diff options
Diffstat (limited to 'components/ownership')
-rw-r--r-- | components/ownership/BUILD.gn | 43 | ||||
-rw-r--r-- | components/ownership/DEPS | 3 | ||||
-rw-r--r-- | components/ownership/OWNERS | 1 | ||||
-rw-r--r-- | components/ownership/mock_owner_key_util.cc | 54 | ||||
-rw-r--r-- | components/ownership/mock_owner_key_util.h | 58 | ||||
-rw-r--r-- | components/ownership/owner_key_util.cc | 29 | ||||
-rw-r--r-- | components/ownership/owner_key_util.h | 105 | ||||
-rw-r--r-- | components/ownership/owner_key_util_impl.cc | 65 | ||||
-rw-r--r-- | components/ownership/owner_key_util_impl.h | 42 | ||||
-rw-r--r-- | components/ownership/owner_key_util_impl_unittest.cc | 99 | ||||
-rw-r--r-- | components/ownership/ownership_export.h | 34 |
11 files changed, 533 insertions, 0 deletions
diff --git a/components/ownership/BUILD.gn b/components/ownership/BUILD.gn new file mode 100644 index 0000000..b63ca1b --- /dev/null +++ b/components/ownership/BUILD.gn @@ -0,0 +1,43 @@ +# Copyright 2014 The Chromium Authors. All rights reserved. +# Use of this source code is governed by a BSD-style license that can be +# found in the LICENSE file. + +component("ownership") { + sources = [ + "owner_key_util.cc", + "owner_key_util.h", + "owner_key_util_impl.cc", + "owner_key_util_impl.h", + ] + + defines = [ + "OWNERSHIP_IMPLEMENTATION" + ] + + deps = [ + "//base", + "//crypto", + ] +} + +component("test_support") { + sources = [ + "mock_owner_key_util.cc", + "mock_owner_key_util.h", + ] + + deps = [ + ":ownership", + "//base", + "//crypto", + ] +} + +source_set("unit_tests") { + sources = ["owner_key_util_unittest.cc"] + + deps = [ + ":ownership", + "//testing/gtest", + ] +} diff --git a/components/ownership/DEPS b/components/ownership/DEPS new file mode 100644 index 0000000..bc55362 --- /dev/null +++ b/components/ownership/DEPS @@ -0,0 +1,3 @@ +include_rules = [ +"+crypto", +] diff --git a/components/ownership/OWNERS b/components/ownership/OWNERS new file mode 100644 index 0000000..7938295 --- /dev/null +++ b/components/ownership/OWNERS @@ -0,0 +1 @@ +ygorshenin@chromium.org diff --git a/components/ownership/mock_owner_key_util.cc b/components/ownership/mock_owner_key_util.cc new file mode 100644 index 0000000..495f993 --- /dev/null +++ b/components/ownership/mock_owner_key_util.cc @@ -0,0 +1,54 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "components/ownership/mock_owner_key_util.h" + +#include "base/files/file_path.h" +#include "crypto/rsa_private_key.h" + +namespace ownership { + +MockOwnerKeyUtil::MockOwnerKeyUtil() { +} + +MockOwnerKeyUtil::~MockOwnerKeyUtil() { +} + +bool MockOwnerKeyUtil::ImportPublicKey(std::vector<uint8>* output) { + *output = public_key_; + return !public_key_.empty(); +} + +#if defined(USE_NSS) +crypto::RSAPrivateKey* MockOwnerKeyUtil::FindPrivateKeyInSlot( + const std::vector<uint8>& key, + PK11SlotInfo* slot) { + return private_key_.get() ? private_key_->Copy() : NULL; +} +#endif // defined(USE_NSS) + +bool MockOwnerKeyUtil::IsPublicKeyPresent() { + return !public_key_.empty(); +} + +void MockOwnerKeyUtil::Clear() { + public_key_.clear(); + private_key_.reset(); +} + +void MockOwnerKeyUtil::SetPublicKey(const std::vector<uint8>& key) { + public_key_ = key; +} + +void MockOwnerKeyUtil::SetPublicKeyFromPrivateKey( + const crypto::RSAPrivateKey& key) { + key.ExportPublicKey(&public_key_); +} + +void MockOwnerKeyUtil::SetPrivateKey(scoped_ptr<crypto::RSAPrivateKey> key) { + private_key_ = key.Pass(); + private_key_->ExportPublicKey(&public_key_); +} + +} // namespace