chrome/browser/chromeos/platform_keys/platform_keys.h - Issue 323093003: Add the Sign-At-Most-Once restriction the enterprise.platformKeys API.

Side by Side Diff: chrome/browser/chromeos/platform_keys/platform_keys.h

Issue 323093003: Add the Sign-At-Most-Once restriction the enterprise.platformKeys API. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright 2014 The Chromium Authors. All rights reserved.	1 // Copyright 2014 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_	5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_

6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_	6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_

7	7

8 #include <string>	8 #include <string>

9 #include <vector>	9 #include <vector>

10	10

11 #include "base/callback_forward.h"	11 #include "base/callback_forward.h"

12 #include "base/macros.h"	12 #include "base/macros.h"

13 #include "base/memory/ref_counted.h"	13 #include "base/memory/ref_counted.h"

14 #include "base/memory/scoped_ptr.h"	14 #include "base/memory/scoped_ptr.h"

15	15

16 class Profile;	16 class Profile;

17	17

18 namespace net {	18 namespace net {

19 class X509Certificate;	19 class X509Certificate;

20 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;	20 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;

21 }	21 }

22	22

23 namespace chromeos {	23 namespace chromeos {

24	24

25 namespace platform_keys {	25 namespace platform_keys {

26	26

27 // If the generation was successful, \|public_key_spki_der\| will contain the DER	27 namespace subtle {
	pneubeck (no reviews) 2014/06/10 17:50:11 I could move these functions to another file. But I could move these functions to another file. But to simplify the review, I put them into a namespace at first.
28 // encoding of the SubjectPublicKeyInfo of the generated key and \|error_message\|	28 // Functions of this namespace shouldn't be called directly from the context of

29 // will be empty. If it failed, \|public_key_spki_der\| will be empty and	29 // an extension. Instead use PlatfromKeysService which enforces restrictions
	eroman 2014/06/12 05:50:45 typeo Platfrom -> Platform typeo Platfrom -> Platform pneubeck (no reviews) 2014/06/12 09:21:36 Done. Show quoted text On 2014/06/12 05:50:45, eroman wrote: > typeo Platfrom -> Platform Done.
30 // \|error_message\| contain an error message.	30 // upon extensions.

	31

31 typedef base::Callback<void(const std::string& public_key_spki_der,	32 typedef base::Callback<void(const std::string& public_key_spki_der,

32 const std::string& error_message)>	33 const std::string& error_message)>

33 GenerateKeyCallback;	34 GenerateKeyCallback;

34	35

35 // Generates a RSA key with \|modulus_length\|. \|token_id\| is currently ignored,	36 // Generates a RSA key with \|modulus_length\|. \|token_id\| is currently ignored,

36 // instead the user token associated with \|profile\| is always used. \|callback\|	37 // instead the user token associated with \|profile\| is always used. \|callback\|

37 // will be invoked with the resulting public key or an error.	38 // will be invoked with the resulting public key or an error.

38 void GenerateRSAKey(const std::string& token_id,	39 void GenerateRSAKey(const std::string& token_id,

39 unsigned int modulus_length,	40 unsigned int modulus_length,

40 const GenerateKeyCallback& callback,	41 const GenerateKeyCallback& callback,

41 Profile* profile);	42 Profile* profile);

42	43

43 // If signing was successful, \|signature\| will be contain the signature and

44 // \|error_message\| will be empty. If it failed, \|signature\| will be empty and

45 // \|error_message\| contain an error message.

46 typedef base::Callback<void(const std::string& signature,	44 typedef base::Callback<void(const std::string& signature,

47 const std::string& error_message)> SignCallback;	45 const std::string& error_message)> SignCallback;

48	46

49 // Signs \|data\| with the private key matching \|public_key\|, if that key is	47 // Signs \|data\| with the private key matching \|public_key\|, if that key is

50 // stored in the given token. \|token_id\| is currently ignored, instead the user	48 // stored in the given token. \|token_id\| is currently ignored, instead the user

51 // token associated with \|profile\| is always used. \|public_key\| must be the DER	49 // token associated with \|profile\| is always used. \|public_key\| must be the DER

52 // encoding of a SubjectPublicKeyInfo. \|callback\| will be invoked with the	50 // encoding of a SubjectPublicKeyInfo. \|callback\| will be invoked with the

53 // signature or an error message.	51 // signature or an error message.

54 // Currently supports RSA keys only.	52 // Currently supports RSA keys only.

55 void Sign(const std::string& token_id,	53 void Sign(const std::string& token_id,

56 const std::string& public_key,	54 const std::string& public_key,

57 const std::string& data,	55 const std::string& data,

58 const SignCallback& callback,	56 const SignCallback& callback,

59 Profile* profile);	57 Profile* profile);

60	58

	59 } // namespace subtle

	60

61 // If the list of certificates could be successfully retrieved, \|certs\| will	61 // If the list of certificates could be successfully retrieved, \|certs\| will

62 // contain the list of available certificates (maybe empty) and \|error_message\|	62 // contain the list of available certificates (maybe empty) and \|error_message\|

63 // will be empty. If an error occurred, \|certs\| will be empty and	63 // will be empty. If an error occurred, \|certs\| will be empty and

64 // \|error_message\| contain an error message.	64 // \|error_message\| contain an error message.

65 typedef base::Callback<void(scoped_ptr<net::CertificateList> certs,	65 typedef base::Callback<void(scoped_ptr<net::CertificateList> certs,

66 const std::string& error_message)>	66 const std::string& error_message)>

67 GetCertificatesCallback;	67 GetCertificatesCallback;

68	68

69 // Returns the list of all certificates with stored private key available from	69 // Returns the list of all certificates with stored private key available from

70 // the given token. \|token_id\| is currently ignored, instead the user token	70 // the given token. \|token_id\| is currently ignored, instead the user token

(...skipping 30 matching lines...) Expand all Loading...
101 void RemoveCertificate(const std::string& token_id,	101 void RemoveCertificate(const std::string& token_id,

102 scoped_refptr<net::X509Certificate> certificate,	102 scoped_refptr<net::X509Certificate> certificate,

103 const RemoveCertificateCallback& callback,	103 const RemoveCertificateCallback& callback,

104 Profile* profile);	104 Profile* profile);

105	105

106 } // namespace platform_keys	106 } // namespace platform_keys

107	107

108 } // namespace chromeos	108 } // namespace chromeos

109	109

110 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_	110 #endif // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_

OLD	NEW

« no previous file with comments | « no previous file | chrome/browser/chromeos/platform_keys/platform_keys_nss.cc » ('j') | chrome/browser/chromeos/platform_keys/platform_keys_service.h » ('J')