NSS: PKCS 11 password prompt.

This was based off of davidben's WIP cl http://codereview.chromium.org/3186021/show. BUG=42073 TEST=add password to NSS DB with "certutil -d sql:.pki/nssdb -W", try client auth, <keygen>, cert manager Review URL: http://codereview.chromium.org/5686002 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@71281 0039d316-1c4b-4281-b951-d872f2087c98
author: mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-01-13 01:48:43 +0000
committer: mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2011-01-13 01:48:43 +0000
commit: 88b9db7d713a9e156fa66694844c4d98ee48d875 (patch)
tree: a06b93ff3319bc3512051372ecadd693ebeeaf80 /net/base/keygen_handler_nss.cc
parent: 6fd024b93e4a708a767c1892e5091e3585a5c72f (diff)
download: chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.zip
chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.tar.gz
chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.tar.bz2
1 files changed, 28 insertions, 1 deletions
diff --git a/net/base/keygen_handler_nss.cc b/net/base/keygen_handler_nss.cc
index 215244c..a3505c4 100644
--- a/net/base/keygen_handler_nss.cc
+++ b/net/base/keygen_handler_nss.cc
@@ -4,6 +4,11 @@
 
 #include "net/base/keygen_handler.h"
 
+#include "base/crypto/pk11_blocking_password_delegate.h"
+#include "base/crypto/scoped_nss_types.h"
+#include "base/logging.h"
+#include "base/nss_util.h"
+#include "base/nss_util_internal.h"
 #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h"
 
 // PSM = Mozilla's Personal Security Manager.
@@ -12,8 +17,30 @@ namespace psm = mozilla_security_manager;
 namespace net {
 
 std::string KeygenHandler::GenKeyAndSignChallenge() {
+  // Ensure NSS is initialized.
+  base::EnsureNSSInit();
+
+  // TODO(mattm): allow choosing which slot to generate and store the key?
+  base::ScopedPK11Slot slot(base::GetDefaultNSSKeySlot());
+  if (!slot.get()) {
+    LOG(ERROR) << "Couldn't get internal key slot!";
+    return std::string();
+  }
+
+  // Authenticate to the token.
+  if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE,
+                                      pk11_password_delegate_.get())) {
+    LOG(ERROR) << "Couldn't authenticate to internal key slot!";
+    return std::string();
+  }
+
   return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_,
-                                     stores_key_);
+                                     slot.get(), stores_key_);
+}
+
+void KeygenHandler::set_pk11_password_delegate(
+    base::PK11BlockingPasswordDelegate* delegate) {
+  pk11_password_delegate_.reset(delegate);
 }
 
 }  // namespace net
author	mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-01-13 01:48:43 +0000
committer	mattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2011-01-13 01:48:43 +0000
commit	88b9db7d713a9e156fa66694844c4d98ee48d875 (patch)
tree	a06b93ff3319bc3512051372ecadd693ebeeaf80 /net/base/keygen_handler_nss.cc
parent	6fd024b93e4a708a767c1892e5091e3585a5c72f (diff)
download	chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.zip chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.tar.gz chromium_src-88b9db7d713a9e156fa66694844c4d98ee48d875.tar.bz2