1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
6#define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
7#pragma once
8
9#include <vector>
10
11#include "base/basictypes.h"
12#include "base/gtest_prod_util.h"
13#include "base/memory/ref_counted.h"
14#include "chrome/browser/chromeos/cros/login_library.h"
15
16class FilePath;
17
18namespace crypto {
19class RSAPrivateKey;
20}
21
22namespace chromeos {
23
24class OwnerKeyUtilsTest;
25
26class OwnerKeyUtils : public base::RefCounted<OwnerKeyUtils> {
27 public:
28  class Factory {
29   public:
30    virtual OwnerKeyUtils* CreateOwnerKeyUtils() = 0;
31  };
32
33  OwnerKeyUtils();
34
35  // Sets the factory used by the static method Create to create an
36  // OwnerKeyUtils.  OwnerKeyUtils does not take ownership of
37  // |factory|. A value of NULL results in an OwnerKeyUtils being
38  // created directly.
39#if defined(UNIT_TEST)
40  static void set_factory(Factory* factory) { factory_ = factory; }
41#endif
42
43  // Creates an OwnerKeyUtils, ownership returns to the caller. If there is no
44  // Factory (the default) this creates and returns a new OwnerKeyUtils.
45  static OwnerKeyUtils* Create();
46
47  // Assumes that the file at |key_file| exists.
48  // Upon success, returns true and populates |output|.  False on failure.
49  virtual bool ImportPublicKey(const FilePath& key_file,
50                               std::vector<uint8>* output) = 0;
51
52  // Verfiy that |signature| is a Sha1-with-RSA signature over |data| with
53  // |public_key|
54  // Returns true if so, false on bad signature or other error.
55  virtual bool Verify(const std::string& data,
56                      const std::vector<uint8> signature,
57                      const std::vector<uint8> public_key) = 0;
58
59  // Sign |data| with |key| using Sha1 with RSA.  If successful, return true
60  // and populate |OUT_signature|.
61  virtual bool Sign(const std::string& data,
62                    std::vector<uint8>* OUT_signature,
63                    crypto::RSAPrivateKey* key) = 0;
64
65  // Looks for the private key associated with |key| in the default slot,
66  // and returns it if it can be found.  Returns NULL otherwise.
67  // Caller takes ownership.
68  virtual crypto::RSAPrivateKey* FindPrivateKey(
69      const std::vector<uint8>& key) = 0;
70
71  virtual FilePath GetOwnerKeyFilePath() = 0;
72
73 protected:
74  virtual ~OwnerKeyUtils();
75
76  // DER encodes public half of |pair| and writes it out to |key_file|.
77  // The blob on disk is a DER-encoded X509 SubjectPublicKeyInfo object.
78  // Returns false on error.
79  virtual bool ExportPublicKeyToFile(crypto::RSAPrivateKey* pair,
80                                     const FilePath& key_file) = 0;
81
82 private:
83  friend class base::RefCounted<OwnerKeyUtils>;
84  static Factory* factory_;
85
86  FRIEND_TEST_ALL_PREFIXES(OwnerKeyUtilsTest, ExportImportPublicKey);
87};
88
89}  // namespace chromeos
90
91#endif  // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_KEY_UTILS_H_
92