1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_ 6 #define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_ 7 #pragma once 8 9 #include <vector> 10 11 #include "base/basictypes.h" 12 #include "base/memory/ref_counted.h" 13 #include "crypto/rsa_private_key.h" 14 #include "chrome/browser/chromeos/login/owner_key_utils.h" 15 #include "content/browser/browser_thread.h" 16 17 class FilePath; 18 class NotificationDetails; 19 class NotificationType; 20 21 namespace chromeos { 22 23 // This class allows the registration of an Owner of a Chromium OS device. 24 // It handles generating the appropriate keys and storing them in the 25 // appropriate locations. 26 class OwnerManager : public base::RefCountedThreadSafe<OwnerManager> { 27 public: 28 // Return codes for public/private key operations. 29 enum KeyOpCode { 30 SUCCESS, 31 KEY_UNAVAILABLE, // The necessary key isn't available yet. 32 OPERATION_FAILED // The crypto operation failed. 33 }; 34 35 class Delegate { 36 public: 37 // Upon completion of a key operation, this method will be called. 38 // |return_code| indicates what happened, |payload| will be used to pass 39 // back any artifacts of the operation. For example, if the operation 40 // was a signature attempt, the signature blob would come back in |payload|. 41 virtual void OnKeyOpComplete(const KeyOpCode return_code, 42 const std::vector<uint8>& payload) = 0; 43 }; 44 45 class KeyUpdateDelegate { 46 public: 47 // Called upon completion of a key update operation. 48 virtual void OnKeyUpdated() = 0; 49 }; 50 51 OwnerManager(); 52 virtual ~OwnerManager(); 53 54 // Sets a new owner key from a provided memory buffer. 55 void UpdateOwnerKey(const BrowserThread::ID thread_id, 56 const std::vector<uint8>& key, 57 KeyUpdateDelegate* d); 58 59 // Pulls the owner's public key off disk and into memory. 60 // 61 // Call this on the FILE thread. 62 void LoadOwnerKey(); 63 64 bool EnsurePublicKey(); 65 bool EnsurePrivateKey(); 66 67 // Do the actual work of signing |data| with |private_key_|. First, 68 // ensures that we have the keys we need. Then, computes the signature. 69 // 70 // On success, calls d->OnKeyOpComplete() on |thread_id| with a 71 // successful return code, passing the signaure blob in |payload|. 72 // On failure, calls d->OnKeyOpComplete() on |thread_id| with an appropriate 73 // error and passes an empty string for |payload|. 74 void Sign(const BrowserThread::ID thread_id, 75 const std::string& data, 76 Delegate* d); 77 78 // Do the actual work of verifying that |signature| is valid over 79 // |data| with |public_key_|. First, ensures we have the key we 80 // need, then does the verify. 81 // 82 // On success, calls d->OnKeyOpComplete() on |thread_id| with a 83 // successful return code, passing an empty string for |payload|. 84 // On failure, calls d->OnKeyOpComplete() on |thread_id| with an appropriate 85 // error code, passing an empty string for |payload|. 86 void Verify(const BrowserThread::ID thread_id, 87 const std::string& data, 88 const std::vector<uint8>& signature, 89 Delegate* d); 90 91 private: 92 // A helper method to send a notification on another thread. 93 void SendNotification(NotificationType type, 94 const NotificationDetails& details); 95 96 // Calls back a key update delegate on a given thread. 97 void CallKeyUpdateDelegate(KeyUpdateDelegate* d) { 98 d->OnKeyUpdated(); 99 } 100 101 // A helper method to call back a delegte on another thread. 102 void CallDelegate(Delegate* d, 103 const KeyOpCode return_code, 104 const std::vector<uint8>& payload) { 105 d->OnKeyOpComplete(return_code, payload); 106 } 107 108 scoped_ptr<crypto::RSAPrivateKey> private_key_; 109 std::vector<uint8> public_key_; 110 111 scoped_refptr<OwnerKeyUtils> utils_; 112 113 friend class OwnerManagerTest; 114 115 DISALLOW_COPY_AND_ASSIGN(OwnerManager); 116 }; 117 118 } // namespace chromeos 119 120 #endif // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_ 121
