| blob | 27541cad5dc3fbecfe7f837c6a80a5030f1a1d57 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
8 #include <nss.h>
9 #include <pk11pub.h>
10 #include <plarena.h>
11 #include <prerror.h>
12 #include <prinit.h>
13 #include <prtime.h>
14 #include <secmod.h>
16 #if defined(OS_LINUX)
17 #include <linux/nfs_fs.h>
18 #include <sys/vfs.h>
19 #elif defined(OS_OPENBSD)
20 #include <sys/mount.h>
21 #include <sys/param.h>
22 #endif
24 #include <vector>
40 // USE_NSS means we use NSS for everything crypto-related. If USE_NSS is not
41 // defined, such as on Mac and Windows, we use NSS for SSL only -- we don't
42 // use NSS for crypto or certificate verification, and we don't use the NSS
43 // certificate and key databases.
44 #if defined(USE_NSS)
53 #if defined(OS_CHROMEOS)
56 // Constants for loading the Chrome OS TPM-backed PKCS #11 library.
60 // Fake certificate authority database used for testing.
73 }
75 }
77 #if defined(USE_NSS)
83 }
88 }
90 }
92 // On non-chromeos platforms, return the default config directory.
93 // On chromeos, return a read-only directory with fake root CA certs for testing
94 // (which will not exist on non-testing images). These root CA certs are used
95 // by the local Google Accounts server mock we use when testing our login code.
96 // If this directory is not present, NSS_Init() will fail. It is up to the
97 // caller to failover to NSS_NoDB_Init() at that point.
99 #if defined(OS_CHROMEOS)
101 #else
104 }
106 // This callback for NSS forwards all requests to a caller-specified
107 // CryptoModuleBlockingPasswordDelegate object.
109 #if defined(OS_CHROMEOS)
110 // If we get asked for a password for the TPM, then return the
111 // well known password we use, as long as the TPM slot has been
112 // initialized.
119 }
120 #endif
133 }
136 }
138 // NSS creates a local cache of the sqlite database if it detects that the
139 // filesystem the database is on is much slower than the local disk. The
140 // detection doesn't work with the latest versions of sqlite, such as 3.6.22
141 // (NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=578561). So we set
142 // the NSS environment variable NSS_SDB_USE_CACHE to "yes" to override NSS's
143 // detection when database_dir is on NFS. See http://crbug.com/48585.
144 //
145 // TODO(wtc): port this function to other USE_NSS platforms. It is defined
146 // only for OS_LINUX and OS_OPENBSD simply because the statfs structure
147 // is OS-specific.
148 //
149 // Because this function sets an environment variable it must be run before we
150 // go multi-threaded.
152 #if defined(OS_LINUX) || defined(OS_OPENBSD)
155 #if defined(OS_LINUX)
157 #elif defined(OS_OPENBSD)
159 #endif
164 }
165 }
167 }
170 AutoSECMODListReadLock auto_lock;
178 }
179 }
181 }
185 // A singleton to initialize/deinitialize NSPR.
186 // Separate from the NSS singleton because we initialize NSPR on the UI thread.
187 // Now that we're leaking the singleton, we could merge back with the NSS
188 // singleton.
195 }
197 // NOTE(willchan): We don't actually execute this code since we leak NSS to
198 // prevent non-joinable threads from using NSS after it's already been shut
199 // down.
205 }
206 };
211 // This is a LazyInstance so that it will be deleted automatically when the
212 // unittest exits. NSSInitSingleton is a LeakySingleton, so it would not be
213 // deleted if it were a regular member.
215 LAZY_INSTANCE_INITIALIZER;
217 // Force a crash with error info on NSS_NoDB_Init failure.
226 }
230 #if defined(OS_CHROMEOS)
233 // GetDefaultConfigDirectory causes us to do blocking IO on UI thread.
234 // Temporarily allow it until we fix http://crbug.com/70119
238 // This creates another DB slot in NSS that is read/write, unlike
239 // the fake root CA cert DB and the "default" crypto key
240 // provider, which are still read-only (because we initialized
241 // NSS before we had a cryptohome mounted).
243 kNSSDatabaseName);
244 }
245 }
249 }
253 // If EnableTPMTokenForNSS hasn't been called, return false.
257 // If everything is already initialized, then return true.
264 // This tries to load the Chaps module so NSS can talk to the hardware
265 // TPM.
268 kChapsModuleName,
269 kChapsPath,
270 // For more details on these parameters, see:
271 // https://developer.mozilla.org/en/PKCS11_Module_Specs
272 // slotFlags=[PublicCerts] -- Certificates and public keys can be
273 // read from this slot without requiring a call to C_Login.
274 // askpw=only -- Only authenticate to the token when necessary.
276 }
278 // If this gets set, then we'll use the TPM for certs with
279 // private keys, otherwise we'll fall back to the software
280 // implementation.
