Index: content/renderer/webcrypto/platform_crypto.h |
diff --git a/content/renderer/webcrypto/platform_crypto.h b/content/renderer/webcrypto/platform_crypto.h |
new file mode 100644 |
index 0000000000000000000000000000000000000000..ae298bba8198ec3823f9e651a0c5f8128b1e8872 |
--- /dev/null |
+++ b/content/renderer/webcrypto/platform_crypto.h |
@@ -0,0 +1,175 @@ |
+// Copyright (c) 2014 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |
+#define CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |
+ |
+#include "base/basictypes.h" |
+#include "base/compiler_specific.h" |
+#include "third_party/WebKit/public/platform/WebArrayBuffer.h" |
+#include "third_party/WebKit/public/platform/WebCrypto.h" |
+#include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" |
+ |
+namespace content { |
+ |
+namespace webcrypto { |
+ |
+class CryptoData; |
+class Status; |
+ |
+namespace platform { |
Ryan Sleevi
2014/02/13 04:24:24
Include documentation about what belongs in this n
eroman
2014/02/13 23:05:38
Done.
|
+ |
+class SymKey; |
+class PublicKey; |
+class PrivateKey; |
+ |
+// Do any one-time initialization. Note that this can be called MULTIPLE times |
+// (once per instantiation of WebCryptoImpl). |
+void Init(); |
+ |
+// Safely converts a WebCryptoKey to more specifc key type. If the conversion |
+// failed, returns NULL. |
+// The handle pointer is controlled by the implementor of PlatformCrypto. |
+SymKey* ToSymKey(const blink::WebCryptoKey& key); |
+PublicKey* ToPublicKey(const blink::WebCryptoKey& key); |
+PrivateKey* ToPrivateKey(const blink::WebCryptoKey& key); |
+ |
+// Guarantees: |
Ryan Sleevi
2014/02/13 04:24:24
s/Guarantees/Preconditions/
Guarantees make me th
eroman
2014/02/13 23:05:38
Done.
|
+// * algorithm.id() is for an RSA algorithm. |
+// * algorithm.rsaKeyGenParams() is non-null. |
+Status GenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ blink::WebCryptoKey* public_key, |
+ blink::WebCryptoKey* private_key); |
+ |
+Status ImportRsaPublicKey(const CryptoData& modulus_data, |
Ryan Sleevi
2014/02/13 04:24:24
No preconditions here?
Also, shouldn't |algorithm
eroman
2014/02/13 23:05:38
Done.
|
+ const CryptoData& exponent_data, |
+ const blink::WebCryptoAlgorithm& algorithm, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ blink::WebCryptoKey* key); |
+ |
+// |keylen_bytes| is the desired length of the key in bits. |
+// |
+// Guarantees: |
+// * algorithm.id() is for a symmetric key algorithm. |
+// * keylen_bytes is non-zero (TODO(eroman): revisit this). |
+// * If the algorithm is AES-CBC, the key length is either 128 bits, 192 |
+// bits, 256 bits. |
+Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ unsigned keylen_bytes, |
+ blink::WebCryptoKey* key); |
+ |
+// Guarantees: |
+// * |key| is a non-null AES-CBC key. |
+// * |iv| is exactly 16 bytes long |
+Status EncryptAesCbc(SymKey* key, |
+ const CryptoData& iv, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is a non-null AES-CBC key. |
+// * |iv| is exactly 16 bytes long |
+Status DecryptAesCbc(SymKey* key, |
+ const CryptoData& iv, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is a non-null AES-GCM key. |
+// * |params| is non-null |
+Status EncryptAesGcm(SymKey* key, |
+ const blink::WebCryptoAesGcmParams* params, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is a non-null AES-GCM key. |
+// * |params| is non-null |
+Status DecryptAesGcm(SymKey* key, |
+ const blink::WebCryptoAesGcmParams* params, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+Status EncryptRsaEsPkcs1v1_5(PublicKey* key, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+Status DecryptRsaEsPkcs1v1_5(PrivateKey* key, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is a non-null HMAC key. |
+// * |hash| is a digest algorithm. |
+Status SignHmac(SymKey* key, |
+ const blink::WebCryptoAlgorithm& hash, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |algorithm| is a SHA function. |
+Status DigestSha(blink::WebCryptoAlgorithmId algorithm, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+// * |hash| is a digest algorithm. |
+Status SignRsaSsaPkcs1v1_5(PrivateKey* key, |
+ const blink::WebCryptoAlgorithm& hash, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+// * |hash| is a digest algorithm. |
+Status VerifyRsaSsaPkcs1v1_5(PublicKey* key, |
+ const blink::WebCryptoAlgorithm& hash, |
+ const CryptoData& signature, |
+ const CryptoData& data, |
+ bool* signature_match); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+// * |algorithm.id()| is for a symmetric key algorithm. |
+Status ImportKeyRaw(const CryptoData& key_data, |
+ const blink::WebCryptoAlgorithm& algorithm, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ blink::WebCryptoKey* key); |
+ |
+Status ImportKeySpki(const CryptoData& key_data, |
Ryan Sleevi
2014/02/13 04:24:24
No pre-conditions here?
|
+ const blink::WebCryptoAlgorithm& algorithm_or_null, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ blink::WebCryptoKey* key); |
+ |
+Status ImportKeyPkcs8(const CryptoData& key_data, |
Ryan Sleevi
2014/02/13 04:24:24
for these, suggested is algorithm_or_null, extract
|
+ const blink::WebCryptoAlgorithm& algorithm_or_null, |
+ bool extractable, |
+ blink::WebCryptoKeyUsageMask usage_mask, |
+ blink::WebCryptoKey* key); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+Status ExportKeyRaw(SymKey* key, blink::WebArrayBuffer* buffer); |
+ |
+// Guarantees: |
+// * |key| is non-null. |
+Status ExportKeySpki(PublicKey* key, blink::WebArrayBuffer* buffer); |
+ |
+} // namespace platform |
+} // namespace webcrypto |
+} // namespace content |
Ryan Sleevi
2014/02/13 04:24:24
new lines between each of these
eroman
2014/02/13 23:05:38
Done.
|
+ |
+#endif // CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ |