Chromium Code Reviews Chromium Code Reviews
Issue 741593002:
If easy sign-in is set up, allow TPMTokenLoader to start before login (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/nss_util.h" | 5 #include "crypto/nss_util.h" |
| 6 #include "crypto/nss_util_internal.h" | 6 #include "crypto/nss_util_internal.h" |
| 7 | 7 |
| 8 #include <nss.h> | 8 #include <nss.h> |
| 9 #include <pk11pub.h> | 9 #include <pk11pub.h> |
| 10 #include <plarena.h> | 10 #include <plarena.h> |
| (...skipping 329 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 340 TPMModuleAndSlot* tpm_args_ptr = tpm_args.get(); | 340 TPMModuleAndSlot* tpm_args_ptr = tpm_args.get(); |
| 341 if (base::WorkerPool::PostTaskAndReply( | 341 if (base::WorkerPool::PostTaskAndReply( |
| 342 FROM_HERE, | 342 FROM_HERE, |
| 343 base::Bind(&NSSInitSingleton::InitializeTPMTokenOnWorkerThread, | 343 base::Bind(&NSSInitSingleton::InitializeTPMTokenOnWorkerThread, |
| 344 system_slot_id, | 344 system_slot_id, |
| 345 tpm_args_ptr), | 345 tpm_args_ptr), |
| 346 base::Bind(&NSSInitSingleton::OnInitializedTPMTokenAndSystemSlot, | 346 base::Bind(&NSSInitSingleton::OnInitializedTPMTokenAndSystemSlot, |
| 347 base::Unretained(this), // NSSInitSingleton is leaky | 347 base::Unretained(this), // NSSInitSingleton is leaky |
| 348 callback, | 348 callback, |
| 349 base::Passed(&tpm_args)), | 349 base::Passed(&tpm_args)), |
| 350 true /* task_is_slow */ | 350 true /* task_is_slow */)) { |
| 351 )) { | |
| 352 initializing_tpm_token_ = true; | 351 initializing_tpm_token_ = true; |
| 353 } else { | 352 } else { |
| 354 base::MessageLoop::current()->PostTask(FROM_HERE, | 353 base::MessageLoop::current()->PostTask(FROM_HERE, |
| 355 base::Bind(callback, false)); | 354 base::Bind(callback, false)); |
| 356 } | 355 } |
| 357 } | 356 } |
| 358 | 357 |
| 359 static void InitializeTPMTokenOnWorkerThread(CK_SLOT_ID token_slot_id, | 358 static void InitializeTPMTokenOnWorkerThread(CK_SLOT_ID token_slot_id, |
| 360 TPMModuleAndSlot* tpm_args) { | 359 TPMModuleAndSlot* tpm_args) { |
| 361 // This tries to load the Chaps module so NSS can talk to the hardware | 360 // This tries to load the Chaps module so NSS can talk to the hardware |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 500 TPMModuleAndSlot* tpm_args_ptr = tpm_args.get(); | 499 TPMModuleAndSlot* tpm_args_ptr = tpm_args.get(); |
| 501 base::WorkerPool::PostTaskAndReply( | 500 base::WorkerPool::PostTaskAndReply( |
| 502 FROM_HERE, | 501 FROM_HERE, |
| 503 base::Bind(&NSSInitSingleton::InitializeTPMTokenOnWorkerThread, | 502 base::Bind(&NSSInitSingleton::InitializeTPMTokenOnWorkerThread, |
| 504 slot_id, | 503 slot_id, |
| 505 tpm_args_ptr), | 504 tpm_args_ptr), |
| 506 base::Bind(&NSSInitSingleton::OnInitializedTPMForChromeOSUser, | 505 base::Bind(&NSSInitSingleton::OnInitializedTPMForChromeOSUser, |
| 507 base::Unretained(this), // NSSInitSingleton is leaky | 506 base::Unretained(this), // NSSInitSingleton is leaky |
| 508 username_hash, | 507 username_hash, |
| 509 base::Passed(&tpm_args)), | 508 base::Passed(&tpm_args)), |
| 510 true /* task_is_slow */ | 509 true /* task_is_slow */); |
| 511 ); | |
| 512 } | 510 } |
| 513 | 511 |
| 514 void OnInitializedTPMForChromeOSUser(const std::string& username_hash, | 512 void OnInitializedTPMForChromeOSUser(const std::string& username_hash, |
| 515 scoped_ptr<TPMModuleAndSlot> tpm_args) { | 513 scoped_ptr<TPMModuleAndSlot> tpm_args) { |
| 516 DCHECK(thread_checker_.CalledOnValidThread()); | 514 DCHECK(thread_checker_.CalledOnValidThread()); |
