OLD | NEW |
---|---|
(Empty) | |
1 // Copyright (c) 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
6 #define CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
7 | |
8 #include "base/basictypes.h" | |
9 #include "base/compiler_specific.h" | |
10 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | |
11 #include "third_party/WebKit/public/platform/WebCrypto.h" | |
12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
13 | |
14 namespace content { | |
15 | |
16 namespace webcrypto { | |
17 | |
18 class CryptoData; | |
19 class Status; | |
20 | |
21 namespace platform { | |
Ryan Sleevi
2014/02/13 04:24:24
Include documentation about what belongs in this n
eroman
2014/02/13 23:05:38
Done.
| |
22 | |
23 class SymKey; | |
24 class PublicKey; | |
25 class PrivateKey; | |
26 | |
27 // Do any one-time initialization. Note that this can be called MULTIPLE times | |
28 // (once per instantiation of WebCryptoImpl). | |
29 void Init(); | |
30 | |
31 // Safely converts a WebCryptoKey to more specifc key type. If the conversion | |
32 // failed, returns NULL. | |
33 // The handle pointer is controlled by the implementor of PlatformCrypto. | |
34 SymKey* ToSymKey(const blink::WebCryptoKey& key); | |
35 PublicKey* ToPublicKey(const blink::WebCryptoKey& key); | |
36 PrivateKey* ToPrivateKey(const blink::WebCryptoKey& key); | |
37 | |
38 // Guarantees: | |
Ryan Sleevi
2014/02/13 04:24:24
s/Guarantees/Preconditions/
Guarantees make me th
eroman
2014/02/13 23:05:38
Done.
| |
39 // * algorithm.id() is for an RSA algorithm. | |
40 // * algorithm.rsaKeyGenParams() is non-null. | |
41 Status GenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm, | |
42 bool extractable, | |
43 blink::WebCryptoKeyUsageMask usage_mask, | |
44 blink::WebCryptoKey* public_key, | |
45 blink::WebCryptoKey* private_key); | |
46 | |
47 Status ImportRsaPublicKey(const CryptoData& modulus_data, | |
Ryan Sleevi
2014/02/13 04:24:24
No preconditions here?
Also, shouldn't |algorithm
eroman
2014/02/13 23:05:38
Done.
| |
48 const CryptoData& exponent_data, | |
49 const blink::WebCryptoAlgorithm& algorithm, | |
50 bool extractable, | |
51 blink::WebCryptoKeyUsageMask usage_mask, | |
52 blink::WebCryptoKey* key); | |
53 | |
54 // |keylen_bytes| is the desired length of the key in bits. | |
55 // | |
56 // Guarantees: | |
57 // * algorithm.id() is for a symmetric key algorithm. | |
58 // * keylen_bytes is non-zero (TODO(eroman): revisit this). | |
59 // * If the algorithm is AES-CBC, the key length is either 128 bits, 192 | |
60 // bits, 256 bits. | |
61 Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, | |
62 bool extractable, | |
63 blink::WebCryptoKeyUsageMask usage_mask, | |
64 unsigned keylen_bytes, | |
65 blink::WebCryptoKey* key); | |
66 | |
67 // Guarantees: | |
68 // * |key| is a non-null AES-CBC key. | |
69 // * |iv| is exactly 16 bytes long | |
70 Status EncryptAesCbc(SymKey* key, | |
71 const CryptoData& iv, | |
72 const CryptoData& data, | |
73 blink::WebArrayBuffer* buffer); | |
74 | |
75 // Guarantees: | |
76 // * |key| is a non-null AES-CBC key. | |
77 // * |iv| is exactly 16 bytes long | |
78 Status DecryptAesCbc(SymKey* key, | |
79 const CryptoData& iv, | |
80 const CryptoData& data, | |
81 blink::WebArrayBuffer* buffer); | |
82 | |
83 // Guarantees: | |
84 // * |key| is a non-null AES-GCM key. | |
85 // * |params| is non-null | |
