src/content/child/webcrypto/algorithm_implementation.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_CHILD_WEBCRYPTO_ALGORITHM_IMPLEMENTATION_H_
   6 #define CONTENT_CHILD_WEBCRYPTO_ALGORITHM_IMPLEMENTATION_H_
   7
   8 #include <stdint.h>
   9 #include <vector>
  10
  11 #include "base/memory/scoped_ptr.h"
  12 #include "third_party/WebKit/public/platform/WebCrypto.h"
  13
  14 namespace content {
  15
  16 namespace webcrypto {
  17
  18 class CryptoData;
  19 class GenerateKeyResult;
  20 class Status;
  21
  22 // AlgorithmImplementation is a base class for *executing* the operations of an
  23 // algorithm (generating keys, encrypting, signing, etc.).
  24 //
  25 // This is in contrast to blink::WebCryptoAlgorithm which instead *describes*
  26 // the operation and its parameters.
  27 //
  28 // AlgorithmImplementation has reasonable default implementations for all
  29 // methods which behave as if the operation is it is unsupported, so
  30 // implementations need only override the applicable methods.
  31 //
  32 // Unless stated otherwise methods of AlgorithmImplementation are responsible
  33 // for sanitizing their inputs. The following can be assumed:
  34 //
  35 //   * |algorithm.id()| and |key.algorithm.id()| matches the algorithm under
  36 //     which the implementation was registerd.
  37 //   * |algorithm| has the correct parameters type for the operation.
  38 //   * The key usages have already been verified. In fact in the case of calls
  39 //     to Encrypt()/Decrypt() the corresponding key usages may not be present
  40 //     (when wrapping/unwrapping).
  41 class AlgorithmImplementation {
  42  public:
  43   virtual ~AlgorithmImplementation();
  44
  45   // This method corresponds to Web Crypto's crypto.subtle.encrypt().
  46   virtual Status Encrypt(const blink::WebCryptoAlgorithm& algorithm,
  47                          const blink::WebCryptoKey& key,
  48                          const CryptoData& data,
  49                          std::vector<uint8_t>* buffer) const;
  50
  51   // This method corresponds to Web Crypto's crypto.subtle.decrypt().
  52   virtual Status Decrypt(const blink::WebCryptoAlgorithm& algorithm,
  53                          const blink::WebCryptoKey& key,
  54                          const CryptoData& data,
  55                          std::vector<uint8_t>* buffer) const;
  56
  57   // This method corresponds to Web Crypto's crypto.subtle.sign().
  58   virtual Status Sign(const blink::WebCryptoAlgorithm& algorithm,
  59                       const blink::WebCryptoKey& key,
  60                       const CryptoData& data,
  61                       std::vector<uint8_t>* buffer) const;
  62
  63   // This method corresponds to Web Crypto's crypto.subtle.verify().
  64   virtual Status Verify(const blink::WebCryptoAlgorithm& algorithm,
  65                         const blink::WebCryptoKey& key,
  66                         const CryptoData& signature,
  67                         const CryptoData& data,
  68                         bool* signature_match) const;
  69
  70   // This method corresponds to Web Crypto's crypto.subtle.digest().
  71   virtual Status Digest(const blink::WebCryptoAlgorithm& algorithm,
  72                         const CryptoData& data,
  73                         std::vector<uint8_t>* buffer) const;
  74
  75   // This method corresponds to Web Crypto's crypto.subtle.generateKey().
  76   //
  77   // Implementations MUST verify |usages| and return an error if it is not
  78   // appropriate.
  79   virtual Status GenerateKey(const blink::WebCryptoAlgorithm& algorithm,
  80                              bool extractable,
  81                              blink::WebCryptoKeyUsageMask usages,
  82                              GenerateKeyResult* result) const;
  83
  84   // -----------------------------------------------
  85   // Key import
  86   // -----------------------------------------------
  87
  88   // VerifyKeyUsagesBeforeImportKey() must be called before either
  89   // importing a key, or unwrapping a key.
  90   //
  91   // Implementations should return an error if the requested usages are invalid
  92   // when importing for the specified format.
  93   //
  94   // For instance, importing an RSA-SSA key with 'spki' format and Sign usage
  95   // is invalid. The 'spki' format implies it will be a public key, and public
  96   // keys do not support signing.
  97   //
  98   // When called with format=JWK the key type may be unknown. The
  99   // ImportKeyJwk() must do the final usage check.
 100   virtual Status VerifyKeyUsagesBeforeImportKey(
 101       blink::WebCryptoKeyFormat format,
 102       blink::WebCryptoKeyUsageMask usages) const;
 103
 104   // This method corresponds to Web Crypto's
 105   // crypto.subtle.importKey(format='raw').
 106   virtual Status ImportKeyRaw(const CryptoData& key_data,
 107                               const blink::WebCryptoAlgorithm& algorithm,
 108                               bool extractable,
 109                               blink::WebCryptoKeyUsageMask usages,
 110                               blink::WebCryptoKey* key) const;
 111
 112   // This method corresponds to Web Crypto's
 113   // crypto.subtle.importKey(format='pkcs8').
 114   virtual Status ImportKeyPkcs8(const CryptoData& key_data,
 115                                 const blink::WebCryptoAlgorithm& algorithm,
 116                                 bool extractable,
 117                                 blink::WebCryptoKeyUsageMask usages,
 118                                 blink::WebCryptoKey* key) const;
 119
 120   // This method corresponds to Web Crypto's
 121   // crypto.subtle.importKey(format='spki').
 122   virtual Status ImportKeySpki(const CryptoData& key_data,
 123                                const blink::WebCryptoAlgorithm& algorithm,
 124                                bool extractable,
 125                                blink::WebCryptoKeyUsageMask usages,
 126                                blink::WebCryptoKey* key) const;
 127
 128   // This method corresponds to Web Crypto's
 129   // crypto.subtle.importKey(format='jwk').
 130   virtual Status ImportKeyJwk(const CryptoData& key_data,
 131                               const blink::WebCryptoAlgorithm& algorithm,
 132                               bool extractable,
 133                               blink::WebCryptoKeyUsageMask usages,
 134                               blink::WebCryptoKey* key) const;
 135
 136   // -----------------------------------------------
 137   // Key export
 138   // -----------------------------------------------
 139
 140   virtual Status ExportKeyRaw(const blink::WebCryptoKey& key,
 141                               std::vector<uint8_t>* buffer) const;
 142
 143   virtual Status ExportKeyPkcs8(const blink::WebCryptoKey& key,
 144                                 std::vector<uint8_t>* buffer) const;
 145
 146   virtual Status ExportKeySpki(const blink::WebCryptoKey& key,
 147                                std::vector<uint8_t>* buffer) const;
 148
 149   virtual Status ExportKeyJwk(const blink::WebCryptoKey& key,
 150                               std::vector<uint8_t>* buffer) const;
 151 };
 152
 153 }  // namespace webcrypto
 154
 155 }  // namespace content
 156
 157 #endif  // CONTENT_CHILD_WEBCRYPTO_ALGORITHM_IMPLEMENTATION_H_