chrome/browser/chromeos/platform_keys/platform_keys_service.h - Issue 884073002: Implement chrome.platformKeys.getKeyPair().

Unified Diff: chrome/browser/chromeos/platform_keys/platform_keys_service.h

Issue 884073002: Implement chrome.platformKeys.getKeyPair(). (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert_impl2

Patch Set: Bundled Sign() arguments into a struct. Renamed to SignRSA. Created 5 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« chrome/browser/chromeos/platform_keys/platform_keys_nss.cc ('K') | « chrome/browser/chromeos/platform_keys/platform_keys_nss.cc ('k') | chrome/browser/chromeos/platform_keys/platform_keys_service.cc » ('j') | chrome/browser/chromeos/platform_keys/platform_keys_service.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/chromeos/platform_keys/platform_keys_service.h

diff --git a/chrome/browser/chromeos/platform_keys/platform_keys_service.h b/chrome/browser/chromeos/platform_keys/platform_keys_service.h

index c7def45464a001a254616b60d04e6132c5754dab..af7efc7ffe5f14dd207e25ddffb1453072b8c3c5 100644

--- a/chrome/browser/chromeos/platform_keys/platform_keys_service.h

+++ b/chrome/browser/chromeos/platform_keys/platform_keys_service.h

@@ -49,7 +49,7 @@ class PlatformKeysService : public KeyedService {

~PlatformKeysService() override;

// Disables the checks whether an extension is allowed to read client

- // certificates.

+ // certificates or allowed to use the signing function of a key.

// TODO(pneubeck): Remove this once a permissions are implemented.

void DisablePermissionCheckForTesting();

@@ -78,22 +78,20 @@ class PlatformKeysService : public KeyedService {

typedef base::Callback<void(const std::string& signature,

const std::string& error_message)> SignCallback;

- // Digests |data| with |hash_algorithm| and afterwards signs the digest with

- // the private key matching |public_key_spki_der|, if that key is stored in

- // the given token and wasn't used for signing before.

- // Unregisters the key so that every future attempt to sign data with this key

- // is rejected. |token_id| is currently ignored, instead the user token

- // associated with |browser_context| is always used. |public_key_spki_der|

- // must be the DER encoding of a SubjectPublicKeyInfo. |callback| will be

- // invoked with the signature or an error message. Currently supports RSA keys

- // only.

+ // Optionally digests |data|, applies PKCS1 padding and afterwards signs the

+ // data with the private key matching |params.public_key|. If a non empty

+ // token id is provided and the key is not found in that token, the operation

+ // aborts.

+ // If the extension does not have permissions for signing with this key, the

+ // operation aborts. In case of a one time permission (granted after

+ // generating the key), this function also removes the permission to prevent

+ // future signing attempts.

+ // |callback| will be invoked with the signature or an error message.

// Will only call back during the lifetime of this object.

- void Sign(const std::string& token_id,

- const std::string& public_key_spki_der,

- platform_keys::HashAlgorithm hash_algorithm,

- const std::string& data,

- const std::string& extension_id,

- const SignCallback& callback);

+ void SignRSA(const std::string& token_id,

+ scoped_ptr<platform_keys::SignRSAParams> params,

+ const std::string& extension_id,

+ const SignCallback& callback);

// If the certificate request could be processed successfully, |matches| will

// contain the list of matching certificates (maybe empty) and |error_message|