| Avi Drissman | 201a9a83 | 2022-09-13 19:39:25 | [diff] [blame] | 1 | // Copyright 2013 The Chromium Authors |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |
| 6 | #define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |
| 7 | |
| 8 | #include <string> |
| 9 | |
| mattm | 436ccfe | 2017-06-19 20:24:08 | [diff] [blame] | 10 | #include "base/memory/ref_counted.h" |
| 11 | |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 12 | namespace crypto { |
| 13 | |
| 14 | // PK11_SetPasswordFunc is a global setting. An implementation of |
| 15 | // CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the |
| 16 | // user data argument (|wincx|) to relevant NSS functions, which the global |
| 17 | // password handler will call to do the actual work. This delegate should only |
| 18 | // be used in NSS calls on worker threads due to the blocking nature. |
| mattm | 436ccfe | 2017-06-19 20:24:08 | [diff] [blame] | 19 | class CryptoModuleBlockingPasswordDelegate |
| 20 | : public base::RefCountedThreadSafe<CryptoModuleBlockingPasswordDelegate> { |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 21 | public: |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 22 | |
| 23 | // Return a value suitable for passing to the |wincx| argument of relevant NSS |
| 24 | // functions. This should be used instead of passing the object pointer |
| 25 | // directly to avoid accidentally casting a pointer to a subclass to void* and |
| 26 | // then casting back to a pointer of the base class |
| 27 | void* wincx() { return this; } |
| 28 | |
| 29 | // Requests a password to unlock |slot_name|. The interface is synchronous |
| 30 | // because NSS cannot issue an asynchronous request. |retry| is true if this |
| 31 | // is a request for the retry and we previously returned the wrong password. |
| 32 | // The implementation should set |*cancelled| to true if the user cancelled |
| 33 | // instead of entering a password, otherwise it should return the password the |
| 34 | // user entered. |
| 35 | virtual std::string RequestPassword(const std::string& slot_name, bool retry, |
| 36 | bool* cancelled) = 0; |
| mattm | 436ccfe | 2017-06-19 20:24:08 | [diff] [blame] | 37 | |
| 38 | protected: |
| 39 | friend class base::RefCountedThreadSafe<CryptoModuleBlockingPasswordDelegate>; |
| 40 | |
| 41 | virtual ~CryptoModuleBlockingPasswordDelegate() {} |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 42 | }; |
| 43 | |
| mattm@chromium.org | 99e5e952 | 2013-12-16 13:05:27 | [diff] [blame] | 44 | } // namespace crypto |
| 45 | |
| 46 | #endif // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_ |