1010 | 1022 |
1011 void EnableTPMTokenForNSS() { | 1023 void EnableTPMTokenForNSS() { |
1012 g_nss_singleton.Get().EnableTPMTokenForNSS(); | 1024 g_nss_singleton.Get().EnableTPMTokenForNSS(); |
1013 } | 1025 } |
1014 | 1026 |
(...skipping 66 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1081 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 1093 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
1082 } | 1094 } |
1083 | 1095 |
1084 #if !defined(OS_CHROMEOS) | 1096 #if !defined(OS_CHROMEOS) |
1085 PK11SlotInfo* GetPersistentNSSKeySlot() { | 1097 PK11SlotInfo* GetPersistentNSSKeySlot() { |
1086 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); | 1098 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
1087 } | 1099 } |
1088 #endif | 1100 #endif |
1089 | 1101 |
1090 } // namespace crypto | 1102 } // namespace crypto |
OLD | NEW |