OLD | NEW |
1 /* | 1 /* |
2 * Copyright (C) 2013 Google Inc. All rights reserved. | 2 * Copyright (C) 2013 Google Inc. All rights reserved. |
3 * | 3 * |
4 * Redistribution and use in source and binary forms, with or without | 4 * Redistribution and use in source and binary forms, with or without |
5 * modification, are permitted provided that the following conditions are | 5 * modification, are permitted provided that the following conditions are |
6 * met: | 6 * met: |
7 * | 7 * |
8 * * Redistributions of source code must retain the above copyright | 8 * * Redistributions of source code must retain the above copyright |
9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
10 * * Redistributions in binary form must reproduce the above | 10 * * Redistributions in binary form must reproduce the above |
(...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
57 reset(); | 57 reset(); |
58 } | 58 } |
59 | 59 |
60 WebCryptoResult& operator=(const WebCryptoResult& o) | 60 WebCryptoResult& operator=(const WebCryptoResult& o) |
61 { | 61 { |
62 assign(o); | 62 assign(o); |
63 return *this; | 63 return *this; |
64 } | 64 } |
65 | 65 |
66 BLINK_EXPORT void completeWithError(); | 66 BLINK_EXPORT void completeWithError(); |
| 67 // Note that WebArrayBuffer is NOT safe to create from another thread. |
67 BLINK_EXPORT void completeWithBuffer(const WebArrayBuffer&); | 68 BLINK_EXPORT void completeWithBuffer(const WebArrayBuffer&); |
| 69 // Makes a copy of the input data given as a pointer and byte length. |
68 BLINK_EXPORT void completeWithBuffer(const void*, unsigned); | 70 BLINK_EXPORT void completeWithBuffer(const void*, unsigned); |
69 BLINK_EXPORT void completeWithBoolean(bool); | 71 BLINK_EXPORT void completeWithBoolean(bool); |
70 BLINK_EXPORT void completeWithKey(const WebCryptoKey&); | 72 BLINK_EXPORT void completeWithKey(const WebCryptoKey&); |
71 BLINK_EXPORT void completeWithKeyPair(const WebCryptoKey& publicKey, const W
ebCryptoKey& privateKey); | 73 BLINK_EXPORT void completeWithKeyPair(const WebCryptoKey& publicKey, const W
ebCryptoKey& privateKey); |
72 | 74 |
73 #if BLINK_IMPLEMENTATION | 75 #if BLINK_IMPLEMENTATION |
74 explicit WebCryptoResult(const WTF::PassRefPtr<WebCore::CryptoResult>&); | 76 explicit WebCryptoResult(const WTF::PassRefPtr<WebCore::CryptoResult>&); |
75 #endif | 77 #endif |
76 | 78 |
77 private: | 79 private: |
78 BLINK_EXPORT void reset(); | 80 BLINK_EXPORT void reset(); |
79 BLINK_EXPORT void assign(const WebCryptoResult&); | 81 BLINK_EXPORT void assign(const WebCryptoResult&); |
80 | 82 |
81 WebPrivatePtr<WebCore::CryptoResult> m_impl; | 83 WebPrivatePtr<WebCore::CryptoResult> m_impl; |
82 }; | 84 }; |
83 | 85 |
84 class WebCrypto { | 86 class WebCrypto { |
85 public: | 87 public: |
86 // Starts a one-shot cryptographic operation which can complete either | 88 // WebCrypto is the interface for starting one-shot cryptographic operations
. |
87 // synchronously, or asynchronously. | |
88 // | 89 // |
89 // Let the WebCryptoResult be called "result". | 90 // ----------------------- |
| 91 // Completing the request |
| 92 // ----------------------- |
90 // | 93 // |
91 // The result should be set exactly once, from the same thread which | 94 // Implementations signal completion by calling one of the methods on |
92 // initiated the operation. | 95 // "result". Only a single result/error should be set for the request. |
| 96 // Different operations expect different result types based on the |
| 97 // algorithm parameters; see the Web Crypto standard for details. |
93 // | 98 // |
94 // * WebCryptoAlgorithms parameters are guaranteed to be !isNull(), | 99 // The result can be set either synchronously while handling the request, |
