Google Git
Sign in
chromium / chromium / src.git / main / . / components / ownership / owner_key_util.h
blob: 86552dd813d718267fcf8538edf0ec2a8fc49fbb [file] [log] [blame]
// Copyright 2014 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_
#define COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_
#include <stdint.h>
#include <string>
#include <vector>
#include "base/memory/ref_counted.h"
#include "components/ownership/ownership_export.h"
#include "crypto/scoped_nss_types.h"
struct PK11SlotInfoStr;
typedef struct PK11SlotInfoStr PK11SlotInfo;
namespace ownership {
// This class is a ref-counted wrapper around a plain public key.
class OWNERSHIP_EXPORT PublicKey
: public base::RefCountedThreadSafe<PublicKey> {
public:
// `is_persisted` should be true for keys that are loaded from disk and false
// for newly generated ones. `data` is the binary representation of the key
// itself.
PublicKey(bool is_persisted, std::vector<uint8_t> data);
PublicKey(const PublicKey&) = delete;
PublicKey& operator=(const PublicKey&) = delete;
scoped_refptr<PublicKey> clone();
std::vector<uint8_t>& data() { return data_; }
bool is_empty() const { return data_.empty(); }
// Returns true if the key was read from the filesystem or it was already
// saved on disk. Returns false for recently generated keys that still need
// to be sent to session_manager for saving on disk.
bool is_persisted() { return is_persisted_; }
// Marks that the key was saved on disk.
void mark_persisted() { is_persisted_ = true; }
std::string as_string() {
return std::string(reinterpret_cast<const char*>(data_.data()),
data_.size());
}
private:
friend class base::RefCountedThreadSafe<PublicKey>;
virtual ~PublicKey();
bool is_persisted_ = false;
std::vector<uint8_t> data_;
};
// This class is a ref-counted wrapper around a SECKEYPrivateKey
// instance.
class OWNERSHIP_EXPORT PrivateKey
: public base::RefCountedThreadSafe<PrivateKey> {
public:
explicit PrivateKey(crypto::ScopedSECKEYPrivateKey key);
PrivateKey(const PrivateKey&) = delete;
PrivateKey& operator=(const PrivateKey&) = delete;
// Extracts the SECKEYPrivateKey from the object. Should be used carefully,
// since PrivateKey is refcounted and could be used from several places at the
// same time.
// TODO(b/264397430): The method can be removed after the migration is done.
crypto::ScopedSECKEYPrivateKey ExtractKey() { return std::move(key_); }
SECKEYPrivateKey* key() { return key_.get(); }
private:
friend class base::RefCountedThreadSafe<PrivateKey>;
virtual ~PrivateKey();
crypto::ScopedSECKEYPrivateKey key_;
};
// This class is a helper class that allows to import public/private
// parts of the owner key.
class OWNERSHIP_EXPORT OwnerKeyUtil
: public base::RefCountedThreadSafe<OwnerKeyUtil> {
public:
// Attempts to read the public key from the file system. Returns nullptr on
// failure and a populated key on success.
virtual scoped_refptr<PublicKey> ImportPublicKey() = 0;
// Generates a new key pair in the `slot`.
virtual crypto::ScopedSECKEYPrivateKey GenerateKeyPair(
PK11SlotInfo* slot) = 0;
// Looks for the private key associated with |key| in the |slot|
// and returns it if it can be found. Returns NULL otherwise.
// Caller takes ownership.
virtual crypto::ScopedSECKEYPrivateKey FindPrivateKeyInSlot(
const std::vector<uint8_t>& key,
PK11SlotInfo* slot) = 0;
// Checks whether the public key is present in the file system.
virtual bool IsPublicKeyPresent() = 0;
protected:
virtual ~OwnerKeyUtil() {}
private:
friend class base::RefCountedThreadSafe<OwnerKeyUtil>;
};
} // namespace ownership
#endif // COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_