Commit 8edd7218 authored by pneubeck@chromium.org's avatar pneubeck@chromium.org

Make crypto::GetSystemNSSKeySlot asynchronous.

The system slot is set asynchronously, so the getting the system slot should happen asynchronously as well.

BUG=210525
TBR=rsleevi@chromium.org

Review URL: https://codereview.chromium.org/426983002

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@286493 0039d316-1c4b-4281-b951-d872f2087c98
parent f7c77e52
......@@ -594,18 +594,29 @@ class NSSInitSingleton {
#endif
#if defined(OS_CHROMEOS)
PK11SlotInfo* GetSystemNSSKeySlot() {
DCHECK(thread_checker_.CalledOnValidThread());
void GetSystemNSSKeySlotCallback(
const base::Callback<void(ScopedPK11Slot)>& callback) {
callback.Run(ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_)));
}
ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) {
DCHECK(thread_checker_.CalledOnValidThread());
// TODO(mattm): chromeos::TPMTokenloader always calls
// InitializeTPMTokenAndSystemSlot with slot 0. If the system slot is
// disabled, tpm_slot_ will be the first user's slot instead. Can that be
// detected and return NULL instead?
if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure()))
return PK11_ReferenceSlot(tpm_slot_);
// If we were supposed to get the hardware token, but were
// unable to, return NULL rather than fall back to sofware.
return NULL;
base::Closure wrapped_callback;
if (!callback.is_null()) {
wrapped_callback =
base::Bind(&NSSInitSingleton::GetSystemNSSKeySlotCallback,
base::Unretained(this) /* singleton is leaky */,
callback);
}
if (IsTPMTokenReady(wrapped_callback))
return ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_));
return ScopedPK11Slot();
}
#endif
......@@ -1000,8 +1011,9 @@ AutoSECMODListReadLock::~AutoSECMODListReadLock() {
#endif // defined(USE_NSS)
#if defined(OS_CHROMEOS)
PK11SlotInfo* GetSystemNSSKeySlot() {
return g_nss_singleton.Get().GetSystemNSSKeySlot();
ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) {
return g_nss_singleton.Get().GetSystemNSSKeySlot(callback);
}
void SetSystemKeySlotForTesting(ScopedPK11Slot slot) {
......
......@@ -47,9 +47,11 @@ class CRYPTO_EXPORT AutoSECMODListReadLock {
};
#if defined(OS_CHROMEOS)
// Returns a reference to the system-wide TPM slot. Caller must release returned
// reference with PK11_FreeSlot.
CRYPTO_EXPORT PK11SlotInfo* GetSystemNSSKeySlot() WARN_UNUSED_RESULT;
// Returns a reference to the system-wide TPM slot if it is loaded. If it is not
// loaded and |callback| is non-null, the |callback| will be run once the slot
// is loaded.
CRYPTO_EXPORT ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) WARN_UNUSED_RESULT;
// Sets the test system slot. If this was called before
// InitializeTPMTokenAndSystemSlot and no system token is provided by the Chaps
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment