OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // Use the <code>chrome.platformKeys</code> API to access client certificates | 5 // Use the <code>chrome.platformKeys</code> API to access client certificates |
6 // managed by the platform. If the user or policy grants the permission, an | 6 // managed by the platform. If the user or policy grants the permission, an |
7 // extension can use such a certficate in its custom authentication protocol. | 7 // extension can use such a certficate in its custom authentication protocol. |
8 // E.g. this allows usage of platform managed certificates in third party VPNs | 8 // E.g. this allows usage of platform managed certificates in third party VPNs |
9 // (see $(ref:vpnProvider chrome.vpnProvider)). | 9 // (see $(ref:vpnProvider chrome.vpnProvider)). |
10 namespace platformKeys { | 10 namespace platformKeys { |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
100 callback GetKeyPairCallback = void (object publicKey, | 100 callback GetKeyPairCallback = void (object publicKey, |
101 optional object privateKey); | 101 optional object privateKey); |
102 | 102 |
103 callback VerificationCallback = void (VerificationResult result); | 103 callback VerificationCallback = void (VerificationResult result); |
104 | 104 |
105 interface Functions { | 105 interface Functions { |
106 // This function filters from a list of client certificates the ones that | 106 // This function filters from a list of client certificates the ones that |
107 // are known to the platform, match <code>request</code> and for which the | 107 // are known to the platform, match <code>request</code> and for which the |
108 // extension has permission to access the certificate and its private key. | 108 // extension has permission to access the certificate and its private key. |
109 // If <code>interactive</code> is true, the user is presented a dialog where | 109 // If <code>interactive</code> is true, the user is presented a dialog where |
110 // he can select from matching certificates and grant the extension access | 110 // they can select from matching certificates and grant the extension access |
111 // to the certificate. | 111 // to the certificate. |
112 // The selected/filtered client certificates will be passed to | 112 // The selected/filtered client certificates will be passed to |
113 // <code>callback</code>. | 113 // <code>callback</code>. |
114 [nocompile] static void selectClientCertificates( | 114 [nocompile] static void selectClientCertificates( |
115 SelectDetails details, | 115 SelectDetails details, |
116 SelectCallback callback); | 116 SelectCallback callback); |
117 | 117 |
118 // Passes the key pair of <code>certificate</code> for usage with | 118 // Passes the key pair of <code>certificate</code> for usage with |
119 // $(ref:platformKeys.subtleCrypto) to <code>callback</code>. | 119 // $(ref:platformKeys.subtleCrypto) to <code>callback</code>. |
120 // |certificate|: The certificate of a $(ref:Match) returned by | 120 // |certificate|: The certificate of a $(ref:Match) returned by |
(...skipping 27 matching lines...) Expand all Loading... |
148 // specified and might change in the future. | 148 // specified and might change in the future. |
149 // The API implementation verifies certificate expiration, validates the | 149 // The API implementation verifies certificate expiration, validates the |
150 // certification path and checks trust by a known CA. | 150 // certification path and checks trust by a known CA. |
151 // The implementation is supposed to respect the EKU serverAuth and to | 151 // The implementation is supposed to respect the EKU serverAuth and to |
152 // support subject alternative names. | 152 // support subject alternative names. |
153 static void verifyTLSServerCertificate(VerificationDetails details, | 153 static void verifyTLSServerCertificate(VerificationDetails details, |
154 VerificationCallback callback); | 154 VerificationCallback callback); |
155 }; | 155 }; |
156 }; | 156 }; |
157 | 157 |
OLD | NEW |