content/child/webcrypto/platform_crypto.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CONTENT_CHILD_WEBCRYPTO_PLATFORM_CRYPTO_H_
   6 #define CONTENT_CHILD_WEBCRYPTO_PLATFORM_CRYPTO_H_
   7
   8 #include <vector>
   9
  10 #include "base/basictypes.h"
  11 #include "base/compiler_specific.h"
  12 #include "base/memory/scoped_ptr.h"
  13 #include "third_party/WebKit/public/platform/WebCrypto.h"
  14 #include "third_party/WebKit/public/platform/WebCryptoAlgorithmParams.h"
  15
  16 namespace blink {
  17 template <typename T>
  18 class WebVector;
  19 }
  20
  21 namespace content {
  22
  23 enum EncryptOrDecrypt { ENCRYPT, DECRYPT };
  24
  25 namespace webcrypto {
  26
  27 class CryptoData;
  28 class Status;
  29
  30 // Functions in the webcrypto::platform namespace are intended to be those
  31 // which are OpenSSL/NSS specific.
  32 //
  33 // The general purpose code which applies to both OpenSSL and NSS
  34 // implementations of webcrypto should live in the outter webcrypto namespace,
  35 // and the crypto library specific bits in the "platform" namespace.
  36 //
  37 // -----------------
  38 // Threading:
  39 // -----------------
  40 //
  41 // Unless otherwise noted, functions in webcrypto::platform are called
  42 // exclusively from a sequenced worker pool.
  43 //
  44 // This means that operations using a given key cannot occur in
  45 // parallel and it is not necessary to guard against concurrent usage.
  46 //
  47 // The exceptions are:
  48 //
  49 //   * Key::ThreadSafeSerializeForClone(), which is called from the
  50 //     target Blink thread during structured clone.
  51 //
  52 //   * ImportKeyRaw(), ImportKeySpki(), ImportKeyPkcs8(), which can be
  53 //     called from the target Blink thread during structured clone
  54 //     deserialization, as well as from the webcrypto worker pool.
  55 //
  56 //     TODO(eroman): Change it so import happens in worker pool too.
  57 //                   http://crbug.com/366834
  58 namespace platform {
  59
  60 class SymKey;
  61 class PublicKey;
  62 class PrivateKey;
  63
  64 // Base key class for all platform keys, used to safely cast between types.
  65 class Key : public blink::WebCryptoKeyHandle {
  66  public:
  67   virtual SymKey* AsSymKey() = 0;
  68   virtual PublicKey* AsPublicKey() = 0;
  69   virtual PrivateKey* AsPrivateKey() = 0;
  70
  71   virtual bool ThreadSafeSerializeForClone(
  72       blink::WebVector<uint8>* key_data) = 0;
  73 };
  74
  75 // Do any one-time initialization. Note that this can be called MULTIPLE times
  76 // (once per instantiation of WebCryptoImpl).
  77 void Init();
  78
  79 // Preconditions:
  80 //  * |key| is a non-null AES-CBC key.
  81 //  * |iv| is exactly 16 bytes long
  82 Status EncryptDecryptAesCbc(EncryptOrDecrypt mode,
  83                             SymKey* key,
  84                             const CryptoData& data,
  85                             const CryptoData& iv,
  86                             std::vector<uint8>* buffer);
  87
  88 // Preconditions:
  89 //  * |key| is a non-null AES-GCM key.
  90 //  * |tag_length_bits| is one of {32, 64, 96, 104, 112, 120, 128}
  91 Status EncryptDecryptAesGcm(EncryptOrDecrypt mode,
  92                             SymKey* key,
  93                             const CryptoData& data,
  94                             const CryptoData& iv,
  95                             const CryptoData& additional_data,
  96                             unsigned int tag_length_bits,
  97                             std::vector<uint8>* buffer);
  98
  99 // Preconditions:
 100 //  * |key| is non-null
 101 //  * |hash| is a digest algorithm
 102 //  * |label| MAY be empty (e.g. 0 bytes long).
