content/child/webcrypto/nss/aes_key_nss.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_
   6 #define CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_
   7
   8 #include <pkcs11t.h>
   9
  10 #include "content/child/webcrypto/algorithm_implementation.h"
  11
  12 namespace content {
  13
  14 namespace webcrypto {
  15
  16 // Base class for AES algorithms that provides the implementation for key
  17 // creation and export.
  18 class AesAlgorithm : public AlgorithmImplementation {
  19  public:
  20   // Constructs an AES algorithm whose keys will be imported using the NSS
  21   // mechanism |import_mechanism| and NSS flags |import_flags|.
  22   // |all_key_usages| is the set of all WebCrypto key usages that are
  23   // allowed for imported or generated keys. |jwk_suffix| is the suffix
  24   // used when constructing JWK names for the algorithm. For instance A128CBC
  25   // is the JWK name for 128-bit AES-CBC. The |jwk_suffix| in this case would
  26   // be "CBC".
  27   AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
  28                CK_FLAGS import_flags,
  29                blink::WebCryptoKeyUsageMask all_key_usages,
  30                const std::string& jwk_suffix);
  31
  32   // This is the same as the other AesAlgorithm constructor, however
  33   // |import_flags| and |all_key_usages| are pre-filled to values for
  34   // encryption/decryption algorithms (supports usages for: encrypt, decrypt,
  35   // wrap, unwrap).
  36   AesAlgorithm(CK_MECHANISM_TYPE import_mechanism,
  37                const std::string& jwk_suffix);
  38
  39   virtual Status VerifyKeyUsagesBeforeGenerateKey(
  40       blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE;
  41
  42   virtual Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
  43                                    bool extractable,
  44                                    blink::WebCryptoKeyUsageMask usage_mask,
  45                                    blink::WebCryptoKey* key) const OVERRIDE;
  46
  47   virtual Status VerifyKeyUsagesBeforeImportKey(
  48       blink::WebCryptoKeyFormat format,
  49       blink::WebCryptoKeyUsageMask usage_mask) const OVERRIDE;
  50
  51   virtual Status ImportKeyRaw(const CryptoData& key_data,
  52                               const blink::WebCryptoAlgorithm& algorithm,
  53                               bool extractable,
  54                               blink::WebCryptoKeyUsageMask usage_mask,
  55                               blink::WebCryptoKey* key) const OVERRIDE;
  56
  57   virtual Status ImportKeyJwk(const CryptoData& key_data,
  58                               const blink::WebCryptoAlgorithm& algorithm,
  59                               bool extractable,
  60                               blink::WebCryptoKeyUsageMask usage_mask,
  61                               blink::WebCryptoKey* key) const OVERRIDE;
  62
  63   virtual Status ExportKeyRaw(const blink::WebCryptoKey& key,
  64                               std::vector<uint8_t>* buffer) const OVERRIDE;
  65
  66   virtual Status ExportKeyJwk(const blink::WebCryptoKey& key,
  67                               std::vector<uint8_t>* buffer) const OVERRIDE;
  68
  69  private:
  70   const CK_MECHANISM_TYPE import_mechanism_;
  71   const CK_FLAGS import_flags_;
  72   const blink::WebCryptoKeyUsageMask all_key_usages_;
  73   const std::string jwk_suffix_;
  74 };
  75
  76 }  // namespace webcrypto
  77
  78 }  // namespace content
  79
  80 #endif  // CONTENT_CHILD_WEBCRYPTO_NSS_AES_NSS_H_