Chromium Code Reviews Chromium Code Reviews| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_ | |
| 6 #define CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_ | |
| 7 | |
| 8 #include <vector> | |
| 9 | |
| 10 #include "base/memory/scoped_ptr.h" | |
| 11 #include "third_party/WebKit/public/platform/WebCrypto.h" | |
| 12 | |
| 13 namespace content { | |
| 14 | |
| 15 namespace webcrypto { | |
| 16 | |
| 17 class CryptoData; | |
| 18 class Status; | |
| 19 | |
| 20 // AlgorithmImplementation is a base class for *executing* the operations of an | |
| 21 // algorithm (generating keys, encrypting, signing, etc.). | |
| 22 // | |
| 23 // This is in contrast to blink::WebCryptoAlgorithm which instead *describes* | |
| 24 // the operation and its parameters. | |
| 25 // | |
| 26 // AlgorithmImplementation has reasonable default implementations for all | |
| 27 // methods which behave as if the operation is it is unsupported, so | |
| 28 // implementations need only override the applicable methods. | |
| 29 // | |
| 30 // Unless stated otherwise methods of AlgorithmImplementation are responsible | |
| 31 // for sanitizing their inputs. The following can be assumed: | |
| 32 // | |
| 33 // * |algorithm.id()| and |key.algorithm.id()| matches the algorithm under | |
| 34 // which the implementation was registerd. | |
| 35 // * |algorithm| has the correct parameters type for the operation. | |
| 36 // * The key usages have already been verified. In fact in the case of calls | |
| 37 // to Encrypt()/Decrypt() the corresponding key usages may not be present | |
| 38 // (when wrapping/unwrapping). | |
| 39 class AlgorithmImplementation { | |
| 40 public: | |
| 41 virtual ~AlgorithmImplementation(); | |
| 42 | |
| 43 // This method corresponds to Web Crypto's crypto.subtle.encrypt(). | |
| 44 virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm, | |
| 45 const blink::WebCryptoKey& key, | |
| 46 const CryptoData& data, | |
| 47 std::vector<uint8>* buffer) const; | |
|
Ryan Sleevi
2014/07/17 22:42:55
future CL update: uint8 is deprecated (and you're
eroman
2014/07/17 23:33:23
Will follow up in issue 394944
| |
| 48 | |
| 49 // This method corresponds to Web Crypto's crypto.subtle.decrypt(). | |
| 50 virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm, | |
| 51 const blink::WebCryptoKey& key, | |
| 52 const CryptoData& data, | |
| 53 std::vector<uint8>* buffer) const; | |
| 54 | |
| 55 // This method corresponds to Web Crypto's crypto.subtle.sign(). | |
| 56 virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm, | |
| 57 const blink::WebCryptoKey& key, | |
| 58 const CryptoData& data, | |
| 59 std::vector<uint8>* buffer) const; | |
| 60 | |
| 61 // This method corresponds to Web Crypto's crypto.subtle.verify(). | |
| 62 virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm, | |
| 63 const blink::WebCryptoKey& key, | |
| 64 const CryptoData& signature, | |
| 65 const CryptoData& data, | |
| 66 bool* signature_match) const; | |
| 67 | |
| 68 // This method corresponds to Web Crypto's crypto.subtle.digest(). | |
| 69 virtual Status Digest(const blink::WebCryptoAlgorithm& algorithm, | |
| 70 const CryptoData& data, | |
| 71 std::vector<uint8>* buffer) const; | |
| 72 | |
| 73 // VerifyKeyUsagesBeforeGenerateKey() must be called prior to | |
| 74 // GenerateSecretKey() to validate the requested key usages. | |
| 75 virtual Status VerifyKeyUsagesBeforeGenerateKey( | |
| 76 blink::WebCryptoKeyUsageMask usage_mask) const; | |
| 77 | |
| 78 // This method corresponds to Web Crypto's crypto.subtle.generateKey(). | |
| 79 virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm, | |
| 80 bool extractable, | |
| 81 blink::WebCryptoKeyUsageMask usage_mask, | |
| 82 blink::WebCryptoKey* key) const; | |
| 83 | |
| 84 // VerifyKeyUsagesBeforeGenerateKeyPair() must be called prior to | |
| 85 // GenerateKeyPair() to validate the requested key usages. | |