| 517 DVLOG(2) << "Got tpm slot for " << username_hash << " " | 515 DVLOG(2) << "Got tpm slot for " << username_hash << " " |
| 518 << !!tpm_args->tpm_slot; | 516 << !!tpm_args->tpm_slot; |
| 519 chromeos_user_map_[username_hash]->SetPrivateSlot( | 517 chromeos_user_map_[username_hash]->SetPrivateSlot( |
| 520 tpm_args->tpm_slot.Pass()); | 518 tpm_args->tpm_slot.Pass()); |
| 521 } | 519 } |
| 522 | 520 |
| 523 void InitializePrivateSoftwareSlotForChromeOSUser( | 521 void InitializePrivateSoftwareSlotForChromeOSUser( |
| 524 const std::string& username_hash) { | 522 const std::string& username_hash) { |
| 525 DCHECK(thread_checker_.CalledOnValidThread()); | 523 DCHECK(thread_checker_.CalledOnValidThread()); |
| 526 VLOG(1) << "using software private slot for " << username_hash; | 524 VLOG(1) << "using software private slot for " << username_hash; |
| 527 DCHECK(chromeos_user_map_.find(username_hash) != chromeos_user_map_.end()); | 525 DCHECK(chromeos_user_map_.find(username_hash) != chromeos_user_map_.end()); |
| 528 DCHECK(chromeos_user_map_[username_hash]-> | 526 DCHECK(chromeos_user_map_[username_hash]-> |
| 529 private_slot_initialization_started()); | 527 private_slot_initialization_started()); |
| 530 | 528 |
| 531 chromeos_user_map_[username_hash]->SetPrivateSlot( | 529 chromeos_user_map_[username_hash]->SetPrivateSlot( |
| 532 chromeos_user_map_[username_hash]->GetPublicSlot()); | 530 chromeos_user_map_[username_hash]->GetPublicSlot()); |
| 533 } | 531 } |
| 534 | 532 |
| 535 ScopedPK11Slot GetPublicSlotForChromeOSUser( | 533 ScopedPK11Slot GetPublicSlotForChromeOSUser( |
| 536 const std::string& username_hash) { | 534 const std::string& username_hash) { |
| 537 DCHECK(thread_checker_.CalledOnValidThread()); | 535 DCHECK(thread_checker_.CalledOnValidThread()); |
| 538 | 536 |
| 539 if (username_hash.empty()) { | 537 if (username_hash.empty()) { |
| 540 DVLOG(2) << "empty username_hash"; | 538 DVLOG(2) << "empty username_hash"; |
| 541 return ScopedPK11Slot(); | 539 return ScopedPK11Slot(PK11_GetInternalKeySlot()); |
|
pneubeck (no reviews)
2014/12/02 11:56:47
the fact that you have to change this to make the
| |
| 542 } | 540 } |
| 543 | 541 |
| 544 if (chromeos_user_map_.find(username_hash) == chromeos_user_map_.end()) { | 542 if (chromeos_user_map_.find(username_hash) == chromeos_user_map_.end()) { |
| 545 LOG(ERROR) << username_hash << " not initialized."; | 543 LOG(ERROR) << username_hash << " not initialized."; |
| 546 return ScopedPK11Slot(); | 544 return ScopedPK11Slot(); |
| 547 } | 545 } |
| 548 return chromeos_user_map_[username_hash]->GetPublicSlot(); | 546 return chromeos_user_map_[username_hash]->GetPublicSlot(); |
| 549 } | 547 } |
| 550 | 548 |
| 551 ScopedPK11Slot GetPrivateSlotForChromeOSUser( | 549 ScopedPK11Slot GetPrivateSlotForChromeOSUser( |
| (...skipping 544 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1096 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); | 1094 return time.ToInternalValue() - base::Time::UnixEpoch().ToInternalValue(); |
| 1097 } | 1095 } |
| 1098 | 1096 |
| 1099 #if !defined(OS_CHROMEOS) | 1097 #if !defined(OS_CHROMEOS) |
| 1100 PK11SlotInfo* GetPersistentNSSKeySlot() { | 1098 PK11SlotInfo* GetPersistentNSSKeySlot() { |
| 1101 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); | 1099 return g_nss_singleton.Get().GetPersistentNSSKeySlot(); |
| 1102 } | 1100 } |
| 1103 #endif | 1101 #endif |
| 1104 | 1102 |
| 1105 } // namespace crypto | 1103 } // namespace crypto |
| OLD | NEW |
