From ad2f21668af6195ca662136305a029e0331c3d20 Mon Sep 17 00:00:00 2001 From: pneubeck Date: Thu, 6 Nov 2014 02:56:19 -0800 Subject: ClientCertResolver: Remove IsHardwareBacked check. There were two methods: one to check whether the hardware backed crypto token is loaded at all and one to check whether an individual certificate is hardware backed. These were not consistently used by ClientCertResolver and the network configuration UI. Now always individual certificates are checked to be hardware backed and the IsHardwareBacked method is removed from CertLoader. For upcoming changes, it's also required that ClientCertResolver notifies observers even if no certificate patterns were resolved or no hardware token is present. Therefore, the check for IsHardwareBacked is removed. BUG=424036 Review URL: https://codereview.chromium.org/699073003 Cr-Commit-Position: refs/heads/master@{#303005} --- chromeos/network/client_cert_resolver.cc | 7 ++----- chromeos/network/client_cert_resolver_unittest.cc | 2 +- chromeos/network/network_connection_handler_unittest.cc | 3 +-- 3 files changed, 4 insertions(+), 8 deletions(-) (limited to 'chromeos/network') diff --git a/chromeos/network/client_cert_resolver.cc b/chromeos/network/client_cert_resolver.cc index 8b8b8ba..ed1de01 100644 --- a/chromeos/network/client_cert_resolver.cc +++ b/chromeos/network/client_cert_resolver.cc @@ -138,7 +138,8 @@ std::vector CreateSortedCertAndIssuerList( it != certs.end(); ++it) { const net::X509Certificate& cert = **it; if (cert.valid_expiry().is_null() || cert.HasExpired() || - !HasPrivateKey(cert)) { + !HasPrivateKey(cert) || + !CertLoader::IsCertificateHardwareBacked(&cert)) { continue; } net::ScopedCERTCertificate issuer_handle( @@ -221,10 +222,6 @@ bool ClientCertificatesLoaded() { VLOG(1) << "Certificates not loaded yet."; return false; } - if (!CertLoader::Get()->IsHardwareBacked()) { - VLOG(1) << "TPM is not available."; - return false; - } return true; } diff --git a/chromeos/network/client_cert_resolver_unittest.cc b/chromeos/network/client_cert_resolver_unittest.cc index a63e67f..bbffab4 100644 --- a/chromeos/network/client_cert_resolver_unittest.cc +++ b/chromeos/network/client_cert_resolver_unittest.cc @@ -78,7 +78,7 @@ class ClientCertResolverTest : public testing::Test, CertLoader::Initialize(); cert_loader_ = CertLoader::Get(); - cert_loader_->force_hardware_backed_for_test(); + CertLoader::ForceHardwareBackedForTesting(); } void TearDown() override { diff --git a/chromeos/network/network_connection_handler_unittest.cc b/chromeos/network/network_connection_handler_unittest.cc index e665650..b2c61ac 100644 --- a/chromeos/network/network_connection_handler_unittest.cc +++ b/chromeos/network/network_connection_handler_unittest.cc @@ -74,8 +74,7 @@ class NetworkConnectionHandlerTest : public testing::Test { test_nssdb_->SetSlowTaskRunnerForTest(message_loop_.message_loop_proxy()); CertLoader::Initialize(); - CertLoader* cert_loader = CertLoader::Get(); - cert_loader->force_hardware_backed_for_test(); + CertLoader::ForceHardwareBackedForTesting(); DBusThreadManager::Initialize(); DBusThreadManager* dbus_manager = DBusThreadManager::Get(); -- cgit v1.1