Chromium Code Reviews Chromium Code Reviews
Issue 155623005:
Refactor to share more code between OpenSSL and NSS implementations. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: content/renderer/webcrypto/platform_crypto.h |
| diff --git a/content/renderer/webcrypto/platform_crypto.h b/content/renderer/webcrypto/platform_crypto.h |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..50a40421fbf97f06475e04367a4c265e594273cc |
| --- /dev/null |
| +++ b/content/renderer/webcrypto/platform_crypto.h |
| @@ -0,0 +1,248 @@ |
| +// Copyright (c) 2014 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#ifndef CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |
| +#define CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |
| + |
| +#include "base/basictypes.h" |
| +#include "base/compiler_specific.h" |
| +#include "content/common/content_export.h" |
| +#include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
| +#include "third_party/WebKit/public/platform/WebCrypto.h" |
| +#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
| + |
| +namespace content { |
| + |
| +namespace webcrypto { |
| + |
| +class CryptoData; |
| + |
| +class Status; |
| + |
| +class PlatformSymKey; |
|
Ryan Sleevi
2014/02/07 01:19:21
Don't use whitespace on lines 20/22
|
| +class PlatformPublicKey; |
| +class PlatformPrivateKey; |
| + |
| +// PlatformCrypto is a wrapper around either NSS or OpenSSL for doing |
| +// synchronous crypto operations. |
| +// |
| +// The common code in platform_crypto.cc does various input validations and |
| +// extracts the relevant information from the blink data types. It then calls |
| +// one of the "Platform*()" methods for the platform specific implementation. |
| +class CONTENT_EXPORT PlatformCrypto { |
|
Ryan Sleevi
2014/02/07 01:19:21
Use a namespace.
There's no reason to make this a
eroman
2014/02/07 21:15:57
Done.
|
| + public: |
| + PlatformCrypto(); |
| + |
| + Status Encrypt(const blink::WebCryptoAlgorithm& algorithm, |
| + const blink::WebCryptoKey& key, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + Status Decrypt(const blink::WebCryptoAlgorithm& algorithm, |
| + const blink::WebCryptoKey& key, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + Status Digest(const blink::WebCryptoAlgorithm& algorithm, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + Status GenerateKeyPair(const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* public_key, |
| + blink::WebCryptoKey* private_key); |
| + |
| + Status ImportKey(blink::WebCryptoKeyFormat format, |
| + const CryptoData& key_data, |
| + const blink::WebCryptoAlgorithm& algorithm_or_null, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + Status ExportKey(blink::WebCryptoKeyFormat format, |
| + const blink::WebCryptoKey& key, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + Status Sign(const blink::WebCryptoAlgorithm& algorithm, |
| + const blink::WebCryptoKey& key, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + Status VerifySignature(const blink::WebCryptoAlgorithm& algorithm, |
| + const blink::WebCryptoKey& key, |
| + const CryptoData& signature, |
| + const CryptoData& data, |
| + bool* signature_match); |
| + |
| + Status ImportKeyJwk(const CryptoData& key_data, |
| + const blink::WebCryptoAlgorithm& algorithm_or_null, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + // TODO(eroman): Make the following methods private. |
| + |
| + //----------------------------------------------------------------------- |
| + // These are the methods that the OpenSSL vs NSS versions must implement |
| + //----------------------------------------------------------------------- |
| + |
| + // Safely converts a WebCryptoKey to more specifc key type. If the conversion |
| + // failed, returns NULL. |
| + // The handle pointer is controlled by the implementor of PlatformCrypto. |
| + PlatformSymKey* ToSymKey(const blink::WebCryptoKey& key); |
| + PlatformPublicKey* ToPublicKey(const blink::WebCryptoKey& key); |
| + PlatformPrivateKey* ToPrivateKey(const blink::WebCryptoKey& key); |