ownership diff --git a/components/ownership/mock_owner_key_util.h b/components/ownership/mock_owner_key_util.h new file mode 100644 index 0000000..821f075 --- /dev/null +++ b/components/ownership/mock_owner_key_util.h @@ -0,0 +1,58 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef COMPONENTS_OWNERSHIP_MOCK_OWNER_KEY_UTIL_H_ +#define COMPONENTS_OWNERSHIP_MOCK_OWNER_KEY_UTIL_H_ + +#include <vector> + +#include "base/basictypes.h" +#include "base/compiler_specific.h" +#include "base/files/file_path.h" +#include "base/memory/scoped_ptr.h" +#include "components/ownership/owner_key_util.h" +#include "components/ownership/ownership_export.h" + +namespace ownership { + +// Implementation of OwnerKeyUtil which should be used only for +// testing. +class OWNERSHIP_EXPORT MockOwnerKeyUtil : public OwnerKeyUtil { + public: + MockOwnerKeyUtil(); + + // OwnerKeyUtil implementation: + virtual bool ImportPublicKey(std::vector<uint8>* output) OVERRIDE; +#if defined(USE_NSS) + virtual crypto::RSAPrivateKey* FindPrivateKeyInSlot( + const std::vector<uint8>& key, + PK11SlotInfo* slot) OVERRIDE; +#endif // defined(USE_NSS) + virtual bool IsPublicKeyPresent() OVERRIDE; + + // Clears the public and private keys. + void Clear(); + + // Configures the mock to return the given public key. + void SetPublicKey(const std::vector<uint8>& key); + + // Sets the public key to use from the given private key, but doesn't + // configure the private key. + void SetPublicKeyFromPrivateKey(const crypto::RSAPrivateKey& key); + + // Sets the private key (also configures the public key). + void SetPrivateKey(scoped_ptr<crypto::RSAPrivateKey> key); + + private: + virtual ~MockOwnerKeyUtil(); + + std::vector<uint8> public_key_; + scoped_ptr<crypto::RSAPrivateKey> private_key_; + + DISALLOW_COPY_AND_ASSIGN(MockOwnerKeyUtil); +}; + +} // namespace ownership + +#endif // COMPONENTS_OWNERSHIP_MOCK_OWNER_KEY_UTIL_H_ diff --git a/components/ownership/owner_key_util.cc b/components/ownership/owner_key_util.cc new file mode 100644 index 0000000..eb2cb62 --- /dev/null +++ b/components/ownership/owner_key_util.cc @@ -0,0 +1,29 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "components/ownership/owner_key_util.h" + +#include "crypto/rsa_private_key.h" + +namespace ownership { + +/////////////////////////////////////////////////////////////////////////// +// PublicKey + +PublicKey::PublicKey() { +} + +PublicKey::~PublicKey() { +} + +/////////////////////////////////////////////////////////////////////////// +// PrivateKey + +PrivateKey::PrivateKey(crypto::RSAPrivateKey* key) : key_(key) { +} + +PrivateKey::~PrivateKey() { +} + +} // namespace ownership diff --git a/components/ownership/owner_key_util.h b/components/ownership/owner_key_util.h new file mode 100644 index 0000000..7e2f15e --- /dev/null +++ b/components/ownership/owner_key_util.h @@ -0,0 +1,105 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_ +#define COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_ + +#include <string> +#include <vector> + +#include "base/basictypes.h" +#include "base/macros.h" +#include "base/memory/ref_counted.h" +#include "base/memory/scoped_ptr.h" +#include "base/stl_util.h" +#include "components/ownership/ownership_export.h" + +#if defined(USE_NSS) +struct PK11SlotInfoStr; +typedef struct PK11SlotInfoStr PK11SlotInfo; +#endif // defined(USE_NSS) + +namespace crypto { +class RSAPrivateKey; +} + +namespace ownership { + +class OwnerKeyUtilTest; + +// This class is a ref-counted