platformKeys: Document supported algorithms and hash functions.

chrome/common/extensions/api/platform_keys.idl

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Use the <code>chrome.platformKeys</code> API to access client certificates
 // managed by the platform. If the user or policy grants the permission, an
 // extension can use such a certficate in its custom authentication protocol.
 // E.g. this allows usage of platform managed certificates in third party VPNs
 // (see $(ref:vpnProvider chrome.vpnProvider)).
 namespace platformKeys {
@@ skipping 102 matching lines @@
     // <code>callback</code>.
     [nocompile] static void selectClientCertificates(
         SelectDetails details,
         SelectCallback callback);
 
     // Passes the key pair of <code>certificate</code> for usage with
     // $(ref:platformKeys.subtleCrypto) to <code>callback</code>.
     // |certificate|: The certificate of a $(ref:Match) returned by
     // $(ref:selectClientCertificates).
     // |parameters|: Determines signature/hash algorithm parameters additionally
-    //   to the parameters fixed by the key itself. The same parameters are

[pneubeck (no reviews), 2015/09/28 13:22:26]

the space at the beginning of the line led to weird spacing, so i removed it.

-    //   accepted as by WebCrypto's <code>importKey</code> function, e.g.
-    //   <code>RsaHashedImportParams</code> for a RSASSA-PKCS1-v1_5 key.
-    //   For RSASSA-PKCS1-v1_5 keys, additionally the parameters
-    //   <code>{ 'hash': { 'name': 'none' } }</code> are supported. The sign
-    //   function will then apply PKCS#1 v1.5 padding and but not hash the
-    //   given data.
+    // to the parameters fixed by the key itself. The same parameters are
+    // accepted as by WebCrypto's <a
+    // href="http://www.w3.org/TR/WebCryptoAPI/#SubtleCrypto-method-importKey">importKey</a>
+    // function, e.g. <code>RsaHashedImportParams</code> for a RSASSA-PKCS1-v1_5
+    // key. For RSASSA-PKCS1-v1_5 keys, additionally the parameters <code>{
+    // "hash": { "name": "none" } }</code> are supported. The sign function will
+    // then apply PKCS#1 v1.5 padding and but not hash the given data.
+    // <p>Currently, this function only supports the "RSASSA-PKCS1-v1_5"
+    // algorithm with one of the hashing algorithms "none", "SHA-1", "SHA-256",
+    // "SHA-384", and "SHA-512".</p>
     [nocompile] static void getKeyPair(ArrayBuffer certificate,
                                        object parameters,
                                        GetKeyPairCallback callback);
 
     // An implementation of WebCrypto's
     // <a href="http://www.w3.org/TR/WebCryptoAPI/#subtlecrypto-interface">
     // SubtleCrypto</a>
     // that allows crypto operations on keys of client certificates that are
     // available to this extension.
     [nocompile] static object subtleCrypto();
 
     // Checks whether <code>details.serverCertificateChain</code> can be trusted
     // for <code>details.hostname</code> according to the trust settings of the
     // platform.
     // Note: The actual behavior of the trust verification is not fully
     // specified and might change in the future.
     // The API implementation verifies certificate expiration, validates the
     // certification path and checks trust by a known CA.
     // The implementation is supposed to respect the EKU serverAuth and to
     // support subject alternative names.
     static void verifyTLSServerCertificate(VerificationDetails details,
                                            VerificationCallback callback);
   };
 };