Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/json/json_string_value_serializer.h" | |
| 6 #include "base/strings/stringprintf.h" | |
| 5 #include "chromeos/dbus/fake_easy_unlock_client.h" | 7 #include "chromeos/dbus/fake_easy_unlock_client.h" |
| 6 | 8 |
| 9 namespace { | |
| 10 | |
| 11 // Keys generated using |GenerateEcP256KeyPair| are in the following format: | |
| 12 // "{<key_type>: <key_pair_index>}". | |
| 13 // <key_pair_index> is an integer identifying | |
| 14 // the key pair. | |
| 15 // <key_type> specifies whether the key is public or private. It can have one | |
| 16 // of the following valies: | |
| 17 const char kEc256PrivateKeyKey[] = "ec_p256_private_key"; | |
| 18 const char kEc256PublicKeyKey[] = "ec_p256_public_key"; | |
| 19 | |
| 20 // Format used to create secure message. | |
| 21 const char kSecureMessageFormat[] = | |
| 22 "{\"securemessage\": {" | |
| 23 "\"payload\": \"%s\"," | |
| 24 "\"key\": \"%s\"," | |
| 25 "\"associated_data\": \"%s\"," | |
| 26 "\"public_metadata\": \"%s\"," | |
| 27 "\"verification_key_id\": \"%s\"," | |
| 28 "\"encryption_type\": \"%s\"," | |
| 29 "\"signature_type\": \"%s\"" | |
| 30 "}}"; | |
| 31 | |
| 32 // Format used to create unwrapped secure message. | |
| 33 const char kUnwrappedSecureMessageFormat[] = | |
| 34 "{\"unwrapped_securemessage\": {" | |
| 35 "\"message\": \"%s\"," | |
| 36 "\"key\": \"%s\"," | |
| 37 "\"associated_data\": \"%s\"," | |
| 38 "\"encryption_type\": \"%s\"," | |
| 39 "\"signature_type\": \"%s\"" | |
| 40 "}}"; | |
| 41 | |
| 42 // Extracts key pair index from a key in format "<key_type>: <key_pair_index>}". | |
| 43 int ExtractKeyPairIndexFromKey(const std::string& key, | |
| 44 const std::string& key_type) { | |
| 45 JSONStringValueSerializer serializer(key); | |
| 46 scoped_ptr<base::Value> json_value(serializer.Deserialize(NULL, NULL)); | |
| 47 if (!json_value) | |
| 48 return -1; | |
| 49 | |
| 50 base::DictionaryValue* json_dictionary = NULL; | |
| 51 if (!json_value->GetAsDictionary(&json_dictionary)) | |
| 52 return -1; | |
| 53 | |
| 54 int key_pair_index = -1; | |
| 55 if (!json_dictionary->GetInteger(key_type, &key_pair_index)) | |
| 56 return -1; | |
| 57 return key_pair_index; | |
| 58 } | |
| 59 | |
| 60 } // namespace | |
| 61 | |
| 7 namespace chromeos { | 62 namespace chromeos { |
| 8 | 63 |
| 9 FakeEasyUnlockClient::FakeEasyUnlockClient() {} | 64 // static |
| 65 bool FakeEasyUnlockClient::IsEcP256KeyPair(const std::string& private_key, | |
| 66 const std::string& public_key) { | |
| 67 int private_key_index = | |
| 68 ExtractKeyPairIndexFromKey(private_key, kEc256PrivateKeyKey); | |
| 69 int public_key_index = | |
| 70 ExtractKeyPairIndexFromKey(public_key, kEc256PublicKeyKey); | |
| 71 | |
| 72 return private_key_index > 0 && public_key_index == private_key_index; | |
| 73 } | |
| 74 | |
| 75 FakeEasyUnlockClient::FakeEasyUnlockClient() : generated_keys_count_(0) {} | |
| 10 | 76 |
| 11 FakeEasyUnlockClient::~FakeEasyUnlockClient() {} | 77 FakeEasyUnlockClient::~FakeEasyUnlockClient() {} |
| 12 | 78 |
| 13 void FakeEasyUnlockClient::Init(dbus::Bus* bus) {} | 79 void FakeEasyUnlockClient::Init(dbus::Bus* bus) {} |
| 14 | 80 |
| 15 void FakeEasyUnlockClient::GenerateEcP256KeyPair( | 81 void FakeEasyUnlockClient::GenerateEcP256KeyPair( |
| 16 const KeyPairCallback& callback) { | 82 const KeyPairCallback& callback) { |
| 83 ++generated_keys_count_; | |
| 84 | |
| 85 callback.Run( | |
| 86 base::StringPrintf("{\"%s\": %d}", | |
| 87 kEc256PrivateKeyKey, | |
| 88 generated_keys_count_), | |
| 89 base::StringPrintf("{\"%s\": %d}", | |
