1ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_ 6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_ 73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once 83345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 93345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include <vector> 10c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/basictypes.h" 12dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "base/gtest_prod_util.h" 13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/ref_counted.h" 143345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#include "chrome/browser/chromeos/cros/login_library.h" 15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 163345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass FilePath; 17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 18ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsennamespace crypto { 193345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass RSAPrivateKey; 203345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick} 21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 223345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merricknamespace chromeos { 23c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 24dc0f95d653279beabeb9817299e2902918ba123eKristian Monsenclass OwnerKeyUtilsTest; 25dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> { 27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public: 28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch class Factory { 29c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch public: 30c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch virtual OwnerKeyUtils* CreateOwnerKeyUtils() = 0; 31c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch }; 32c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 33c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch OwnerKeyUtils(); 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Sets the factory used by the static method Create to create an 36c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // OwnerKeyUtils. OwnerKeyUtils does not take ownership of 37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // |factory|. A value of NULL results in an OwnerKeyUtils being 38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // created directly. 39c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#if defined(UNIT_TEST) 40c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static void set_factory(Factory* factory) { factory_ = factory; } 41c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif 42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Creates an OwnerKeyUtils, ownership returns to the caller. If there is no 44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Factory (the default) this creates and returns a new OwnerKeyUtils. 45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static OwnerKeyUtils* Create(); 46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Assumes that the file at |key_file| exists. 483345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Upon success, returns true and populates |output|. False on failure. 493345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick virtual bool ImportPublicKey(const FilePath& key_file, 503345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick std::vector<uint8>* output) = 0; 513345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 523345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Verfiy that |signature| is a Sha1-with-RSA signature over |data| with 533345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // |public_key| 543345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Returns true if so, false on bad signature or other error. 553345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick virtual bool Verify(const std::string& data, 563345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick const std::vector<uint8> signature, 573345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick const std::vector<uint8> public_key) = 0; 583345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 593345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Sign |data| with |key| using Sha1 with RSA. If successful, return true 603345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // and populate |OUT_signature|. 613345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick virtual bool Sign(const std::string& data, 623345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick std::vector<uint8>* OUT_signature, 63ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen crypto::RSAPrivateKey* key) = 0; 643345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 653345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Looks for the private key associated with |key| in the default slot, 663345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // and returns it if it can be found. Returns NULL otherwise. 673345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick // Caller takes ownership. 68ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual crypto::RSAPrivateKey* FindPrivateKey( 693345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick const std::vector<uint8>& key) = 0; 703345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 713345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick virtual FilePath GetOwnerKeyFilePath() = 0; 723345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 733345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick protected: 743345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick virtual ~OwnerKeyUtils(); 75c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 76dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // DER encodes public half of |pair| and writes it out to |key_file|. 77dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object. 78dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen // Returns false on error. 79ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair, 80dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen const FilePath& key_file) = 0; 81dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch private: 833345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick friend class base::RefCounted<OwnerKeyUtils>; 84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch static Factory* factory_; 85dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen 86dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen FRIEND_TEST_ALL_PREFIXES(OwnerKeyUtilsTest, ExportImportPublicKey); 87c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch}; 88c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 893345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick} // namespace chromeos 903345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_ 92