| Index: content/child/webcrypto/algorithm_implementation.h
|
| diff --git a/content/child/webcrypto/algorithm_implementation.h b/content/child/webcrypto/algorithm_implementation.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..9982ae88337156b0ac756b7e8a17709b952d7726
|
| --- /dev/null
|
| +++ b/content/child/webcrypto/algorithm_implementation.h
|
| @@ -0,0 +1,173 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#ifndef CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_
|
| +#define CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_
|
| +
|
| +#include <vector>
|
| +
|
| +#include "base/memory/scoped_ptr.h"
|
| +#include "third_party/WebKit/public/platform/WebCrypto.h"
|
| +
|
| +namespace content {
|
| +
|
| +namespace webcrypto {
|
| +
|
| +class CryptoData;
|
| +class Status;
|
| +
|
| +// AlgorithmImplementation is a base class for *executing* the operations of an
|
| +// algorithm (generating keys, encrypting, signing, etc.).
|
| +//
|
| +// This is in contrast to blink::WebCryptoAlgorithm which instead *describes*
|
| +// the operation and its parameters.
|
| +//
|
| +// AlgorithmImplementation has reasonable default implementations for all
|
| +// methods which behave as if the operation is it is unsupported, so
|
| +// implementations need only override the applicable methods.
|
| +//
|
| +// Unless stated otherwise methods of AlgorithmImplementation are responsible
|
| +// for sanitizing their inputs. The following can be assumed:
|
| +//
|
| +// * |algorithm.id()| and |key.algorithm.id()| matches the algorithm under
|
| +// which the implementation was registerd.
|
| +// * |algorithm| has the correct parameters type for the operation.
|
| +// * The key usages have already been verified. In fact in the case of calls
|
| +// to Encrypt()/Decrypt() the corresponding key usages may not be present
|
| +// (when wrapping/unwrapping).
|
| +class AlgorithmImplementation {
|
| + public:
|
| + virtual ~AlgorithmImplementation();
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.encrypt().
|
| + virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| + const blink::WebCryptoKey& key,
|
| + const CryptoData& data,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.decrypt().
|
| + virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
|
| + const blink::WebCryptoKey& key,
|
| + const CryptoData& data,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.sign().
|
| + virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm,
|
| + const blink::WebCryptoKey& key,
|
| + const CryptoData& data,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.verify().
|
| + virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm,
|
| + const blink::WebCryptoKey& key,
|
| + const CryptoData& signature,
|
| + const CryptoData& data,
|
| + bool* signature_match) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.digest().
|
| + virtual Status Digest(const blink::WebCryptoAlgorithm& algorithm,
|
| + const CryptoData& data,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + // VerifyKeyUsagesBeforeGenerateKey() must be called prior to
|
| + // GenerateSecretKey() to validate the requested key usages.
|
| + virtual Status VerifyKeyUsagesBeforeGenerateKey(
|
| + blink::WebCryptoKeyUsageMask usage_mask) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.generateKey().
|
| + virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) const;
|
| +
|
| + // VerifyKeyUsagesBeforeGenerateKeyPair() must be called prior to
|
| + // GenerateKeyPair() to validate the requested key usages.
|
| + virtual Status VerifyKeyUsagesBeforeGenerateKeyPair(
|
| + blink::WebCryptoKeyUsageMask combined_usage_mask,
|
| + blink::WebCryptoKeyUsageMask* public_usage_mask,
|
| + blink::WebCryptoKeyUsageMask* private_usage_mask) const;
|
| +
|
| + // This method corresponds to Web Crypto's crypto.subtle.generateKey().
|
| + virtual Status GenerateKeyPair(
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask public_usage_mask,
|
| + blink::WebCryptoKeyUsageMask private_usage_mask,
|
| + blink::WebCryptoKey* public_key,
|
| + blink::WebCryptoKey* private_key) const;
|
| +
|
| + // -----------------------------------------------
|
| + // Key import
|
| + // -----------------------------------------------
|
| +
|
| + // VerifyKeyUsagesBeforeImportKey() must be called before either
|
| + // importing a key, or unwrapping a key.
|
| + //
|
| + // Implementations should return an error if the requested usages are invalid
|
| + // when importing for the specified format.
|
| + //
|
| + // For instance, importing an RSA-SSA key with 'spki' format and Sign usage
|
| + // is invalid. The 'spki' format implies it will be a public key, and public
|
| + // keys do not support signing.
|
| + //
|
| + // When called with format=JWK the key type may be unknown. The
|
| + // ImportKeyJwk() must do the final usage check.
|
| + virtual Status VerifyKeyUsagesBeforeImportKey(
|
| + blink::WebCryptoKeyFormat format,
|
| + blink::WebCryptoKeyUsageMask usage_mask) const;
|
| +
|
| + // This method corresponds to Web Crypto's
|
| + // crypto.subtle.importKey(format='raw').
|
| + virtual Status ImportKeyRaw(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) const;
|
| +
|
| + // This method corresponds to Web Crypto's
|
| + // crypto.subtle.importKey(format='pkcs8').
|
| + virtual Status ImportKeyPkcs8(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) const;
|
| +
|
| + // This method corresponds to Web Crypto's
|
| + // crypto.subtle.importKey(format='spki').
|
| + virtual Status ImportKeySpki(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) const;
|
| +
|
| + // This method corresponds to Web Crypto's
|
| + // crypto.subtle.importKey(format='jwk').
|
| + virtual Status ImportKeyJwk(const CryptoData& key_data,
|
| + const blink::WebCryptoAlgorithm& algorithm,
|
| + bool extractable,
|
| + blink::WebCryptoKeyUsageMask usage_mask,
|
| + blink::WebCryptoKey* key) const;
|
| +
|
| + // -----------------------------------------------
|
| + // Key export
|
| + // -----------------------------------------------
|
| +
|
| + virtual Status ExportKeyRaw(const blink::WebCryptoKey& key,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + virtual Status ExportKeyPkcs8(const blink::WebCryptoKey& key,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + virtual Status ExportKeySpki(const blink::WebCryptoKey& key,
|
| + std::vector<uint8>* buffer) const;
|
| +
|
| + virtual Status ExportKeyJwk(const blink::WebCryptoKey& key,
|
| + std::vector<uint8>* buffer) const;
|
| +};
|
| +
|
| +} // namespace webcrypto
|
| +
|
| +} // namespace content
|
| +
|
| +#endif // CONTENT_CHILD_WEBCRYPTO_CRYPTO_ALGORITHM_IMPLEMENTATION_H_
|
|
|
Chromium Code Reviews
