This change loads opencryptoki and uses the TPM for keygen tags.

base/nss_util.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/nss_util.h"
 #include "base/nss_util_internal.h"
 
 #include <nss.h>
 #include <plarena.h>
 #include <prerror.h>
 #include <prinit.h>
 #include <prtime.h>
 #include <pk11pub.h>
 #include <secmod.h>
 
 #if defined(OS_LINUX)
 #include <linux/nfs_fs.h>
 #include <sys/vfs.h>
 #endif
 
+#include "base/crypto/scoped_nss_types.h"
 #include "base/file_util.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/stringprintf.h"
 #include "base/threading/thread_restrictions.h"
 
 // USE_NSS means we use NSS for everything crypto-related.  If USE_NSS is not
 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't
 // use NSS for crypto or certificate verification, and we don't use the NSS
 // certificate and key databases.
 #if defined(USE_NSS)
 #include "base/crypto/crypto_module_blocking_password_delegate.h"
 #include "base/environment.h"
 #include "base/scoped_ptr.h"
 #include "base/synchronization/lock.h"
 #endif  // defined(USE_NSS)
 
 namespace base {
 
 namespace {
 
+#if defined(OS_CHROMEOS)
+static const char kNSSDatabaseName[] = "Real NSS database";

[wtc, 2011/03/17 19:34:22]

Nit: some of these constants, such as kNSSDatabaseName and
kReadOnlyCertDB, are used in only one function.  It may be
better to define those constants in those functions so that
the reader has everything he needs in one place to understand
the code. This is a matter of preference and a judgment call
on the trade-off with defining related constants in one place.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

I think I prefer all the constants in one place.

+
+// TODO(gspencer): Get these values from cryptohomed's dbus API when
+// we ask if it has initialized the TPM yet.  These should not be
+// hard-coded here.
+static const char kTPMTokenName[] = "Initialized by CrOS";
+static const char kTPMUserPin[] = "111111";
+static const char kTPMSecurityOfficerPin[] = "000000";

[wtc, 2011/03/17 19:34:22]

Nit: Pin => PIN
in lines 50 and 51.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done, although "Pin" is consistent with PK11_InitPin.

+
+// Fake certificate authority database used for testing.
+static const FilePath::CharType kReadOnlyCertDB[] =
+    FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb");
+#endif  // defined(OS_CHROMEOS)
+
+std::string GetNSSErrorMessage() {
+  std::string result;
+  if (PR_GetErrorTextLength()) {
+    scoped_ptr<char> error_text(new char[PR_GetErrorTextLength() + 1]);

[wtc, 2011/03/17 19:34:22]

BUG: scoped_ptr => scoped_array

The scoped_ptr destructor uses 'delete', but we need
'delete[]' here.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Whoa.  Good catch, thanks.  I knew that already, I just typed the wrong thing.

+    PRInt32 copied = PR_GetErrorText(error_text.get());
+    result = std::string(error_text.get(), copied);
+  } else {
+    result = StringPrintf("NSS Error code: %d", PR_GetError());

[wtc, 2011/03/17 19:34:22]

Nit: Error => error

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.

+  }
+  return result;
+}
+
 #if defined(USE_NSS)
 FilePath GetDefaultConfigDirectory() {
   FilePath dir = file_util::GetHomeDir();
   if (dir.empty()) {
     LOG(ERROR) << "Failed to get home directory.";
     return dir;
   }
   dir = dir.AppendASCII(".pki").AppendASCII("nssdb");
   if (!file_util::CreateDirectory(dir)) {
     LOG(ERROR) << "Failed to create ~/.pki/nssdb directory.";
     dir.clear();
   }
   return dir;
 }
 
 // On non-chromeos platforms, return the default config directory.
 // On chromeos, return a read-only directory with fake root CA certs for testing
 // (which will not exist on non-testing images).  These root CA certs are used
 // by the local Google Accounts server mock we use when testing our login code.
 // If this directory is not present, NSS_Init() will fail.  It is up to the
 // caller to failover to NSS_NoDB_Init() at that point.
 FilePath GetInitialConfigDirectory() {
 #if defined(OS_CHROMEOS)
-  static const FilePath::CharType kReadOnlyCertDB[] =
-      FILE_PATH_LITERAL("/etc/fake_root_ca/nssdb");
   return FilePath(kReadOnlyCertDB);
 #else
   return GetDefaultConfigDirectory();
 #endif  // defined(OS_CHROMEOS)
 }
 
