content/child/webcrypto/nss/rsa_key_nss.h - Issue 379383002: Refactor WebCrypto code

Side by Side Diff: content/child/webcrypto/nss/rsa_key_nss.h

Issue 379383002: Refactor WebCrypto code (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Address rsleevi comments Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 // Copyright 2014 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #ifndef CONTENT_CHILD_WEBCRYPTO_NSS_RSA_KEY_NSS_H_

	6 #define CONTENT_CHILD_WEBCRYPTO_NSS_RSA_KEY_NSS_H_

	7

	8 #include <pkcs11t.h>

	9

	10 #include "content/child/webcrypto/algorithm_implementation.h"

	11

	12 namespace content {

	13

	14 namespace webcrypto {

	15

	16 class PublicKeyNss;

	17 class PrivateKeyNss;

	18

	19 // Base class for an RSA algorithm whose keys additionaly have a hash parameter

	20 // bound to them. Provides functionality for generating, importing, and

	21 // exporting keys.

	22 class RsaHashedAlgorithm : public AlgorithmImplementation {

	23 public:

	24 // Constructs an RSA algorithm which will use the NSS flags \|generate_flags\|

	25 // when generating keys. \|all_public_key_usages\| and \|all_private_key_usages\|

	26 // are the set of WebCrypto key usages that are valid for created keys

	27 // (public and private respectively).
	Ryan Sleevi 2014/07/17 22:42:55 pedantry: Can you provide an example of what an al pedantry: Can you provide an example of what an all_public_key_usages would look like? You just mean like if an algorithm only supports encrypt/decrypt, it'll be the OR of them, right? eroman 2014/07/17 23:33:24 Correct. I have added the additional comment: / Show quoted text On 2014/07/17 22:42:55, Ryan Sleevi wrote: > pedantry: Can you provide an example of what an all_public_key_usages would look > like? > > You just mean like if an algorithm only supports encrypt/decrypt, it'll be the > OR of them, right? Correct. I have added the additional comment: // For instance if public keys support encryption and wrapping, and private // keys support decryption and unwrapping callers should set: // all_public_key_usages = UsageEncrypt \| UsageWrap // all_private_key_usages = UsageDecrypt \| UsageUnwrap // This information is used when importing or generating keys, to enforce // that only valid key usages are allowed.
	28 RsaHashedAlgorithm(CK_FLAGS generate_flags,

	29 blink::WebCryptoKeyUsageMask all_public_key_usages,

	30 blink::WebCryptoKeyUsageMask all_private_key_usages)

	31 : generate_flags_(generate_flags),

	32 all_public_key_usages_(all_public_key_usages),

	33 all_private_key_usages_(all_private_key_usages) {}

	34

	35 // For instance "RSA-OAEP-256".

	36 virtual const char* GetJwkAlgorithm(

	37 const blink::WebCryptoAlgorithmId hash) const = 0;

	38

	39 virtual Status VerifyKeyUsagesBeforeGenerateKeyPair(

	40 blink::WebCryptoKeyUsageMask combined_usage_mask,

	41 blink::WebCryptoKeyUsageMask* public_usage_mask,

	42 blink::WebCryptoKeyUsageMask* private_usage_mask) const OVERRIDE;

	43

	44 virtual Status GenerateKeyPair(

	45 const blink::WebCryptoAlgorithm& algorithm,

	46 bool extractable,

	47 blink::WebCryptoKeyUsageMask public_usage_mask,

	48 blink::WebCryptoKeyUsageMask private_usage_mask,

	49 blink::WebCryptoKey* public_key,

	50 blink::WebCryptoKey* private_key) const OVERRIDE;

	51

	52 virtual Status VerifyKeyUsagesBeforeImportKey(

	53 blink::WebCryptoKeyFormat format,

	54 blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE;

	55

	56 virtual Status ImportKeyPkcs8(const CryptoData& key_data,

	57 const blink::WebCryptoAlgorithm& algorithm,

	58 bool extractable,

	59 blink::WebCryptoKeyUsageMask usage_mask,

	60 blink::WebCryptoKey* key) const OVERRIDE;

	61

	62 virtual Status ImportKeySpki(const CryptoData& key_data,

	63 const blink::WebCryptoAlgorithm& algorithm,

	64 bool extractable,

	65 blink::WebCryptoKeyUsageMask usage_mask,

	66 blink::WebCryptoKey* key) const OVERRIDE;

	67

	68 virtual Status ExportKeyPkcs8(const blink::WebCryptoKey& key,

	69 std::vector<uint8>* buffer) const OVERRIDE;

	70

	71 virtual Status ExportKeySpki(const blink::WebCryptoKey& key,

	72 std::vector<uint8>* buffer) const OVERRIDE;

	73

	74 virtual Status ImportKeyJwk(const CryptoData& key_data,

	75 const blink::WebCryptoAlgorithm& algorithm,

	76 bool extractable,

	77 blink::WebCryptoKeyUsageMask usage_mask,

	78 blink::WebCryptoKey* key) const OVERRIDE;

	79

	80 virtual Status ExportKeyJwk(const blink::WebCryptoKey& key,

	81 std::vector<uint8>* buffer) const OVERRIDE;

	82

	83 private:

	84 CK_FLAGS generate_flags_;

	85 blink::WebCryptoKeyUsageMask all_public_key_usages_;

	86 blink::WebCryptoKeyUsageMask all_private_key_usages_;

	87 };

	88

	89 } // namespace webcrypto

	90

	91 } // namespace content

	92

	93 #endif // CONTENT_CHILD_WEBCRYPTO_NSS_RSA_KEY_NSS_H_

OLD	NEW

« content/child/webcrypto/jwk.h ('K') | « content/child/webcrypto/nss/key_nss.cc ('k') | content/child/webcrypto/nss/rsa_key_nss.cc » ('j') | content/child/webcrypto/nss/util_nss.h » ('J')