Index: content/child/webcrypto/platform_crypto.h |
diff --git a/content/child/webcrypto/platform_crypto.h b/content/child/webcrypto/platform_crypto.h |
index 340c258ee8dc9328ffec683ff0509c5d4897511d..4b9a853f957a30b0d68403b93a6e1e821e2fe4eb 100644 |
--- a/content/child/webcrypto/platform_crypto.h |
+++ b/content/child/webcrypto/platform_crypto.h |
@@ -183,6 +183,10 @@ Status WrapSymKeyAesKw(SymKey* wrapping_key, |
SymKey* key, |
blink::WebArrayBuffer* buffer); |
+// Unwraps (decrypts) |wrapped_key_data| using AES-KW and places the results in |
+// a WebCryptoKey. Raw key data remains inside NSS. This function should be used |
+// when the input |wrapped_key_data| is known to result in symmetric raw key |
+// data after AES-KW decryption. |
// Preconditions: |
// * |wrapping_key| is non-null |
// * |key| is non-null |
@@ -195,6 +199,18 @@ Status UnwrapSymKeyAesKw(const CryptoData& wrapped_key_data, |
blink::WebCryptoKeyUsageMask usage_mask, |
blink::WebCryptoKey* key); |
+// Performs AES-KW decryption on the input |data|, of which no assumptions are |
eroman
2014/03/17 19:47:47
Not sure what "of which no assumptions are made" m
padolph
2014/03/17 22:12:49
Done.
|
+// made, and returns the result to the caller. This function should be used when |
+// the input |data| does not directly represent a key and should instead be |
+// interpreted as generic bytes. |
+// Preconditions: |
+// * |key| is non-null |
+// * |data| is at least 24 bytes and a multiple of 8 bytes |
+// * |buffer| is non-null. |
+Status DecryptAesKw(SymKey* key, |
+ const CryptoData& data, |
+ blink::WebArrayBuffer* buffer); |
+ |
// Preconditions: |
// * |wrapping_key| is non-null |
// * |key| is non-null |