Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / connectivity / shill / 10241e32c136ba99e7533ca1370e2e8eca241b7c / . / nss.cc
blob: 5156cf6d526c599f9fb1a6541cc71903e2853461 [file] [log] [blame]
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]1// Copyright (c) 2012 The Chromium OS Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "shill/nss.h"
6
7#include <base/logging.h>
8#include <base/string_number_conversions.h>
9#include <base/string_util.h>
10#include <base/stringprintf.h>
11
12#include "shill/glib.h"
Ben Chanfad4a0b2012-04-18 15:49:59 -0700[diff] [blame]13#include "shill/scope_logger.h"
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]14
15using base::HexEncode;
16using base::StringPrintf;
17using std::string;
18using std::vector;
19
20namespace shill {
21
22namespace {
Ben Chanbbdef5f2012-04-23 13:58:15 -0700[diff] [blame]23base::LazyInstance<NSS> g_nss = LAZY_INSTANCE_INITIALIZER;
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]24const char kCertfileBasename[] = "/tmp/nss-cert.";
25const char kNSSGetCertScript[] = SCRIPTDIR "/nss-get-cert";
26} // namespace
27
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]28NSS::NSS()
29 : glib_(NULL) {
Ben Chanfad4a0b2012-04-18 15:49:59 -0700[diff] [blame]30 SLOG(Crypto, 2) << __func__;
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]31}
32
33NSS::~NSS() {
Ben Chanfad4a0b2012-04-18 15:49:59 -0700[diff] [blame]34 SLOG(Crypto, 2) << __func__;
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]35}
36
37// static
38NSS *NSS::GetInstance() {
39 return g_nss.Pointer();
40}
41
42void NSS::Init(GLib *glib) {
43 glib_ = glib;
44}
45
46FilePath NSS::GetPEMCertfile(const string &nickname, const vector<char> &id) {
47 return GetCertfile(nickname, id, "pem");
48}
49
50FilePath NSS::GetDERCertfile(const string &nickname, const vector<char> &id) {
51 return GetCertfile(nickname, id, "der");
52}
53
54FilePath NSS::GetCertfile(
55 const string &nickname, const vector<char> &id, const string &type) {
56 CHECK(glib_);
57 string filename =
58 kCertfileBasename + StringToLowerASCII(HexEncode(&id[0], id.size()));
59 char *argv[] = {
60 const_cast<char *>(kNSSGetCertScript),
61 const_cast<char *>(nickname.c_str()),
62 const_cast<char *>(type.c_str()),
63 const_cast<char *>(filename.c_str()),
64 NULL
65 };
Darin Petkove2c3d112012-04-17 12:20:15 +0200[diff] [blame]66 char *envp[1] = { NULL };
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]67 int status = 0;
68 GError *error = NULL;
69 if (!glib_->SpawnSync(NULL,
70 argv,
Darin Petkove2c3d112012-04-17 12:20:15 +0200[diff] [blame]71 envp,
Darin Petkov3c5e4dc2012-04-02 14:44:27 +0200[diff] [blame]72 static_cast<GSpawnFlags>(0),
73 NULL,
74 NULL,
75 NULL,
76 NULL,
77 &status,
78 &error)) {
79 LOG(ERROR) << "nss-get-cert failed: "
80 << glib_->ConvertErrorToMessage(error);
81 return FilePath();
82 }
83 if (!WIFEXITED(status) || WEXITSTATUS(status)) {
84 LOG(ERROR) << "nss-get-cert failed, status=" << status;
85 return FilePath();
86 }
87 return FilePath(filename);
88}
89
90} // namespace shill