 // This callback for NSS forwards all requests to a caller-specified
 // CryptoModuleBlockingPasswordDelegate object.
 char* PKCS11PasswordFunc(PK11SlotInfo* slot, PRBool retry, void* arg) {
+#if defined(OS_CHROMEOS)
+  // If we get asked for a password for the TPM, then return the
+  // static password we use.
+  if (PK11_GetTokenName(slot) == base::GetTPMTokenName())
+    return PORT_Strdup(kTPMUserPin);
+#endif
   base::CryptoModuleBlockingPasswordDelegate* delegate =
       reinterpret_cast<base::CryptoModuleBlockingPasswordDelegate*>(arg);
   if (delegate) {
     bool cancelled = false;
     std::string password = delegate->RequestPassword(PK11_GetTokenName(slot),
                                                      retry != PR_FALSE,
                                                      &cancelled);
     if (cancelled)
       return NULL;
     char* result = PORT_Strdup(password.c_str());
@@ skipping 23 matching lines @@
     if (buf.f_type == NFS_SUPER_MAGIC) {
       scoped_ptr<Environment> env(Environment::Create());
       const char* use_cache_env_var = "NSS_SDB_USE_CACHE";
       if (!env->HasVar(use_cache_env_var))
         env->SetVar(use_cache_env_var, "yes");
     }
   }
 #endif  // defined(OS_LINUX)
 }
 
-// Load nss's built-in root certs.
-SECMODModule *InitDefaultRootCerts() {
-  const char* kModulePath = "libnssckbi.so";
-  char modparams[1024];
-  snprintf(modparams, sizeof(modparams),
-           "name=\"Root Certs\" library=\"%s\"", kModulePath);
-  SECMODModule *root = SECMOD_LoadUserModule(modparams, NULL, PR_FALSE);
-  if (root)
-    return root;
+// A helper class that acquires the SECMOD list read lock while the
+// AutoSECMODListReadLock is in scope.
+class AutoSECMODListReadLock {
+ public:
+  AutoSECMODListReadLock()
+      : lock_(SECMOD_GetDefaultModuleListLock()) {
+    SECMOD_GetReadLock(lock_);
+  }
 
-  // Aw, snap.  Can't find/load root cert shared library.
-  // This will make it hard to talk to anybody via https.
-  NOTREACHED();
+  ~AutoSECMODListReadLock() {
+    if (lock_)

[wtc, 2011/03/17 19:34:22]

Nit: delete the if (lock_) test because it's also deleted
in the constructor.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.

+      SECMOD_ReleaseReadLock(lock_);
+  }
+
+ private:
+  SECMODListLock* lock_;
+  DISALLOW_COPY_AND_ASSIGN(AutoSECMODListReadLock);
+};
+
+PK11SlotInfo* FindSlotWithTokenName(const std::string& token_name) {
+  AutoSECMODListReadLock auto_lock;
+  SECMODModuleList* head = SECMOD_GetDefaultModuleList();
+  for(SECMODModuleList* item = head; item != NULL; item = item->next) {

[wtc, 2011/03/17 19:34:22]

Nit: add a space after 'for'.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.

+    DCHECK(item);
+    DCHECK(item->module); // This shouldn't happen or NSS would crash anyhow.

[wtc, 2011/03/17 19:34:22]

Defintely remove DCHECK(item) on line 174 because it's
guaranteed by the condition of the for loop (item != NULL).

I would omit DCHECK(item->module) on line 175; we need to
trust NSS can implement a simple C linked list correctly :-)
But it's not a big deal.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Yeah, I think I agree with you.  I didn't have this check in here originally,
but added it because Ken wanted more assurance.  I think that I'm going to
assume that NSS will crash long before this if a module is NULL.

+    int slot_count = item->module->loaded ? item->module->slotCount : 0;
+    for (int i = 0; i < slot_count; i++) {
+      PK11SlotInfo* slot = item->module->slots[i];
+      if (PK11_GetTokenName(slot) == token_name) {
+        return PK11_ReferenceSlot(slot);
+      }

[wtc, 2011/03/17 19:34:22]

Nit: omit curly braces around one-liner if bodies.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Sorry, long standing habit.

