[webcrypto] Add JWK symmetric key AES-KW unwrap for NSS.

content/child/webcrypto/platform_crypto.h

Index: content/child/webcrypto/platform_crypto.h
diff --git a/content/child/webcrypto/platform_crypto.h b/content/child/webcrypto/platform_crypto.h
index 340c258ee8dc9328ffec683ff0509c5d4897511d..f0c8f60193b0d373dc3ed5594d8bb053602b6d68 100644
--- a/content/child/webcrypto/platform_crypto.h
+++ b/content/child/webcrypto/platform_crypto.h
@@ -183,6 +183,10 @@ Status WrapSymKeyAesKw(SymKey* wrapping_key,
                        SymKey* key,
                        blink::WebArrayBuffer* buffer);
 
+// Unwraps (decrypts) |wrapped_key_data| using AES-KW and places the results in
+// a WebCryptoKey. Raw key data remains inside NSS. This function should be used
+// when the input |wrapped_key_data| is known to result in symmetric raw key
+// data after AES-KW decryption.
 // Preconditions:
 //  * |wrapping_key| is non-null
 //  * |key| is non-null
@@ -195,6 +199,17 @@ Status UnwrapSymKeyAesKw(const CryptoData& wrapped_key_data,
                          blink::WebCryptoKeyUsageMask usage_mask,
                          blink::WebCryptoKey* key);
 
+// Performs AES-KW decryption on the input |data|. This function should be used
+// when the input |data| does not directly represent a key and should instead be
+// interpreted as generic bytes.
+// Preconditions:
+//  * |key| is non-null
+//  * |data| is at least 24 bytes and a multiple of 8 bytes
+//  * |buffer| is non-null.
+Status DecryptAesKw(SymKey* key,
+                    const CryptoData& data,
+                    blink::WebArrayBuffer* buffer);
+
 // Preconditions:
 //  * |wrapping_key| is non-null
 //  * |key| is non-null