Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1711)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: nss_util.cc

Issue 6820024: [login_manager] Fix race condition that caused ownership to never work (Closed) Base URL: http://git.chromium.org/git/login_manager.git@master
Patch Set: comment update Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « nss_util.h ('k') | session_manager_service.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "login_manager/nss_util.h" 5 #include "login_manager/nss_util.h"
6 6
7 #include <base/basictypes.h> 7 #include <base/basictypes.h>
8 #include <base/crypto/rsa_private_key.h> 8 #include <base/crypto/rsa_private_key.h>
9 #include <base/crypto/signature_creator.h> 9 #include <base/crypto/signature_creator.h>
10 #include <base/crypto/signature_verifier.h> 10 #include <base/crypto/signature_verifier.h>
11 #include <base/file_path.h> 11 #include <base/file_path.h>
12 #include <base/file_util.h>
12 #include <base/logging.h> 13 #include <base/logging.h>
13 #include <base/nss_util.h> 14 #include <base/nss_util.h>
14 #include <base/scoped_ptr.h> 15 #include <base/scoped_ptr.h>
15 #include <cros/chromeos_login.h> 16 #include <cros/chromeos_login.h>
16 17
17 namespace login_manager { 18 namespace login_manager {
18 /////////////////////////////////////////////////////////////////////////// 19 ///////////////////////////////////////////////////////////////////////////
19 // NssUtil 20 // NssUtil
20 21
21 // static 22 // static
22 NssUtil::Factory* NssUtil::factory_ = NULL; 23 NssUtil::Factory* NssUtil::factory_ = NULL;
23 24
24 NssUtil::NssUtil() {} 25 NssUtil::NssUtil() {}
25 26
26 NssUtil::~NssUtil() {} 27 NssUtil::~NssUtil() {}
27 28
28 /////////////////////////////////////////////////////////////////////////// 29 ///////////////////////////////////////////////////////////////////////////
29 // NssUtilImpl 30 // NssUtilImpl
30 31
31 class NssUtilImpl : public NssUtil { 32 class NssUtilImpl : public NssUtil {
32 public: 33 public:
33 NssUtilImpl(); 34 NssUtilImpl();
34 virtual ~NssUtilImpl(); 35 virtual ~NssUtilImpl();
35 36
37 bool MightHaveKeys();
38
36 bool OpenUserDB(); 39 bool OpenUserDB();
37 40
38 base::RSAPrivateKey* GetPrivateKey(const std::vector<uint8>& public_key_der); 41 base::RSAPrivateKey* GetPrivateKey(const std::vector<uint8>& public_key_der);
39 42
40 base::RSAPrivateKey* GenerateKeyPair(); 43 base::RSAPrivateKey* GenerateKeyPair();
41 44
42 FilePath GetOwnerKeyFilePath(); 45 FilePath GetOwnerKeyFilePath();
43 46
44 bool Verify(const uint8* algorithm, int algorithm_len, 47 bool Verify(const uint8* algorithm, int algorithm_len,
45 const uint8* signature, int signature_len, 48 const uint8* signature, int signature_len,
46 const uint8* data, int data_len, 49 const uint8* data, int data_len,
47 const uint8* public_key, int public_key_len); 50 const uint8* public_key, int public_key_len);
48 51
49 bool Sign(const uint8* data, int data_len, 52 bool Sign(const uint8* data, int data_len,
50 std::vector<uint8>* OUT_signature, 53 std::vector<uint8>* OUT_signature,
51 base::RSAPrivateKey* key); 54 base::RSAPrivateKey* key);
52 private: 55 private:
53 static const uint16 kKeySizeInBits; 56 static const uint16 kKeySizeInBits;
57 // Hardcoded path of the user's NSS key database.
58 // TODO(cmasone): get rid of this once http://crosbug.com/14007 is fixed.
