| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ | 5 #ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |
| 6 #define CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ | 6 #define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |
| 7 | 7 |
| 8 #include <string> | 8 #include <string> |
| 9 | 9 |
| 10 #include "base/callback_forward.h" |
| 11 #include "crypto/scoped_nss_types.h" |
| 12 |
| 10 namespace crypto { | 13 namespace crypto { |
| 11 | 14 |
| 12 // PK11_SetPasswordFunc is a global setting. An implementation of | 15 // PK11_SetPasswordFunc is a global setting. An implementation of |
| 13 // CryptoModuleBlockingPasswordDelegate should be passed as the user data | 16 // CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the |
| 14 // argument (|wincx|) to relevant NSS functions, which the global password | 17 // user data argument (|wincx|) to relevant NSS functions, which the global |
| 15 // handler will call to do the actual work. | 18 // password handler will call to do the actual work. This delegate should only |
| 19 // be used in NSS calls on worker threads due to the blocking nature. |
| 16 class CryptoModuleBlockingPasswordDelegate { | 20 class CryptoModuleBlockingPasswordDelegate { |
| 17 public: | 21 public: |
| 18 virtual ~CryptoModuleBlockingPasswordDelegate() {} | 22 virtual ~CryptoModuleBlockingPasswordDelegate() {} |
| 19 | 23 |
| 20 // Requests a password to unlock |slot_name|. The interface is | 24 // Return a value suitable for passing to the |wincx| argument of relevant NSS |
| 21 // synchronous because NSS cannot issue an asynchronous | 25 // functions. This should be used instead of passing the object pointer |
| 22 // request. |retry| is true if this is a request for the retry | 26 // directly to avoid accidentally casting a pointer to a subclass to void* and |
| 23 // and we previously returned the wrong password. | 27 // then casting back to a pointer of the base class |
| 28 void* wincx() { return this; } |
| 29 |
| 30 // Requests a password to unlock |slot_name|. The interface is synchronous |
| 31 // because NSS cannot issue an asynchronous request. |retry| is true if this |
| 32 // is a request for the retry and we previously returned the wrong password. |
| 24 // The implementation should set |*cancelled| to true if the user cancelled | 33 // The implementation should set |*cancelled| to true if the user cancelled |
| 25 // instead of entering a password, otherwise it should return the password the | 34 // instead of entering a password, otherwise it should return the password the |
| 26 // user entered. | 35 // user entered. |
| 27 virtual std::string RequestPassword(const std::string& slot_name, bool retry, | 36 virtual std::string RequestPassword(const std::string& slot_name, bool retry, |
| 28 bool* cancelled) = 0; | 37 bool* cancelled) = 0; |
| 38 |
| 39 }; |
| 40 |
| 41 // Extends CryptoModuleBlockingPasswordDelegate with the ability to return a |
| 42 // slot in which to act. (Eg, which slot to store a generated key in.) |
| 43 class NSSCryptoModuleDelegate : public CryptoModuleBlockingPasswordDelegate { |
| 44 public: |
| 45 virtual ~NSSCryptoModuleDelegate() {} |
| 46 |
| 47 // Get the slot to store the generated key. |
| 48 virtual ScopedPK11Slot RequestSlot() = 0; |
| 29 }; | 49 }; |
| 30 | 50 |
| 31 } // namespace crypto | 51 } // namespace crypto |
| 32 | 52 |
| 33 #endif // CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ | 53 #endif // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 61643007:
Update keygen to use correct NSS slot on ChromeOS multiprofile. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src