Chromium Code Reviews| Index: chrome/browser/chromeos/login/owner_key_util.cc |
| diff --git a/chrome/browser/chromeos/login/owner_key_util.cc b/chrome/browser/chromeos/login/owner_key_util.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..c38264ec23840cb4fb4495a1bf63e06672d3fb46 |
| --- /dev/null |
| +++ b/chrome/browser/chromeos/login/owner_key_util.cc |
| @@ -0,0 +1,133 @@ |
| +// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/chromeos/login/owner_key_util.h" |
| + |
| +#include <limits> |
| + |
| +#include "base/file_util.h" |
| +#include "base/logging.h" |
| +#include "base/memory/scoped_ptr.h" |
| +#include "base/string_util.h" |
| +#include "chrome/browser/chromeos/cros/cros_library.h" |
| +#include "chrome/common/extensions/extension_constants.h" |
| +#include "crypto/rsa_private_key.h" |
| +#include "crypto/signature_creator.h" |
| +#include "crypto/signature_verifier.h" |
| + |
| +using extension_misc::kSignatureAlgorithm; |
| + |
| +namespace chromeos { |
| + |
| +/////////////////////////////////////////////////////////////////////////// |
| +// OwnerKeyUtil |
| + |
| +OwnerKeyUtil* OwnerKeyUtil::Create() { |
| + return new OwnerKeyUtilImpl(FilePath(OwnerKeyUtilImpl::kOwnerKeyFile)); |
| +} |
| + |
| +bool OwnerKeyUtil::Verify(const std::string& data, |
| + const std::vector<uint8> signature, |
| + const std::vector<uint8> public_key) { |
| + crypto::SignatureVerifier verifier; |
| + if (!verifier.VerifyInit(kSignatureAlgorithm, sizeof(kSignatureAlgorithm), |
| + &signature[0], signature.size(), |
| + &public_key[0], public_key.size())) { |
| + return false; |
| + } |
| + |
| + verifier.VerifyUpdate(reinterpret_cast<const uint8*>(data.c_str()), |
| + data.length()); |
| + return (verifier.VerifyFinal()); |
| +} |
| + |
| +bool OwnerKeyUtil::Sign(const std::string& data, |
| + std::vector<uint8>* OUT_signature, |
| + crypto::RSAPrivateKey* key) { |
| + scoped_ptr<crypto::SignatureCreator> signer( |
| + crypto::SignatureCreator::Create(key)); |
| + if (!signer->Update(reinterpret_cast<const uint8*>(data.c_str()), |
| + data.length())) { |
| + return false; |
| + } |
| + return signer->Final(OUT_signature); |
| +} |
| + |
| +OwnerKeyUtil::OwnerKeyUtil() {} |
| + |
| +OwnerKeyUtil::~OwnerKeyUtil() {} |
| + |
| +/////////////////////////////////////////////////////////////////////////// |
| +// OwnerKeyUtilImpl |
| + |
| +// static |
| +const char OwnerKeyUtilImpl::kOwnerKeyFile[] = "/var/lib/whitelist/owner.key"; |
| + |
| +OwnerKeyUtilImpl::OwnerKeyUtilImpl(const FilePath& key_file) |
| + : key_file_(key_file) {} |
| + |
| +OwnerKeyUtilImpl::~OwnerKeyUtilImpl() {} |
| + |
| +bool OwnerKeyUtilImpl::ExportPublicKey(crypto::RSAPrivateKey* pair) { |
| + DCHECK(pair); |
| + bool ok = false; |
| + int safe_file_size = 0; |
| + |
| + std::vector<uint8> to_export; |
| + if (!pair->ExportPublicKey(&to_export)) { |
| + LOG(ERROR) << "Formatting key for export failed!"; |
| + return false; |
| + } |
| + |
| + if (to_export.size() > static_cast<uint>(INT_MAX)) { |
|
Chris Masone
2012/08/03 16:28:25
numeric_limits<int>::max(), right?
Mattias Nissler (ping if slow)
2012/08/06 21:28:14
Correct, but obsolete :)
|
| + LOG(ERROR) << "key is too big! " << to_export.size(); |
| + } else { |
| + safe_file_size = static_cast<int>(to_export.size()); |
| + |
| + ok = (safe_file_size == |
| + file_util::WriteFile(key_file_, |
| + reinterpret_cast<char*>(&to_export.front()), |
| + safe_file_size)); |
| + } |
| + return ok; |
| +} |
| + |
| +bool OwnerKeyUtilImpl::ImportPublicKey(std::vector<uint8>* output) { |
| + // Get the file size (must fit in a 32 bit int for NSS). |
| + int64 file_size; |
| + if (!file_util::GetFileSize(key_file_, &file_size)) { |
| + LOG(ERROR) << "Could not get size of " << key_file_.value(); |
| + return false; |
| + } |
| + if (file_size > static_cast<int64>(std::numeric_limits<int>::max())) { |
| + LOG(ERROR) << key_file_.value() << "is " |
| + << file_size << "bytes!!! Too big!"; |
| + return false; |
| + } |
| + int32 safe_file_size = static_cast<int32>(file_size); |
| + |
| + output->resize(safe_file_size); |
| + |
| + if (safe_file_size == 0) { |
| + LOG(WARNING) << "Public key file is empty. This seems wrong."; |
| + return false; |
| + } |
| + |
| + // Get the key data off of disk |
| + int data_read = file_util::ReadFile(key_file_, |
| + reinterpret_cast<char*>(&(output->at(0))), |
| + safe_file_size); |
| + return data_read == safe_file_size; |
| +} |
| + |
| +crypto::RSAPrivateKey* OwnerKeyUtilImpl::FindPrivateKey( |
| + const std::vector<uint8>& key) { |
| + return crypto::RSAPrivateKey::FindFromPublicKeyInfo(key); |
| +} |
| + |
| +bool OwnerKeyUtilImpl::IsPublicKeyPresent() { |
| + return file_util::PathExists(FilePath(OwnerKeyUtilImpl::kOwnerKeyFile)); |
| +} |
| + |
| +} // namespace chromeos |