95 // unless noted otherwise. | 100 // or asynchronously after the method has returned. When completing |
96 // * WebCryptoKey parameters are guaranteeed to be !isNull(). | 101 // asynchronously make a copy of the WebCryptoResult and call it from the |
97 // * const unsigned char* data buffers are not valid after return. | 102 // same thread that started the request. |
| 103 // |
| 104 // ----------------------- |
| 105 // Threading |
| 106 // ----------------------- |
| 107 // |
| 108 // The WebCrypto interface will only be called from the render's main |
| 109 // thread. All communication back to Blink must be on this same thread. |
| 110 // Notably: |
| 111 // |
| 112 // * The WebCryptoResult is NOT threadsafe. It should only be used from |
| 113 // the Blink main thread. |
| 114 // |
| 115 // * WebCryptoKey and WebCryptoAlgorithm ARE threadsafe. They can be |
| 116 // safely copied between threads and accessed. Copying is cheap because |
| 117 // they are internally reference counted. |
| 118 // |
| 119 // * WebArrayBuffer is NOT threadsafe. It should only be created from the |
| 120 // Blink main thread. This means threaded implementations may have to |
| 121 // make a copy of the output buffer. |
| 122 // |
| 123 // ----------------------- |
| 124 // Inputs |
| 125 // ----------------------- |
| 126 // |
| 127 // * Data buffers are passed as (basePointer, byteLength) pairs. |
| 128 // These buffers are only valid during the call itself. Asynchronous |
| 129 // implementations wishing to access it after the function returns |
| 130 // should make a copy. |
| 131 // |
| 132 // * All WebCryptoKeys are guaranteeed to be !isNull(). |
| 133 // |
| 134 // * All WebCryptoAlgorithms are guaranteed to be !isNull() |
| 135 // unless noted otherwise. Being "null" means that it was unspecified |
| 136 // by the caller. |
| 137 // |
| 138 // * Look to the Web Crypto spec for an explanation of the parameter. The |
| 139 // method names here have a 1:1 correspondence with those of |
| 140 // crypto.subtle, with the exception of "verify" which is here called |
| 141 // "verifySignature". |
| 142 // |
| 143 // ----------------------- |
| 144 // Guarantees on input validity |
| 145 // ----------------------- |
| 146 // |
| 147 // Implementations MUST carefully sanitize algorithm inputs before using |
| 148 // them, as they come directly from the user. Few checks have been done on |
| 149 // algorithm parameters prior to passing to the embedder. |
| 150 // |
| 151 // Only the following checks can be assumed as having alread passed: |
| 152 // |
| 153 // * The key is extractable when calling into exportKey/wrapKey. |
| 154 // * The key usages permit the operation being requested. |
| 155 // * The key's algorithm matches that of the requested operation. |
| 156 // |
98 virtual void encrypt(const WebCryptoAlgorithm&, const WebCryptoKey&, const u
nsigned char* data, unsigned dataSize, WebCryptoResult result) { result.complete
WithError(); } | 157 virtual void encrypt(const WebCryptoAlgorithm&, const WebCryptoKey&, const u
nsigned char* data, unsigned dataSize, WebCryptoResult result) { result.complete
WithError(); } |
99 virtual void decrypt(const WebCryptoAlgorithm&, const WebCryptoKey&, const u
nsigned char* data, unsigned dataSize, WebCryptoResult result) { result.complete
WithError(); } | 158 virtual void decrypt(const WebCryptoAlgorithm&, const WebCryptoKey&, const u
nsigned char* data, unsigned dataSize, WebCryptoResult result) { result.complete
WithError(); } |
100 virtual void sign(const WebCryptoAlgorithm&, const WebCryptoKey&, const unsi
gned char* data, unsigned dataSize, WebCryptoResult result) { result.completeWit
