Initialize per-ChromeOS-user NSS slots and provide the functions to access them.

chrome/browser/net/nss_context.cc

Index: chrome/browser/net/nss_context.cc
diff --git a/chrome/browser/net/nss_context.cc b/chrome/browser/net/nss_context.cc
new file mode 100644
index 0000000000000000000000000000000000000000..5ac2bf90edcb748af8e83aaeaea65e575273958e
--- /dev/null
+++ b/chrome/browser/net/nss_context.cc
@@ -0,0 +1,38 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/net/nss_context.h"
+
+#include "chrome/browser/profiles/profile_io_data.h"
+#include "content/public/browser/browser_thread.h"
+#include "crypto/nss_util_internal.h"
+
+namespace {
+#if defined(OS_CHROMEOS)

[Ryan Sleevi, 2013/12/04 20:59:55]

Rather than these #ifdef's, lets do a proper file separation of

nss_context_chromeos.cc
nss_context_linux.cc

[mattm, 2013/12/04 22:09:28]

derp, good call. Done.

+std::string GetUsername(content::ResourceContext* context) {
+  return ProfileIOData::FromResourceContext(context)->username_hash();
+}
+#endif  // defined(OS_CHROMEOS)
+}  // namespace
+
+crypto::ScopedPK11Slot GetPublicNSSKeySlotForResourceContext(
+    content::ResourceContext* context) {
+  DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
+#if defined(OS_CHROMEOS)
+  return crypto::GetPublicSlotForChromeOSUser(GetUsername(context));
+#else
+  return crypto::ScopedPK11Slot(crypto::GetPublicNSSKeySlot());
+#endif
+}
+
+crypto::ScopedPK11Slot GetPrivateNSSKeySlotForResourceContext(
+    content::ResourceContext* context,
+    const base::Callback<void(crypto::ScopedPK11Slot)>& callback) {
+  DCHECK(content::BrowserThread::CurrentlyOn(content::BrowserThread::IO));
+#if defined(OS_CHROMEOS)
+  return crypto::GetPrivateSlotForChromeOSUser(GetUsername(context), callback);
+#else
+  return crypto::ScopedPK11Slot(crypto::GetPrivateNSSKeySlot());
+#endif
+}