86 Status EncryptAesGcm(SymKey* key, | |
87 const blink::WebCryptoAesGcmParams* params, | |
88 const CryptoData& data, | |
89 blink::WebArrayBuffer* buffer); | |
90 | |
91 // Guarantees: | |
92 // * |key| is a non-null AES-GCM key. | |
93 // * |params| is non-null | |
94 Status DecryptAesGcm(SymKey* key, | |
95 const blink::WebCryptoAesGcmParams* params, | |
96 const CryptoData& data, | |
97 blink::WebArrayBuffer* buffer); | |
98 | |
99 // Guarantees: | |
100 // * |key| is non-null. | |
101 Status EncryptRsaEsPkcs1v1_5(PublicKey* key, | |
102 const CryptoData& data, | |
103 blink::WebArrayBuffer* buffer); | |
104 | |
105 // Guarantees: | |
106 // * |key| is non-null. | |
107 Status DecryptRsaEsPkcs1v1_5(PrivateKey* key, | |
108 const CryptoData& data, | |
109 blink::WebArrayBuffer* buffer); | |
110 | |
111 // Guarantees: | |
112 // * |key| is a non-null HMAC key. | |
113 // * |hash| is a digest algorithm. | |
114 Status SignHmac(SymKey* key, | |
115 const blink::WebCryptoAlgorithm& hash, | |
116 const CryptoData& data, | |
117 blink::WebArrayBuffer* buffer); | |
118 | |
119 // Guarantees: | |
120 // * |algorithm| is a SHA function. | |
121 Status DigestSha(blink::WebCryptoAlgorithmId algorithm, | |
122 const CryptoData& data, | |
123 blink::WebArrayBuffer* buffer); | |
124 | |
125 // Guarantees: | |
126 // * |key| is non-null. | |
127 // * |hash| is a digest algorithm. | |
128 Status SignRsaSsaPkcs1v1_5(PrivateKey* key, | |
129 const blink::WebCryptoAlgorithm& hash, | |
130 const CryptoData& data, | |
131 blink::WebArrayBuffer* buffer); | |
132 | |
133 // Guarantees: | |
134 // * |key| is non-null. | |
135 // * |hash| is a digest algorithm. | |
136 Status VerifyRsaSsaPkcs1v1_5(PublicKey* key, | |
137 const blink::WebCryptoAlgorithm& hash, | |
138 const CryptoData& signature, | |
139 const CryptoData& data, | |
140 bool* signature_match); | |
141 | |
142 // Guarantees: | |
143 // * |key| is non-null. | |
144 // * |algorithm.id()| is for a symmetric key algorithm. | |
145 Status ImportKeyRaw(const CryptoData& key_data, | |
146 const blink::WebCryptoAlgorithm& algorithm, | |
147 bool extractable, | |
148 blink::WebCryptoKeyUsageMask usage_mask, | |
149 blink::WebCryptoKey* key); | |
150 | |
151 Status ImportKeySpki(const CryptoData& key_data, | |
Ryan Sleevi
2014/02/13 04:24:24
No pre-conditions here?
| |
152 const blink::WebCryptoAlgorithm& algorithm_or_null, | |
153 bool extractable, | |
154 blink::WebCryptoKeyUsageMask usage_mask, | |
155 blink::WebCryptoKey* key); | |
156 | |
157 Status ImportKeyPkcs8(const CryptoData& key_data, | |
Ryan Sleevi
2014/02/13 04:24:24
for these, suggested is algorithm_or_null, extract
| |
158 const blink::WebCryptoAlgorithm& algorithm_or_null, | |
159 bool extractable, | |
160 blink::WebCryptoKeyUsageMask usage_mask, | |
161 blink::WebCryptoKey* key); | |
162 | |
163 // Guarantees: | |
164 // * |key| is non-null. | |
165 Status ExportKeyRaw(SymKey* key, blink::WebArrayBuffer* buffer); | |
166 | |
167 // Guarantees: | |
168 // * |key| is non-null. | |
169 Status ExportKeySpki(PublicKey* key, blink::WebArrayBuffer* buffer); | |
170 | |
171 } // namespace platform | |
172 } // namespace webcrypto | |
173 } // namespace content | |
Ryan Sleevi
2014/02/13 04:24:24
new lines between each of these
eroman
2014/02/13 23:05:38
Done.
| |
174 | |
175 #endif // CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
OLD | NEW |