+    }
+  }
   return NULL;
 }
+
 #endif  // defined(USE_NSS)
 
 // A singleton to initialize/deinitialize NSPR.
 // Separate from the NSS singleton because we initialize NSPR on the UI thread.
 // Now that we're leaking the singleton, we could merge back with the NSS
 // singleton.
 class NSPRInitSingleton {
  private:
   friend struct DefaultLazyInstanceTraits<NSPRInitSingleton>;
 
@@ skipping 15 matching lines @@
 
 LazyInstance<NSPRInitSingleton, LeakyLazyInstanceTraits<NSPRInitSingleton> >
     g_nspr_singleton(LINKER_INITIALIZED);
 
 class NSSInitSingleton {
  public:
 #if defined(OS_CHROMEOS)
   void OpenPersistentNSSDB() {
     if (!chromeos_user_logged_in_) {
       // GetDefaultConfigDirectory causes us to do blocking IO on UI thread.
-      // Temporarily allow it until we fix http://crbug.com.70119
+      // Temporarily allow it until we fix http://crbug.com/70119
       ThreadRestrictions::ScopedAllowIO allow_io;
       chromeos_user_logged_in_ = true;
-      real_db_slot_ = OpenUserDB(GetDefaultConfigDirectory(),
-                                 "Real NSS database");
+
+      // This creates a new DB slot in NSS that is read/write, unlike
+      // the cert DB and the "default" crypto key provider, which are

[wtc, 2011/03/17 19:34:22]

Nit: "the cert DB" here is the fake root CA cert DB, right?
If so, let's say that.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.

+      // still read-only (because we initialized NSS before we had a
+      // cryptohome mounted).
+      real_db_slot_ = OpenUserDB(GetDefaultConfigDirectory(), kNSSDatabaseName);
+
+      // This loads the opencryptoki module so we can talk to the
+      // hardware TPM.
+      opencryptoki_module_ = LoadModule(
+          "opencryptoki",
+          "/usr/lib/opencryptoki/libopencryptoki.so",
+          // trustOrder=100 -- means it'll select this as the most
+          //   trusted slot for the mechanisms it provides.
+          // slotParams=... -- selects RSA as only mechanism, and only
+          //   asks for the password when necessary (instead of every
+          //   time, or after a timeout).
+          "trustOrder=100 slotParams=(1={slotFlags=[RSA] askpw=only})");
+      if (opencryptoki_module_) {
+        // We shouldn't need to initialize the TPM PIN here because
+        // it'll be taken care of by cryptohomed, but we have to make
+        // sure that it is initialized.
+
+        // TODO(gspencer): replace this with a dbus call to check and
+        // see that cryptohomed has initialized the PINs already.
+        EnsureTPMInit();
+      }
     }
   }
+
+  std::string GetTPMTokenName() {
+    // TODO(gspencer): This should come from the dbus interchange with
+    // cryptohomed instead of being hard-coded.
+    return std::string(kTPMTokenName);
+  }
+
+  PK11SlotInfo* GetTPMSlot() {
+    return FindSlotWithTokenName(GetTPMTokenName());
+  }
 #endif  // defined(OS_CHROMEOS)
 
+
   bool OpenTestNSSDB(const FilePath& path, const char* description) {
     test_db_slot_ = OpenUserDB(path, description);
     return !!test_db_slot_;
   }
 
   void CloseTestNSSDB() {
     if (test_db_slot_) {
       SECStatus status = SECMOD_CloseUserDB(test_db_slot_);
       if (status != SECSuccess)
         LOG(ERROR) << "SECMOD_CloseUserDB failed: " << PORT_GetError();
       PK11_FreeSlot(test_db_slot_);
       test_db_slot_ = NULL;
     }
   }
 
   PK11SlotInfo* GetDefaultKeySlot() {

[wtc, 2011/03/17 19:34:22]

We should rename this method to point out that this key
slot is an NSS DB, now that the TPM can also serve as
a key slot.

I guess we can simply rename it GetDefaultNSSKeySlot
to match the same-named free function.  Or
GetDefaultDBSlot.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.  Renamed to GetDefaultNSSKeySlot.

     if (test_db_slot_)
       return PK11_ReferenceSlot(test_db_slot_);
     if (real_db_slot_)
       return PK11_ReferenceSlot(real_db_slot_);
     return PK11_GetInternalKeySlot();
   }
 
 #if defined(USE_NSS)
   Lock* write_lock() {
     return &write_lock_;
   }
 #endif  // defined(USE_NSS)
 
  private:
   friend struct DefaultLazyInstanceTraits<NSSInitSingleton>;
 
   NSSInitSingleton()
       : real_db_slot_(NULL),
         test_db_slot_(NULL),
         root_(NULL),
+        opencryptoki_module_(NULL),
         chromeos_user_logged_in_(false) {
     EnsureNSPRInit();
 
     // We *must* have NSS >= 3.12.3.  See bug 26448.
     COMPILE_ASSERT(
         (NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH >= 3) ||
         (NSS_VMAJOR == 3 && NSS_VMINOR > 12) ||
         (NSS_VMAJOR > 3),
         nss_version_check_failed);
     // Also check the run-time NSS version.
@@ skipping 10 matching lines @@
                     "still get this error, contact your distribution "
                     "maintainer.";
     }
 
     SECStatus status = SECFailure;
 #if !defined(USE_NSS)
     // Use the system certificate store, so initialize NSS without database.
     status = NSS_NoDB_Init(NULL);
     if (status != SECSuccess) {
       LOG(ERROR) << "Error initializing NSS without a persistent "
-                    "database: NSS error code " << PR_GetError();
+                    "database: " << GetNSSErrorMessage();
     }
 #else
     FilePath database_dir = GetInitialConfigDirectory();
     if (!database_dir.empty()) {
       // This duplicates the work which should have been done in
       // EarlySetupForNSSInit. However, this function is idempotent so there's
       // no harm done.
       UseLocalCacheOfNSSDatabaseIfNFS(database_dir);
 
       // Initialize with a persistent database (likely, ~/.pki/nssdb).
       // Use "sql:" which can be shared by multiple processes safely.
       std::string nss_config_dir =
           StringPrintf("sql:%s", database_dir.value().c_str());
 #if defined(OS_CHROMEOS)
       status = NSS_Init(nss_config_dir.c_str());
 #else
       status = NSS_InitReadWrite(nss_config_dir.c_str());
 #endif
       if (status != SECSuccess) {
         LOG(ERROR) << "Error initializing NSS with a persistent "
                       "database (" << nss_config_dir
-                   << "): NSS error code " << PR_GetError();
+                   << "): " << GetNSSErrorMessage();
       }
     }
     if (status != SECSuccess) {
-      LOG(WARNING) << "Initialize NSS without a persistent database "
-                      "(~/.pki/nssdb).";
+      VLOG(1) << "Initializing NSS without a persistent database.";
       status = NSS_NoDB_Init(NULL);
       if (status != SECSuccess) {
         LOG(ERROR) << "Error initializing NSS without a persistent "
-                      "database: NSS error code " << PR_GetError();
+                      "database: " << GetNSSErrorMessage();
         return;
       }
     }
 
     PK11_SetPasswordFunc(PKCS11PasswordFunc);
 
     // If we haven't initialized the password for the NSS databases,
     // initialize an empty-string password so that we don't need to
     // log in.
     PK11SlotInfo* slot = PK11_GetInternalKeySlot();
@@ skipping 17 matching lines @@
       SECMOD_CloseUserDB(real_db_slot_);
       PK11_FreeSlot(real_db_slot_);
       real_db_slot_ = NULL;
     }
     CloseTestNSSDB();
     if (root_) {
       SECMOD_UnloadUserModule(root_);
       SECMOD_DestroyModule(root_);
       root_ = NULL;
     }
+    if (opencryptoki_module_) {
+      SECMOD_UnloadUserModule(opencryptoki_module_);
+      SECMOD_DestroyModule(opencryptoki_module_);
+      opencryptoki_module_ = NULL;
+    }
 
     SECStatus status = NSS_Shutdown();
     if (status != SECSuccess) {
       // We VLOG(1) because this failure is relatively harmless (leaking, but
       // we're shutting down anyway).
-      VLOG(1) << "NSS_Shutdown failed; see "
-                 "http://code.google.com/p/chromium/issues/detail?id=4609";
+      VLOG(1) << "NSS_Shutdown failed; see http://crbug.com/4609";
     }
   }
 
+#if defined(USE_NSS)
+  // Load nss's built-in root certs.
+  SECMODModule* InitDefaultRootCerts() {
+    SECMODModule* root = LoadModule("Root Certs", "libnssckbi.so", NULL);
+    if (root)
+      return root;
+
+    // Aw, snap.  Can't find/load root cert shared library.
+    // This will make it hard to talk to anybody via https.
+    NOTREACHED();
+    return NULL;
+  }
+
+  // Load the given module for this NSS session.
+  SECMODModule* LoadModule(const char* name,
+                           const char* library_path,
+                           const char* params) {
+    std::string modparams = StringPrintf(
+        "name=\"%s\" library=\"%s\" %s",
+        name, library_path, params ? params : "");
+
+    // Shouldn't need to const_cast here, but SECMOD doesn't believe
+    // in const interfaces.

[wtc, 2011/03/17 19:34:22]

This is an oversight.  I just filed NSS bug 642546:
https://bugzilla.mozilla.org/show_bug.cgi?id=642546
Please cite the NSS bug number in the comment.

