| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 var utils = require('utils'); |
| 6 var internalAPI = require('enterprise.platformKeys.internalAPI'); |
| 7 var intersect = require('enterprise.platformKeys.utils').intersect; |
| 8 var KeyPair = require('enterprise.platformKeys.KeyPair').KeyPair; |
| 9 var keyModule = require('enterprise.platformKeys.Key'); |
| 10 var getSpki = keyModule.getSpki; |
| 11 var KeyUsage = keyModule.KeyUsage; |
| 12 |
| 13 // The following errors are specified in WebCrypto. |
| 14 // TODO(pneubeck): These should be DOMExceptions. |
| 15 function CreateNotSupportedError() { |
| 16 return new Error('The algorithm is not supported'); |
| 17 } |
| 18 |
| 19 function CreateInvalidAccessError() { |
| 20 return new Error('The requested operation is not valid for the provided key'); |
| 21 } |
| 22 |
| 23 function CreateDataError() { |
| 24 return new Error('Data provided to an operation does not meet requirements'); |
| 25 } |
| 26 |
| 27 function CreateSyntaxError() { |
| 28 return new Error('A required parameter was missing our out-of-range'); |
| 29 } |
| 30 |
| 31 function CreateOperationError() { |
| 32 return new Error('The operation failed for an operation-specific reason'); |
| 33 } |
| 34 |
| 35 /** |
| 36 * Implementation of WebCrypto.SubtleCrypto used in enterprise.platformKeys. |
| 37 * @param {string} tokenId The id of the backing Token. |
| 38 * @constructor |
| 39 */ |
| 40 var SubtleCryptoImpl = function(tokenId) { |
| 41 this.tokenId = tokenId; |
| 42 }; |
| 43 |
| 44 SubtleCryptoImpl.prototype.generateKey = |
| 45 function(algorithm, extractable, keyUsages) { |
| 46 var subtleCrypto = this; |
| 47 return new Promise(function(resolve, reject) { |
| 48 // TODO(pneubeck): Apply the algorithm normalization of the WebCrypto |
| 49 // implementation. |
| 50 |
| 51 if (extractable) { |
| 52 // Note: This deviates from WebCrypto.SubtleCrypto. |
| 53 throw CreateNotSupportedError(); |
| 54 } |
| 55 if (intersect(keyUsages, [KeyUsage.sign, KeyUsage.verify]).length != |
| 56 keyUsages.length) { |
| 57 throw CreateDataError(); |
| 58 } |
| 59 if (!algorithm.name) { |
| 60 // TODO(pneubeck): It's not clear from the WebCrypto spec which error to |
| 61 // throw here. |
| 62 throw CreateSyntaxError(); |
| 63 } |
| 64 |
| 65 if (algorithm.name != 'RSASSA-PKCS1-v1_5') { |
| 66 // Note: This deviates from WebCrypto.SubtleCrypto. |
| 67 throw CreateNotSupportedError(); |
| 68 } |
| 69 if (!algorithm.modulusLength || !algorithm.publicExponent) |
| 70 throw CreateSyntaxError(); |
| 71 |
| 72 internalAPI.generateKey( |
| 73 subtleCrypto.tokenId, algorithm.modulusLength, function(spki) { |
| 74 if (chrome.runtime.lastError) { |
| 75 reject(CreateOperationError()); |
| 76 return; |
| 77 } |
| 78 resolve(new KeyPair(spki, algorithm, keyUsages)); |
| 79 }); |
| 80 }); |
| 81 }; |
| 82 |
| 83 SubtleCryptoImpl.prototype.sign = function(algorithm, key, dataView) { |
| 84 var subtleCrypto = this; |
| 85 return new Promise(function(resolve, reject) { |
| 86 if (key.type != 'private' || key.usages.indexOf(KeyUsage.sign) == -1) |
| 87 throw CreateInvalidAccessError(); |
| 88 |
| 89 // Create an ArrayBuffer that equals the dataView. Note that dataView.buffer |
| 90 // might contain more data than dataView. |
| 91 var data = dataView.buffer.slice(dataView.byteOffset, |
| 92 dataView.byteOffset + dataView.byteLength); |
| 93 internalAPI.sign( |
| 94 subtleCrypto.tokenId, getSpki(key), data, function(signature) { |
| 95 if (chrome.runtime.lastError) { |
| 96 reject(CreateOperationError()); |
| 97 return; |
| 98 } |
| 99 resolve(signature); |
| 100 }); |
| 101 }); |
| 102 }; |
| 103 |
| 104 SubtleCryptoImpl.prototype.exportKey = function(format, key) { |
| 105 return new Promise(function(resolve, reject) { |
| 106 if (format == 'pkcs8') { |
| 107 // Either key.type is not 'private' or the key is not extractable. In both |
| 108 // cases the error is the same. |
| 109 throw CreateInvalidAccessError(); |
| 110 } else if (format == 'spki') { |
| 111 if (key.type != 'public') |
| 112 throw CreateInvalidAccessError(); |
| 113 resolve(getSpki(key)); |
| 114 } else { |
| 115 // TODO(pneubeck): It should be possible to export to format 'jwk'. |
| 116 throw CreateNotSupportedError(); |
| 117 } |
| 118 }); |
| 119 }; |
| 120 |
| 121 exports.SubtleCrypto = |
| 122 utils.expose('SubtleCrypto', |
| 123 SubtleCryptoImpl, |
| 124 {functions:['generateKey', 'sign', 'exportKey']}); |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 214863002:
Extension API enterprise.platformKeys. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src