1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/base/keygen_handler.h"
7 #include "base/logging.h"
8 #include "crypto/crypto_module_blocking_password_delegate.h"
9 #include "crypto/nss_util.h"
10 #include "crypto/nss_util_internal.h"
11 #include "crypto/scoped_nss_types.h"
12 #include "net/third_party/mozilla_security_manager/nsKeygenHandler.h"
14 // PSM = Mozilla's Personal Security Manager.
15 namespace psm = mozilla_security_manager;
19 std::string KeygenHandler::GenKeyAndSignChallenge() {
20 // Ensure NSS is initialized.
21 crypto::EnsureNSSInit();
23 // TODO(mattm): allow choosing which slot to generate and store the key.
24 crypto::ScopedPK11Slot slot(crypto::GetPrivateNSSKeySlot());
26 LOG(ERROR) << "Couldn't get private key slot from NSS!";
30 // Authenticate to the token.
31 if (SECSuccess != PK11_Authenticate(slot.get(), PR_TRUE,
32 crypto_module_password_delegate_.get())) {
33 LOG(ERROR) << "Couldn't authenticate to private key slot!";
37 return psm::GenKeyAndSignChallenge(key_size_in_bits_, challenge_, url_,
38 slot.get(), stores_key_);
41 void KeygenHandler::set_crypto_module_password_delegate(
42 crypto::CryptoModuleBlockingPasswordDelegate* delegate) {
43 crypto_module_password_delegate_.reset(delegate);