• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_
6 #define CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_
7 #pragma once
8 
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "base/memory/ref_counted.h"
13 #include "crypto/rsa_private_key.h"
14 #include "chrome/browser/chromeos/login/owner_key_utils.h"
15 #include "content/browser/browser_thread.h"
16 
17 class FilePath;
18 class NotificationDetails;
19 class NotificationType;
20 
21 namespace chromeos {
22 
23 // This class allows the registration of an Owner of a Chromium OS device.
24 // It handles generating the appropriate keys and storing them in the
25 // appropriate locations.
26 class OwnerManager : public base::RefCountedThreadSafe<OwnerManager> {
27  public:
28   // Return codes for public/private key operations.
29   enum KeyOpCode {
30     SUCCESS,
31     KEY_UNAVAILABLE,  // The necessary key isn't available yet.
32     OPERATION_FAILED  // The crypto operation failed.
33   };
34 
35   class Delegate {
36    public:
37     // Upon completion of a key operation, this method will be called.
38     // |return_code| indicates what happened, |payload| will be used to pass
39     // back any artifacts of the operation.  For example, if the operation
40     // was a signature attempt, the signature blob would come back in |payload|.
41     virtual void OnKeyOpComplete(const KeyOpCode return_code,
42                                  const std::vector<uint8>& payload) = 0;
43   };
44 
45   class KeyUpdateDelegate {
46    public:
47     // Called upon completion of a key update operation.
48     virtual void OnKeyUpdated() = 0;
49   };
50 
51   OwnerManager();
52   virtual ~OwnerManager();
53 
54   // Sets a new owner key from a provided memory buffer.
55   void UpdateOwnerKey(const BrowserThread::ID thread_id,
56                       const std::vector<uint8>& key,
57                       KeyUpdateDelegate* d);
58 
59   // Pulls the owner's public key off disk and into memory.
60   //
61   // Call this on the FILE thread.
62   void LoadOwnerKey();
63 
64   bool EnsurePublicKey();
65   bool EnsurePrivateKey();
66 
67   // Do the actual work of signing |data| with |private_key_|.  First,
68   // ensures that we have the keys we need.  Then, computes the signature.
69   //
70   // On success, calls d->OnKeyOpComplete() on |thread_id| with a
71   // successful return code, passing the signaure blob in |payload|.
72   // On failure, calls d->OnKeyOpComplete() on |thread_id| with an appropriate
73   // error and passes an empty string for |payload|.
74   void Sign(const BrowserThread::ID thread_id,
75             const std::string& data,
76             Delegate* d);
77 
78   // Do the actual work of verifying that |signature| is valid over
79   // |data| with |public_key_|.  First, ensures we have the key we
80   // need, then does the verify.
81   //
82   // On success, calls d->OnKeyOpComplete() on |thread_id| with a
83   // successful return code, passing an empty string for |payload|.
84   // On failure, calls d->OnKeyOpComplete() on |thread_id| with an appropriate
85   // error code, passing an empty string for |payload|.
86   void Verify(const BrowserThread::ID thread_id,
87               const std::string& data,
88               const std::vector<uint8>& signature,
89               Delegate* d);
90 
91  private:
92   // A helper method to send a notification on another thread.
93   void SendNotification(NotificationType type,
94                         const NotificationDetails& details);
95 
96   // Calls back a key update delegate on a given thread.
CallKeyUpdateDelegate(KeyUpdateDelegate * d)97   void CallKeyUpdateDelegate(KeyUpdateDelegate* d) {
98     d->OnKeyUpdated();
99   }
100 
101   // A helper method to call back a delegte on another thread.
CallDelegate(Delegate * d,const KeyOpCode return_code,const std::vector<uint8> & payload)102   void CallDelegate(Delegate* d,
103                     const KeyOpCode return_code,
104                     const std::vector<uint8>& payload) {
105     d->OnKeyOpComplete(return_code, payload);
106   }
107 
108   scoped_ptr<crypto::RSAPrivateKey> private_key_;
109   std::vector<uint8> public_key_;
110 
111   scoped_refptr<OwnerKeyUtils> utils_;
112 
113   friend class OwnerManagerTest;
114 
115   DISALLOW_COPY_AND_ASSIGN(OwnerManager);
116 };
117 
118 }  // namespace chromeos
119 
120 #endif  // CHROME_BROWSER_CHROMEOS_LOGIN_OWNER_MANAGER_H_
121