chrome/browser/chromeos/platform_keys/platform_keys_service.h - platform/external/chromium_org - Git at Google

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_
 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_

 #include <string>

 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/memory/weak_ptr.h"
 #include "chrome/browser/chromeos/platform_keys/platform_keys.h"
 #include "components/keyed_service/core/keyed_service.h"

 namespace content {
 class BrowserContext;
 }

 namespace base {
 class ListValue;
 class Value;
 }

 namespace extensions {
 class StateStore;
 }

 namespace chromeos {

 class PlatformKeysService : public KeyedService {
  public:
   // Stores registration information in |state_store|, i.e. for each extension
   // the list of public keys that are valid to be used for signing. Each key can
   // be used for signing at most once.
   // The format written to |state_store| is:
   //   kStateStorePlatformKeys maps to a list of strings.
   //   Each string is the base64 encoding of the DER representation of a public
   //   key's SPKI.
   explicit PlatformKeysService(content::BrowserContext* browser_context,
                                extensions::StateStore* state_store);
   virtual ~PlatformKeysService();

   // If the generation was successful, |public_key_spki_der| will contain the
   // DER encoding of the SubjectPublicKeyInfo of the generated key and
   // |error_message| will be empty. If it failed, |public_key_spki_der| will be
   // empty and |error_message| contain an error message.
   typedef base::Callback<void(const std::string& public_key_spki_der,
                               const std::string& error_message)>
       GenerateKeyCallback;

   // Generates a RSA key pair with |modulus_length_bits| and registers the key
   // to allow a single sign operation by the given extension. |token_id| is
   // currently ignored, instead the user token associated with |browser_context|
   // is always used. |callback| will be invoked with the resulting public key or
   // an error.
   // Will only call back during the lifetime of this object.
   void GenerateRSAKey(const std::string& token_id,
                       unsigned int modulus_length_bits,
                       const std::string& extension_id,
                       const GenerateKeyCallback& callback);

   // If signing was successful, |signature| will be contain the signature and
   // |error_message| will be empty. If it failed, |signature| will be empty and
   // |error_message| contain an error message.
   typedef base::Callback<void(const std::string& signature,
                               const std::string& error_message)> SignCallback;

   // Digests |data| with |hash_algorithm| and afterwards signs the digest with
   // the private key matching |public_key_spki_der|, if that key is stored in
   // the given token and wasn't used for signing before.
   // Unregisters the key so that every future attempt to sign data with this key
   // is rejected. |token_id| is currently ignored, instead the user token
   // associated with |browser_context| is always used. |public_key_spki_der|
   // must be the DER encoding of a SubjectPublicKeyInfo. |callback| will be
   // invoked with the signature or an error message. Currently supports RSA keys
   // only.
   // Will only call back during the lifetime of this object.
   void Sign(const std::string& token_id,
             const std::string& public_key_spki_der,
             platform_keys::HashAlgorithm hash_algorithm,
             const std::string& data,
             const std::string& extension_id,
             const SignCallback& callback);

  private:
   typedef base::Callback<void(scoped_ptr<base::ListValue> platform_keys)>
       GetPlatformKeysCallback;

   // Registers the given public key as newly generated key, which is allowed to
   // be used for signing for a single time. Afterwards, calls |callback|. If
   // registration was successful, passes |true| otherwise |false| to the
   // callback.
   void RegisterPublicKey(const std::string& extension_id,
                          const std::string& public_key_spki_der,
                          const base::Callback<void(bool)>& callback);

   // Gets the current validity of the given public key by reading StateStore.
   // Invalidates the key if it was found to be valid. Finally, calls |callback|
   // with the old validity.
   void ReadValidityAndInvalidateKey(const std::string& extension_id,
                                     const std::string& public_key_spki_der,
                                     const base::Callback<void(bool)>& callback);

   // Reads the list of public keys currently registered for |extension_id| from
   // StateStore. Calls |callback| with the read list, or a new empty list if
   // none existed. If an error occurred, calls |callback| with NULL.
   void GetPlatformKeysOfExtension(const std::string& extension_id,
                                   const GetPlatformKeysCallback& callback);