284 }
286 }
292 }
297 }
301 }
307 }
318 }
329 }
337 }
343 #if defined(OS_CHROMEOS)
348 // If we were supposed to get the hardware token, but were
349 // unable to, return NULL rather than fall back to sofware.
351 }
352 }
353 #endif
354 // If we weren't supposed to enable the TPM for NSS, then return
355 // the software slot.
359 }
361 #if defined(USE_NSS)
364 }
367 // This method is used to force NSS to be initialized without a DB.
368 // Call this method before NSSInitSingleton() is constructed.
371 }
387 // We *must* have NSS >= 3.14.3.
392 nss_version_check_failed);
393 // Also check the run-time NSS version.
394 // NSS_VersionCheck is a >= check, not strict equality.
397 "required. Please upgrade to the latest NSS, and if you "
398 "still get this error, contact your distribution "
400 }
405 #if !defined(USE_NSS)
406 // Use the system certificate store, so initialize NSS without database.
408 #endif
415 }
416 #if defined(OS_IOS)
420 #if defined(USE_NSS)
423 // This duplicates the work which should have been done in
424 // EarlySetupForNSSInit. However, this function is idempotent so
425 // there's no harm done.
428 // Initialize with a persistent database (likely, ~/.pki/nssdb).
429 // Use "sql:" which can be shared by multiple processes safely.
432 #if defined(OS_CHROMEOS)
434 #else
436 #endif
441 }
442 }
449 }
450 }
454 // If we haven't initialized the password for the NSS databases,
455 // initialize an empty-string password so that we don't need to
456 // log in.
459 // PK11_InitPin may write to the keyDB, but no other thread can use NSS
460 // yet, so we don't need to lock.
464 }
468 }
470 // Disable MD5 certificate signatures. (They are disabled by default in
471 // NSS 3.14.)
476 // The UMA bit is conditionally set for this histogram in
477 // chrome/common/startup_metric_utils.cc .
483 }
485 // NOTE(willchan): We don't actually execute this code since we leak NSS to
486 // prevent non-joinable threads from using NSS after it's already been shut
487 // down.
492 }
497 }
503 }
508 }
512 // We VLOG(1) because this failure is relatively harmless (leaking, but
513 // we're shutting down anyway).
515 }
516 }
518 #if defined(USE_NSS) || defined(OS_IOS)
519 // Load nss's built-in root certs.
525 // Aw, snap. Can't find/load root cert shared library.
526 // This will make it hard to talk to anybody via https.
529 }
531 // Load the given module for this NSS session.
539 // Shouldn't need to const_cast here, but SECMOD doesn't properly
540 // declare input string arguments as const. Bug
541 // https://bugzilla.mozilla.org/show_bug.cgi?id=642546 was filed
542 // on NSS codebase to address this.
549 }
551 }
552 #endif
563 }
567 }
569 }
571 // If this is set to true NSS is forced to be initialized without a DB.
583 #if defined(USE_NSS)
584 // TODO(davidben): When https://bugzilla.mozilla.org/show_bug.cgi?id=564011
585 // is fixed, we will no longer need the lock.
588 };
590 // static
599 #if defined(USE_NSS)
604 }
605 #endif
609 }
612 // We might fork, but we haven't loaded any security modules.
614 // If we're sandboxed, we shouldn't be able to open user security modules,
615 // but it's more correct to tell NSS to not even try.
616 // Loading user security modules would have security implications.
618 // Initialize NSS.
620 }
623 // Initializing SSL causes us to do blocking IO.
624 // Temporarily allow it until we fix
625 // http://code.google.com/p/chromium/issues/detail?id=59847
628 }
632 }
637 }
640 // Some NSS libraries are linked dynamically so load them here.
641 #if defined(USE_NSS)
642 // Try to search for multiple directories to load the libraries.
645 // Use relative path to Search PATH for the library files.
648 // For Debian derivatives NSS libraries are located here.
651 // Ubuntu 11.10 (Oneiric) and Debian Wheezy place the libraries here.
652 #if defined(ARCH_CPU_X86_64)
654 #elif defined(ARCH_CPU_X86)
656 #elif defined(ARCH_CPU_ARMEL)
658 #elif defined(ARCH_CPU_MIPSEL)
660 #endif
662 // A list of library files to load.
667 // For each combination of library file and path, check for existence and
668 // then load.
677 }
678 }
679 }
685 }
686 #endif
687 }
691 }
693 #if defined(USE_NSS)
696 }
699 // Don't close when NSS is < 3.15.1, because it would require an additional
700 // sleep for 1 second after closing the database, due to
701 // http://bugzil.la/875601.
704 }
705 }
709 }
712 // May be NULL if the lock is not needed in our version of NSS.
715 }
721 }
722 }
727 }
731 }
735 #if defined(OS_CHROMEOS)
738 }
742 }
746 }
750 }
755 }
761 }
765 }
769 }
773 }