1ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be
3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file.
4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once
83345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
93345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include <vector>
10c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/basictypes.h"
12dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "base/gtest_prod_util.h"
13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/ref_counted.h"
143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include "chrome/browser/chromeos/cros/login_library.h"
15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass FilePath;
17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
18ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsennamespace crypto {
193345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass RSAPrivateKey;
203345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick}
21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
223345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merricknamespace chromeos {
23c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
24dc0f95d653279beabeb9817299e2902918ba123eKristian Monsenclass OwnerKeyUtilsTest;
25dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> {
27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public:
28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  class Factory {
29c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch   public:
30c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch    virtual OwnerKeyUtils* CreateOwnerKeyUtils() = 0;
31c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  };
32c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
33c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  OwnerKeyUtils();
34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // Sets the factory used by the static method Create to create an
36c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // OwnerKeyUtils.  OwnerKeyUtils does not take ownership of
37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // |factory|. A value of NULL results in an OwnerKeyUtils being
38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // created directly.
39c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#if defined(UNIT_TEST)
40c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  static void set_factory(Factory* factory) { factory_ = factory; }
41c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif
42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // Creates an OwnerKeyUtils, ownership returns to the caller. If there is no
44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // Factory (the default) this creates and returns a new OwnerKeyUtils.
45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  static OwnerKeyUtils* Create();
46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // Assumes that the file at |key_file| exists.
483345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Upon success, returns true and populates |output|.  False on failure.
493345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  virtual bool ImportPublicKey(const FilePath& key_file,
503345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick                               std::vector<uint8>* output) = 0;
513345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
523345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Verfiy that |signature| is a Sha1-with-RSA signature over |data| with
533345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // |public_key|
543345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Returns true if so, false on bad signature or other error.
553345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  virtual bool Verify(const std::string& data,
563345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick                      const std::vector<uint8> signature,
573345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick                      const std::vector<uint8> public_key) = 0;
583345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
593345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Sign |data| with |key| using Sha1 with RSA.  If successful, return true
603345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // and populate |OUT_signature|.
613345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  virtual bool Sign(const std::string& data,
623345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick                    std::vector<uint8>* OUT_signature,
63ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen                    crypto::RSAPrivateKey* key) = 0;
643345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
653345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Looks for the private key associated with |key| in the default slot,
663345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // and returns it if it can be found.  Returns NULL otherwise.
673345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  // Caller takes ownership.
68ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual crypto::RSAPrivateKey* FindPrivateKey(
693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick      const std::vector<uint8>& key) = 0;
703345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
713345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  virtual FilePath GetOwnerKeyFilePath() = 0;
723345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
733345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick protected:
743345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  virtual ~OwnerKeyUtils();
75c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
76dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // DER encodes public half of |pair| and writes it out to |key_file|.
77dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object.
78dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  // Returns false on error.
79ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
80dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen                                     const FilePath& key_file) = 0;
81dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch private:
833345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  friend class base::RefCounted<OwnerKeyUtils>;
84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  static Factory* factory_;
85dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen
86dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen  FRIEND_TEST_ALL_PREFIXES(OwnerKeyUtilsTest, ExportImportPublicKey);
87c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch};
88c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
893345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick}  // namespace chromeos
903345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif  // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
92