Commit 8edd7218 authored by's avatar

Make crypto::GetSystemNSSKeySlot asynchronous.

The system slot is set asynchronously, so the getting the system slot should happen asynchronously as well.


Review URL:

git-svn-id: svn:// 0039d316-1c4b-4281-b951-d872f2087c98
parent f7c77e52
......@@ -594,18 +594,29 @@ class NSSInitSingleton {
#if defined(OS_CHROMEOS)
PK11SlotInfo* GetSystemNSSKeySlot() {
void GetSystemNSSKeySlotCallback(
const base::Callback<void(ScopedPK11Slot)>& callback) {
ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) {
// TODO(mattm): chromeos::TPMTokenloader always calls
// InitializeTPMTokenAndSystemSlot with slot 0. If the system slot is
// disabled, tpm_slot_ will be the first user's slot instead. Can that be
// detected and return NULL instead?
if (tpm_token_enabled_for_nss_ && IsTPMTokenReady(base::Closure()))
return PK11_ReferenceSlot(tpm_slot_);
// If we were supposed to get the hardware token, but were
// unable to, return NULL rather than fall back to sofware.
return NULL;
base::Closure wrapped_callback;
if (!callback.is_null()) {
wrapped_callback =
base::Unretained(this) /* singleton is leaky */,
if (IsTPMTokenReady(wrapped_callback))
return ScopedPK11Slot(PK11_ReferenceSlot(tpm_slot_));
return ScopedPK11Slot();
......@@ -1000,8 +1011,9 @@ AutoSECMODListReadLock::~AutoSECMODListReadLock() {
#endif // defined(USE_NSS)
#if defined(OS_CHROMEOS)
PK11SlotInfo* GetSystemNSSKeySlot() {
return g_nss_singleton.Get().GetSystemNSSKeySlot();
ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) {
return g_nss_singleton.Get().GetSystemNSSKeySlot(callback);
void SetSystemKeySlotForTesting(ScopedPK11Slot slot) {
......@@ -47,9 +47,11 @@ class CRYPTO_EXPORT AutoSECMODListReadLock {
#if defined(OS_CHROMEOS)
// Returns a reference to the system-wide TPM slot. Caller must release returned
// reference with PK11_FreeSlot.
// Returns a reference to the system-wide TPM slot if it is loaded. If it is not
// loaded and |callback| is non-null, the |callback| will be run once the slot
// is loaded.
CRYPTO_EXPORT ScopedPK11Slot GetSystemNSSKeySlot(
const base::Callback<void(ScopedPK11Slot)>& callback) WARN_UNUSED_RESULT;
// Sets the test system slot. If this was called before
// InitializeTPMTokenAndSystemSlot and no system token is provided by the Chaps
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment