Added NetworkingPrivateCrypto and its unit test.

chrome/browser/extensions/api/networking_private/networking_private_crypto.h

Index: chrome/browser/extensions/api/networking_private/networking_private_crypto.h
diff --git a/chrome/browser/extensions/api/networking_private/networking_private_crypto.h b/chrome/browser/extensions/api/networking_private/networking_private_crypto.h
new file mode 100644
index 0000000000000000000000000000000000000000..4ddc7641f56bdf05cb72808806ef2ecbc1d5e5c6
--- /dev/null
+++ b/chrome/browser/extensions/api/networking_private/networking_private_crypto.h
@@ -0,0 +1,53 @@
+// Copyright 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Implementation of Crypto support for networking private API.
+// Based on chromeos_public//src/platform/shill/shims/crypto_util.cc
+
+#ifndef CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_
+#define CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_
+
+#include <string>
+#include "base/basictypes.h"
+
+class NetworkingPrivateCrypto {
+ public:
+  NetworkingPrivateCrypto();
+  ~NetworkingPrivateCrypto();
+
+  // Verify that credentials described by |certificate| and |signed_data| are
+  // valid.
+  //
+  // 1) The MAC address listed in the certificate matches |connected_mac|.
+  // 2) The certificate is a valid PEM encoded certificate signed by trusted CA.
+  // 3) |signed_data| matches the hashed |unsigned_data| encrypted with
+  //    the public key in |certificate|.
+  bool VerifyCredentials(const std::string& certificate,
+                         const std::string& signed_data,
+                         const std::string& unsigned_data,

[Ryan Sleevi, 2013/08/29 21:30:43]

naming: "signed_data" and "unsigned_data" should be renamed "signature" and
"data" (or signed_data), respectively.

3) |signature| is a valid signature for |data|, using the public key in
|certificate|

[mef, 2013/08/30 17:07:39]

Done.

+                         const std::string& connected_mac);
+
+  // Encrypt |data| with |public_key|.  |public_key| is the raw bytes of a key
+  // in RSAPublicKey format. |data| is some string of bytes smaller than the
+  // maximum length permissable for encryption with a key of |public_key| size.
+  //
+  // Returns the encrypted result in |encrypted_output| and returns true on
+  // success.
+  bool EncryptByteString(const std::string& public_key,
+                         const std::string& data,
+                         std::string* encrypted_output);
+
+  // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the
+  // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with
+  // EncryptByteString.
+  // Returns the decrypted result in |decrypted_output| and returns true on
+  // success.
+  bool DecryptByteString(const std::string& private_key_pem,
+                         const std::string& encrypted_data,
+                         std::string* decrypted_output);
+ private:

[Ryan Sleevi, 2013/08/29 21:30:43]

style nit: Line break between 48 & 49

[mef, 2013/08/30 17:07:39]

Done.

+  DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCrypto);
+};
+
+#endif  // CHROME_BROWSER_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPTO_H_