Index: public/platform/WebCrypto.h |
diff --git a/public/platform/WebCrypto.h b/public/platform/WebCrypto.h |
index 7b56f4ef7bfd391eb1f6af186fb6449b04f3d94d..97953eb49d51d54224a22e98801c8b9ea838e7da 100644 |
--- a/public/platform/WebCrypto.h |
+++ b/public/platform/WebCrypto.h |
@@ -35,6 +35,7 @@ |
#include "WebCryptoAlgorithm.h" |
#include "WebCryptoKey.h" |
#include "WebPrivatePtr.h" |
+#include "WebVector.h" |
// FIXME: Remove this once chromium side is updated. |
#define WEBCRYPTO_HMAC_BITS 1 |
@@ -189,6 +190,68 @@ public: |
// and is not part of the WebCrypto standard. |
virtual bool digestSynchronous(const WebCryptoAlgorithmId algorithmId, const unsigned char* data, unsigned dataSize, WebArrayBuffer& result) { return false; } |
+ // ----------------------- |
+ // Structured clone |
+ // ----------------------- |
+ // |
+ // deserializeKeyForClone() and serializeKeyForClone() are used for |
+ // implementing structured cloning of WebCryptoKey. |
+ // |
+ // Blink is responsible for saving and restoring all of the attributes of |
+ // WebCryptoKey EXCEPT for the actual key data: |
+ // |
+ // In other words, blink takes care of serializing: |
Ryan Sleevi
2014/03/12 22:54:35
s/blink/Blink/
|
+ // * Key usages |
+ // * Key extractability |
+ // * Key algorithm |
+ // * Key type (public, private, secret) |
+ // |
+ // The embedder is responsible for saving the key data itself. |
+ // |
+ // For instance, an implementation might implement |
+ // serializing/deserializing of the key data by reusing |
+ // exportKey()/importKey() with an appropriate key format (raw, spki, |
+ // pkcs8) |
+ // |
+ // Visibility of the serialized key data: |
+ // |
+ // The serialized key data will NOT be visible to web pages. So if the |
+ // serialized format were to include key bytes as plain text, this wouldn't |
+ // make it available to web pages. However, the serialized key data is |
+ // visible to anyone with access to the user account (for instance by |
+ // serializing to indexed DB). An implementation that wants to hide the |
Ryan Sleevi
2014/03/12 22:54:35
s/indexed DB/IndexedDB/
|
+ // key data could encrypt it. |
Ryan Sleevi
2014/03/12 22:54:35
I'd delete the remainder, starting with "However,
|
+ // |
+ // Longevity of the key data: |
+ // |
+ // The serialized key data is intended to be long lived (years) and MUST |
+ // be using a stable format. For instance a key might be persisted to |
+ // indexed db and should be able to be deserialized correctly in the |
+ // future. |
Ryan Sleevi
2014/03/12 22:54:35
s/indexed db/IndexedDB/
|
+ // |
+ // Error handling and asynchronous completion: |
+ // |
+ // Serialization/deserialization must complete synchronously, and will |
+ // block the javascript thread. |
Ryan Sleevi
2014/03/12 22:54:35
s/javascript/JavaScript/
|
+ // |
+ // The only reasons for failing serialization/deserialization should be: |
+ // * Key serialization not yet implemented |
+ // * The bytes to deserialize were corrupted |
+ |
+ // Creates a new key given key data which was written using |
+ // serializeKeyForClone(). Returns true on success. |
+ virtual bool deserializeKeyForClone(const WebCryptoKeyAlgorithm&, WebCryptoKeyType, bool extractable, WebCryptoKeyUsageMask, const unsigned char* keyData, unsigned keyDataSize, WebCryptoKey&) |
+ { |
+ return false; |
+ } |
+ |
+ // Writes the key data into the given WebVector. |
+ // Returns true on success. |
+ virtual bool serializeKeyForClone(const WebCryptoKey&, WebVector<unsigned char>&) |
+ { |
+ return false; |
+ } |
+ |
protected: |
virtual ~WebCrypto() { } |
}; |