wrapper around a plain public key. +class OWNERSHIP_EXPORT PublicKey + : public base::RefCountedThreadSafe<PublicKey> { + public: + PublicKey(); + + std::vector<uint8>& data() { return data_; } + + bool is_loaded() const { return !data_.empty(); } + + std::string as_string() { + return std::string(reinterpret_cast<const char*>(vector_as_array(&data_)), + data_.size()); + } + + private: + friend class base::RefCountedThreadSafe<PublicKey>; + + virtual ~PublicKey(); + + std::vector<uint8> data_; + + DISALLOW_COPY_AND_ASSIGN(PublicKey); +}; + +// This class is a ref-counted wrapper around a crypto::RSAPrivateKey +// instance. +class OWNERSHIP_EXPORT PrivateKey + : public base::RefCountedThreadSafe<PrivateKey> { + public: + explicit PrivateKey(crypto::RSAPrivateKey* key); + + crypto::RSAPrivateKey* key() { return key_.get(); } + + private: + friend class base::RefCountedThreadSafe<PrivateKey>; + + virtual ~PrivateKey(); + + scoped_ptr<crypto::RSAPrivateKey> key_; + + DISALLOW_COPY_AND_ASSIGN(PrivateKey); +}; + +// This class is a helper class that allows to import public/private +// parts of the owner key. +class OWNERSHIP_EXPORT OwnerKeyUtil + : public base::RefCountedThreadSafe<OwnerKeyUtil> { + public: + // Attempts to read the public key from the file system. Upon success, + // returns true and populates |output|. False on failure. + virtual bool ImportPublicKey(std::vector<uint8>* output) = 0; + +#if defined(USE_NSS) + // Looks for the private key associated with |key| in the |slot| + // and returns it if it can be found. Returns NULL otherwise. + // Caller takes ownership. + virtual crypto::RSAPrivateKey* FindPrivateKeyInSlot( + const std::vector<uint8>& key, + PK11SlotInfo* slot) = 0; +#endif // defined(USE_NSS) + + // Checks whether the public key is present in the file system. + virtual bool IsPublicKeyPresent() = 0; + + protected: + virtual ~OwnerKeyUtil() {} + + private: + friend class base::RefCountedThreadSafe<OwnerKeyUtil>; +}; + +} // namespace ownership + +#endif // COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_H_ diff --git a/components/ownership/owner_key_util_impl.cc b/components/ownership/owner_key_util_impl.cc new file mode 100644 index 0000000..7f21b5f --- /dev/null +++ b/components/ownership/owner_key_util_impl.cc @@ -0,0 +1,65 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "components/ownership/owner_key_util_impl.h" + +#include <limits> + +#include "base/file_util.h" +#include "base/logging.h" +#include "crypto/rsa_private_key.h" + +namespace ownership { + +OwnerKeyUtilImpl::OwnerKeyUtilImpl(const base::FilePath& public_key_file) + : public_key_file_(public_key_file) { +} + +OwnerKeyUtilImpl::~OwnerKeyUtilImpl() { +} + +bool OwnerKeyUtilImpl::ImportPublicKey(std::vector<uint8>* output) { + // Get the file size (must fit in a 32 bit int for NSS). + int64 file_size; + if (!base::GetFileSize(public_key_file_, &file_size)) { +#if defined(OS_CHROMEOS) + LOG(ERROR) << "Could not get size of " << public_key_file_.value(); +#endif // defined(OS_CHROMEOS) + return false; + } + if (file_size > static_cast<int64>(std::numeric_limits<int>::max())) { + LOG(ERROR) << public_key_file_.value() << "is " << file_size + << "bytes!!! Too big!"; + return false; + } + int32 safe_file_size = static_cast<int32>(file_size); + + output->resize(safe_file_size); + + if (safe_file_size == 0) { + LOG(WARNING) << "Public key file is empty. This seems wrong."; + return false; + } + + // Get the key data off of disk + int data_read = + base::ReadFile(public_key_file_, + reinterpret_cast<char*>(vector_as_array(output)), + safe_file_size); + return data_read == safe_file_size; +} + +#if defined(USE_NSS) +crypto::RSAPrivateKey* OwnerKeyUtilImpl::FindPrivateKeyInSlot( + const std::vector<uint8>& key, + PK11SlotInfo* slot) { + return crypto::RSAPrivateKey::FindFromPublicKeyInfoInSlot(key, slot); +} +#endif // defined(USE_NSS) + +bool OwnerKeyUtilImpl::IsPublicKeyPresent() { + return base::PathExists(public_key_file_); +} + +} // namespace ownership diff --git a/components/ownership/owner_key_util_impl.h b/components/ownership/owner_key_util_impl.h new file mode 100644 index 0000000..279e57fa --- /dev/null +++ b/components/ownership/owner_key_util_impl.h @@ -0,0 +1,42 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_IMPL_H_ +#define COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_IMPL_H_ + +#include "base/compiler_specific.h" +#include "base/files/file_path.h" +#include "base/macros.h" +#include "components/ownership/owner_key_util.h" +#include "components/ownership/ownership_export.h" + +namespace ownership { + +// Implementation of OwnerKeyUtil which imports public part of the +// owner key from a filesystem. +class OWNERSHIP_EXPORT OwnerKeyUtilImpl : public OwnerKeyUtil { + public: + explicit OwnerKeyUtilImpl(const base::FilePath& public_key_file); + + // OwnerKeyUtil implementation: + virtual bool ImportPublicKey(std::vector<uint8>* output) OVERRIDE; +#if defined(USE_NSS) + virtual crypto::RSAPrivateKey* FindPrivateKeyInSlot( + const std::vector<uint8>& key, + PK11SlotInfo* slot) OVERRIDE; +#endif // defined(USE_NSS) + virtual bool IsPublicKeyPresent() OVERRIDE; + + private: + virtual ~OwnerKeyUtilImpl(); + + // The file that holds the public key. + base::FilePath public_key_file_; + + DISALLOW_COPY_AND_ASSIGN(OwnerKeyUtilImpl); +}; + +} // namespace ownership + +#endif // COMPONENTS_OWNERSHIP_OWNER_KEY_UTIL_IMPL_H_ diff --git a/components/ownership/owner_key_util_impl_unittest.cc b/components/ownership/owner_key_util_impl_unittest.cc new file mode 100644 index 0000000..f434ee4 --- /dev/null +++ b/components/ownership/owner_key_util_impl_unittest.cc @@ -0,0 +1,99 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "components/ownership/owner_key_util_impl.h" + +#include <string> +#include <vector> + +#include "base/basictypes.h" +#include "base/files/file_path.h" +#include "base/files/file_util.h" +#include "base/files/scoped_temp_dir.h" +#include "base/memory/ref_counted.h" +#include "base/stl_util.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace ownership { + +// 2048-bit RSA public key for testing. +const uint8 kTestKeyData[] = { + 0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, + 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00, + 0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01, 0x00, 0xe8, 0x39, 0x11, + 0xd0, 0x98, 0x52, 0x4f, 0xf7, 0x18, 0xd1, 0xbf, 0x98, 0x06, 0xae, 0x7a, + 0x7c, 0xd7, 0x6f, 0x02, 0x54, 0x37, 0x4e, 0xcd, 0xa6, 0x27, 0x8e, 0xf7, + 0x82, 0x1d, 0xde, 0x3d, 0xf5, 0x6b, 0xa4, 0xe5, 0x6b, 0x0c, 0xf0, 0x39, + 0xe5, 0xd9, 0x53, 0xe7, 0x6b, 0x6d, 0xa1, 0xc7, 0xdf, 0x92, 0xb7, 0xb0, + 0x14, 0x4d, 0x4e, 0x7d, 0x27, 0xd4, 0xf7, 0x35, 0xae, 0xc7, 0x3d, 0x13, + 0x74, 0x23, 0x8c, 0xda, 0xf1, 0x94, 0xbb, 0x2e, 0x06, 0x0d, 0x55, 0xe2, + 0x29, 0xf1, 0xfb, 0x4a, 0x2a, 0xb2, 0x40, 0x62, 0x59, 0x21, 0x39, 0xf9, + 0xd2, 0x1e, 0x12, 0xe1, 0x33, 0xab, 0x7e, 0xa9, 0x23, 0x06, 0x1b, 0x03, + 0x90, 0xbd, 0x60, 0x30, 0x0c, 0xda, 0x7f, 0x99, 0x6c, 0xd7, 0xd4, 0xe9, + 0xc9, 