diff options
author | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-16 13:05:27 +0000 |
---|---|---|
committer | mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-12-16 13:05:27 +0000 |
commit | 99e5e952f0eb1dc803687c61a16ee381412acc95 (patch) | |
tree | 52852c2e9fef62ab0c7aa38a9cc802718257ba00 /crypto | |
parent | 252f44b5c5a47f975154c93440aba58f135b575a (diff) | |
download | chromium_src-99e5e952f0eb1dc803687c61a16ee381412acc95.zip chromium_src-99e5e952f0eb1dc803687c61a16ee381412acc95.tar.gz chromium_src-99e5e952f0eb1dc803687c61a16ee381412acc95.tar.bz2 |
Update keygen to use correct NSS slot on ChromeOS multiprofile.
BUG=302126
Review URL: https://codereview.chromium.org/61643007
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@240868 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/crypto.gyp | 2 | ||||
-rw-r--r-- | crypto/crypto_module_blocking_password_delegate.h | 33 | ||||
-rw-r--r-- | crypto/nss_crypto_module_delegate.h | 53 | ||||
-rw-r--r-- | crypto/nss_util.cc | 2 |
4 files changed, 55 insertions, 35 deletions
diff --git a/crypto/crypto.gyp b/crypto/crypto.gyp index fd80fa5..c932946 100644 --- a/crypto/crypto.gyp +++ b/crypto/crypto.gyp @@ -172,7 +172,6 @@ 'capi_util.cc', 'capi_util.h', 'crypto_export.h', - 'crypto_module_blocking_password_delegate.h', 'cssm_init.cc', 'cssm_init.h', 'curve25519.cc', @@ -204,6 +203,7 @@ 'mock_apple_keychain_mac.cc', 'p224_spake.cc', 'p224_spake.h', + 'nss_crypto_module_delegate.h', 'nss_util.cc', 'nss_util.h', 'nss_util_internal.h', diff --git a/crypto/crypto_module_blocking_password_delegate.h b/crypto/crypto_module_blocking_password_delegate.h deleted file mode 100644 index c4acf1a..0000000 --- a/crypto/crypto_module_blocking_password_delegate.h +++ /dev/null @@ -1,33 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ -#define CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ - -#include <string> - -namespace crypto { - -// PK11_SetPasswordFunc is a global setting. An implementation of -// CryptoModuleBlockingPasswordDelegate should be passed as the user data -// argument (|wincx|) to relevant NSS functions, which the global password -// handler will call to do the actual work. -class CryptoModuleBlockingPasswordDelegate { - public: - virtual ~CryptoModuleBlockingPasswordDelegate() {} - - // Requests a password to unlock |slot_name|. The interface is - // synchronous because NSS cannot issue an asynchronous - // request. |retry| is true if this is a request for the retry - // and we previously returned the wrong password. - // The implementation should set |*cancelled| to true if the user cancelled - // instead of entering a password, otherwise it should return the password the - // user entered. - virtual std::string RequestPassword(const std::string& slot_name, bool retry, - bool* cancelled) = 0; -}; - -} // namespace crypto - -#endif // CRYPTO_CRYPTO_MODULE_BLOCKING_PASSWORD_DELEGATE_H_ diff --git a/crypto/nss_crypto_module_delegate.h b/crypto/nss_crypto_module_delegate.h new file mode 100644 index 0000000..00b2b75 --- /dev/null +++ b/crypto/nss_crypto_module_delegate.h @@ -0,0 +1,53 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ +#define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ + +#include <string> + +#include "base/callback_forward.h" +#include "crypto/scoped_nss_types.h" + +namespace crypto { + +// PK11_SetPasswordFunc is a global setting. An implementation of +// CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the +// user data argument (|wincx|) to relevant NSS functions, which the global +// password handler will call to do the actual work. This delegate should only +// be used in NSS calls on worker threads due to the blocking nature. +class CryptoModuleBlockingPasswordDelegate { + public: + virtual ~CryptoModuleBlockingPasswordDelegate() {} + + // Return a value suitable for passing to the |wincx| argument of relevant NSS + // functions. This should be used instead of passing the object pointer + // directly to avoid accidentally casting a pointer to a subclass to void* and + // then casting back to a pointer of the base class + void* wincx() { return this; } + + // Requests a password to unlock |slot_name|. The interface is synchronous + // because NSS cannot issue an asynchronous request. |retry| is true if this + // is a request for the retry and we previously returned the wrong password. + // The implementation should set |*cancelled| to true if the user cancelled + // instead of entering a password, otherwise it should return the password the + // user entered. + virtual std::string RequestPassword(const std::string& slot_name, bool retry, + bool* cancelled) = 0; + +}; + +// Extends CryptoModuleBlockingPasswordDelegate with the ability to return a +// slot in which to act. (Eg, which slot to store a generated key in.) +class NSSCryptoModuleDelegate : public CryptoModuleBlockingPasswordDelegate { + public: + virtual ~NSSCryptoModuleDelegate() {} + + // Get the slot to store the generated key. + virtual ScopedPK11Slot RequestSlot() = 0; +}; + +} // namespace crypto + +#endif // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc index 7479585..5b8c6f5 100644 --- a/crypto/nss_util.cc +++ b/crypto/nss_util.cc @@ -49,7 +49,7 @@ // certificate and key databases. #if defined(USE_NSS) #include "base/synchronization/lock.h" -#include "crypto/crypto_module_blocking_password_delegate.h" +#include "crypto/nss_crypto_module_delegate.h" #endif // defined(USE_NSS) namespace crypto { |