 103 Status EncryptRsaOaep(PublicKey* key,
 104                       const blink::WebCryptoAlgorithm& hash,
 105                       const CryptoData& label,
 106                       const CryptoData& data,
 107                       std::vector<uint8>* buffer);
 108
 109 // Preconditions:
 110 //   * |key| is non-null
 111 //   * |hash| is a digest algorithm
 112 //   * |label| MAY be empty (e.g. 0 bytes long).
 113 Status DecryptRsaOaep(PrivateKey* key,
 114                       const blink::WebCryptoAlgorithm& hash,
 115                       const CryptoData& label,
 116                       const CryptoData& data,
 117                       std::vector<uint8>* buffer);
 118
 119 // Preconditions:
 120 //  * |key| is a non-null HMAC key.
 121 //  * |hash| is a digest algorithm.
 122 Status SignHmac(SymKey* key,
 123                 const blink::WebCryptoAlgorithm& hash,
 124                 const CryptoData& data,
 125                 std::vector<uint8>* buffer);
 126
 127 // Preconditions:
 128 //  * |algorithm| is a SHA function.
 129 Status DigestSha(blink::WebCryptoAlgorithmId algorithm,
 130                  const CryptoData& data,
 131                  std::vector<uint8>* buffer);
 132
 133 // Preconditions:
 134 //  * |algorithm| is a SHA function.
 135 scoped_ptr<blink::WebCryptoDigestor> CreateDigestor(
 136     blink::WebCryptoAlgorithmId algorithm);
 137
 138 // Preconditions:
 139 //  * |key| is non-null.
 140 //  * |hash| is a digest algorithm.
 141 Status SignRsaSsaPkcs1v1_5(PrivateKey* key,
 142                            const blink::WebCryptoAlgorithm& hash,
 143                            const CryptoData& data,
 144                            std::vector<uint8>* buffer);
 145
 146 // Preconditions:
 147 //  * |key| is non-null.
 148 //  * |hash| is a digest algorithm.
 149 Status VerifyRsaSsaPkcs1v1_5(PublicKey* key,
 150                              const blink::WebCryptoAlgorithm& hash,
 151                              const CryptoData& signature,
 152                              const CryptoData& data,
 153                              bool* signature_match);
 154
 155 // |keylen_bytes| is the desired length of the key in bits.
 156 //
 157 // Preconditions:
 158 //  * algorithm.id() is for a symmetric key algorithm.
 159 //  * keylen_bytes is non-zero (TODO(eroman): revisit this).
 160 //  * For AES algorithms |keylen_bytes| is either 16, 24, or 32 bytes long.
 161 //  * usage_mask makes sense for the algorithm.
 162 Status GenerateSecretKey(const blink::WebCryptoAlgorithm& algorithm,
 163                          bool extractable,
 164                          blink::WebCryptoKeyUsageMask usage_mask,
 165                          unsigned keylen_bytes,
 166                          blink::WebCryptoKey* key);
 167
 168 // Preconditions:
 169 //  * algorithm.id() is for an RSA algorithm.
 170 //  * public_exponent, modulus_length_bits and hash_or_null are the same as what
 171 //    is in algorithm. They are split out for convenience.
 172 //  * modulus_length_bits is not 0
 173 //  * public_exponent is not empty.
 174 //  * {public|private}_key_usage_mask make sense for the algorithm.
 175 Status GenerateRsaKeyPair(const blink::WebCryptoAlgorithm& algorithm,
 176                           bool extractable,
 177                           blink::WebCryptoKeyUsageMask public_key_usage_mask,
 178                           blink::WebCryptoKeyUsageMask private_key_usage_mask,
 179                           unsigned int modulus_length_bits,
 180                           unsigned long public_exponent,
 181                           blink::WebCryptoKey* public_key,
 182                           blink::WebCryptoKey* private_key);
 183
 184 // Preconditions:
 185 //  * |key| is non-null.
 186 //  * |algorithm.id()| is for a symmetric key algorithm.
 187 //  * For AES algorithms |key_data| is either 16, 24, or 32 bytes long.
 188 //  * usage_mask makes sense for the algorithm.
 189 // Note that this may be called from target Blink thread.
 190 Status ImportKeyRaw(const blink::WebCryptoAlgorithm& algorithm,
 191                     const CryptoData& key_data,
 192                     bool extractable,
 193                     blink::WebCryptoKeyUsageMask usage_mask,
 194                     blink::WebCryptoKey* key);
 195
 196 // Preconditions:
 197 //  * algorithm.id() is for an RSA algorithm.
