Home | History | Annotate | Download | only in nss 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_
      6 #define CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_
      7 
      8 #include <pkcs11t.h>
      9 
     10 #include "content/child/webcrypto/algorithm_implementation.h"
     11 
     12 namespace content {
     13 
     14 namespace webcrypto {
     15 
     16 // Base class for AES algorithms that provides the implementation for key
     17 // creation and export.
     18 class AesAlgorithm : public AlgorithmImplementation {
     19  public:
     20   // Constructs an AES algorithm whose keys will be imported using the NSS
     21   // mechanism |import_mechanism| and NSS flags |import_flags|.
     22   // |all_key_usages| is the set of all WebCrypto key usages that are
     23   // allowed for imported or generated keys. |jwk_suffix| is the suffix
     24   // used when constructing JWK names for the algorithm. For instance A128CBC
     25   // is the JWK name for 128-bit AES-CBC. The |jwk_suffix| in this case would
     26   // be "CBC".
     27   AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
     28                CK_FLAGS import_flags,
     29                blink::WebCryptoKeyUsageMask all_key_usages,
     30                const std::string& jwk_suffix);
     31 
     32   // This is the same as the other AesAlgorithm constructor, however
     33   // |import_flags| and |all_key_usages| are pre-filled to values for
     34   // encryption/decryption algorithms (supports usages for: encrypt, decrypt,
     35   // wrap, unwrap).
     36   AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
     37                const std::string& jwk_suffix);
     38 
     39   virtual Status VerifyKeyUsagesBeforeGenerateKey(
     40       blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE;
     41 
     42   virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
     43                                    bool extractable,
     44                                    blink::WebCryptoKeyUsageMask usage_mask,
     45                                    blink::WebCryptoKey* key) const OVERRIDE;
     46 
     47   virtual Status VerifyKeyUsagesBeforeImportKey(
     48       blink::WebCryptoKeyFormat format,
     49       blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE;
     50 
     51   virtual Status ImportKeyRaw(const CryptoData& key_data,
     52                               const blink::WebCryptoAlgorithm& algorithm,
     53                               bool extractable,
     54                               blink::WebCryptoKeyUsageMask usage_mask,
     55                               blink::WebCryptoKey* key) const OVERRIDE;
     56 
     57   virtual Status ImportKeyJwk(const CryptoData& key_data,
     58                               const blink::WebCryptoAlgorithm& algorithm,
     59                               bool extractable,
     60                               blink::WebCryptoKeyUsageMask usage_mask,
     61                               blink::WebCryptoKey* key) const OVERRIDE;
     62 
     63   virtual Status ExportKeyRaw(const blink::WebCryptoKey& key,
     64                               std::vector<uint8_t>* buffer) const OVERRIDE;
     65 
     66   virtual Status ExportKeyJwk(const blink::WebCryptoKey& key,
     67                               std::vector<uint8_t>* buffer) const OVERRIDE;
     68 
     69  private:
     70   const CK_MECHANISM_TYPE import_mechanism_;
     71   const CK_FLAGS import_flags_;
     72   const blink::WebCryptoKeyUsageMask all_key_usages_;
     73   const std::string jwk_suffix_;
     74 };
     75 
     76 }  // namespace webcrypto
     77 
     78 }  // namespace content
     79 
     80 #endif  // CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_
     81