1// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/base/keygen_handler.h" 6 7#include "base/logging.h" 8#include "crypto/crypto_module_blocking_password_delegate.h" 9#include "crypto/nss_util.h" 10#include "crypto/nss_util_internal.h" 11#include "crypto/scoped_nss_types.h" 12#include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" 13 14// PSM = Mozilla's Personal Security Manager. 15namespace psm = mozilla_security_manager; 16 17namespace net { 18 19std::string KeygenHandler::GenKeyAndSignChallenge() { 20 // Ensure NSS is initialized. 21 crypto::EnsureNSSInit(); 22 23 // TODO(mattm): allow choosing which slot to generate and store the key. 24 crypto::ScopedPK11Slot slot(crypto::GetPrivateNSSKeySlot()); 25 if (!slot.get()) { 26 LOG(ERROR) << "Couldn't get private key slot from NSS!"; 27 return std::string(); 28 } 29 30 // Authenticate to the token. 31 if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE, 32 crypto_module_password_delegate_.get())) { 33 LOG(ERROR) << "Couldn't authenticate to private key slot!"; 34 return std::string(); 35 } 36 37 return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_, 38 slot.get(), stores_key_); 39} 40 41void KeygenHandler::set_crypto_module_password_delegate( 42 crypto::CryptoModuleBlockingPasswordDelegate* delegate) { 43 crypto_module_password_delegate_.reset(delegate); 44} 45 46} // namespace net 47