1// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#include "net/base/keygen_handler.h" 6 7#include "base/logging.h" 8#include "crypto/nss_crypto_module_delegate.h" 9#include "crypto/nss_util.h" 10#include "crypto/nss_util_internal.h" 11#include "crypto/scoped_nss_types.h" 12#include "net/third_party/mozilla_security_manager/nsKeygenHandler.h" 13 14// PSM = Mozilla's Personal Security Manager. 15namespace psm = mozilla_security_manager; 16 17namespace net { 18 19std::string KeygenHandler::GenKeyAndSignChallenge() { 20 // Ensure NSS is initialized. 21 crypto::EnsureNSSInit(); 22 23 crypto::ScopedPK11Slot slot; 24 if (crypto_module_delegate_) 25 slot = crypto_module_delegate_->RequestSlot().Pass(); 26 else 27 slot.reset(crypto::GetPrivateNSSKeySlot()); 28 if (!slot.get()) { 29 LOG(ERROR) << "Couldn't get private key slot from NSS!"; 30 return std::string(); 31 } 32 33 // Authenticate to the token. 34 if (SECSuccess != 35 PK11_Authenticate( 36 slot.get(), 37 PR_TRUE, 38 crypto_module_delegate_ ? crypto_module_delegate_->wincx() : NULL)) { 39 LOG(ERROR) << "Couldn't authenticate to private key slot!"; 40 return std::string(); 41 } 42 43 return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_, 44 slot.get(), stores_key_); 45} 46 47void KeygenHandler::set_crypto_module_delegate( 48 scoped_ptr<crypto::NSSCryptoModuleDelegate> delegate) { 49 crypto_module_delegate_ = delegate.Pass(); 50} 51 52} // namespace net 53