• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
6 #define CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
7 
8 #include <string>
9 
10 #include "base/callback_forward.h"
11 #include "crypto/scoped_nss_types.h"
12 
13 namespace crypto {
14 
15 // PK11_SetPasswordFunc is a global setting.  An implementation of
16 // CryptoModuleBlockingPasswordDelegate should be passed using wincx() as the
17 // user data argument (|wincx|) to relevant NSS functions, which the global
18 // password handler will call to do the actual work. This delegate should only
19 // be used in NSS calls on worker threads due to the blocking nature.
20 class CryptoModuleBlockingPasswordDelegate {
21  public:
~CryptoModuleBlockingPasswordDelegate()22   virtual ~CryptoModuleBlockingPasswordDelegate() {}
23 
24   // Return a value suitable for passing to the |wincx| argument of relevant NSS
25   // functions. This should be used instead of passing the object pointer
26   // directly to avoid accidentally casting a pointer to a subclass to void* and
27   // then casting back to a pointer of the base class
wincx()28   void* wincx() { return this; }
29 
30   // Requests a password to unlock |slot_name|. The interface is synchronous
31   // because NSS cannot issue an asynchronous request. |retry| is true if this
32   // is a request for the retry and we previously returned the wrong password.
33   // The implementation should set |*cancelled| to true if the user cancelled
34   // instead of entering a password, otherwise it should return the password the
35   // user entered.
36   virtual std::string RequestPassword(const std::string& slot_name, bool retry,
37                                       bool* cancelled) = 0;
38 
39 };
40 
41 // Extends CryptoModuleBlockingPasswordDelegate with the ability to return a
42 // slot in which to act. (Eg, which slot to store a generated key in.)
43 class NSSCryptoModuleDelegate : public CryptoModuleBlockingPasswordDelegate {
44  public:
~NSSCryptoModuleDelegate()45   ~NSSCryptoModuleDelegate() override {}
46 
47   // Get the slot to store the generated key.
48   virtual ScopedPK11Slot RequestSlot() = 0;
49 };
50 
51 }  // namespace crypto
52 
53 #endif  // CRYPTO_NSS_CRYPTO_MODULE_DELEGATE_H_
54