1 /* 2 * Copyright (C) 2020 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except 6 * in compliance with the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <openssl/base.h> 20 #include <optional> 21 #include <string> 22 23 // These APIs is used to embed adbd's known public keys into client-allowed CA 24 // issuer list that can indicate to the client which key to use. 25 namespace adb { 26 namespace tls { 27 28 // Takes an encoded public key and generates a X509_NAME that can be used in 29 // TlsConnection::SetClientCAList(), to allow the client to figure out which of 30 // its keys it should try to use in the TLS handshake. This is guaranteed to 31 // return a valid X509_NAME, given a non-empty key. 32 bssl::UniquePtr<X509_NAME> CreateCAIssuerFromEncodedKey(std::string_view key); 33 34 // Parses a CA issuer and returns the encoded key, if any. On failure, returns 35 // nullopt. 36 std::optional<std::string> ParseEncodedKeyFromCAIssuer(X509_NAME* issuer); 37 38 // Converts SHA256 bits to a hex string representation. |sha256| must be exactly 39 // |SHA256_DIGEST_LENGTH| in size. 40 std::string SHA256BitsToHexString(std::string_view sha256); 41 42 // Converts a valid SHA256 hex string to the actual bits. Returns nullopt on 43 // failure. 44 std::optional<std::string> SHA256HexStringToBits(std::string_view sha256_str); 45 46 } // namespace tls 47 } // namespace adb 48