Chromium Code Reviews Chromium Code Reviews
Issue 442073003:
Separate CryptoVerifyImpl into its own file. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT O_H_ | 5 #ifndef CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT O_H_ |
| 6 #define CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT O_H_ | 6 #define CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CRYPT O_H_ |
| 7 | 7 |
| 8 #include <stdint.h> | 8 #include <stdint.h> |
| 9 | 9 |
| 10 #include <string> | 10 #include <string> |
| 11 #include <vector> | 11 #include <vector> |
| 12 | 12 |
| 13 #include "base/basictypes.h" | 13 #include "base/basictypes.h" |
| 14 | 14 |
| 15 // Implementation of Crypto support for networking private API. | 15 namespace networking_private_crypto { |
| 16 // Based on chromeos_public//src/platform/shill/shims/crypto_util.cc | |
| 17 class NetworkingPrivateCrypto { | |
| 18 public: | |
| 19 NetworkingPrivateCrypto(); | |
| 20 ~NetworkingPrivateCrypto(); | |
| 21 | 16 |
| 22 // Verify that credentials described by |certificate| and |signed_data| are | 17 // Verify that the credentials described by |certificate| and |signed_data| |
| 23 // valid. | 18 // are valid as follows: |
| 24 // | 19 // 1) The MAC address listed in the certificate matches |connected_mac|. |
| 25 // 1) The MAC address listed in the certificate matches |connected_mac|. | 20 // 2) The certificate is a valid PEM encoded certificate signed by trusted CA. |
| 26 // 2) The certificate is a valid PEM encoded certificate signed by trusted CA. | 21 // 3) |signature| is a valid signature for |data|, using the public key in |
| 27 // 3) |signature| is a valid signature for |data|, using the public key in | 22 // |certificate| |
| 28 // |certificate| | 23 bool VerifyCredentials(const std::string& certificate, |
| 29 bool VerifyCredentials(const std::string& certificate, | 24 const std::string& signature, |
| 30 const std::string& signature, | 25 const std::string& data, |
| 31 const std::string& data, | 26 const std::string& connected_mac); |
| 32 const std::string& connected_mac); | |
| 33 | 27 |
| 34 // Encrypt |data| with |public_key|. |public_key| is a DER-encoded | 28 // Encrypt |data| with |public_key|. |public_key| is a DER-encoded |
| 35 // RSAPublicKey. |data| is some string of bytes that is smaller than the | 29 // RSAPublicKey. |data| is some string of bytes that is smaller than the |
| 36 // maximum length permissible for PKCS#1 v1.5 with a key of |public_key| size. | 30 // maximum length permissible for PKCS#1 v1.5 with a key of |public_key| size. |
| 37 // | 31 // |
| 38 // Returns true on success, storing the encrypted result in | 32 // Returns true on success, storing the encrypted result in |
| 39 // |encrypted_output|. | 33 // |encrypted_output|. |
| 40 bool EncryptByteString(const std::vector<uint8_t>& public_key, | 34 bool EncryptByteString(const std::vector<uint8_t>& public_key, |
| 41 const std::string& data, | 35 const std::string& data, |
| 42 std::vector<uint8_t>* encrypted_output); | 36 std::vector<uint8_t>* encrypted_output); |
| 43 | 37 |
| 44 private: | 38 // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the |
| 45 friend class NetworkingPrivateCryptoTest; | 39 // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with |
| 40 // EncryptByteString. Used in NetworkingPrivateCryptoTest::EncryptString test. | |
| 41 // Returns true on success, storing the decrypted result in | |
| 42 // |decrypted_output|. | |
| 43 bool DecryptByteString(const std::string& private_key_pem, | |
| 44 const std::vector<uint8_t>& encrypted_data, | |
| 45 std::string* decrypted_output); | |
| 46 | 46 |
| 47 // Decrypt |encrypted_data| with |private_key_pem|. |private_key_pem| is the | 47 // The trusted public key as a DER-encoded PKCS#1 RSAPublicKey |
|
pneubeck (no reviews)
2014/08/06 16:01:38
nit: fits on one line?
What means "The" here? Wha
stevenjb
2014/08/06 16:52:14
Made one line. I don't know how to clarify this co
| |
| 48 // PKCS8 PEM-encoded private key. |encrypted_data| is data encrypted with | 48 // structure. |
| 49 // EncryptByteString. Used in NetworkingPrivateCryptoTest::EncryptString test. | 49 extern const uint8_t kTrustedCAPublicKeyDER[]; |
| 50 // | |
| 51 // Returns true on success, storing the decrypted result in | |
| 52 // |decrypted_output|. | |
| 53 bool DecryptByteString(const std::string& private_key_pem, | |
| 54 const std::vector<uint8_t>& encrypted_data, | |
| 55 std::string* decrypted_output); | |
| 56 | 50 |
| 57 // The trusted public key as a DER-encoded PKCS#1 RSAPublicKey | 51 // The length of |kTrustedCAPublicKeyDER| in bytes. |
| 58 // structure. | 52 extern const size_t kTrustedCAPublicKeyDERLength; |
| 59 static const uint8_t kTrustedCAPublicKeyDER[]; | |
| 60 | 53 |
| 61 // The length of |kTrustedCAPublicKeyDER| in bytes. | 54 } // namespace networking_private_crypto |
| 62 static const size_t kTrustedCAPublicKeyDERLength; | |
| 63 | |
| 64 DISALLOW_COPY_AND_ASSIGN(NetworkingPrivateCrypto); | |
| 65 }; | |
| 66 | 55 |
| 67 #endif // CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CR YPTO_H_ | 56 #endif // CHROME_COMMON_EXTENSIONS_API_NETWORKING_PRIVATE_NETWORKING_PRIVATE_CR YPTO_H_ |
| OLD | NEW |
