1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
// Copyright 2015 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Internal API for to implement the platformKeys and enterprise.platformKeys
// APIs.
[implemented_in = "chrome/browser/extensions/api/platform_keys/platform_keys_api.h"]
namespace platformKeysInternal {
callback SelectCallback = void (platformKeys.Match[] certs);
// Invoked by <code>sign</code>.
// |signature| The signature, a octet string.
callback SignCallback = void(ArrayBuffer signature);
// Called back by <code>getPublicKey</code>.
// |publicKey| The Subject Public Key Info (see X.509) of the requested
// certificate.
// |algorithm| A partial WebCrypto KeyAlgorithm containing all information
// that is available from the Subject Public Key Info. It does not contain
// signature/hash parameters.
callback GetPublicKeyCallback = void(ArrayBuffer publicKey, object algorithm);
interface Functions {
// See documentation in platformKeys.
static void selectClientCertificates(
platformKeys.SelectDetails details,
SelectCallback callback);
// Internal version of platformKeys.subtleCrypto.sign and
// enterprise.platformKeys.Token.subtleCrypto.sign.
// |tokenId| The id of a Token returned by |getTokens|.
// |publicKey| The Subject Public Key Info of a key previously generated by
// |generateKey| in DER encoding.
// |algorithmName| The name of the algorithm used to generate the key pair.
// |hashAlgorithmName| The recognized algorithm name of the hash algorithm,
// as specified by WebCrypto, that will be used to digest |data|
// before signing. Currently supported are: SHA-{1,256,384,512}.
// If instead the algorithm name "none" is provided, no hashing will be
// applied, the data is PKCS#1 v1.5 padded but not hashed.
// TODO(pneubeck): use an enum once supported:
// http://www.crbug.com/385539 .
// |data| The data to sign.
// |callback| Called back with the signature of |data|.
// TODO: Instead of ArrayBuffer should be (ArrayBuffer or ArrayBufferView),
// or at least (ArrayBuffer or Uint8Array).
static void sign(DOMString tokenId,
ArrayBuffer publicKey,
DOMString algorithmName,
DOMString hashAlgorithmName,
ArrayBuffer data,
SignCallback callback);
// Checks whether <code>certificate</code> certifies a key that allows usage
// of the WebCrypto algorithm <code>algorithmName</code>. If so, calls back
// <code>callback</code> with the key info and a WebCrypto
// <code>KeyAlgorithm</code> dictionary describing the key's algorithm. The
// <code>name</code> property will equal <code>algorithmName</code>.
// Otherwise, calls back with an error.
[doesNotSupportPromises="Multi-parameter callback crbug.com/1313625"]
static void getPublicKey(ArrayBuffer certificate,
DOMString algorithmName,
GetPublicKeyCallback callback);
// Takes as arguments a <code>publicKeySpkiDer</code> and
// <code>algorithmName</code>. Checks if <code>publicKeySpkiDer</code> is
// not empty and if the <code>algorithmName</code> specified is supported.
// If so, calls back <code>callback</code> with the key info and a WebCrypto
// <code>KeyAlgorithm</code> dictionary describing the key's algorithm. The
// <code>name</code> property will equal <code>algorithmName</code>.
// Otherwise, calls back with an error.
[doesNotSupportPromises="Multi-parameter callback crbug.com/1313625"]
static void getPublicKeyBySpki(ArrayBuffer publicKeySpkiDer,
DOMString algorithmName,
GetPublicKeyCallback callback);
};
};
|
