Sign CertificateVerify messages on a background thread.

net/ssl/ssl_private_key.h

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_SSL_SSL_PRIVATE_KEY_H_
+#define NET_SSL_SSL_PRIVATE_KEY_H_
+
+#include <vector>
+
+#include "base/callback_forward.h"
+#include "base/macros.h"
+#include "base/memory/scoped_ptr.h"
+#include "base/strings/string_piece.h"
+#include "net/base/net_errors.h"
+
+namespace net {
+
+// An interface for a private key for use with SSL client authentication.
+class SSLPrivateKey {
+ public:
+  using SignCallback = base::Callback<void(Error, const std::vector<uint8_t>&)>;

[Ryan Sleevi, 2015/06/23 15:27:29]

need stdint.h

[davidben, 2015/06/24 21:43:12]

Done.

+
+  enum class Type {
+    RSA,
+    ECDSA,
+  };
+
+  enum class Hash {
+    MD5_SHA1,
+    MD5,
+    SHA1,
+    SHA224,
+    SHA256,
+    SHA384,
+    SHA512,
+  };
+
+  SSLPrivateKey() {}
+  virtual ~SSLPrivateKey() {}
+
+  // Returns whether the key is an RSA key or an ECDSA key. Although the signing
+  // interface is type-agnositic and type tags in interfaces are discouraged,
+  // TLS has key-specific logic in selecting which hashes to sign. Exposing the
+  // key type avoids replicating BoringSSL's TLS-specific logic in SSLPrivateKey
+  // implementations and complicating the interface between Chromium and
+  // BoringSSL.
+  virtual Type GetType() = 0;
+
+  // Returns true if the key supports signing hashes of type |hash|.
+  virtual bool SupportsHash(Hash hash) = 0;
+
+  // Returns the maximum size of a signature. For an RSA key, this must be the
+  // size of the modulus in bytes.
+  virtual size_t GetMaxSignatureLength() = 0;

[Ryan Sleevi, 2015/06/23 15:27:29]

While reviewing this, I still found it confusing that this type isn't explicit
(bits vs bytes)

Can you canonicalize what unit this is in, and enshrine it in the name?

GetMaxSignatureLengthInBytes() ? GetMaxSignatureLengthBytes?

[davidben, 2015/06/24 21:43:12]

Done, though I think a comment is sufficient for signatures. Nothing, not even
X.509 when you factor in how every profile works, uses bits for signatures. It's
always bytes. Plus the type is std::vector<uint8_t>, not std::vector<bool>.

[Ryan Sleevi, 2015/06/30 10:18:22]

If the suggestion is that if you wanted bits, you'd use std::vector<bool> - no
one does that :) They'd use std::vector<uint8_t> with the bit length (same as
the C APIs that take a "const char*/unsigned char*" and an int for bit length.

[There's special hell with bitsets as bools anyways; I think it was More
Effective C++ that covered this, although it was somewhere in that series]

+
+  // Asynchronously signs an |input| which was computed with the hash |hash|. On
+  // completion, it calls |callback| with the signature or an error code if the
+  // operation failed. For an RSA key, the signature is a PKCS#1 signature. The
+  // SSLPrivateKey implementation is responsible for prepending the DigestInfo
+  // prefix and adding PKCS#1 padding.
+  virtual void SignDigest(Hash hash,
+                          const base::StringPiece& input,
+                          const SignCallback& callback) = 0;
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(SSLPrivateKey);
+};
+
+}  // namespace net
+
+#endif  // NET_SSL_SSL_PRIVATE_KEY_H_