login_manager/policy_key.h - mirrors/cros/chromiumos/platform2 - Git at Google

 // Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef LOGIN_MANAGER_POLICY_KEY_H_
 #define LOGIN_MANAGER_POLICY_KEY_H_

 #include <stdint.h>

 #include <string>
 #include <vector>

 #include <base/files/file_path.h>
 #include <base/macros.h>
 #include <base/memory/scoped_ptr.h>

 namespace crypto {
 class RSAPrivateKey;
 }  // namespace crypto

 namespace login_manager {
 class ChildJobInterface;
 class NssUtil;
 class SessionManagerService;
 class SystemUtils;

 // This class holds the device owner's public key.
 //
 // If there is an owner key on disk, we will load that key, and deny
 // attempts to set a new key programmatically.  If there is no key
 // present, we will allow the owner's key to be set programmatically,
 // and will persist it to disk upon request.  Attempts to set the key
 // before on-disk storage has been checked will be denied.
 class PolicyKey {
  public:
   PolicyKey(const base::FilePath& key_file, NssUtil* nss);
   virtual ~PolicyKey();

   virtual bool Equals(const std::string& key_der) const;
   virtual bool VEquals(const std::vector<uint8_t>& key_der) const;
   virtual bool HaveCheckedDisk() const;
   virtual bool IsPopulated() const;

   // If |key_file_| exists, populate the object with the contents of the file.
   // If the file isn't there, that's ok.
   // Will return false if the file exists and there are errors reading it.
   // If this returns true, call IsPopulated() to tell whether or not data was
   // loaded off of disk.
   virtual bool PopulateFromDiskIfPossible();

   // Load key material from |public_key_der|.
   // We will _deny_ such an attempt if we have not yet checked disk for a key,
   // or if we have already successfully loaded a key from disk.
   virtual bool PopulateFromBuffer(const std::vector<uint8_t>& public_key_der);

   // Load key material from |pair|.
   // We will _deny_ such an attempt if we have not yet checked disk for a key,
   // or if we have already successfully loaded a key from disk.
   virtual bool PopulateFromKeypair(crypto::RSAPrivateKey* pair);

   // Persist |key_| to disk, at |key_file_|.
   // Calling this method before checking for a key on disk is an error.
   // Returns false if |key_file_| already exists, or if there's an error while
   // writing data.
   virtual bool Persist();

   // Load key material from |public_key_der|, as long as |sig| is a valid
   // signature over |public_key_der| with |key_|.
   // We will _deny_ such an attempt if we do not have a key loaded.
   // If you're trying to set a key for the first time, use PopulateFromBuffer()
   virtual bool Rotate(const std::vector<uint8_t>& public_key_der,
                       const std::vector<uint8_t>& signature);

   // THIS IS ONLY INTENDED TO BE USED WHEN THE CURRENTLY REGISTERED KEY HAS BEEN
   // COMPROMISED OR LOST AND WE ARE RECOVERING.
   // Load key material from |public_key_der| into key_.
   virtual bool ClobberCompromisedKey(
       const std::vector<uint8_t>& public_key_der);

   // Verify that |signature| is a valid sha1 w/ RSA signature over the data in
   // |data| with |key_|.
   // Returns false if the sig is invalid, or there's an error.
   virtual bool Verify(const uint8_t* data,
                       uint32_t data_len,
                       const uint8_t* signature,
                       uint32_t sig_len);

   // Returned reference will be empty if we haven't populated |key_| yet.
   virtual const std::vector<uint8_t>& public_key_der() const { return key_; }

  private:
   static const uint8_t kAlgorithm[];

   const base::FilePath key_file_;
   bool have_checked_disk_;
   bool have_replaced_;
   std::vector<uint8_t> key_;
   NssUtil* nss_;
   scoped_ptr<SystemUtils> utils_;

   DISALLOW_COPY_AND_ASSIGN(PolicyKey);
 };
 }  // namespace login_manager

 #endif  // LOGIN_MANAGER_POLICY_KEY_H_
	// Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef LOGIN_MANAGER_POLICY_KEY_H_
	#define LOGIN_MANAGER_POLICY_KEY_H_