   // Callback used by |GenerateRSAKey|.
   // If the key generation was successful, registers the generated public key
   // for the given extension. If any error occurs during key generation or
   // registration, calls |callback| with an error. Otherwise, on success, calls
   // |callback| with the public key.
   void GenerateRSAKeyCallback(const std::string& extension_id,
                               const GenerateKeyCallback& callback,
                               const std::string& public_key_spki_der,
                               const std::string& error_message);

   // Callback used by |RegisterPublicKey|.
   // Updates the old |platform_keys| read from the StateStore and writes the
   // updated value back to the StateStore.
   void RegisterPublicKeyGotPlatformKeys(
       const std::string& extension_id,
       const std::string& public_key_spki_der,
       const base::Callback<void(bool)>& callback,
       scoped_ptr<base::ListValue> platform_keys);

   // Callback used by |ReadValidityAndInvalidateKey|.
   // Invalidates the given public key so that future signing is prohibited and
   // calls |callback| with the old validity.
   void InvalidateKey(const std::string& extension_id,
                      const std::string& public_key_spki_der,
                      const base::Callback<void(bool)>& callback,
                      scoped_ptr<base::ListValue> platform_keys);

   // Callback used by |GetPlatformKeysOfExtension|.
   // Is called with |value| set to the PlatformKeys value read from the
   // StateStore, which it forwards to |callback|. On error, calls |callback|
   // with NULL; if no value existed, with an empty list.
   void GotPlatformKeysOfExtension(const std::string& extension_id,
                                   const GetPlatformKeysCallback& callback,
                                   scoped_ptr<base::Value> value);

   content::BrowserContext* browser_context_;
   extensions::StateStore* state_store_;
   base::WeakPtrFactory<PlatformKeysService> weak_factory_;

   DISALLOW_COPY_AND_ASSIGN(PlatformKeysService);
 };

 }  // namespace chromeos

 #endif  // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_
	// Copyright 2014 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_
	#define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_

	#include <string>

	#include "base/callback_forward.h"
	#include "base/macros.h"
	#include "base/memory/scoped_ptr.h"
	#include "base/memory/weak_ptr.h"
	#include "chrome/browser/chromeos/platform_keys/platform_keys.h"
	#include "components/keyed_service/core/keyed_service.h"

	namespace content {
	class BrowserContext;
	}

	namespace base {
	class ListValue;
	class Value;
	}

	namespace extensions {
	class StateStore;
	}

	namespace chromeos {

	class PlatformKeysService : public KeyedService {
	public:
	// Stores registration information in \|state_store\|, i.e. for each extension
	// the list of public keys that are valid to be used for signing. Each key can
	// be used for signing at most once.
	// The format written to \|state_store\| is:
	// kStateStorePlatformKeys maps to a list of strings.
	// Each string is the base64 encoding of the DER representation of a public
	// key's SPKI.
	explicit PlatformKeysService(content::BrowserContext* browser_context,
	extensions::StateStore* state_store);
	virtual ~PlatformKeysService();

	// If the generation was successful, \|public_key_spki_der\| will contain the
	// DER encoding of the SubjectPublicKeyInfo of the generated key and
	// \|error_message\| will be empty. If it failed, \|public_key_spki_der\| will be
	// empty and \|error_message\| contain an error message.
	typedef base::Callback<void(const std::string& public_key_spki_der,
	const std::string& error_message)>
	GenerateKeyCallback;

	// Generates a RSA key pair with \|modulus_length_bits\| and registers the key
	// to allow a single sign operation by the given extension. \|token_id\| is
	// currently ignored, instead the user token associated with \|browser_context\|
	// is always used. \|callback\| will be invoked with the resulting public key or
	// an error.
	// Will only call back during the lifetime of this object.
	void GenerateRSAKey(const std::string& token_id,
	unsigned int modulus_length_bits,
	const std::string& extension_id,
	const GenerateKeyCallback& callback);

