| Index: chrome/browser/chromeos/platform_keys/platform_keys.h
|
| diff --git a/chrome/browser/chromeos/platform_keys/platform_keys.h b/chrome/browser/chromeos/platform_keys/platform_keys.h
|
| index 05d0deff4c727389132ad45e17c9884cda2e8e55..6c5d8c8fd0eb79ce3b5b5138ef6322419d5739c7 100644
|
| --- a/chrome/browser/chromeos/platform_keys/platform_keys.h
|
| +++ b/chrome/browser/chromeos/platform_keys/platform_keys.h
|
| @@ -12,17 +12,13 @@
|
| #include "base/macros.h"
|
| #include "base/memory/ref_counted.h"
|
| #include "base/memory/scoped_ptr.h"
|
| +#include "net/cert/x509_certificate.h"
|
| #include "net/ssl/ssl_client_cert_type.h"
|
|
|
| namespace content {
|
| class BrowserContext;
|
| }
|
|
|
| -namespace net {
|
| -class X509Certificate;
|
| -typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
|
| -}
|
| -
|
| namespace chromeos {
|
|
|
| namespace platform_keys {
|
| @@ -38,6 +34,7 @@ extern const char kTokenIdSystem[];
|
|
|
| // Supported hash algorithms.
|
| enum HashAlgorithm {
|
| + HASH_ALGORITHM_NONE, // The value if no hash function is selected.
|
| HASH_ALGORITHM_SHA1,
|
| HASH_ALGORITHM_SHA256,
|
| HASH_ALGORITHM_SHA384,
|
| @@ -77,19 +74,28 @@ void GenerateRSAKey(const std::string& token_id,
|
| typedef base::Callback<void(const std::string& signature,
|
| const std::string& error_message)> SignCallback;
|
|
|
| -// Digests |data| with |hash_algorithm| and afterwards signs the digest with the
|
| -// private key matching |public_key|, if that key is stored in the given token.
|
| -// |token_id| is currently ignored, instead the user token associated with
|
| -// |browser_context| is always used. |public_key| must be the DER encoding of a
|
| -// SubjectPublicKeyInfo. |callback| will be invoked with the signature or an
|
| -// error message.
|
| -// Currently supports RSA keys only.
|
| -void Sign(const std::string& token_id,
|
| - const std::string& public_key,
|
| - HashAlgorithm hash_algorithm,
|
| - const std::string& data,
|
| - const SignCallback& callback,
|
| - content::BrowserContext* browser_context);
|
| +// Digests |data|, applies PKCS1 padding and afterwards signs the data with the
|
| +// private key matching |params.public_key|. If a non empty token id is provided
|
| +// and the key is not found in that token, the operation aborts. |callback| will
|
| +// be invoked with the signature or an error message.
|
| +void SignRSAPKCS1Digest(const std::string& token_id,
|
| + const std::string& data,
|
| + const std::string& public_key,
|
| + HashAlgorithm hash_algorithm,
|
| + const SignCallback& callback,
|
| + content::BrowserContext* browser_context);
|
| +
|
| +// Applies PKCS1 padding and afterwards signs the data with the private key
|
| +// matching |params.public_key|. |data| is not digested. If a non empty token id
|
| +// is provided and the key is not found in that token, the operation aborts.
|
| +// The size of |data| (number of octets) must be smaller than k - 11, where k
|
| +// is the key size in octets.
|
| +// |callback| will be invoked with the signature or an error message.
|
| +void SignRSAPKCS1Raw(const std::string& token_id,
|
| + const std::string& data,
|
| + const std::string& public_key,
|
| + const SignCallback& callback,
|
| + content::BrowserContext* browser_context);
|
|
|
| // If the certificate request could be processed successfully, |matches| will
|
| // contain the list of matching certificates (which may be empty) and
|
| @@ -107,6 +113,19 @@ void SelectClientCertificates(const ClientCertificateRequest& request,
|
|
|
| } // namespace subtle
|
|
|
| +// Obtains information about the public key in |certificate|.
|
| +// If |certificate| contains an RSA key, sets |key_size_bits| to the modulus
|
| +// length, |public_key_spki_der| to the DER encoding of the X.509 Subject Public
|
| +// Key Info, and |key_type| to type RSA and returns true.
|
| +// If |certificate| contains any other key type, or if the public exponent of
|
| +// the RSA key in |certificate| is not F4, returns false and does not update any
|
| +// of the output parameters.
|
| +// All pointer arguments must not be null.
|
| +bool GetPublicKey(const scoped_refptr<net::X509Certificate>& certificate,
|
| + std::string* public_key_spki_der,
|
| + net::X509Certificate::PublicKeyType* key_type,
|
| + size_t* key_size_bits);
|
| +
|
| // If the list of certificates could be successfully retrieved, |certs| will
|
| // contain the list of available certificates (maybe empty) and |error_message|
|
| // will be empty. If an error occurred, |certs| will be empty and
|
| @@ -134,7 +153,7 @@ typedef base::Callback<void(const std::string& error_message)>
|
| // |browser_context| is always used. |callback| will be invoked when the import
|
| // is finished, possibly with an error message.
|
| void ImportCertificate(const std::string& token_id,
|
| - scoped_refptr<net::X509Certificate> certificate,
|
| + const scoped_refptr<net::X509Certificate>& certificate,
|
| const ImportCertificateCallback& callback,
|
| content::BrowserContext* browser_context);
|
|
|
| @@ -148,7 +167,7 @@ typedef base::Callback<void(const std::string& error_message)>
|
| // user token associated with |browser_context| is always used. |callback| will
|
| // be invoked when the removal is finished, possibly with an error message.
|
| void RemoveCertificate(const std::string& token_id,
|
| - scoped_refptr<net::X509Certificate> certificate,
|
| + const scoped_refptr<net::X509Certificate>& certificate,
|
| const RemoveCertificateCallback& callback,
|
| content::BrowserContext* browser_context);
|
|
|
|
|
Chromium Code Reviews
Issue 927883002:
Implement chrome.platformKeys.getKeyPair(). (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master