| + |
| + // Guarantees: |
| + // * algorithm.id() is for an RSA algorithm. |
| + // * algorithm.rsaKeyGenParams() is non-null. |
| + Status PlatformGenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* public_key, |
| + blink::WebCryptoKey* private_key); |
| + |
| + Status PlatformImportRsaPublicKey(const CryptoData& modulus_data, |
| + const CryptoData& exponent_data, |
| + const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + // |keylen_bytes| is the desired length of the key in bits. |
| + // |
| + // Guarantees: |
| + // * algorithm.id() is for a symmetric key algorithm. |
| + // * keylen_bytes is non-zero (TODO(eroman): revisit this). |
| + // * If the algorithm is AES-CBC, the key length is either 128 bits, 192 |
| + // bits, 256 bits. |
| + Status PlatformGenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + unsigned keylen_bytes, |
| + blink::WebCryptoKey* key); |
| + |
| + // Guarantees: |
| + // * |key| is a non-null AES-CBC key. |
| + // * |iv| is exactly 16 bytes long |
| + Status PlatformEncryptAesCbc(PlatformSymKey* key, |
| + const CryptoData& iv, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is a non-null AES-CBC key. |
| + // * |iv| is exactly 16 bytes long |
| + Status PlatformDecryptAesCbc(PlatformSymKey* key, |
| + const CryptoData& iv, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is a non-null AES-GCM key. |
| + // * |params| is non-null |
| + Status PlatformEncryptAesGcm(PlatformSymKey* key, |
| + const blink::WebCryptoAesGcmParams* params, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is a non-null AES-GCM key. |
| + // * |params| is non-null |
| + Status PlatformDecryptAesGcm(PlatformSymKey* key, |
| + const blink::WebCryptoAesGcmParams* params, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + Status PlatformEncryptRsaEsPkcs1v1_5(PlatformPublicKey* key, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + Status PlatformDecryptRsaEsPkcs1v1_5(PlatformPrivateKey* key, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is a non-null HMAC key. |
| + // * |hash| is a digest algorithm. |
| + Status PlatformSignHmac(PlatformSymKey* key, |
| + const blink::WebCryptoAlgorithm& hash, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |algorithm| is a Sha function. |
| + Status PlatformDigestSha(blink::WebCryptoAlgorithmId algorithm, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + // * |hash| is a digest algorithm. |
| + Status PlatformSignRsaSsaPkcs1v1_5(PlatformPrivateKey* key, |
| + const blink::WebCryptoAlgorithm& hash, |
| + const CryptoData& data, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + // * |hash| is a digest algorithm. |
| + Status PlatformVerifyRsaSsaPkcs1v1_5(PlatformPublicKey* key, |
| + const blink::WebCryptoAlgorithm& hash, |
| + const CryptoData& signature, |
| + const CryptoData& data, |
| + bool* signature_match); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + // * |algorithm.id()| is for a symmetric key algorithm. |
| + Status PlatformImportKeyRaw(const CryptoData& key_data, |
| + const blink::WebCryptoAlgorithm& algorithm, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + Status PlatformImportKeySpki( |
| + const CryptoData& key_data, |
| + const blink::WebCryptoAlgorithm& algorithm_or_null, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + Status PlatformImportKeyPkcs8( |
| + const CryptoData& key_data, |
| + const blink::WebCryptoAlgorithm& algorithm_or_null, |
| + bool extractable, |
| + blink::WebCryptoKeyUsageMask usage_mask, |
| + blink::WebCryptoKey* key); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + Status PlatformExportKeyRaw(PlatformSymKey* key, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + // Guarantees: |
| + // * |key| is non-null. |
| + Status PlatformExportKeySpki(PlatformPublicKey* key, |
| + blink::WebArrayBuffer* buffer); |
| + |
| + private: |
| + DISALLOW_COPY_AND_ASSIGN(PlatformCrypto); |
| +}; |
| + |
| +} // namespace webcrypto |
| + |
| +} // namespace content |
| + |
| +#endif // CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |
