diff options
| author | mattm@google.com <mattm@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-06 22:24:07 +0000 |
|---|---|---|
| committer | mattm@google.com <mattm@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-06 22:24:07 +0000 |
| commit | 557737f70d0c097b2f1a78b4acb552dad725ab61 (patch) | |
| tree | 03a8a5c14f6503eda33e4d28269e3857281ecf59 /crypto/nss_util_internal.h | |
| parent | 637fc4cd2748b8679a9b4a4a4c518c02b1afa699 (diff) | |
| download | chromium_src-557737f70d0c097b2f1a78b4acb552dad725ab61.zip chromium_src-557737f70d0c097b2f1a78b4acb552dad725ab61.tar.gz chromium_src-557737f70d0c097b2f1a78b4acb552dad725ab61.tar.bz2 | |
Initialize per-ChromeOS-user NSS slots and provide the functions to access them.
BUG=302124
R=mmenke@chromium.org, rsleevi@chromium.org, xiyuan@chromium.org
Review URL: https://codereview.chromium.org/53763003
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@239266 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto/nss_util_internal.h')
| -rw-r--r-- | crypto/nss_util_internal.h | 43 |
1 files changed, 41 insertions, 2 deletions
diff --git a/crypto/nss_util_internal.h b/crypto/nss_util_internal.h index 056ec28..fb76bd8 100644 --- a/crypto/nss_util_internal.h +++ b/crypto/nss_util_internal.h @@ -7,7 +7,14 @@ #include <secmodt.h> +#include "base/callback.h" +#include "base/compiler_specific.h" #include "crypto/crypto_export.h" +#include "crypto/scoped_nss_types.h" + +namespace base { +class FilePath; +} // These functions return a type defined in an NSS header, and so cannot be // declared in nss_util.h. Hence, they are declared here. @@ -17,14 +24,14 @@ namespace crypto { // Returns a reference to the default NSS key slot for storing // public-key data only (e.g. server certs). Caller must release // returned reference with PK11_FreeSlot. -CRYPTO_EXPORT PK11SlotInfo* GetPublicNSSKeySlot(); +CRYPTO_EXPORT PK11SlotInfo* GetPublicNSSKeySlot() WARN_UNUSED_RESULT; // Returns a reference to the default slot for storing private-key and // mixed private-key/public-key data. Returns a hardware (TPM) NSS // key slot if on ChromeOS and EnableTPMForNSS() has been called // successfully. Caller must release returned reference with // PK11_FreeSlot. -CRYPTO_EXPORT PK11SlotInfo* GetPrivateNSSKeySlot(); +CRYPTO_EXPORT PK11SlotInfo* GetPrivateNSSKeySlot() WARN_UNUSED_RESULT; // A helper class that acquires the SECMOD list read lock while the // AutoSECMODListReadLock is in scope. @@ -38,6 +45,38 @@ class AutoSECMODListReadLock { DISALLOW_COPY_AND_ASSIGN(AutoSECMODListReadLock); }; +#if defined(OS_CHROMEOS) +// Prepare per-user NSS slot mapping. It is safe to call this function multiple +// times. Returns true if the user was added, or false if it already existed. +CRYPTO_EXPORT bool InitializeNSSForChromeOSUser( + const std::string& email, + const std::string& username_hash, + bool is_primary_user, + const base::FilePath& path) WARN_UNUSED_RESULT; + +// Use TPM slot |slot_id| for user. InitializeNSSForChromeOSUser must have been +// called first. +CRYPTO_EXPORT void InitializeTPMForChromeOSUser( + const std::string& username_hash, + CK_SLOT_ID slot_id); + +// Use the software slot as the private slot for user. +// InitializeNSSForChromeOSUser must have been called first. +CRYPTO_EXPORT void InitializePrivateSoftwareSlotForChromeOSUser( + const std::string& username_hash); + +// Returns a reference to the public slot for user. +CRYPTO_EXPORT ScopedPK11Slot GetPublicSlotForChromeOSUser( + const std::string& username_hash) WARN_UNUSED_RESULT; + +// Returns the private slot for |username_hash| if it is loaded. If it is not +// loaded and |callback| is non-null, the |callback| will be run once the slot +// is loaded. +CRYPTO_EXPORT ScopedPK11Slot GetPrivateSlotForChromeOSUser( + const std::string& username_hash, + const base::Callback<void(ScopedPK11Slot)>& callback) WARN_UNUSED_RESULT; +#endif // defined(OS_CHROMEOS) + } // namespace crypto #endif // CRYPTO_NSS_UTIL_INTERNAL_H_ |