net/base/keygen_handler_nss.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "net/base/keygen_handler.h"
   6
   7 #include "base/logging.h"
   8 #include "crypto/nss_crypto_module_delegate.h"
   9 #include "crypto/nss_util.h"
  10 #include "crypto/nss_util_internal.h"
  11 #include "crypto/scoped_nss_types.h"
  12 #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h"
  13
  14 // PSM = Mozilla's Personal Security Manager.
  15 namespace psm = mozilla_security_manager;
  16
  17 namespace net {
  18
  19 std::string KeygenHandler::GenKeyAndSignChallenge() {
  20   // Ensure NSS is initialized.
  21   crypto::EnsureNSSInit();
  22
  23   crypto::ScopedPK11Slot slot;
  24   if (crypto_module_delegate_)
  25     slot = crypto_module_delegate_->RequestSlot().Pass();
  26   else
  27     slot.reset(crypto::GetPrivateNSSKeySlot());
  28   if (!slot.get()) {
  29     LOG(ERROR) << "Couldn't get private key slot from NSS!";
  30     return std::string();
  31   }
  32
  33   // Authenticate to the token.
  34   if (SECSuccess !=
  35       PK11_Authenticate(
  36           slot.get(),
  37           PR_TRUE,
  38           crypto_module_delegate_ ? crypto_module_delegate_->wincx() : NULL)) {
  39     LOG(ERROR) << "Couldn't authenticate to private key slot!";
  40     return std::string();
  41   }
  42
  43   return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_,
  44                                      slot.get(), stores_key_);
  45 }
  46
  47 void KeygenHandler::set_crypto_module_delegate(
  48       scoped_ptr<crypto::NSSCryptoModuleDelegate> delegate) {
  49   crypto_module_delegate_ = delegate.Pass();
  50 }
  51
  52 }  // namespace net