diff options
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/nss_util.cc | 28 | ||||
| -rw-r--r-- | crypto/nss_util_internal.h | 12 | ||||
| -rw-r--r-- | crypto/rsa_private_key_nss.cc | 36 |
3 files changed, 36 insertions, 40 deletions
diff --git a/crypto/nss_util.cc b/crypto/nss_util.cc index 9901e3a..e484abe 100644 --- a/crypto/nss_util.cc +++ b/crypto/nss_util.cc @@ -155,24 +155,6 @@ void UseLocalCacheOfNSSDatabaseIfNFS(const FilePath& database_dir) { #endif // defined(OS_LINUX) } -// A helper class that acquires the SECMOD list read lock while the -// AutoSECMODListReadLock is in scope. -class AutoSECMODListReadLock { - public: - AutoSECMODListReadLock() - : lock_(SECMOD_GetDefaultModuleListLock()) { - SECMOD_GetReadLock(lock_); - } - - ~AutoSECMODListReadLock() { - SECMOD_ReleaseReadLock(lock_); - } - - private: - SECMODListLock* lock_; - DISALLOW_COPY_AND_ASSIGN(AutoSECMODListReadLock); -}; - PK11SlotInfo* FindSlotWithTokenName(const std::string& token_name) { AutoSECMODListReadLock auto_lock; SECMODModuleList* head = SECMOD_GetDefaultModuleList(); @@ -670,6 +652,16 @@ AutoNSSWriteLock::~AutoNSSWriteLock() { lock_->Release(); } } + +AutoSECMODListReadLock::AutoSECMODListReadLock() + : lock_(SECMOD_GetDefaultModuleListLock()) { + SECMOD_GetReadLock(lock_); + } + +AutoSECMODListReadLock::~AutoSECMODListReadLock() { + SECMOD_ReleaseReadLock(lock_); +} + #endif // defined(USE_NSS) #if defined(OS_CHROMEOS) diff --git a/crypto/nss_util_internal.h b/crypto/nss_util_internal.h index ea40fdb..e90e4c4 100644 --- a/crypto/nss_util_internal.h +++ b/crypto/nss_util_internal.h @@ -25,6 +25,18 @@ PK11SlotInfo* GetPublicNSSKeySlot(); // PK11_FreeSlot. PK11SlotInfo* GetPrivateNSSKeySlot(); +// A helper class that acquires the SECMOD list read lock while the +// AutoSECMODListReadLock is in scope. +class AutoSECMODListReadLock { + public: + AutoSECMODListReadLock(); + ~AutoSECMODListReadLock(); + + private: + SECMODListLock* lock_; + DISALLOW_COPY_AND_ASSIGN(AutoSECMODListReadLock); +}; + } // namespace crypto #endif // CRYPTO_NSS_UTIL_INTERNAL_H_ diff --git a/crypto/rsa_private_key_nss.cc b/crypto/rsa_private_key_nss.cc index 8157de2..0d79dbe 100644 --- a/crypto/rsa_private_key_nss.cc +++ b/crypto/rsa_private_key_nss.cc @@ -7,6 +7,7 @@ #include <cryptohi.h> #include <keyhi.h> #include <pk11pub.h> +#include <secmod.h> #include <list> @@ -119,31 +120,22 @@ RSAPrivateKey* RSAPrivateKey::FindFromPublicKeyInfo( return NULL; } - ScopedPK11Slot slot(GetPrivateNSSKeySlot()); - if (!slot.get()) { - NOTREACHED(); - return NULL; - } - - // Finally...Look for the key! - result->key_ = PK11_FindKeyByKeyID(slot.get(), ck_id.get(), NULL); - - // If we don't find the matching key in the private slot, then we - // look in the public slot. - if (!result->key_) { - slot.reset(GetPublicNSSKeySlot()); - if (!slot.get()) { - NOTREACHED(); - return NULL; + // Search all slots in all modules for the key with the given ID. + AutoSECMODListReadLock auto_lock; + SECMODModuleList* head = SECMOD_GetDefaultModuleList(); + for (SECMODModuleList* item = head; item != NULL; item = item->next) { + int slot_count = item->module->loaded ? item->module->slotCount : 0; + for (int i = 0; i < slot_count; i++) { + // Finally...Look for the key! + result->key_ = PK11_FindKeyByKeyID(item->module->slots[i], + ck_id.get(), NULL); + if (result->key_) + return result.release(); } - result->key_ = PK11_FindKeyByKeyID(slot.get(), ck_id.get(), NULL); } - // If we didn't find it, that's ok. - if (!result->key_) - return NULL; - - return result.release(); + // We didn't find the key. + return NULL; } |