+    SECMODModule* module = SECMOD_LoadUserModule(
+        const_cast<char*>(modparams.c_str()), NULL, PR_FALSE);
+    if (!module) {
+      LOG(ERROR) << "Error loading " << name << " module into NSS: "
+                 << GetNSSErrorMessage();
+      return NULL;
+    }
+    return module;
+  }
+#endif
+
+#if defined(OS_CHROMEOS)
+  void EnsureTPMInit() {
+    base::ScopedPK11Slot tpm_slot(GetTPMSlot());
+    if (tpm_slot.get()) {
+      // TODO(gspencer): Remove this in favor of the dbus API for
+      // cryptohomed when that is available.
+      if (PK11_NeedUserInit(tpm_slot.get())) {
+        AutoNSSWriteLock lock;

[wtc, 2011/03/17 19:34:22]

BUG: the NSSWriteLock is not necessary here because you
are modifying the TPM, not the (real) NSS database.

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

OK, Removed.  It wasn't clear to me what parts of the NSS API would touch the DB
and what wouldn't, so I was erring on the side of caution.

+        PK11_InitPin(tpm_slot.get(),
+                     kTPMSecurityOfficerPin,
+                     kTPMUserPin);
+      }
+    }
+  }
+#endif
+
   static PK11SlotInfo* OpenUserDB(const FilePath& path,
                                   const char* description) {
     const std::string modspec =
         StringPrintf("configDir='sql:%s' tokenDescription='%s'",
                      path.value().c_str(), description);
     PK11SlotInfo* db_slot = SECMOD_OpenUserDB(modspec.c_str());
     if (db_slot) {
       if (PK11_NeedUserInit(db_slot))
         PK11_InitPin(db_slot, NULL, NULL);
     }
     else {
       LOG(ERROR) << "Error opening persistent database (" << modspec
-                 << "): NSS error code " << PR_GetError();
+                 << "): " << GetNSSErrorMessage();
     }
     return db_slot;
   }
 
   PK11SlotInfo* real_db_slot_;  // Overrides internal key slot if non-NULL.
   PK11SlotInfo* test_db_slot_;  // Overrides internal key slot and real_db_slot_
-  SECMODModule *root_;
+  SECMODModule* root_;
+  SECMODModule* opencryptoki_module_;
   bool chromeos_user_logged_in_;
 #if defined(USE_NSS)
   // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011
   // is fixed, we will no longer need the lock.
   Lock write_lock_;
 #endif  // defined(USE_NSS)
 };
 
 LazyInstance<NSSInitSingleton, LeakyLazyInstanceTraits<NSSInitSingleton> >
     g_nss_singleton(LINKER_INITIALIZED);
@@ skipping 48 matching lines @@
     lock_->AssertAcquired();
     lock_->Release();
   }
 }
 #endif  // defined(USE_NSS)
 
 #if defined(OS_CHROMEOS)
 void OpenPersistentNSSDB() {
   g_nss_singleton.Get().OpenPersistentNSSDB();
 }
-#endif
+
+std::string GetTPMTokenName() {
+  return g_nss_singleton.Get().GetTPMTokenName();
+}
+#endif  // defined(OS_CHROMEOS)
 
 // TODO(port): Implement this more simply.  We can convert by subtracting an
 // offset (the difference between NSPR's and base::Time's epochs).
 Time PRTimeToBaseTime(PRTime prtime) {
   PRExplodedTime prxtime;
   PR_ExplodeTime(prtime, PR_GMTParameters, &prxtime);
 
   Time::Exploded exploded;
   exploded.year         = prxtime.tm_year;
   exploded.month        = prxtime.tm_month + 1;
   exploded.day_of_week  = prxtime.tm_wday;
   exploded.day_of_month = prxtime.tm_mday;
   exploded.hour         = prxtime.tm_hour;
   exploded.minute       = prxtime.tm_min;
   exploded.second       = prxtime.tm_sec;
   exploded.millisecond  = prxtime.tm_usec / 1000;
 
   return Time::FromUTCExploded(exploded);
 }
 
 PK11SlotInfo* GetDefaultNSSKeySlot() {
   return g_nss_singleton.Get().GetDefaultKeySlot();
 }
 
+PK11SlotInfo* GetPreferredKeySlot() {
+#if defined(OS_CHROMEOS)
+  return g_nss_singleton.Get().GetTPMSlot();
+#else
+  return g_nss_singleton.Get().GetDefaultKeySlot();

[wtc, 2011/03/17 19:34:22]

Nit: just call GetDefaultNSSKeySlot()?

[Greg Spencer (Chromium), 2011/03/17 22:41:09]

Done.

+#endif
+}
+
 }  // namespace base