	#include <stdint.h>

	#include <string>
	#include <vector>

	#include <base/files/file_path.h>
	#include <base/macros.h>
	#include <base/memory/scoped_ptr.h>

	namespace crypto {
	class RSAPrivateKey;
	} // namespace crypto

	namespace login_manager {
	class ChildJobInterface;
	class NssUtil;
	class SessionManagerService;
	class SystemUtils;

	// This class holds the device owner's public key.
	//
	// If there is an owner key on disk, we will load that key, and deny
	// attempts to set a new key programmatically. If there is no key
	// present, we will allow the owner's key to be set programmatically,
	// and will persist it to disk upon request. Attempts to set the key
	// before on-disk storage has been checked will be denied.
	class PolicyKey {
	public:
	PolicyKey(const base::FilePath& key_file, NssUtil* nss);
	virtual ~PolicyKey();

	virtual bool Equals(const std::string& key_der) const;
	virtual bool VEquals(const std::vector<uint8_t>& key_der) const;
	virtual bool HaveCheckedDisk() const;
	virtual bool IsPopulated() const;

	// If \|key_file_\| exists, populate the object with the contents of the file.
	// If the file isn't there, that's ok.
	// Will return false if the file exists and there are errors reading it.
	// If this returns true, call IsPopulated() to tell whether or not data was
	// loaded off of disk.
	virtual bool PopulateFromDiskIfPossible();

	// Load key material from \|public_key_der\|.
	// We will _deny_ such an attempt if we have not yet checked disk for a key,
	// or if we have already successfully loaded a key from disk.
	virtual bool PopulateFromBuffer(const std::vector<uint8_t>& public_key_der);

	// Load key material from \|pair\|.
	// We will _deny_ such an attempt if we have not yet checked disk for a key,
	// or if we have already successfully loaded a key from disk.
	virtual bool PopulateFromKeypair(crypto::RSAPrivateKey* pair);

	// Persist \|key_\| to disk, at \|key_file_\|.
	// Calling this method before checking for a key on disk is an error.
	// Returns false if \|key_file_\| already exists, or if there's an error while
	// writing data.
	virtual bool Persist();

	// Load key material from \|public_key_der\|, as long as \|sig\| is a valid
	// signature over \|public_key_der\| with \|key_\|.
	// We will _deny_ such an attempt if we do not have a key loaded.
	// If you're trying to set a key for the first time, use PopulateFromBuffer()
	virtual bool Rotate(const std::vector<uint8_t>& public_key_der,
	const std::vector<uint8_t>& signature);

	// THIS IS ONLY INTENDED TO BE USED WHEN THE CURRENTLY REGISTERED KEY HAS BEEN
	// COMPROMISED OR LOST AND WE ARE RECOVERING.
	// Load key material from \|public_key_der\| into key_.
	virtual bool ClobberCompromisedKey(
	const std::vector<uint8_t>& public_key_der);

	// Verify that \|signature\| is a valid sha1 w/ RSA signature over the data in
	// \|data\| with \|key_\|.
	// Returns false if the sig is invalid, or there's an error.
	virtual bool Verify(const uint8_t* data,
	uint32_t data_len,
	const uint8_t* signature,
	uint32_t sig_len);

	// Returned reference will be empty if we haven't populated \|key_\| yet.
	virtual const std::vector<uint8_t>& public_key_der() const { return key_; }

	private:
	static const uint8_t kAlgorithm[];

	const base::FilePath key_file_;
	bool have_checked_disk_;
	bool have_replaced_;
	std::vector<uint8_t> key_;
	NssUtil* nss_;
	scoped_ptr<SystemUtils> utils_;

	DISALLOW_COPY_AND_ASSIGN(PolicyKey);
	};
	} // namespace login_manager

	#endif // LOGIN_MANAGER_POLICY_KEY_H_