59 static const char kUserDbPath[];
60
54 DISALLOW_COPY_AND_ASSIGN(NssUtilImpl); 61 DISALLOW_COPY_AND_ASSIGN(NssUtilImpl);
55 }; 62 };
56 63
57 // Defined here, instead of up above, because we need NssUtilImpl. 64 // Defined here, instead of up above, because we need NssUtilImpl.
58 // static 65 // static
59 NssUtil* NssUtil::Create() { 66 NssUtil* NssUtil::Create() {
60 if (!factory_) { 67 if (!factory_) {
61 return new NssUtilImpl; 68 return new NssUtilImpl;
62 base::EnsureNSSInit(); 69 base::EnsureNSSInit();
63 } else { 70 } else {
64 return factory_->CreateNssUtil(); 71 return factory_->CreateNssUtil();
65 } 72 }
66 } 73 }
67 74
68 // static 75 // static
69 void NssUtil::BlobFromBuffer(const std::string& buf, std::vector<uint8>* out) { 76 void NssUtil::BlobFromBuffer(const std::string& buf, std::vector<uint8>* out) {
70 out->resize(buf.length()); 77 out->resize(buf.length());
71 if (out->size() == 0) 78 if (out->size() == 0)
72 return; 79 return;
73 memcpy(&(out->at(0)), buf.c_str(), out->size()); 80 memcpy(&(out->at(0)), buf.c_str(), out->size());
74 } 81 }
75 82
76 // We're generating and using 2048-bit RSA keys. 83 // We're generating and using 2048-bit RSA keys.
77 // static 84 // static
78 const uint16 NssUtilImpl::kKeySizeInBits = 2048; 85 const uint16 NssUtilImpl::kKeySizeInBits = 2048;
86 // static
87 const char NssUtilImpl::kUserDbPath[] = "/home/chronos/user/.pki/nssdb/key4.db";
79 88
80 NssUtilImpl::NssUtilImpl() {} 89 NssUtilImpl::NssUtilImpl() {}
81 90
82 NssUtilImpl::~NssUtilImpl() {} 91 NssUtilImpl::~NssUtilImpl() {}
83 92
93 bool NssUtilImpl::MightHaveKeys() {
94 return file_util::PathExists(FilePath(NssUtilImpl::kUserDbPath));
95 }
96
84 bool NssUtilImpl::OpenUserDB() { 97 bool NssUtilImpl::OpenUserDB() {
85 // TODO(cmasone): If we ever try to keep the session_manager alive across 98 // TODO(cmasone): If we ever try to keep the session_manager alive across
86 // user sessions, we'll need to deal with the fact that we have no way to 99 // user sessions, we'll need to deal with the fact that we have no way to
87 // close this persistent DB. 100 // close this persistent DB.
88 base::OpenPersistentNSSDB(); 101 base::OpenPersistentNSSDB();
89 return true; 102 return true;
90 } 103 }
91 104
92 base::RSAPrivateKey* NssUtilImpl::GetPrivateKey( 105 base::RSAPrivateKey* NssUtilImpl::GetPrivateKey(
93 const std::vector<uint8>& public_key_der) { 106 const std::vector<uint8>& public_key_der) {
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after
131 std::vector<uint8>* OUT_signature, 144 std::vector<uint8>* OUT_signature,
132 base::RSAPrivateKey* key) { 145 base::RSAPrivateKey* key) {
133 scoped_ptr<base::SignatureCreator> signer( 146 scoped_ptr<base::SignatureCreator> signer(
134 base::SignatureCreator::Create(key)); 147 base::SignatureCreator::Create(key));
135 if (!signer->Update(data, data_len)) 148 if (!signer->Update(data, data_len))
136 return false; 149 return false;
137 return signer->Final(OUT_signature); 150 return signer->Final(OUT_signature);
138 } 151 }
139 152
140 } // namespace login_manager 153 } // namespace login_manager
OLDNEW
« no previous file with comments | « nss_util.h ('k') | session_manager_service.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698