Blame - crypto/nss_util_internal.h - chromium/src

blob: 080ac1026de2b75f4f932197dab8baf8323825f7 [file] [log] [blame]

ajwong@chromium.org	cf21188	2012-07-11 07:19:14	[diff] [blame]	1	// Copyright (c) 2012 The Chromium Authors. All rights reserved.
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	2	// Use of this source code is governed by a BSD-style license that can be
				3	// found in the LICENSE file.
				4
rvargas@google.com	4b559b4d	2011-04-14 17:37:14	[diff] [blame]	5	#ifndef CRYPTO_NSS_UTIL_INTERNAL_H_
				6	#define CRYPTO_NSS_UTIL_INTERNAL_H_
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	7
				8	#include <secmodt.h>
				9
davidben	6004dc5	2017-02-03 04:15:29	[diff] [blame^]	10	#include <string>
				11
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	12	#include "base/callback.h"
				13	#include "base/compiler_specific.h"
avi	dd373b8	2015-12-21 21:34:43	[diff] [blame]	14	#include "base/macros.h"
darin@chromium.org	d613a990	2011-08-05 20:59:11	[diff] [blame]	15	#include "crypto/crypto_export.h"
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	16	#include "crypto/scoped_nss_types.h"
				17
				18	namespace base {
				19	class FilePath;
				20	}
rvargas@google.com	e4c9dda	2011-06-20 23:24:09	[diff] [blame]	21
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	22	// These functions return a type defined in an NSS header, and so cannot be
				23	// declared in nss_util.h. Hence, they are declared here.
				24
rvargas@google.com	4b559b4d	2011-04-14 17:37:14	[diff] [blame]	25	namespace crypto {
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	26
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	27	// Opens an NSS software database in folder \|path\|, with the (potentially)
				28	// user-visible description \|description\|. Returns the slot for the opened
rsleevi	ffe5a13	2016-06-28 01:51:52	[diff] [blame]	29	// database, or nullptr if the database could not be opened.
xhwang	3e9ca56	2015-11-06 18:50:36	[diff] [blame]	30	CRYPTO_EXPORT ScopedPK11Slot OpenSoftwareNSSDB(const base::FilePath& path,
				31	const std::string& description);
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	32
				33	#if !defined(OS_CHROMEOS)
mattm@chromium.org	49631886	2014-07-13 07:19:00	[diff] [blame]	34	// Returns a reference to the default NSS key slot for storing persistent data.
				35	// Caller must release returned reference with PK11_FreeSlot.
mattm@chromium.org	49631886	2014-07-13 07:19:00	[diff] [blame]	36	CRYPTO_EXPORT PK11SlotInfo* GetPersistentNSSKeySlot() WARN_UNUSED_RESULT;
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	37	#endif
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	38
gspencer@google.com	dd24ffc	2011-06-08 19:46:42	[diff] [blame]	39	// A helper class that acquires the SECMOD list read lock while the
				40	// AutoSECMODListReadLock is in scope.
mattm@chromium.org	7037a43c	2014-01-14 14:00:46	[diff] [blame]	41	class CRYPTO_EXPORT AutoSECMODListReadLock {
gspencer@google.com	dd24ffc	2011-06-08 19:46:42	[diff] [blame]	42	public:
				43	AutoSECMODListReadLock();
				44	~AutoSECMODListReadLock();
				45
				46	private:
				47	SECMODListLock* lock_;
				48	DISALLOW_COPY_AND_ASSIGN(AutoSECMODListReadLock);
				49	};
				50
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	51	#if defined(OS_CHROMEOS)
pneubeck@chromium.org	8edd721	2014-07-30 12:24:29	[diff] [blame]	52	// Returns a reference to the system-wide TPM slot if it is loaded. If it is not
				53	// loaded and \|callback\| is non-null, the \|callback\| will be run once the slot
				54	// is loaded.
				55	CRYPTO_EXPORT ScopedPK11Slot GetSystemNSSKeySlot(
				56	const base::Callback<void(ScopedPK11Slot)>& callback) WARN_UNUSED_RESULT;
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	57
pneubeck@chromium.org	442233d4	2014-08-02 07:37:24	[diff] [blame]	58	// Sets the test system slot to \|slot\|, which means that \|slot\| will be exposed
				59	// through \|GetSystemNSSKeySlot\| and \|IsTPMTokenReady\| will return true.
