Extension API enterprise.platformKeys.

chrome/browser/chromeos/platform_keys/platform_keys.h

Index: chrome/browser/chromeos/platform_keys/platform_keys.h
diff --git a/chrome/browser/chromeos/platform_keys/platform_keys.h b/chrome/browser/chromeos/platform_keys/platform_keys.h
new file mode 100644
index 0000000000000000000000000000000000000000..89d7e5baeefcb38b39d1ee2dbb1e402cd9d5f3d8
--- /dev/null
+++ b/chrome/browser/chromeos/platform_keys/platform_keys.h
@@ -0,0 +1,110 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
+#define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
+
+#include <string>
+#include <vector>
+
+#include "base/callback_forward.h"
+#include "base/macros.h"
+#include "base/memory/ref_counted.h"
+#include "base/memory/scoped_ptr.h"
+
+class Profile;
+
+namespace net {
+class X509Certificate;
+typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
+}
+
+namespace chromeos {
+
+namespace platform_keys {
+
+// If the generation was successful, |public_key_spki_der| will contain the DER
+// encoding of the SubjectPublicKeyInfo of the generated key and |error_message|
+// will be empty. If it failed, |public_key_spki_der| will be empty and
+// |error_message| contain an error message.
+typedef base::Callback<void(const std::string& public_key_spki_der,
+                            const std::string& error_message)>
+    GenerateKeyCallback;
+
+// Generates a RSA key with |modulus_length|. |token_id| is currently ignored,
+// instead always the user token associated to |profile| is used. |callback|

[eroman, 2014/05/19 23:27:45]

Something is gramatically wrong with this sentence.

[pneubeck (no reviews), 2014/05/20 09:29:21]

Done.

+// will be called back with the resulting public key or an error.
+void GenerateRSAKey(const std::string& token_id,
+                    unsigned int modulus_length,
+                    const GenerateKeyCallback& callback,
+                    Profile* profile);
+
+// If signing was successful, |signature| will be contain the signature and
+// |error_message| will be empty. If it failed, |signature| will be empty and
+// |error_message| contain an error message.
+typedef base::Callback<void(const std::string& signature,
+                            const std::string& error_message)> SignCallback;
+
+// Signs |data| with the private key matching |public_key|, if that key is
+// stored in the given token. |token_id| is currently ignored, instead always
+// the user token associated to |profile| is used. |public_key| must be the DER

[eroman, 2014/05/19 23:27:45]

instead the user token ... is always used.

[pneubeck (no reviews), 2014/05/20 09:29:21]

Done.

+// encoding of a SubjectPublicKeyInfo. |callback| will be called back with the
+// signature or an error message.
+// Currently supports RSA keys only.
+void Sign(const std::string& token_id,
+          const std::string& public_key,
+          const std::string& data,
+          const SignCallback& callback,
+          Profile* profile);
+
+// If the list of certificates could be successfully retrieved, |certs| will
+// contain the list of available certificates (maybe empty) and |error_message|
+// will be empty. If an error occurred, |certs| will be empty and
+// |error_message| contain an error message.
+typedef base::Callback<void(scoped_ptr<net::CertificateList> certs,
+                            const std::string& error_message)>
+    GetCertificatesCallback;
+
+// Returns the list of all certificates with stored private key available from
+// the given token. |token_id| is currently ignored, instead always the user
+// token associated to |profile| is used. |callback| will be called back with
+// the list of available certificates or an error message.
+void GetCertificates(const std::string& token_id,
+                     const GetCertificatesCallback& callback,
+                     Profile* profile);
+
+// If an error occurred during import, |error_message| will be set to an error
+// message.
+typedef base::Callback<void(const std::string& error_message)>
+    ImportCertificateCallback;
+
+// Imports |certificate| to the given token if the certified key is already
+// stored in this token. Any intermediate of |certificate| will be ignored.
+// |token_id| is currently ignored, instead always the user token associated to

[eroman, 2014/05/19 23:27:45]

same comment

[pneubeck (no reviews), 2014/05/20 09:29:21]

Done.

+// |profile| is used. |callback| will be called back when the import is
+// finished, possibly with an error message.
+void ImportCertificate(const std::string& token_id,
+                       scoped_refptr<net::X509Certificate> certificate,
+                       const ImportCertificateCallback& callback,

[eroman, 2014/05/19 23:27:45]

Should this be indented further?

[pneubeck (no reviews), 2014/05/20 09:29:21]

I don't know what you mean here.
Anyways, I'll run 'git cl format' again before uploading.

+                       Profile* profile);
+
+// If an error occurred during removal, |error_message| will be set to an error
+// message.
+typedef base::Callback<void(const std::string& error_message)>
+    RemoveCertificateCallback;
+
+// Removes |certificate| from the given token if present. Any intermediate of
+// |certificate| will be ignored. |token_id| is currently ignored, instead
+// always the user token associated to |profile| is used. |callback| will be

[eroman, 2014/05/19 23:27:45]

ditto

[pneubeck (no reviews), 2014/05/20 09:29:21]

Done.

+// called back when the removal is finished, possibly with an error message.
+void RemoveCertificate(const std::string& token_id,
+                       scoped_refptr<net::X509Certificate> certificate,
+                       const RemoveCertificateCallback& callback,
+                       Profile* profile);
+
+}  // namespace platform_keys
+
+}  // namespace chromeos
+
+#endif  // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_