	// If signing was successful, \|signature\| will be contain the signature and
	// \|error_message\| will be empty. If it failed, \|signature\| will be empty and
	// \|error_message\| contain an error message.
	typedef base::Callback<void(const std::string& signature,
	const std::string& error_message)> SignCallback;

	// Digests \|data\| with \|hash_algorithm\| and afterwards signs the digest with
	// the private key matching \|public_key_spki_der\|, if that key is stored in
	// the given token and wasn't used for signing before.
	// Unregisters the key so that every future attempt to sign data with this key
	// is rejected. \|token_id\| is currently ignored, instead the user token
	// associated with \|browser_context\| is always used. \|public_key_spki_der\|
	// must be the DER encoding of a SubjectPublicKeyInfo. \|callback\| will be
	// invoked with the signature or an error message. Currently supports RSA keys
	// only.
	// Will only call back during the lifetime of this object.
	void Sign(const std::string& token_id,
	const std::string& public_key_spki_der,
	platform_keys::HashAlgorithm hash_algorithm,
	const std::string& data,
	const std::string& extension_id,
	const SignCallback& callback);

	private:
	typedef base::Callback<void(scoped_ptr<base::ListValue> platform_keys)>
	GetPlatformKeysCallback;

	// Registers the given public key as newly generated key, which is allowed to
	// be used for signing for a single time. Afterwards, calls \|callback\|. If
	// registration was successful, passes \|true\| otherwise \|false\| to the
	// callback.
	void RegisterPublicKey(const std::string& extension_id,
	const std::string& public_key_spki_der,
	const base::Callback<void(bool)>& callback);

	// Gets the current validity of the given public key by reading StateStore.
	// Invalidates the key if it was found to be valid. Finally, calls \|callback\|
	// with the old validity.
	void ReadValidityAndInvalidateKey(const std::string& extension_id,
	const std::string& public_key_spki_der,
	const base::Callback<void(bool)>& callback);

	// Reads the list of public keys currently registered for \|extension_id\| from
	// StateStore. Calls \|callback\| with the read list, or a new empty list if
	// none existed. If an error occurred, calls \|callback\| with NULL.
	void GetPlatformKeysOfExtension(const std::string& extension_id,
	const GetPlatformKeysCallback& callback);

	// Callback used by \|GenerateRSAKey\|.
	// If the key generation was successful, registers the generated public key
	// for the given extension. If any error occurs during key generation or
	// registration, calls \|callback\| with an error. Otherwise, on success, calls
	// \|callback\| with the public key.
	void GenerateRSAKeyCallback(const std::string& extension_id,
	const GenerateKeyCallback& callback,
	const std::string& public_key_spki_der,
	const std::string& error_message);

	// Callback used by \|RegisterPublicKey\|.
	// Updates the old \|platform_keys\| read from the StateStore and writes the
	// updated value back to the StateStore.
	void RegisterPublicKeyGotPlatformKeys(
	const std::string& extension_id,
	const std::string& public_key_spki_der,
	const base::Callback<void(bool)>& callback,
	scoped_ptr<base::ListValue> platform_keys);

	// Callback used by \|ReadValidityAndInvalidateKey\|.
	// Invalidates the given public key so that future signing is prohibited and
	// calls \|callback\| with the old validity.
	void InvalidateKey(const std::string& extension_id,
	const std::string& public_key_spki_der,
	const base::Callback<void(bool)>& callback,
	scoped_ptr<base::ListValue> platform_keys);

	// Callback used by \|GetPlatformKeysOfExtension\|.
	// Is called with \|value\| set to the PlatformKeys value read from the
	// StateStore, which it forwards to \|callback\|. On error, calls \|callback\|
	// with NULL; if no value existed, with an empty list.
	void GotPlatformKeysOfExtension(const std::string& extension_id,
	const GetPlatformKeysCallback& callback,
	scoped_ptr<base::Value> value);

	content::BrowserContext* browser_context_;
	extensions::StateStore* state_store_;
	base::WeakPtrFactory<PlatformKeysService> weak_factory_;

	DISALLOW_COPY_AND_ASSIGN(PlatformKeysService);
	};

	} // namespace chromeos

	#endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_SERVICE_H_