hError(); } | 159 virtual void sign(const WebCryptoAlgorithm&, const WebCryptoKey&, const unsi
gned char* data, unsigned dataSize, WebCryptoResult result) { result.completeWit
hError(); } |
101 virtual void verifySignature(const WebCryptoAlgorithm&, const WebCryptoKey&,
const unsigned char* signature, unsigned signatureSize, const unsigned char* da
ta, unsigned dataSize, WebCryptoResult result) { result.completeWithError(); } | 160 virtual void verifySignature(const WebCryptoAlgorithm&, const WebCryptoKey&,
const unsigned char* signature, unsigned signatureSize, const unsigned char* da
ta, unsigned dataSize, WebCryptoResult result) { result.completeWithError(); } |
102 virtual void digest(const WebCryptoAlgorithm&, const unsigned char* data, un
signed dataSize, WebCryptoResult result) { result.completeWithError(); } | 161 virtual void digest(const WebCryptoAlgorithm&, const unsigned char* data, un
signed dataSize, WebCryptoResult result) { result.completeWithError(); } |
103 virtual void generateKey(const WebCryptoAlgorithm&, bool extractable, WebCry
ptoKeyUsageMask, WebCryptoResult result) { result.completeWithError(); } | 162 virtual void generateKey(const WebCryptoAlgorithm&, bool extractable, WebCry
ptoKeyUsageMask, WebCryptoResult result) { result.completeWithError(); } |
104 // The WebCryptoAlgorithm for importKey may be "isNull()" meaning that it | 163 // It is possible for the WebCryptoAlgorithm to be "isNull()" |
105 // was unspecified by the caller. | |
106 virtual void importKey(WebCryptoKeyFormat, const unsigned char* keyData, uns
igned keyDataSize, const WebCryptoAlgorithm&, bool extractable, WebCryptoKeyUsag
eMask, WebCryptoResult result) { result.completeWithError(); } | 164 virtual void importKey(WebCryptoKeyFormat, const unsigned char* keyData, uns
igned keyDataSize, const WebCryptoAlgorithm&, bool extractable, WebCryptoKeyUsag
eMask, WebCryptoResult result) { result.completeWithError(); } |
107 virtual void exportKey(WebCryptoKeyFormat, const WebCryptoKey&, WebCryptoRes
ult result) { result.completeWithError(); } | 165 virtual void exportKey(WebCryptoKeyFormat, const WebCryptoKey&, WebCryptoRes
ult result) { result.completeWithError(); } |
108 | |
109 virtual void wrapKey(WebCryptoKeyFormat, const WebCryptoKey& key, const WebC
ryptoKey& wrappingKey, const WebCryptoAlgorithm&, WebCryptoResult result) { resu
lt.completeWithError(); } | 166 virtual void wrapKey(WebCryptoKeyFormat, const WebCryptoKey& key, const WebC
ryptoKey& wrappingKey, const WebCryptoAlgorithm&, WebCryptoResult result) { resu
lt.completeWithError(); } |
110 | 167 // It is possible that unwrappedKeyAlgorithm.isNull() |
111 // It is possible for unwrappedKeyAlgorithm.isNull() meaning that it was | |
112 // unspecified by the caller. | |
113 virtual void unwrapKey(WebCryptoKeyFormat, const unsigned char* wrappedKey,
unsigned wrappedKeySize, const WebCryptoKey&, const WebCryptoAlgorithm& unwrapAl
gorithm, const WebCryptoAlgorithm& unwrappedKeyAlgorithm, bool extractable, WebC
ryptoKeyUsageMask, WebCryptoResult result) { result.completeWithError(); } | 168 virtual void unwrapKey(WebCryptoKeyFormat, const unsigned char* wrappedKey,
unsigned wrappedKeySize, const WebCryptoKey&, const WebCryptoAlgorithm& unwrapAl
gorithm, const WebCryptoAlgorithm& unwrappedKeyAlgorithm, bool extractable, WebC
ryptoKeyUsageMask, WebCryptoResult result) { result.completeWithError(); } |
114 | 169 |
115 protected: | 170 protected: |
116 virtual ~WebCrypto() { } | 171 virtual ~WebCrypto() { } |
117 }; | 172 }; |
118 | 173 |
119 } // namespace blink | 174 } // namespace blink |
120 | 175 |
121 #endif | 176 #endif |
OLD | NEW |