| 86 virtual Status VerifyKeyUsagesBeforeGenerateKeyPair( | |
| 87 blink::WebCryptoKeyUsageMask combined_usage_mask, | |
| 88 blink::WebCryptoKeyUsageMask* public_usage_mask, | |
| 89 blink::WebCryptoKeyUsageMask* private_usage_mask) const; | |
| 90 | |
| 91 // This method corresponds to Web Crypto's crypto.subtle.generateKey(). | |
| 92 virtual Status GenerateKeyPair( | |
| 93 const blink::WebCryptoAlgorithm& algorithm, | |
| 94 bool extractable, | |
| 95 blink::WebCryptoKeyUsageMask public_usage_mask, | |
| 96 blink::WebCryptoKeyUsageMask private_usage_mask, | |
| 97 blink::WebCryptoKey* public_key, | |
| 98 blink::WebCryptoKey* private_key) const; | |
| 99 | |
| 100 // ----------------------------------------------- | |
| 101 // Key import | |
| 102 // ----------------------------------------------- | |
| 103 | |
| 104 // VerifyKeyUsagesBeforeImportKey() must be called before either | |
| 105 // importing a key, or unwrapping a key. | |
| 106 // | |
| 107 // Implementations should return an error if the requested usages are invalid | |
| 108 // when importing for the specified format. | |
| 109 // | |
| 110 // For instance, importing an RSA-SSA key with 'spki' format and Sign usage | |
| 111 // is invalid. The 'spki' format implies it will be a public key, and public | |
| 112 // keys do not support signing. | |
| 113 // | |
| 114 // When called with format=JWK the key type may be unknown. The | |
| 115 // ImportKeyJwk() must do the final usage check. | |
| 116 virtual Status VerifyKeyUsagesBeforeImportKey( | |
| 117 blink::WebCryptoKeyFormat format, | |
| 118 blink::WebCryptoKeyUsageMask usage_mask) const; | |
| 119 | |
| 120 // This method corresponds to Web Crypto's | |
| 121 // crypto.subtle.importKey(format='raw'). | |
| 122 virtual Status ImportKeyRaw(const CryptoData& key_data, | |
| 123 const blink::WebCryptoAlgorithm& algorithm, | |
| 124 bool extractable, | |
| 125 blink::WebCryptoKeyUsageMask usage_mask, | |
| 126 blink::WebCryptoKey* key) const; | |
| 127 | |
| 128 // This method corresponds to Web Crypto's | |
| 129 // crypto.subtle.importKey(format='pkcs8'). | |
| 130 virtual Status ImportKeyPkcs8(const CryptoData& key_data, | |
| 131 const blink::WebCryptoAlgorithm& algorithm, | |
| 132 bool extractable, | |
| 133 blink::WebCryptoKeyUsageMask usage_mask, | |
| 134 blink::WebCryptoKey* key) const; | |
| 135 | |
| 136 // This method corresponds to Web Crypto's | |
| 137 // crypto.subtle.importKey(format='spki'). | |
| 138 virtual Status ImportKeySpki(const CryptoData& key_data, | |
| 139 const blink::WebCryptoAlgorithm& algorithm, | |
| 140 bool extractable, | |
| 141 blink::WebCryptoKeyUsageMask usage_mask, | |
| 142 blink::WebCryptoKey* key) const; | |
| 143 | |
| 144 // This method corresponds to Web Crypto's | |
| 145 // crypto.subtle.importKey(format='jwk'). | |
| 146 virtual Status ImportKeyJwk(const CryptoData& key_data, | |
| 147 const blink::WebCryptoAlgorithm& algorithm, | |
| 148 bool extractable, | |
| 149 blink::WebCryptoKeyUsageMask usage_mask, | |
| 150 blink::WebCryptoKey* key) const; | |
| 151 | |
| 152 // ----------------------------------------------- | |
| 153 // Key export | |
| 154 // ----------------------------------------------- | |
| 155 | |
| 156 virtual Status ExportKeyRaw(const blink::WebCryptoKey& key, | |
| 157 std::vector<uint8>* buffer) const; | |
| 158 | |
| 159 virtual Status ExportKeyPkcs8(const blink::WebCryptoKey& key, | |
| 160 std::vector<uint8>* buffer) const; | |
| 161 | |
| 162 virtual Status ExportKeySpki(const blink::WebCryptoKey& key, | |
| 163 std::vector<uint8>* buffer) const; | |
| 164 | |
| 165 virtual Status ExportKeyJwk(const blink::WebCryptoKey& key, | |
| 166 std::vector<uint8>* buffer) const; | |
| 167 }; | |
| 168 | |
| 169 } // namespace webcrypto | |
| 170 | |
| 171 } // namespace content | |
| 172 | |
| 173 #endif // CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_ | |
| OLD | NEW |
