| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT
O_H_ | 5 #ifndef CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT
O_H_ |
| 6 #define CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT
O_H_ | 6 #define CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT
O_H_ |
| 7 | 7 |
| 8 #include <stdint.h> |
| 9 |
| 8 #include <string> | 10 #include <string> |
| 9 #include <vector> | 11 #include <vector> |
| 12 |
| 10 #include "base/basictypes.h" | 13 #include "base/basictypes.h" |
| 11 | 14 |
| 12 // Implementation of Crypto support for networking private API. | 15 // Implementation of Crypto support for networking private API. |
| 13 // Based on chromeos_public//src/platform/shill/shims/crypto_util.cc | 16 // Based on chromeos_public//src/platform/shill/shims/crypto_util.cc |
| 14 class NetworkingPrivateCrypto { | 17 class NetworkingPrivateCrypto { |
| 15 public: | 18 public: |
| 16 NetworkingPrivateCrypto(); | 19 NetworkingPrivateCrypto(); |
| 17 ~NetworkingPrivateCrypto(); | 20 ~NetworkingPrivateCrypto(); |
| 18 | 21 |
| 19 // Verify that credentials described by |certificate| and |signed_data| are | 22 // Verify that credentials described by |certificate| and |signed_data| are |
| 20 // valid. | 23 // valid. |
| 21 // | 24 // |
| 22 // 1) The MAC address listed in the certificate matches |connected_mac|. | 25 // 1) The MAC address listed in the certificate matches |connected_mac|. |
| 23 // 2) The certificate is a valid PEM encoded certificate signed by trusted CA. | 26 // 2) The certificate is a valid PEM encoded certificate signed by trusted CA. |
| 24 // 3) |signature| is a valid signature for |data|, using the public key in | 27 // 3) |signature| is a valid signature for |data|, using the public key in |
| 25 // |certificate| | 28 // |certificate| |
| 26 bool VerifyCredentials(const std::string& certificate, | 29 bool VerifyCredentials(const std::string& certificate, |
| 27 const std::string& signature, | 30 const std::string& signature, |
| 28 const std::string& data, | 31 const std::string& data, |
| 29 const std::string& connected_mac); | 32 const std::string& connected_mac); |
| 30 | 33 |
| 31 // Encrypt |data| with |public_key|. |public_key| is a DER-encoded | 34 // Encrypt |data| with |public_key|. |public_key| is a DER-encoded |
| 32 // RSAPublicKey. |data| is some string of bytes that is smaller than the | 35 // RSAPublicKey. |data| is some string of bytes that is smaller than the |
| 33 // maximum length permissible for PKCS#1 v1.5 with a key of |public_key| size. | 36 // maximum length permissible for PKCS#1 v1.5 with a key of |public_key| size. |
| 34 // | 37 // |
| 35 // Returns true on success, storing the encrypted result in | 38 // Returns true on success, storing the encrypted result in |
| 36 // |encrypted_output|. | 39 // |encrypted_output|. |
| 37 bool EncryptByteString(const std::vector<uint8>& public_key, | 40 bool EncryptByteString(const std::vector<uint8_t>& public_key, |
| 38 const std::string& data, | 41 const std::string& data, |
| 39 std::vector<uint8>* encrypted_output); | 42 std::vector<uint8_t>* encrypted_output); |
| 40 | 43 |
| 41 private: | 44 private: |
| 42 friend class NetworkingPrivateCryptoTest; | 45 friend class NetworkingPrivateCryptoTest; |
| 43 | 46 |
| 44 // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the | 47 // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the |
| 45 // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with | 48 // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with |
| 46 // EncryptByteString. Used in NetworkingPrivateCryptoTest::EncryptString test. | 49 // EncryptByteString. Used in NetworkingPrivateCryptoTest::EncryptString test. |
| 47 // | 50 // |
| 48 // Returns true on success, storing the decrypted result in | 51 // Returns true on success, storing the decrypted result in |
| 49 // |decrypted_output|. | 52 // |decrypted_output|. |
| 50 bool DecryptByteString(const std::string& private_key_pem, | 53 bool DecryptByteString(const std::string& private_key_pem, |
| 51 const std::vector<uint8>& encrypted_data, | 54 const std::vector<uint8_t>& encrypted_data, |
| 52 std::string* decrypted_output); | 55 std::string* decrypted_output); |
| 53 | 56 |
| 57 // The trusted public key as a DER-encoded PKCS#1 RSAPublicKey |
| 58 // structure. |
| 59 static const uint8_t kTrustedCAPublicKeyDER[]; |
| 60 |
| 61 // The length of |kTrustedCAPublicKeyDER| in bytes. |
| 62 static const size_t kTrustedCAPublicKeyDERLength; |
| 63 |
| 54 DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCrypto); | 64 DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCrypto); |
| 55 }; | 65 }; |
| 56 | 66 |
| 57 #endif // CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CR
YPTO_H_ | 67 #endif // CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CR
YPTO_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 396463004:
Implement NetworkingPrivateCrypto for OpenSSL. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src