Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | #include "shill/nss.h" |
| 6 | |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 7 | #include <base/string_number_conversions.h> |
| 8 | #include <base/string_util.h> |
| 9 | #include <base/stringprintf.h> |
| 10 | |
| 11 | #include "shill/glib.h" |
Christopher Wiley | b691efd | 2012-08-09 13:51:51 -0700 | [diff] [blame] | 12 | #include "shill/logging.h" |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 13 | |
| 14 | using base::HexEncode; |
| 15 | using base::StringPrintf; |
| 16 | using std::string; |
| 17 | using std::vector; |
| 18 | |
| 19 | namespace shill { |
| 20 | |
| 21 | namespace { |
Ben Chan | bbdef5f | 2012-04-23 13:58:15 -0700 | [diff] [blame] | 22 | base::LazyInstance<NSS> g_nss = LAZY_INSTANCE_INITIALIZER; |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 23 | const char kCertfileBasename[] = "/tmp/nss-cert."; |
| 24 | const char kNSSGetCertScript[] = SCRIPTDIR "/nss-get-cert"; |
| 25 | } // namespace |
| 26 | |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 27 | NSS::NSS() |
| 28 | : glib_(NULL) { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 29 | SLOG(Crypto, 2) << __func__; |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 30 | } |
| 31 | |
| 32 | NSS::~NSS() { |
Ben Chan | fad4a0b | 2012-04-18 15:49:59 -0700 | [diff] [blame] | 33 | SLOG(Crypto, 2) << __func__; |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 34 | } |
| 35 | |
| 36 | // static |
| 37 | NSS *NSS::GetInstance() { |
| 38 | return g_nss.Pointer(); |
| 39 | } |
| 40 | |
| 41 | void NSS::Init(GLib *glib) { |
| 42 | glib_ = glib; |
| 43 | } |
| 44 | |
| 45 | FilePath NSS::GetPEMCertfile(const string &nickname, const vector<char> &id) { |
| 46 | return GetCertfile(nickname, id, "pem"); |
| 47 | } |
| 48 | |
| 49 | FilePath NSS::GetDERCertfile(const string &nickname, const vector<char> &id) { |
| 50 | return GetCertfile(nickname, id, "der"); |
| 51 | } |
| 52 | |
| 53 | FilePath NSS::GetCertfile( |
| 54 | const string &nickname, const vector<char> &id, const string &type) { |
| 55 | CHECK(glib_); |
| 56 | string filename = |
| 57 | kCertfileBasename + StringToLowerASCII(HexEncode(&id[0], id.size())); |
| 58 | char *argv[] = { |
| 59 | const_cast<char *>(kNSSGetCertScript), |
| 60 | const_cast<char *>(nickname.c_str()), |
| 61 | const_cast<char *>(type.c_str()), |
| 62 | const_cast<char *>(filename.c_str()), |
| 63 | NULL |
| 64 | }; |
Darin Petkov | e2c3d11 | 2012-04-17 12:20:15 +0200 | [diff] [blame] | 65 | char *envp[1] = { NULL }; |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 66 | int status = 0; |
| 67 | GError *error = NULL; |
| 68 | if (!glib_->SpawnSync(NULL, |
| 69 | argv, |
Darin Petkov | e2c3d11 | 2012-04-17 12:20:15 +0200 | [diff] [blame] | 70 | envp, |
Darin Petkov | 3c5e4dc | 2012-04-02 14:44:27 +0200 | [diff] [blame] | 71 | static_cast<GSpawnFlags>(0), |
| 72 | NULL, |
| 73 | NULL, |
| 74 | NULL, |
| 75 | NULL, |
| 76 | &status, |
| 77 | &error)) { |
| 78 | LOG(ERROR) << "nss-get-cert failed: " |
| 79 | << glib_->ConvertErrorToMessage(error); |
| 80 | return FilePath(); |
| 81 | } |
| 82 | if (!WIFEXITED(status) || WEXITSTATUS(status)) { |
| 83 | LOG(ERROR) << "nss-get-cert failed, status=" << status; |
| 84 | return FilePath(); |
| 85 | } |
| 86 | return FilePath(filename); |
| 87 | } |
| 88 | |
| 89 | } // namespace shill |