Remove nss_util dependency from ClientCertStoreChromeOS.

chrome/browser/chromeos/net/client_cert_filter_chromeos.cc

Index: chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
diff --git a/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
new file mode 100644
index 0000000000000000000000000000000000000000..1ff3a786138bd9f7011319eea968f24908b6c16c
--- /dev/null
+++ b/chrome/browser/chromeos/net/client_cert_filter_chromeos.cc
@@ -0,0 +1,76 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/chromeos/net/client_cert_filter_chromeos.h"
+
+#include "base/bind.h"
+#include "crypto/nss_util_internal.h"
+#include "net/cert/x509_certificate.h"
+
+namespace chromeos {
+
+ClientCertFilterChromeOS::ClientCertFilterChromeOS(
+    bool use_system_slot,
+    const std::string& username_hash)
+    : init_called_(false),
+      use_system_slot_(use_system_slot),
+      username_hash_(username_hash),
+      weak_ptr_factory_(this) {
+}
+
+ClientCertFilterChromeOS::~ClientCertFilterChromeOS() {
+}
+
+bool ClientCertFilterChromeOS::Init(const base::Closure& callback) {
+  DCHECK(!init_called_);
+  init_called_ = true;
+
+  init_callback_ = callback;
+  if (use_system_slot_) {
+    system_slot_ = crypto::GetSystemNSSKeySlot(
+                       base::Bind(&ClientCertFilterChromeOS::GotSystemSlot,
+                                  weak_ptr_factory_.GetWeakPtr())).Pass();
+  }
+  private_slot_ =
+      crypto::GetPrivateSlotForChromeOSUser(
+          username_hash_, base::Bind(&ClientCertFilterChromeOS::GotPrivateSlot,
+                                     weak_ptr_factory_.GetWeakPtr())).Pass();
+
+  // Do not call back if we initialized synchronously.
+  return InitIfSlotsAvailable();
+}
+
+bool ClientCertFilterChromeOS::IsCertAllowed(
+    const scoped_refptr<net::X509Certificate>& cert) const {
+  return nss_profile_filter_.IsCertAllowed(cert->os_cert_handle());
+}
+
+void ClientCertFilterChromeOS::GotSystemSlot(
+    crypto::ScopedPK11Slot system_slot) {
+  system_slot_ = system_slot.Pass();
+  if (InitIfSlotsAvailable() && !init_callback_.is_null()) {
+    init_callback_.Run();
+    init_callback_.Reset();
+  }
+}
+
+void ClientCertFilterChromeOS::GotPrivateSlot(
+    crypto::ScopedPK11Slot private_slot) {
+  private_slot_ = private_slot.Pass();
+  if (InitIfSlotsAvailable() && !init_callback_.is_null()) {
+    init_callback_.Run();
+    init_callback_.Reset();
+  }
+}
+
+bool ClientCertFilterChromeOS::InitIfSlotsAvailable() {
+  if ((use_system_slot_ && !system_slot_) || !private_slot_)
+    return false;
+  nss_profile_filter_.Init(crypto::GetPublicSlotForChromeOSUser(username_hash_),
+                           private_slot_.Pass(),
+                           system_slot_.Pass());
+  return true;
+}
+
+}  // namespace chromeos