| 90 kEc256PublicKeyKey, | |
| 91 generated_keys_count_)); | |
| 17 } | 92 } |
| 18 | 93 |
| 19 void FakeEasyUnlockClient::PerformECDHKeyAgreement( | 94 void FakeEasyUnlockClient::PerformECDHKeyAgreement( |
| 20 const std::string& private_key, | 95 const std::string& private_key, |
| 21 const std::string& public_key, | 96 const std::string& public_key, |
| 22 const DataCallback& callback) { | 97 const DataCallback& callback) { |
| 98 int private_key_index = | |
| 99 ExtractKeyPairIndexFromKey(private_key, kEc256PrivateKeyKey); | |
| 100 int public_key_index = | |
| 101 ExtractKeyPairIndexFromKey(public_key, kEc256PublicKeyKey); | |
| 102 if (private_key_index < 0 || public_key_index < 0) { | |
| 103 callback.Run(""); | |
| 104 return; | |
| 105 } | |
| 106 | |
| 107 // The secret key should stay the same if key pairs to which private and | |
| 108 // public key belong to are changed. To achieve this, identify the key by | |
| 109 // sum and product of key pairs. | |
| 110 callback.Run(base::StringPrintf( | |
| 111 "{\"secret_key\": [%d, %d]}", | |
| 112 private_key_index + public_key_index, | |
| 113 private_key_index * public_key_index)); | |
| 23 } | 114 } |
| 24 | 115 |
| 25 void FakeEasyUnlockClient::CreateSecureMessage( | 116 void FakeEasyUnlockClient::CreateSecureMessage( |
| 26 const std::string& payload, | 117 const std::string& payload, |
| 27 const std::string& secret_key, | 118 const std::string& key, |
| 28 const std::string& associated_data, | 119 const std::string& associated_data, |
| 29 const std::string& public_metadata, | 120 const std::string& public_metadata, |
| 30 const std::string& verification_key_id, | 121 const std::string& verification_key_id, |
| 31 const std::string& encryption_type, | 122 const std::string& encryption_type, |
| 32 const std::string& signature_type, | 123 const std::string& signature_type, |
| 33 const DataCallback& callback) { | 124 const DataCallback& callback) { |
| 125 callback.Run(base::StringPrintf(kSecureMessageFormat, | |
|
satorux1
2014/08/29 01:10:50
I'd suggest inlining the format string here becaus
tbarzic
2014/08/29 02:47:05
Done.
| |
| 126 payload.c_str(), | |
| 127 key.c_str(), | |
| 128 associated_data.c_str(), | |
| 129 public_metadata.c_str(), | |
| 130 verification_key_id.c_str(), | |
| 131 encryption_type.c_str(), | |
| 132 signature_type.c_str())); | |
| 34 } | 133 } |
| 35 | 134 |
| 36 void FakeEasyUnlockClient::UnwrapSecureMessage( | 135 void FakeEasyUnlockClient::UnwrapSecureMessage( |
| 37 const std::string& message, | 136 const std::string& message, |
| 38 const std::string& secret_key, | 137 const std::string& key, |
| 39 const std::string& associated_data, | 138 const std::string& associated_data, |
| 40 const std::string& encryption_type, | 139 const std::string& encryption_type, |
| 41 const std::string& signature_type, | 140 const std::string& signature_type, |
| 42 const DataCallback& callback) { | 141 const DataCallback& callback) { |
| 142 // TODO(tbarzic): Verify that |message| is in the format returned by | |
| 143 // |CreateSecureMessage| and extract payload, metadata and | |
| 144 // verification_key_id from there. | |
| 145 callback.Run(base::StringPrintf(kUnwrappedSecureMessageFormat, | |
|
satorux1
2014/08/29 01:10:50
ditto.
tbarzic
2014/08/29 02:47:05
Done.
| |
| 146 message.c_str(), | |
| 147 key.c_str(), | |
| 148 associated_data.c_str(), | |
| 149 encryption_type.c_str(), | |
| 150 signature_type.c_str())); | |
| 43 } | 151 } |
| 44 | 152 |
| 45 } // namespace chromeos | 153 } // namespace chromeos |
| OLD | NEW |