enterprise.platformKeys: Respect the 'hash' argument of generateKey.

chrome/browser/chromeos/platform_keys/platform_keys.h

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
 
 #include <string>
 #include <vector>
 
 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 
 namespace content {
 class BrowserContext;
 }
 
 namespace net {
 class X509Certificate;
 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
 }
 
 namespace chromeos {
 
 namespace platform_keys {
 
+// Supported hash algorithms.
+enum HashAlgorithm {
+  HASH_ALGORITHM_SHA1,
+  HASH_ALGORITHM_SHA256,
+  HASH_ALGORITHM_SHA384,
+  HASH_ALGORITHM_SHA512
+};
+
 namespace subtle {
 // Functions of this namespace shouldn't be called directly from the context of
 // an extension. Instead use PlatformKeysService which enforces restrictions
 // upon extensions.
 
 typedef base::Callback<void(const std::string& public_key_spki_der,
                             const std::string& error_message)>
     GenerateKeyCallback;
 
 // Generates a RSA key pair with |modulus_length_bits|. |token_id| is currently
 // ignored, instead the user token associated with |browser_context| is always
 // used. |callback| will be invoked with the resulting public key or an error.
 void GenerateRSAKey(const std::string& token_id,
                     unsigned int modulus_length_bits,
                     const GenerateKeyCallback& callback,
                     content::BrowserContext* browser_context);
 
 typedef base::Callback<void(const std::string& signature,
                             const std::string& error_message)> SignCallback;
 
-// Signs |data| with the private key matching |public_key|, if that key is
-// stored in the given token. |token_id| is currently ignored, instead the user
-// token associated with |browser_context| is always used. |public_key| must be
-// the DER encoding of a SubjectPublicKeyInfo. |callback| will be invoked with
-// the signature or an error message.
+// Digests |data| with |hash_algorithm| and afterwards signs the digest with the
+// private key matching |public_key|, if that key is stored in the given token.
+// |token_id| is currently ignored, instead the user token associated with
+// |browser_context| is always used. |public_key| must be the DER encoding of a
+// SubjectPublicKeyInfo. |callback| will be invoked with the signature or an
+// error message.
 // Currently supports RSA keys only.
 void Sign(const std::string& token_id,
           const std::string& public_key,
+          HashAlgorithm hash_algorithm,
           const std::string& data,
           const SignCallback& callback,
           content::BrowserContext* browser_context);
 
 }  // namespace subtle
 
 // If the list of certificates could be successfully retrieved, |certs| will
 // contain the list of available certificates (maybe empty) and |error_message|
 // will be empty. If an error occurred, |certs| will be empty and
 // |error_message| contain an error message.
@@ skipping 36 matching lines @@
 void RemoveCertificate(const std::string& token_id,
                        scoped_refptr<net::X509Certificate> certificate,
                        const RemoveCertificateCallback& callback,
                        content::BrowserContext* browser_context);
 
 }  // namespace platform_keys
 
 }  // namespace chromeos
 
 #endif  // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_