device/fido/mac/util.h - chromium/src - Git at Google

 // Copyright 2018 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef DEVICE_FIDO_MAC_UTIL_H_
 #define DEVICE_FIDO_MAC_UTIL_H_

 #include <string>
 #include <vector>

 #import <Security/Security.h>

 #include "base/callback.h"
 #include "base/mac/availability.h"
 #include "base/mac/scoped_cftyperef.h"
 #include "base/mac/scoped_nsobject.h"

 namespace device {
 namespace fido {
 namespace mac {

 // KeychainItemIdentifier returns the unique identifier for a key pair, derived
 // from an RP ID and user handle. It is stored in the keychain items
 // kSecAttrApplicationLabel attribute and can be used for lookup.
 std::vector<uint8_t> KeychainItemIdentifier(std::string rp_id,
                                             std::vector<uint8_t> user_id);

 // MakeAuthenticatorData returns an AuthenticatorData instance for the Touch ID
 // authenticator with the given client data, credential id and public key. It
 // returns |base::nullopt| on failure.
 base::Optional<AuthenticatorData> MakeAuthenticatorData(
     std::vector<uint8_t> client_data_hash,
     std::vector<uint8_t> credential_id,
     SecKeyRef public_key) API_AVAILABLE(macosx(10.12.2));

 // GenerateSignature signs the concatenation of the serialization of the given
 // authenticator data and the given client data hash, as required for
 // (self-)attestation and assertion. Returns |base::nullopt| if the operation
 // fails.
 base::Optional<std::vector<uint8_t>> GenerateSignature(
     const AuthenticatorData& authenticator_data,
     const std::vector<uint8_t>& client_data_hash,
     SecKeyRef private_key) API_AVAILABLE(macosx(10.12.2));

 }  // namespace mac
 }  // namespace fido
 }  // namespace device

 #endif  // DEVICE_FIDO_MAC_UTIL_H_
	// Copyright 2018 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef DEVICE_FIDO_MAC_UTIL_H_
	#define DEVICE_FIDO_MAC_UTIL_H_

	#include <string>
	#include <vector>

	#import <Security/Security.h>

	#include "base/callback.h"
	#include "base/mac/availability.h"
	#include "base/mac/scoped_cftyperef.h"
	#include "base/mac/scoped_nsobject.h"

	namespace device {
	namespace fido {
	namespace mac {

	// KeychainItemIdentifier returns the unique identifier for a key pair, derived
	// from an RP ID and user handle. It is stored in the keychain items
	// kSecAttrApplicationLabel attribute and can be used for lookup.
	std::vector<uint8_t> KeychainItemIdentifier(std::string rp_id,
	std::vector<uint8_t> user_id);

	// MakeAuthenticatorData returns an AuthenticatorData instance for the Touch ID
	// authenticator with the given client data, credential id and public key. It
	// returns \|base::nullopt\| on failure.
	base::Optional<AuthenticatorData> MakeAuthenticatorData(
	std::vector<uint8_t> client_data_hash,
	std::vector<uint8_t> credential_id,
	SecKeyRef public_key) API_AVAILABLE(macosx(10.12.2));

	// GenerateSignature signs the concatenation of the serialization of the given
	// authenticator data and the given client data hash, as required for
	// (self-)attestation and assertion. Returns \|base::nullopt\| if the operation
	// fails.
	base::Optional<std::vector<uint8_t>> GenerateSignature(
	const AuthenticatorData& authenticator_data,
	const std::vector<uint8_t>& client_data_hash,
	SecKeyRef private_key) API_AVAILABLE(macosx(10.12.2));

	} // namespace mac
	} // namespace fido
	} // namespace device

	#endif // DEVICE_FIDO_MAC_UTIL_H_