Extension API enterprise.platformKeys.

chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js

Index: chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js
diff --git a/chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js b/chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js
new file mode 100644
index 0000000000000000000000000000000000000000..c518ad2a0e65e5509a4b3aaef24976d4c5e87ffb
--- /dev/null
+++ b/chrome/renderer/resources/extensions/enterprise_platform_keys/subtle_crypto.js
@@ -0,0 +1,83 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+var utils = require('utils');
+var internalAPI = require('enterprise.platformKeys.internalAPI');
+var intersect = require('enterprise.platformKeys.utils').intersect;
+var KeyPair = require('enterprise.platformKeys.KeyPair').KeyPair;
+var keyModule = require('enterprise.platformKeys.Key');
+var Key = keyModule.Key;
+var getSpki = keyModule.getSpki;
+var KeyUsage = keyModule.KeyUsage;
+
+/**
+ * Implementation of WebCrypto.SubtleCrypto used in enterprise.platformKeys.
+ * @param {string} tokenId The id of the backing Token.
+ * @constructor
+ */
+var SubtleCryptoImpl = function(tokenId) {
+  this.tokenId = tokenId;
+};
+
+SubtleCryptoImpl.prototype.generateKey =
+    function(algorithm, extractable, keyUsages) {
+  var subtleCrypto = this;
+  return new Promise(function(resolve, reject) {
+    if (extractable)
+      throw new Error('Extractable keys are not supported.');
+    if (intersect(keyUsages, [KeyUsage.sign, KeyUsage.verify]).length !=
+        keyUsages.length) {
+      throw new Error(
+          'Unsupported keyUsages. Only "sign" and "verify" supported.');

[Ryan Sleevi, 2014/05/08 20:52:04]

WebCrypto spec has been updated about the error to throw

+    }
+    if (algorithm.name != 'RSASSA-PKCS1-v1_5' || !algorithm.modulusLength)
+      throw new Error('The algorithm is not supported');

[Ryan Sleevi, 2014/05/08 20:52:04]

ditto

[pneubeck (no reviews), 2014/05/14 15:01:49]

Done.

+
+    internalAPI.generateKey(
+        subtleCrypto.tokenId, algorithm.modulusLength, function(spki) {
+          if (chrome.runtime.lastError) {
+            reject(chrome.runtime.lastError);
+            return;
+          }
+          resolve(new KeyPair(spki, algorithm, keyUsages));
+        });
+  });
+};
+
+SubtleCryptoImpl.prototype.sign = function(algorithm, key, dataView) {
+  var subtleCrypto = this;
+  return new Promise(function(resolve, reject) {
+    if (key.type != 'private')
+      throw new Error('Key type not supported.');
+
+    // Create an ArrayBuffer that equals the dataView. Note that dataView.buffer
+    // might contain more data than dataView.
+    var data = dataView.buffer.slice(dataView.byteOffset,
+                                     dataView.byteOffset + dataView.byteLength);
+    internalAPI.sign(
+        subtleCrypto.tokenId, getSpki(key), data, function(signature) {
+          if (chrome.runtime.lastError) {
+            reject(chrome.runtime.lastError);
+            return;
+          }
+          resolve(signature);
+        });
+  });
+};
+
+SubtleCryptoImpl.prototype.exportKey = function(format, key) {
+  return new Promise(function(resolve, reject) {
+    if (format != 'spki')
+      throw new Error('Format not supported.');
+    if (key.type != 'public')
+      throw new Error('Key type not supported.');
+
+    resolve(getSpki(key));
+  });
+};
+
+exports.SubtleCrypto =
+    utils.expose('SubtleCrypto',
+                 SubtleCryptoImpl,
+                 {functions:['generateKey', 'sign', 'exportKey']});