networking_private_crypto.h revision a1401311d1ab56c4ed0a474bd38c108f75cb0cd9
1a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)// Copyright 2014 The Chromium Authors. All rights reserved. 258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// found in the LICENSE file. 458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 5a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#ifndef CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_ 6a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#define CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_ 758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)#include <string> 9a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#include <vector> 1058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)#include "base/basictypes.h" 1158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 1258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// Implementation of Crypto support for networking private API. 1358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)// Based on chromeos_public//src/platform/shill/shims/crypto_util.cc 1458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)class NetworkingPrivateCrypto { 1558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) public: 1658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) NetworkingPrivateCrypto(); 1758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) ~NetworkingPrivateCrypto(); 1858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 1958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Verify that credentials described by |certificate| and |signed_data| are 2058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // valid. 2158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 2258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 1) The MAC address listed in the certificate matches |connected_mac|. 2358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 2) The certificate is a valid PEM encoded certificate signed by trusted CA. 2458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 3) |signature| is a valid signature for |data|, using the public key in 2558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // |certificate| 2658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) bool VerifyCredentials(const std::string& certificate, 2758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& signature, 2858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& data, 2958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& connected_mac); 3058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 3158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Encrypt |data| with |public_key|. |public_key| is a DER-encoded 32f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // RSAPublicKey. |data| is some string of bytes that is smaller than the 33f2477e01787aa58f445919b809d89e252beef54fTorne (Richard Coles) // maximum length permissible for PKCS#1 v1.5 with a key of |public_key| size. 3458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 3558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Returns true on success, storing the encrypted result in 3658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // |encrypted_output|. 37a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) bool EncryptByteString(const std::vector<uint8>& public_key, 3858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) const std::string& data, 39a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) std::vector<uint8>* encrypted_output); 4058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 4158537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) private: 4258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) friend class NetworkingPrivateCryptoTest; 4358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 4458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the 4558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with 4658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // EncryptByteString. Used in NetworkingPrivateCryptoTest::EncryptString test. 4758537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // 4858537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // Returns true on success, storing the decrypted result in 4958537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) // |decrypted_output|. 5058537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) bool DecryptByteString(const std::string& private_key_pem, 51a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles) const std::vector<uint8>& encrypted_data, 5258537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) std::string* decrypted_output); 5358537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 5458537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCrypto); 5558537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles)}; 5658537e28ecd584eab876aee8be7156509866d23aTorne (Richard Coles) 57a1401311d1ab56c4ed0a474bd38c108f75cb0cd9Torne (Richard Coles)#endif // CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_ 58