1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "net/base/keygen_handler.h" 6 7 #include "base/logging.h" 8 #include "crypto/crypto_module_blocking_password_delegate.h" 9 #include "crypto/nss_util.h" 10 #include "crypto/nss_util_internal.h" 11 #include "crypto/scoped_nss_types.h" 12 #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" 13 14 // PSM = Mozilla's Personal Security Manager. 15 namespace psm = mozilla_security_manager; 16 17 namespace net { 18 19 std::string KeygenHandler::GenKeyAndSignChallenge() { 20 // Ensure NSS is initialized. 21 crypto::EnsureNSSInit(); 22 23 // TODO(mattm): allow choosing which slot to generate and store the key. 24 crypto::ScopedPK11Slot slot(crypto::GetPrivateNSSKeySlot()); 25 if (!slot.get()) { 26 LOG(ERROR) << "Couldn't get private key slot from NSS!"; 27 return std::string(); 28 } 29 30 // Authenticate to the token. 31 if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE, 32 crypto_module_password_delegate_.get())) { 33 LOG(ERROR) << "Couldn't authenticate to private key slot!"; 34 return std::string(); 35 } 36 37 return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_, 38 slot.get(), stores_key_); 39 } 40 41 void KeygenHandler::set_crypto_module_password_delegate( 42 crypto::CryptoModuleBlockingPasswordDelegate* delegate) { 43 crypto_module_password_delegate_.reset(delegate); 44 } 45 46 } // namespace net 47
