| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
| 6 #define CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
| 7 | |
| 8 #include "base/basictypes.h" | |
| 9 #include "base/compiler_specific.h" | |
| 10 #include "third_party/WebKit/public/platform/WebArrayBuffer.h" | |
| 11 #include "third_party/WebKit/public/platform/WebCrypto.h" | |
| 12 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h" | |
| 13 | |
| 14 namespace content { | |
| 15 | |
| 16 enum EncryptOrDecrypt { ENCRYPT, DECRYPT }; | |
| 17 | |
| 18 namespace webcrypto { | |
| 19 | |
| 20 class CryptoData; | |
| 21 class Status; | |
| 22 | |
| 23 // Functions in the webcrypto::platform namespace are intended to be those | |
| 24 // which are OpenSSL/NSS specific. | |
| 25 // | |
| 26 // The general purpose code which applies to both OpenSSL and NSS | |
| 27 // implementations of webcrypto should live in the outter webcrypto namespace, | |
| 28 // and the crypto library specific bits in the "platform" namespace. | |
| 29 namespace platform { | |
| 30 | |
| 31 class SymKey; | |
| 32 class PublicKey; | |
| 33 class PrivateKey; | |
| 34 | |
| 35 // Base key class for all platform keys, used to safely cast between types. | |
| 36 class Key : public blink::WebCryptoKeyHandle { | |
| 37 public: | |
| 38 virtual SymKey* AsSymKey() = 0; | |
| 39 virtual PublicKey* AsPublicKey() = 0; | |
| 40 virtual PrivateKey* AsPrivateKey() = 0; | |
| 41 }; | |
| 42 | |
| 43 // Do any one-time initialization. Note that this can be called MULTIPLE times | |
| 44 // (once per instantiation of WebCryptoImpl). | |
| 45 void Init(); | |
| 46 | |
| 47 // Preconditions: | |
| 48 // * |key| is a non-null AES-CBC key. | |
| 49 // * |iv| is exactly 16 bytes long | |
| 50 Status EncryptDecryptAesCbc(EncryptOrDecrypt mode, | |
| 51 SymKey* key, | |
| 52 const CryptoData& data, | |
| 53 const CryptoData& iv, | |
| 54 blink::WebArrayBuffer* buffer); | |
| 55 | |
| 56 // Preconditions: | |
| 57 // * |key| is a non-null AES-GCM key. | |
| 58 // * |tag_length_bits| is one of {32, 64, 96, 104, 112, 120, 128} | |
| 59 Status EncryptDecryptAesGcm(EncryptOrDecrypt mode, | |
| 60 SymKey* key, | |
| 61 const CryptoData& data, | |
| 62 const CryptoData& iv, | |
| 63 const CryptoData& additional_data, | |
| 64 unsigned int tag_length_bits, | |
| 65 blink::WebArrayBuffer* buffer); | |
| 66 | |
| 67 // Preconditions: | |
| 68 // * |key| is non-null. | |
| 69 // * |data| is not empty. | |
| 70 Status EncryptRsaEsPkcs1v1_5(PublicKey* key, | |
| 71 const CryptoData& data, | |
| 72 blink::WebArrayBuffer* buffer); | |
| 73 | |
| 74 // Preconditions: | |
| 75 // * |key| is non-null. | |
| 76 Status DecryptRsaEsPkcs1v1_5(PrivateKey* key, | |
| 77 const CryptoData& data, | |
| 78 blink::WebArrayBuffer* buffer); | |
| 79 | |
| 80 // Preconditions: | |
| 81 // * |key| is a non-null HMAC key. | |
| 82 // * |hash| is a digest algorithm. | |
| 83 Status SignHmac(SymKey* key, | |
| 84 const blink::WebCryptoAlgorithm& hash, | |
| 85 const CryptoData& data, | |
| 86 blink::WebArrayBuffer* buffer); | |
| 87 | |
| 88 // Preconditions: | |
| 89 // * |algorithm| is a SHA function. | |
| 90 Status DigestSha(blink::WebCryptoAlgorithmId algorithm, | |
| 91 const CryptoData& data, | |
| 92 blink::WebArrayBuffer* buffer); | |
| 93 | |
| 94 // Preconditions: | |
| 95 // * |key| is non-null. | |
| 96 // * |hash| is a digest algorithm. | |
| 97 Status SignRsaSsaPkcs1v1_5(PrivateKey* key, | |
| 98 const blink::WebCryptoAlgorithm& hash, | |
| 99 const CryptoData& data, | |
| 100 blink::WebArrayBuffer* buffer); | |
| 101 | |
| 102 // Preconditions: | |
| 103 // * |key| is non-null. | |
