| // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/base/keygen_handler.h" |
| |
| #include "base/logging.h" |
| #include "crypto/nss_crypto_module_delegate.h" |
| #include "crypto/nss_util.h" |
| #include "crypto/nss_util_internal.h" |
| #include "crypto/scoped_nss_types.h" |
| #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" |
| |
| // PSM = Mozilla's Personal Security Manager. |
| namespace psm = mozilla_security_manager; |
| |
| namespace net { |
| |
| std::string KeygenHandler::GenKeyAndSignChallenge() { |
| // Ensure NSS is initialized. |
| crypto::EnsureNSSInit(); |
| |
| crypto::ScopedPK11Slot slot; |
| if (crypto_module_delegate_) |
| slot = crypto_module_delegate_->RequestSlot().Pass(); |
| else |
| slot.reset(crypto::GetPrivateNSSKeySlot()); |
| if (!slot.get()) { |
| LOG(ERROR) << "Couldn't get private key slot from NSS!"; |
| return std::string(); |
| } |
| |
| // Authenticate to the token. |
| if (SECSuccess != |
| PK11_Authenticate( |
| slot.get(), |
| PR_TRUE, |
| crypto_module_delegate_ ? crypto_module_delegate_->wincx() : NULL)) { |
| LOG(ERROR) << "Couldn't authenticate to private key slot!"; |
| return std::string(); |
| } |
| |
| return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_, |
| slot.get(), stores_key_); |
| } |
| |
| void KeygenHandler::set_crypto_module_delegate( |
| scoped_ptr<crypto::NSSCryptoModuleDelegate> delegate) { |
| crypto_module_delegate_ = delegate.Pass(); |
| } |
| |
| } // namespace net |