net/ssl/ssl_private_key.h - chromium/src - Git at Google

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #ifndef NET_SSL_SSL_PRIVATE_KEY_H_
 #define NET_SSL_SSL_PRIVATE_KEY_H_

 #include <stddef.h>
 #include <stdint.h>

 #include <vector>

 #include "base/callback_forward.h"
 #include "base/macros.h"
 #include "base/memory/ref_counted.h"
 #include "base/strings/string_piece.h"
 #include "net/base/net_errors.h"

 namespace net {

 // An interface for a private key for use with SSL client authentication.
 class SSLPrivateKey : public base::RefCountedThreadSafe<SSLPrivateKey> {
  public:
   using SignCallback = base::Callback<void(Error, const std::vector<uint8_t>&)>;

   enum class Type {
     RSA,
     ECDSA,
   };

   enum class Hash {
     MD5_SHA1,
     SHA1,
     SHA256,
     SHA384,
     SHA512,
   };

   SSLPrivateKey() {}

   // Returns whether the key is an RSA key or an ECDSA key. Although the signing
   // interface is type-agnositic and type tags in interfaces are discouraged,
   // TLS has key-specific logic in selecting which hashes to sign. Exposing the
   // key type avoids replicating BoringSSL's TLS-specific logic in SSLPrivateKey
   // implementations and complicating the interface between Chromium and
   // BoringSSL.
   virtual Type GetType() = 0;

   // Returns the digests that are supported by the key in decreasing preference.
   virtual std::vector<SSLPrivateKey::Hash> GetDigestPreferences() = 0;

   // Returns the maximum size of a signature, in bytes. For an RSA key, this
   // must be the size of the modulus.
   virtual size_t GetMaxSignatureLengthInBytes() = 0;

   // Asynchronously signs an |input| which was computed with the hash |hash|. On
   // completion, it calls |callback| with the signature or an error code if the
   // operation failed. For an RSA key, the signature is a PKCS#1 signature. The
   // SSLPrivateKey implementation is responsible for prepending the DigestInfo
   // prefix and adding PKCS#1 padding.
   virtual void SignDigest(Hash hash,
                           const base::StringPiece& input,
                           const SignCallback& callback) = 0;

  protected:
   virtual ~SSLPrivateKey() {}

  private:
   friend class base::RefCountedThreadSafe<SSLPrivateKey>;
   DISALLOW_COPY_AND_ASSIGN(SSLPrivateKey);
 };

 }  // namespace net

 #endif  // NET_SSL_SSL_PRIVATE_KEY_H_
	// Copyright 2015 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#ifndef NET_SSL_SSL_PRIVATE_KEY_H_
	#define NET_SSL_SSL_PRIVATE_KEY_H_

	#include <stddef.h>
	#include <stdint.h>

	#include <vector>

	#include "base/callback_forward.h"
	#include "base/macros.h"
	#include "base/memory/ref_counted.h"
	#include "base/strings/string_piece.h"
	#include "net/base/net_errors.h"

	namespace net {

	// An interface for a private key for use with SSL client authentication.
	class SSLPrivateKey : public base::RefCountedThreadSafe<SSLPrivateKey> {
	public:
	using SignCallback = base::Callback<void(Error, const std::vector<uint8_t>&)>;

	enum class Type {
	RSA,
	ECDSA,
	};

	enum class Hash {
	MD5_SHA1,
	SHA1,
	SHA256,
	SHA384,
	SHA512,
	};

	SSLPrivateKey() {}

	// Returns whether the key is an RSA key or an ECDSA key. Although the signing
	// interface is type-agnositic and type tags in interfaces are discouraged,
	// TLS has key-specific logic in selecting which hashes to sign. Exposing the
	// key type avoids replicating BoringSSL's TLS-specific logic in SSLPrivateKey
	// implementations and complicating the interface between Chromium and
	// BoringSSL.
	virtual Type GetType() = 0;

	// Returns the digests that are supported by the key in decreasing preference.
	virtual std::vector<SSLPrivateKey::Hash> GetDigestPreferences() = 0;

	// Returns the maximum size of a signature, in bytes. For an RSA key, this
	// must be the size of the modulus.
	virtual size_t GetMaxSignatureLengthInBytes() = 0;

	// Asynchronously signs an \|input\| which was computed with the hash \|hash\|. On
	// completion, it calls \|callback\| with the signature or an error code if the
	// operation failed. For an RSA key, the signature is a PKCS#1 signature. The
	// SSLPrivateKey implementation is responsible for prepending the DigestInfo
	// prefix and adding PKCS#1 padding.
	virtual void SignDigest(Hash hash,
	const base::StringPiece& input,
	const SignCallback& callback) = 0;

	protected:
	virtual ~SSLPrivateKey() {}

	private:
	friend class base::RefCountedThreadSafe<SSLPrivateKey>;
	DISALLOW_COPY_AND_ASSIGN(SSLPrivateKey);
	};

	} // namespace net

	#endif // NET_SSL_SSL_PRIVATE_KEY_H_