Update keygen to use correct NSS slot on ChromeOS multiprofile.

chrome/browser/profiles/profile_io_data.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/profiles/profile_io_data.h"
 
 #include <string>
 
 #include "base/basictypes.h"
 #include "base/bind.h"
@@ skipping 44 matching lines @@
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "chrome/common/url_constants.h"
 #include "components/startup_metric_utils/startup_metric_utils.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/host_zoom_map.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/browser/resource_context.h"
 #include "extensions/browser/info_map.h"
 #include "extensions/common/constants.h"
+#include "net/base/keygen_handler.h"
 #include "net/cookies/canonical_cookie.h"
 #include "net/cookies/cookie_monster.h"
 #include "net/http/http_transaction_factory.h"
 #include "net/http/http_util.h"
 #include "net/http/transport_security_persister.h"
 #include "net/proxy/proxy_config_service_fixed.h"
 #include "net/proxy/proxy_script_fetcher_impl.h"
 #include "net/proxy/proxy_service.h"
 #include "net/ssl/client_cert_store.h"
 #include "net/ssl/client_cert_store_impl.h"
@@ skipping 21 matching lines @@
 #include "chrome/browser/chromeos/policy/policy_cert_verifier.h"
 #include "chrome/browser/chromeos/settings/cros_settings.h"
 #include "chromeos/dbus/cryptohome_client.h"
 #include "chromeos/dbus/dbus_thread_manager.h"
 #include "chromeos/settings/cros_settings_names.h"
 #include "crypto/nss_util.h"
 #include "crypto/nss_util_internal.h"
 #endif  // defined(OS_CHROMEOS)
 
 #if defined(USE_NSS)
-#include "chrome/browser/ui/crypto_module_password_dialog.h"
+#include "chrome/browser/ui/crypto_module_delegate_nss.h"
 #endif
 
 using content::BrowserContext;
 using content::BrowserThread;
 using content::ResourceContext;
 
 namespace {
 
 // ----------------------------------------------------------------------------
 // CookieMonster::Delegate implementation
@@ skipping 216 matching lines @@
       StartTPMSlotInitializationOnIOThread(username, username_hash);
     } else {
       DVLOG(1) << "Waiting for tpm ready ...";
     }
   } else {
     crypto::InitializePrivateSoftwareSlotForChromeOSUser(username_hash);
   }
 }
 #endif  // defined(OS_CHROMEOS)
 
+#if defined(USE_NSS)
+void KeygenHandlerCallbackHelper(
+    const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback,
+    scoped_ptr<net::KeygenHandler>* keygen_handler) {
+  callback.Run(keygen_handler->Pass());
+};
+#endif  // defined(USE_NSS)
+
 }  // namespace
 
 void ProfileIOData::InitializeOnUIThread(Profile* profile) {
   DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   PrefService* pref_service = profile->GetPrefs();
   PrefService* local_state_pref_service = g_browser_process->local_state();
 
   scoped_ptr<ProfileParams> params(new ProfileParams);
   params->path = profile->GetPath();
 
@@ skipping 466 matching lines @@
   DCHECK(io_data_->initialized_);
   return request_context_;
 }
 
 scoped_ptr<net::ClientCertStore>
 ProfileIOData::ResourceContext::CreateClientCertStore() {
 #if !defined(USE_OPENSSL)
   scoped_ptr<net::ClientCertStoreImpl> store(new net::ClientCertStoreImpl());
 #if defined(USE_NSS)
   store->set_password_delegate_factory(
-      base::Bind(&chrome::NewCryptoModuleBlockingDialogDelegate,
+      base::Bind(&CreateCryptoModuleBlockingPasswordDelegate,
                  chrome::kCryptoModulePasswordClientAuth));
 #endif
   return store.PassAs<net::ClientCertStore>();
 #else  // defined(USE_OPENSSL)
   // OpenSSL does not use the ClientCertStore infrastructure. On Android client
   // cert matching is done by the OS as part of the call to show the cert
   // selection dialog.
   return scoped_ptr<net::ClientCertStore>();
 #endif
 }
 
+scoped_ptr<net::KeygenHandler>
+ProfileIOData::ResourceContext::CreateKeygenHandler(
+    uint32 key_size_in_bits,
+    const std::string& challenge_string,
+    const GURL& url,
+    const base::Callback<void(scoped_ptr<net::KeygenHandler>)>& callback) {
+  DCHECK(!callback.is_null());
+#if defined(USE_NSS)
+  scoped_ptr<net::KeygenHandler>* keygen_handler =

[sky, 2013/12/11 00:26:00]

Can't you use a scoped_ptr rather than scoped_ptr* ?

[mattm, 2013/12/11 01:10:46]

see the comment on line 869, I'll add a comment here too.

[sky, 2013/12/11 14:20:42]

I thought base::Passed(XXX) was the preferred way to pass around scoped_ptrs
like this? Its entirely possible I have it wrong though.

+      new scoped_ptr<net::KeygenHandler>(
+          new net::KeygenHandler(key_size_in_bits, challenge_string, url));
+
+  scoped_ptr<ChromeNSSCryptoModuleDelegate> delegate(
+      new ChromeNSSCryptoModuleDelegate(chrome::kCryptoModulePasswordKeygen,
+                                        url.host()));
+  ChromeNSSCryptoModuleDelegate* delegate_ptr = delegate.get();
+  (*keygen_handler)->set_crypto_module_delegate(
+      delegate.PassAs<crypto::NSSCryptoModuleDelegate>());
+
+  // Keep |helper_callback| on the stack, since ownership of
+  // |keygen_handler| is transferred to |helper_callback|.  This allows
+  // |keygen_handler| to still be accessed if InitializeSlot returns with
+  // synchronous success.
+  base::Closure helper_callback = base::Bind(
+      &KeygenHandlerCallbackHelper, callback, base::Owned(keygen_handler));
+  if (delegate_ptr->InitializeSlot(this, helper_callback)) {
+    // Synchronous success, return the KeygenHandler directly.
+    return keygen_handler->Pass();
+  }
+  // The KeygenHandler will be passed to |callback| by
+  // KeygenHandlerCallbackHelper.
+  return scoped_ptr<net::KeygenHandler>();
+#else
+  return scoped_ptr<net::KeygenHandler>(
+      new net::KeygenHandler(key_size_in_bits, challenge_string, url));
+#endif
+}
+
 bool ProfileIOData::ResourceContext::AllowMicAccess(const GURL& origin) {
   return AllowContentAccess(origin, CONTENT_SETTINGS_TYPE_MEDIASTREAM_MIC);
 }
 
 bool ProfileIOData::ResourceContext::AllowCameraAccess(const GURL& origin) {
   return AllowContentAccess(origin, CONTENT_SETTINGS_TYPE_MEDIASTREAM_CAMERA);
 }
 
 bool ProfileIOData::ResourceContext::AllowContentAccess(
     const GURL& origin, ContentSettingsType type) {
@@ skipping 267 matching lines @@
 void ProfileIOData::SetCookieSettingsForTesting(
     CookieSettings* cookie_settings) {
   DCHECK(!cookie_settings_.get());
   cookie_settings_ = cookie_settings;
 }
 
 void ProfileIOData::set_signin_names_for_testing(
     SigninNamesOnIOThread* signin_names) {
   signin_names_.reset(signin_names);
 }