0xe6, 0xea, 0x7b, 0x47, 0x4c, 0x53, 0xe1, 0xe9, 0x62, 0xe4, 0xa4, + 0x6c, 0xbc, 0xa2, 0xe0, 0xbe, 0xf3, 0xe5, 0x5e, 0x19, 0xe0, 0x94, 0xd3, + 0x01, 0x97, 0x2a, 0x8d, 0x21, 0x2f, 0xa7, 0xc5, 0x74, 0xa9, 0xd0, 0x23, + 0x9e, 0x9a, 0x87, 0x68, 0xe5, 0x96, 0x51, 0xb1, 0xe2, 0x06, 0xa5, 0xe0, + 0xaa, 0x73, 0xf3, 0xeb, 0xaf, 0x8c, 0xaf, 0xb2, 0x34, 0x8a, 0x44, 0xec, + 0x5e, 0x84, 0x5f, 0x8c, 0xa4, 0x90, 0xf7, 0x89, 0xf4, 0xc1, 0x73, 0x93, + 0x08, 0x7e, 0x1a, 0x16, 0x65, 0x44, 0xff, 0x2d, 0x4e, 0x62, 0xbf, 0x32, + 0x81, 0xec, 0xcf, 0xc1, 0xac, 0x3e, 0x0b, 0xd4, 0xc1, 0xe1, 0x7d, 0x15, + 0x09, 0xd7, 0xd8, 0xe8, 0xba, 0x3e, 0x76, 0xb2, 0x3f, 0x1d, 0x31, 0x5b, + 0x20, 0x6e, 0xe1, 0x73, 0xc5, 0x58, 0x46, 0xf5, 0x24, 0xdc, 0xe7, 0x95, + 0xb4, 0xf0, 0x27, 0x4b, 0x15, 0x18, 0x5c, 0x95, 0xfe, 0x21, 0x04, 0x68, + 0xe7, 0xde, 0x16, 0x66, 0x60, 0xd7, 0xda, 0xc5, 0x5b, 0xda, 0x0f, 0xfa, + 0x41, 0x02, 0x03, 0x01, 0x00, 0x01, +}; + +class OwnerKeyUtilImplTest : public testing::Test { + protected: + OwnerKeyUtilImplTest() {} + virtual ~OwnerKeyUtilImplTest() {} + + virtual void SetUp() OVERRIDE { + ASSERT_TRUE(tmpdir_.CreateUniqueTempDir()); + key_file_ = tmpdir_.path().Append(FILE_PATH_LITERAL("key")); + util_ = new OwnerKeyUtilImpl(key_file_); + } + + base::ScopedTempDir tmpdir_; + base::FilePath key_file_; + scoped_refptr<OwnerKeyUtil> util_; + + private: + DISALLOW_COPY_AND_ASSIGN(OwnerKeyUtilImplTest); +}; + +TEST_F(OwnerKeyUtilImplTest, ImportPublicKey) { + // Export public key, so that we can compare it to the one we get off disk. + std::vector<uint8> public_key(kTestKeyData, + kTestKeyData + sizeof(kTestKeyData)); + ASSERT_EQ(static_cast<int>(public_key.size()), + base::WriteFile( + key_file_, + reinterpret_cast<const char*>(vector_as_array(&public_key)), + public_key.size())); + EXPECT_TRUE(util_->IsPublicKeyPresent()); + + std::vector<uint8> from_disk; + EXPECT_TRUE(util_->ImportPublicKey(&from_disk)); + + EXPECT_EQ(public_key, from_disk); +} + +TEST_F(OwnerKeyUtilImplTest, ImportPublicKeyFailed) { + // First test the case where the file is missing which should fail. + EXPECT_FALSE(util_->IsPublicKeyPresent()); + std::vector<uint8> from_disk; + EXPECT_FALSE(util_->ImportPublicKey(&from_disk)); + + // Next try empty file. This should fail and the array should be empty. + from_disk.resize(10); + ASSERT_EQ(0, base::WriteFile(key_file_, "", 0)); + EXPECT_TRUE(util_->IsPublicKeyPresent()); + EXPECT_FALSE(util_->ImportPublicKey(&from_disk)); + EXPECT_FALSE(from_disk.size()); +} + +} // namespace ownership diff --git a/components/ownership/ownership_export.h b/components/ownership/ownership_export.h new file mode 100644 index 0000000..744d348 --- /dev/null +++ b/components/ownership/ownership_export.h @@ -0,0 +1,34 @@ +// Copyright 2014 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef COMPONENTS_OWNERSHIP_OWNERSHIP_EXPORT_H_ +#define COMPONENTS_OWNERSHIP_OWNERSHIP_EXPORT_H_ + +#if defined(COMPONENT_BUILD) + +#if defined(WIN32) + +#if defined(OWNERSHIP_IMPLEMENTATION) +#define OWNERSHIP_EXPORT __declspec(dllexport) +#else +#define OWNERSHIP_EXPORT __declspec(dllimport) +#endif // defined(OWNERSHIP_IMPLEMENTATION) + +#else // defined(WIN32) + +#if defined(OWNERSHIP_IMPLEMENTATION) +#define OWNERSHIP_EXPORT __attribute__((visibility("default"))) +#else +#define OWNERSHIP_EXPORT +#endif // defined(OWNERSHIP_IMPLEMENTATION) + +#endif // defined(WIN32) + +#else // defined(COMPONENT_BUILD) + +#define OWNERSHIP_EXPORT + +#endif + +#endif // COMPONENTS_OWNERSHIP_OWNERSHIP_EXPORT_H_ |