blob: 48719e2c91b6b831f7d00ac69d93e51307ced9e8 [file] [log] [blame]
// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Internal API for to implement the platformKeys and enterprise.platformKeys
// APIs.
[implemented_in = "chrome/browser/extensions/api/platform_keys/platform_keys_api.h"]
namespace platformKeysInternal {
callback SelectCallback = void (platformKeys.Match[] certs);
// Invoked by <code>sign</code>.
// |signature| The signature, a octet string.
callback SignCallback = void(ArrayBuffer signature);
// Called back by <code>getPublicKey</code>.
// |publicKey| The Subject Public Key Info (see X.509) of the requested
// certificate.
// |algorithm| A partial WebCrypto KeyAlgorithm containing all information
// that is available from the Subject Public Key Info. It does not contain
// signature/hash parameters.
callback GetPublicKeyCallback = void(ArrayBuffer publicKey, object algorithm);
interface Functions {
// See documentation in platformKeys.
static void selectClientCertificates(
platformKeys.SelectDetails details,
SelectCallback callback);
// Internal version of platformKeys.subtleCrypto.sign and
// enterprise.platformKeys.Token.subtleCrypto.sign.
// |tokenId| The id of a Token returned by |getTokens|.
// |publicKey| The Subject Public Key Info of a key previously generated by
// |generateKey| in DER encoding.
// |hashAlgorithmName| The recognized algorithm name of the hash algorithm,
// as specified by WebCrypto, that will be used to digest |data|
// before signing. Currently supported are: SHA-{1,256,384,512}.
// If instead the algorithm name "none" is provided, no hashing will be
// applied, the data is PKCS#1 v1.5 padded but not hashed.
// TODO(pneubeck): use an enum once supported:
// .
// |data| The data to sign.
// |callback| Called back with the signature of |data|.
// TODO: Instead of ArrayBuffer should be (ArrayBuffer or ArrayBufferView),
// or at least (ArrayBuffer or Uint8Array).
static void sign(DOMString tokenId,
ArrayBuffer publicKey,
DOMString hashAlgorithmName,
ArrayBuffer data,
SignCallback callback);
// Checks whether <code>certificate</code> certifies a key that allows usage
// of the WebCrypto algorithm <code>algorithmName</code>. If so, calls back
// <code>callback</code> with the key info and a WebCrypto
// <code>KeyAlgorithm</code> dictionary describing the key's algorithm. The
// <code>name</code> property will equal <code>algorithmName</code>.
// Otherwise, calls back with an error.
static void getPublicKey(ArrayBuffer certificate,
DOMString algorithmName,
GetPublicKeyCallback callback);