Home | History | Annotate | Download | only in platform_keys 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
      6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
      7 
      8 #include <string>
      9 #include <vector>
     10 
     11 #include "base/callback_forward.h"
     12 #include "base/macros.h"
     13 #include "base/memory/ref_counted.h"
     14 #include "base/memory/scoped_ptr.h"
     15 
     16 namespace content {
     17 class BrowserContext;
     18 }
     19 
     20 namespace net {
     21 class X509Certificate;
     22 typedef std::vector<scoped_refptr<X509Certificate> > CertificateList;
     23 }
     24 
     25 namespace chromeos {
     26 
     27 namespace platform_keys {
     28 
     29 // Supported hash algorithms.
     30 enum HashAlgorithm {
     31   HASH_ALGORITHM_SHA1,
     32   HASH_ALGORITHM_SHA256,
     33   HASH_ALGORITHM_SHA384,
     34   HASH_ALGORITHM_SHA512
     35 };
     36 
     37 namespace subtle {
     38 // Functions of this namespace shouldn't be called directly from the context of
     39 // an extension. Instead use PlatformKeysService which enforces restrictions
     40 // upon extensions.
     41 
     42 typedef base::Callback<void(const std::string& public_key_spki_der,
     43                             const std::string& error_message)>
     44     GenerateKeyCallback;
     45 
     46 // Generates a RSA key pair with |modulus_length_bits|. |token_id| is currently
     47 // ignored, instead the user token associated with |browser_context| is always
     48 // used. |callback| will be invoked with the resulting public key or an error.
     49 void GenerateRSAKey(const std::string& token_id,
     50                     unsigned int modulus_length_bits,
     51                     const GenerateKeyCallback& callback,
     52                     content::BrowserContext* browser_context);
     53 
     54 typedef base::Callback<void(const std::string& signature,
     55                             const std::string& error_message)> SignCallback;
     56 
     57 // Digests |data| with |hash_algorithm| and afterwards signs the digest with the
     58 // private key matching |public_key|, if that key is stored in the given token.
     59 // |token_id| is currently ignored, instead the user token associated with
     60 // |browser_context| is always used. |public_key| must be the DER encoding of a
     61 // SubjectPublicKeyInfo. |callback| will be invoked with the signature or an
     62 // error message.
     63 // Currently supports RSA keys only.
     64 void Sign(const std::string& token_id,
     65           const std::string& public_key,
     66           HashAlgorithm hash_algorithm,
     67           const std::string& data,
     68           const SignCallback& callback,
     69           content::BrowserContext* browser_context);
     70 
     71 }  // namespace subtle
     72 
     73 // If the list of certificates could be successfully retrieved, |certs| will
     74 // contain the list of available certificates (maybe empty) and |error_message|
     75 // will be empty. If an error occurred, |certs| will be empty and
     76 // |error_message| contain an error message.
     77 typedef base::Callback<void(scoped_ptr<net::CertificateList> certs,
     78                             const std::string& error_message)>
     79     GetCertificatesCallback;
     80 
     81 // Returns the list of all certificates with stored private key available from
     82 // the given token. |token_id| is currently ignored, instead the user token
     83 // associated with |browser_context| is always used. |callback| will be invoked
     84 // with the list of available certificates or an error message.
     85 void GetCertificates(const std::string& token_id,
     86                      const GetCertificatesCallback& callback,
     87                      content::BrowserContext* browser_context);
     88 
     89 // If an error occurred during import, |error_message| will be set to an error
     90 // message.
     91 typedef base::Callback<void(const std::string& error_message)>
     92     ImportCertificateCallback;
     93 
     94 // Imports |certificate| to the given token if the certified key is already
     95 // stored in this token. Any intermediate of |certificate| will be ignored.
     96 // |token_id| is currently ignored, instead the user token associated with
     97 // |browser_context| is always used. |callback| will be invoked when the import
     98 // is finished, possibly with an error message.
     99 void ImportCertificate(const std::string& token_id,
    100                        scoped_refptr<net::X509Certificate> certificate,
    101                        const ImportCertificateCallback& callback,
    102                        content::BrowserContext* browser_context);
    103 
    104 // If an error occurred during removal, |error_message| will be set to an error
    105 // message.
    106 typedef base::Callback<void(const std::string& error_message)>
    107     RemoveCertificateCallback;
    108 
    109 // Removes |certificate| from the given token if present. Any intermediate of
    110 // |certificate| will be ignored. |token_id| is currently ignored, instead the
    111 // user token associated with |browser_context| is always used. |callback| will
    112 // be invoked when the removal is finished, possibly with an error message.
    113 void RemoveCertificate(const std::string& token_id,
    114                        scoped_refptr<net::X509Certificate> certificate,
    115                        const RemoveCertificateCallback& callback,
    116                        content::BrowserContext* browser_context);
    117 
    118 }  // namespace platform_keys
    119 
    120 }  // namespace chromeos
    121 
    122 #endif  // CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
    123