				60	// \|InitializeTPMTokenAndSystemSlot\|, which triggers the TPM initialization,
				61	// does not have to be called if the test system slot is set.
rsleevi	ffe5a13	2016-06-28 01:51:52	[diff] [blame]	62	// This must must not be called consecutively with a \|slot\| != nullptr. If
				63	// \|slot\| is nullptr, the test system slot is unset.
xhwang	3e9ca56	2015-11-06 18:50:36	[diff] [blame]	64	CRYPTO_EXPORT void SetSystemKeySlotForTesting(ScopedPK11Slot slot);
mattm@chromium.org	49631886	2014-07-13 07:19:00	[diff] [blame]	65
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	66	// Prepare per-user NSS slot mapping. It is safe to call this function multiple
				67	// times. Returns true if the user was added, or false if it already existed.
				68	CRYPTO_EXPORT bool InitializeNSSForChromeOSUser(
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	69	const std::string& username_hash,
tbarzic@chromium.org	4071e6ac	2014-07-12 12:46:17	[diff] [blame]	70	const base::FilePath& path);
				71
				72	// Returns whether TPM for ChromeOS user still needs initialization. If
				73	// true is returned, the caller can proceed to initialize TPM slot for the
				74	// user, but should call \|WillInitializeTPMForChromeOSUser\| first.
				75	// \|InitializeNSSForChromeOSUser\| must have been called first.
				76	CRYPTO_EXPORT bool ShouldInitializeTPMForChromeOSUser(
				77	const std::string& username_hash) WARN_UNUSED_RESULT;
				78
				79	// Makes \|ShouldInitializeTPMForChromeOSUser\| start returning false.
				80	// Should be called before starting TPM initialization for the user.
				81	// Assumes \|InitializeNSSForChromeOSUser\| had already been called.
				82	CRYPTO_EXPORT void WillInitializeTPMForChromeOSUser(
				83	const std::string& username_hash);
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	84
				85	// Use TPM slot \|slot_id\| for user. InitializeNSSForChromeOSUser must have been
				86	// called first.
				87	CRYPTO_EXPORT void InitializeTPMForChromeOSUser(
				88	const std::string& username_hash,
				89	CK_SLOT_ID slot_id);
				90
				91	// Use the software slot as the private slot for user.
				92	// InitializeNSSForChromeOSUser must have been called first.
				93	CRYPTO_EXPORT void InitializePrivateSoftwareSlotForChromeOSUser(
				94	const std::string& username_hash);
				95
				96	// Returns a reference to the public slot for user.
				97	CRYPTO_EXPORT ScopedPK11Slot GetPublicSlotForChromeOSUser(
				98	const std::string& username_hash) WARN_UNUSED_RESULT;
				99
				100	// Returns the private slot for \|username_hash\| if it is loaded. If it is not
				101	// loaded and \|callback\| is non-null, the \|callback\| will be run once the slot
				102	// is loaded.
				103	CRYPTO_EXPORT ScopedPK11Slot GetPrivateSlotForChromeOSUser(
				104	const std::string& username_hash,
				105	const base::Callback<void(ScopedPK11Slot)>& callback) WARN_UNUSED_RESULT;
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	106
				107	// Closes the NSS DB for \|username_hash\| that was previously opened by the
				108	// InitializeForChromeOSUser functions.
xhwang	3e9ca56	2015-11-06 18:50:36	[diff] [blame]	109	CRYPTO_EXPORT void CloseChromeOSUserForTesting(
pneubeck@chromium.org	190933f	2014-07-28 09:56:51	[diff] [blame]	110	const std::string& username_hash);
mattm@google.com	557737f7	2013-12-06 22:24:07	[diff] [blame]	111	#endif // defined(OS_CHROMEOS)
				112
rvargas@google.com	4b559b4d	2011-04-14 17:37:14	[diff] [blame]	113	} // namespace crypto
cmasone@google.com	dcce6cf	2010-04-29 17:50:06	[diff] [blame]	114
rvargas@google.com	4b559b4d	2011-04-14 17:37:14	[diff] [blame]	115	#endif // CRYPTO_NSS_UTIL_INTERNAL_H_