| 104 // * |hash| is a digest algorithm. | |
| 105 Status VerifyRsaSsaPkcs1v1_5(PublicKey* key, | |
| 106 const blink::WebCryptoAlgorithm& hash, | |
| 107 const CryptoData& signature, | |
| 108 const CryptoData& data, | |
| 109 bool* signature_match); | |
| 110 | |
| 111 // |keylen_bytes| is the desired length of the key in bits. | |
| 112 // | |
| 113 // Preconditions: | |
| 114 // * algorithm.id() is for a symmetric key algorithm. | |
| 115 // * keylen_bytes is non-zero (TODO(eroman): revisit this). | |
| 116 // * For AES algorithms |keylen_bytes| is either 16, 24, or 32 bytes long. | |
| 117 Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, | |
| 118 bool extractable, | |
| 119 blink::WebCryptoKeyUsageMask usage_mask, | |
| 120 unsigned keylen_bytes, | |
| 121 blink::WebCryptoKey* key); | |
| 122 | |
| 123 // Preconditions: | |
| 124 // * algorithm.id() is for an RSA algorithm. | |
| 125 // * public_exponent, modulus_length_bits and hash_or_null are the same as what | |
| 126 // is in algorithm. They are split out for convenience. | |
| 127 // * hash_or_null.isNull() may be true if a hash is not applicable to the | |
| 128 // algorithm | |
| 129 // * modulus_length_bits is not 0 | |
| 130 // * public_exponent is not empty. | |
| 131 Status GenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm, | |
| 132 bool extractable, | |
| 133 blink::WebCryptoKeyUsageMask usage_mask, | |
| 134 unsigned int modulus_length_bits, | |
| 135 const CryptoData& public_exponent, | |
| 136 const blink::WebCryptoAlgorithm& hash, | |
| 137 blink::WebCryptoKey* public_key, | |
| 138 blink::WebCryptoKey* private_key); | |
| 139 | |
| 140 // Preconditions: | |
| 141 // * |key| is non-null. | |
| 142 // * |algorithm.id()| is for a symmetric key algorithm. | |
| 143 // * For AES algorithms |key_data| is either 16, 24, or 32 bytes long. | |
| 144 Status ImportKeyRaw(const blink::WebCryptoAlgorithm& algorithm, | |
| 145 const CryptoData& key_data, | |
| 146 bool extractable, | |
| 147 blink::WebCryptoKeyUsageMask usage_mask, | |
| 148 blink::WebCryptoKey* key); | |
| 149 | |
| 150 // Preconditions: | |
| 151 // * algorithm.id() is for an RSA algorithm. | |
| 152 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm, | |
| 153 bool extractable, | |
| 154 blink::WebCryptoKeyUsageMask usage_mask, | |
| 155 const CryptoData& modulus_data, | |
| 156 const CryptoData& exponent_data, | |
| 157 blink::WebCryptoKey* key); | |
| 158 | |
| 159 Status ImportKeySpki(const blink::WebCryptoAlgorithm& algorithm_or_null, | |
| 160 const CryptoData& key_data, | |
| 161 bool extractable, | |
| 162 blink::WebCryptoKeyUsageMask usage_mask, | |
| 163 blink::WebCryptoKey* key); | |
| 164 | |
| 165 Status ImportKeyPkcs8(const blink::WebCryptoAlgorithm& algorithm_or_null, | |
| 166 const CryptoData& key_data, | |
| 167 bool extractable, | |
| 168 blink::WebCryptoKeyUsageMask usage_mask, | |
| 169 blink::WebCryptoKey* key); | |
| 170 | |
| 171 // Preconditions: | |
| 172 // * |key| is non-null. | |
| 173 Status ExportKeyRaw(SymKey* key, blink::WebArrayBuffer* buffer); | |
| 174 | |
| 175 // Preconditions: | |
| 176 // * |key| is non-null. | |
| 177 Status ExportKeySpki(PublicKey* key, blink::WebArrayBuffer* buffer); | |
| 178 | |
| 179 } // namespace platform | |
| 180 | |
| 181 } // namespace webcrypto | |
| 182 | |
| 183 } // namespace content | |
| 184 | |
| 185 #endif // CONTENT_RENDERER_WEBCRYPTO_PLATFORM_CRYPTO_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 188203003:
Move webcrypto to child/ and add support to worker_webkitplatformsupport. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src