Home | History | Annotate | Download | only in login 
      1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
      6 #define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
      7 #pragma once
      8 
      9 #include <vector>
     10 
     11 #include "base/basictypes.h"
     12 #include "base/gtest_prod_util.h"
     13 #include "base/memory/ref_counted.h"
     14 #include "chrome/browser/chromeos/cros/login_library.h"
     15 
     16 class FilePath;
     17 
     18 namespace crypto {
     19 class RSAPrivateKey;
     20 }
     21 
     22 namespace chromeos {
     23 
     24 class OwnerKeyUtilsTest;
     25 
     26 class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> {
     27  public:
     28   class Factory {
     29    public:
     30     virtual OwnerKeyUtils* CreateOwnerKeyUtils() = 0;
     31   };
     32 
     33   OwnerKeyUtils();
     34 
     35   // Sets the factory used by the static method Create to create an
     36   // OwnerKeyUtils.  OwnerKeyUtils does not take ownership of
     37   // |factory|. A value of NULL results in an OwnerKeyUtils being
     38   // created directly.
     39 #if defined(UNIT_TEST)
     40   static void set_factory(Factory* factory) { factory_ = factory; }
     41 #endif
     42 
     43   // Creates an OwnerKeyUtils, ownership returns to the caller. If there is no
     44   // Factory (the default) this creates and returns a new OwnerKeyUtils.
     45   static OwnerKeyUtils* Create();
     46 
     47   // Assumes that the file at |key_file| exists.
     48   // Upon success, returns true and populates |output|.  False on failure.
     49   virtual bool ImportPublicKey(const FilePath& key_file,
     50                                std::vector<uint8>* output) = 0;
     51 
     52   // Verfiy that |signature| is a Sha1-with-RSA signature over |data| with
     53   // |public_key|
     54   // Returns true if so, false on bad signature or other error.
     55   virtual bool Verify(const std::string& data,
     56                       const std::vector<uint8> signature,
     57                       const std::vector<uint8> public_key) = 0;
     58 
     59   // Sign |data| with |key| using Sha1 with RSA.  If successful, return true
     60   // and populate |OUT_signature|.
     61   virtual bool Sign(const std::string& data,
     62                     std::vector<uint8>* OUT_signature,
     63                     crypto::RSAPrivateKey* key) = 0;
     64 
     65   // Looks for the private key associated with |key| in the default slot,
     66   // and returns it if it can be found.  Returns NULL otherwise.
     67   // Caller takes ownership.
     68   virtual crypto::RSAPrivateKey* FindPrivateKey(
     69       const std::vector<uint8>& key) = 0;
     70 
     71   virtual FilePath GetOwnerKeyFilePath() = 0;
     72 
     73  protected:
     74   virtual ~OwnerKeyUtils();
     75 
     76   // DER encodes public half of |pair| and writes it out to |key_file|.
     77   // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object.
     78   // Returns false on error.
     79   virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
     80                                      const FilePath& key_file) = 0;
     81 
     82  private:
     83   friend class base::RefCounted<OwnerKeyUtils>;
     84   static Factory* factory_;
     85 
     86   FRIEND_TEST_ALL_PREFIXES(OwnerKeyUtilsTest, ExportImportPublicKey);
     87 };
     88 
     89 }  // namespace chromeos
     90 
     91 #endif  // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
     92