chrome/common/extensions/api/cryptotoken_private.idl - chromium/src - Git at Google

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 // <code>chrome.cryptotokenPrivate</code> API that provides hooks to Chrome to
 // be used by cryptotoken component extension.
 // <p>In the context of this API, an AppId is roughly an origin and is formally
 // defined in
 // <a href="https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-appid-and-facets-v1.2-ps-20170411.html">
 // the FIDO spec</a></p>
 namespace cryptotokenPrivate {

   callback BooleanCallback = void(boolean result);

   dictionary CanAppIdGetAttestationOptions {
     // The AppId (see definition, above) that was used in the registration
     // request and which has been authenticated by |canOriginAssertAppId|.
     DOMString appId;
     // The origin of the caller.
     DOMString origin;
     // Identifies the tab in which the registration is occuring so that any
     // permissions prompt is correctly located.
     long tabId;
   };

   interface Functions {
     // Checks whether the origin is allowed to assert the appId, according to
     // the same origin policy defined at
     // http://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009/
     //     fido-appid-and-facets-ps-20141009.html
     // |securityOrigin| is the origin as seen by the extension, and |appIdUrl|
     // is the appId being asserted by the origin.
     static void canOriginAssertAppId(DOMString securityOrigin,
                                      DOMString appIdUrl,
                                      BooleanCallback callback);

     // Checks whether the given appId is specified in the
     // SecurityKeyPermitAttestation policy. This causes a signal to be sent to
     // the token that informs it that an individually-identifying attestation
     // certificate may be used. Without that signal, the token is required to
     // use its batch attestation certificate.
     static void isAppIdHashInEnterpriseContext(ArrayBuffer appIdHash,
                                                BooleanCallback callback);

     // Checks whether the given appId may receive attestation data that
     // identifies the token. If not, the attestation from the token must be
     // substituted with a randomly generated certificate since webauthn and U2F
     // require that some attestation be provided.
     static void canAppIdGetAttestation(CanAppIdGetAttestationOptions options,
                                        BooleanCallback callback);
   };
 };
	// Copyright 2014 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	// <code>chrome.cryptotokenPrivate</code> API that provides hooks to Chrome to
	// be used by cryptotoken component extension.
	// <p>In the context of this API, an AppId is roughly an origin and is formally
	// defined in
	// <a href="https://fidoalliance.org/specs/fido-u2f-v1.2-ps-20170411/fido-appid-and-facets-v1.2-ps-20170411.html">
	// the FIDO spec</a></p>
	namespace cryptotokenPrivate {

	callback BooleanCallback = void(boolean result);

	dictionary CanAppIdGetAttestationOptions {
	// The AppId (see definition, above) that was used in the registration
	// request and which has been authenticated by \|canOriginAssertAppId\|.
	DOMString appId;
	// The origin of the caller.
	DOMString origin;
	// Identifies the tab in which the registration is occuring so that any
	// permissions prompt is correctly located.
	long tabId;
	};

	interface Functions {
	// Checks whether the origin is allowed to assert the appId, according to
	// the same origin policy defined at
	// http://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009/
	// fido-appid-and-facets-ps-20141009.html
	// \|securityOrigin\| is the origin as seen by the extension, and \|appIdUrl\|
	// is the appId being asserted by the origin.
	static void canOriginAssertAppId(DOMString securityOrigin,
	DOMString appIdUrl,
	BooleanCallback callback);

	// Checks whether the given appId is specified in the
	// SecurityKeyPermitAttestation policy. This causes a signal to be sent to
	// the token that informs it that an individually-identifying attestation
	// certificate may be used. Without that signal, the token is required to
	// use its batch attestation certificate.
	static void isAppIdHashInEnterpriseContext(ArrayBuffer appIdHash,
	BooleanCallback callback);

	// Checks whether the given appId may receive attestation data that
	// identifies the token. If not, the attestation from the token must be
	// substituted with a randomly generated certificate since webauthn and U2F
	// require that some attestation be provided.
	static void canAppIdGetAttestation(CanAppIdGetAttestationOptions options,
	BooleanCallback callback);
	};
	};