Index: chrome/browser/chromeos/login/owner_key_utils.cc |
diff --git a/chrome/browser/chromeos/login/owner_manager.cc b/chrome/browser/chromeos/login/owner_key_utils.cc |
similarity index 69% |
rename from chrome/browser/chromeos/login/owner_manager.cc |
rename to chrome/browser/chromeos/login/owner_key_utils.cc |
index 79b34c311549bcd792a156ce12aea6c6e0821707..916d9c70445866f736fcc078792c0b32c5584eeb 100644 |
--- a/chrome/browser/chromeos/login/owner_manager.cc |
+++ b/chrome/browser/chromeos/login/owner_key_utils.cc |
@@ -2,7 +2,7 @@ |
// Use of this source code is governed by a BSD-style license that can be |
// found in the LICENSE file. |
-#include "chrome/browser/chromeos/login/owner_manager.h" |
+#include "chrome/browser/chromeos/login/owner_key_utils.h" |
#include <keyhi.h> // SECKEY_CreateSubjectPublicKeyInfo() |
#include <pk11pub.h> |
@@ -21,19 +21,73 @@ |
#include "base/string_util.h" |
// static |
-const char OwnerManager::kOwnerKeyFile[] = "/var/lib/whitelist/owner.key"; |
+OwnerKeyUtils::Factory* OwnerKeyUtils::factory_ = NULL; |
+ |
+class OwnerKeyUtilsImpl : public OwnerKeyUtils { |
+ public: |
+ OwnerKeyUtilsImpl(); |
+ virtual ~OwnerKeyUtilsImpl(); |
+ |
+ bool GenerateKeyPair(SECKEYPrivateKey** private_key_out, |
+ SECKEYPublicKey** public_key_out); |
+ |
+ bool ExportPublicKey(SECKEYPublicKey* key, const FilePath& key_file); |
+ |
+ SECKEYPublicKey* ImportPublicKey(const FilePath& key_file); |
+ |
+ private: |
+ // Fills in fields of |key_der| with DER encoded data from a file at |
+ // |key_file|. The caller must pass in a pointer to an actual SECItem |
+ // struct for |key_der|. |key_der->data| should be initialized to NULL |
+ // and |key_der->len| should be set to 0. |
+ // |
+ // Upon success, data is stored in key_der->data, and the caller takes |
+ // ownership. Returns false on error. |
+ // |
+ // To free the data, call |
+ // SECITEM_FreeItem(key_der, PR_FALSE); |
+ static bool ReadDERFromFile(const FilePath& key_file, SECItem* key_der); |
+ |
+ // The place outside the owner's encrypted home directory where her |
+ // key will live. |
+ static const char kOwnerKeyFile[]; |
+ |
+ // Key generation parameters. |
+ static const uint32 kKeyGenMechanism; // used by PK11_GenerateKeyPair() |
+ static const unsigned long kExponent; |
+ static const int kKeySizeInBits; |
+ |
+ DISALLOW_COPY_AND_ASSIGN(OwnerKeyUtilsImpl); |
+}; |
+ |
+OwnerKeyUtils::OwnerKeyUtils() {} |
+ |
+OwnerKeyUtils::~OwnerKeyUtils() {} |
+ |
+OwnerKeyUtils* OwnerKeyUtils::Create() { |
+ if (!factory_) |
+ return new OwnerKeyUtilsImpl(); |
+ else |
+ return factory_->CreateOwnerKeyUtils(); |
+} |
+ |
+// static |
+const char OwnerKeyUtilsImpl::kOwnerKeyFile[] = "/var/lib/whitelist/owner.key"; |
// We're generating and using 2048-bit RSA keys. |
// static |
-const uint32 OwnerManager::kKeyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; |
+const uint32 OwnerKeyUtilsImpl::kKeyGenMechanism = CKM_RSA_PKCS_KEY_PAIR_GEN; |
// static |
-const unsigned long OwnerManager::kExponent = 65537UL; |
+const unsigned long OwnerKeyUtilsImpl::kExponent = 65537UL; |
// static |
-const int OwnerManager::kKeySizeInBits = 2048; |
+const int OwnerKeyUtilsImpl::kKeySizeInBits = 2048; |
-// static |
-bool OwnerManager::GenerateKeyPair(SECKEYPrivateKey** private_key_out, |
- SECKEYPublicKey** public_key_out) { |
+OwnerKeyUtilsImpl::OwnerKeyUtilsImpl(){} |
+ |
+OwnerKeyUtilsImpl::~OwnerKeyUtilsImpl() {} |
+ |
+bool OwnerKeyUtilsImpl::GenerateKeyPair(SECKEYPrivateKey** private_key_out, |
+ SECKEYPublicKey** public_key_out) { |
DCHECK(private_key_out); |
DCHECK(public_key_out); |
@@ -115,9 +169,8 @@ bool OwnerManager::GenerateKeyPair(SECKEYPrivateKey** private_key_out, |
return is_success; |
} |
-// static |
-bool OwnerManager::ExportPublicKey(SECKEYPublicKey* key, |
- const FilePath& key_file) { |
+bool OwnerKeyUtilsImpl::ExportPublicKey(SECKEYPublicKey* key, |
+ const FilePath& key_file) { |
DCHECK(key); |
SECItem* der; |
bool ok = false; |
@@ -147,8 +200,7 @@ bool OwnerManager::ExportPublicKey(SECKEYPublicKey* key, |
return ok; |
} |
-// static |
-SECKEYPublicKey* OwnerManager::ImportPublicKey(const FilePath& key_file) { |
+SECKEYPublicKey* OwnerKeyUtilsImpl::ImportPublicKey(const FilePath& key_file) { |
SECItem key_der; |
if (!ReadDERFromFile(key_file, &key_der)) { |
@@ -162,17 +214,19 @@ SECKEYPublicKey* OwnerManager::ImportPublicKey(const FilePath& key_file) { |
SECKEY_DecodeDERSubjectPublicKeyInfo(&key_der); |
if (!spki) { |
LOG(ERROR) << "Could not decode key info: " << PR_GetError(); |
+ SECITEM_FreeItem(&key_der, PR_FALSE); |
return NULL; |
} |
SECKEYPublicKey *public_key = SECKEY_ExtractPublicKey(spki); |
SECKEY_DestroySubjectPublicKeyInfo(spki); |
+ SECITEM_FreeItem(&key_der, PR_FALSE); |
return public_key; |
} |
// static |
-bool OwnerManager::ReadDERFromFile(const FilePath& key_file, |
- SECItem* key_der) { |
+bool OwnerKeyUtilsImpl::ReadDERFromFile(const FilePath& key_file, |
+ SECItem* key_der) { |
// I'd use NSS' SECU_ReadDERFromFile() here, but the SECU_* functions are |
// considered internal to the NSS command line utils. |
// This code is lifted, in spirit, from the implementation of that function. |