 198 //  * usage_mask makes sense for the algorithm.
 199 Status ImportRsaPublicKey(const blink::WebCryptoAlgorithm& algorithm,
 200                           bool extractable,
 201                           blink::WebCryptoKeyUsageMask usage_mask,
 202                           const CryptoData& modulus_data,
 203                           const CryptoData& exponent_data,
 204                           blink::WebCryptoKey* key);
 205
 206 // Preconditions:
 207 //  * algorithm.id() is for an RSA algorithm.
 208 //  * modulus, public_exponent, and private_exponent will be non-empty. The
 209 //    others will either all be specified (non-empty), or all be unspecified
 210 //    (empty).
 211 //  * usage_mask makes sense for the algorithm.
 212 Status ImportRsaPrivateKey(const blink::WebCryptoAlgorithm& algorithm,
 213                            bool extractable,
 214                            blink::WebCryptoKeyUsageMask usage_mask,
 215                            const CryptoData& modulus,
 216                            const CryptoData& public_exponent,
 217                            const CryptoData& private_exponent,
 218                            const CryptoData& prime1,
 219                            const CryptoData& prime2,
 220                            const CryptoData& exponent1,
 221                            const CryptoData& exponent2,
 222                            const CryptoData& coefficient,
 223                            blink::WebCryptoKey* key);
 224
 225 // Note that this may be called from target Blink thread.
 226 // Preconditions:
 227 //  * usage_mask makes sense for the algorithm.
 228 Status ImportKeySpki(const blink::WebCryptoAlgorithm& algorithm,
 229                      const CryptoData& key_data,
 230                      bool extractable,
 231                      blink::WebCryptoKeyUsageMask usage_mask,
 232                      blink::WebCryptoKey* key);
 233
 234 // Note that this may be called from target Blink thread.
 235 // Preconditions:
 236 //  * usage_mask makes sense for the algorithm.
 237 Status ImportKeyPkcs8(const blink::WebCryptoAlgorithm& algorithm,
 238                       const CryptoData& key_data,
 239                       bool extractable,
 240                       blink::WebCryptoKeyUsageMask usage_mask,
 241                       blink::WebCryptoKey* key);
 242
 243 // Preconditions:
 244 //  * |key| is non-null.
 245 Status ExportKeyRaw(SymKey* key, std::vector<uint8>* buffer);
 246
 247 // Preconditions:
 248 //  * |key| is non-null.
 249 Status ExportKeySpki(PublicKey* key, std::vector<uint8>* buffer);
 250
 251 // Preconditions:
 252 //  * |key| is non-null.
 253 Status ExportRsaPublicKey(PublicKey* key,
 254                           std::vector<uint8>* modulus,
 255                           std::vector<uint8>* public_exponent);
 256
 257 // Preconditions:
 258 //  * |key| is non-null.
 259 Status ExportRsaPrivateKey(PrivateKey* key,
 260                            std::vector<uint8>* modulus,
 261                            std::vector<uint8>* public_exponent,
 262                            std::vector<uint8>* private_exponent,
 263                            std::vector<uint8>* prime1,
 264                            std::vector<uint8>* prime2,
 265                            std::vector<uint8>* exponent1,
 266                            std::vector<uint8>* exponent2,
 267                            std::vector<uint8>* coefficient);
 268
 269 // Preconditions:
 270 //  * |key| is non-null.
 271 Status ExportKeyPkcs8(PrivateKey* key,
 272                       const blink::WebCryptoKeyAlgorithm& key_algorithm,
 273                       std::vector<uint8>* buffer);
 274
 275 // Performs AES-KW encryption/decryption on the input |data|.
 276 // Preconditions:
 277 //  * |key| is non-null
 278 //  * |data| is multiple of 8 bytes. If encrypting it is at least 16 bytes, and
 279 //    if decrypting at least 24 bytes.
 280 //  * |buffer| is non-null.
 281 Status EncryptDecryptAesKw(EncryptOrDecrypt mode,
 282                            SymKey* key,
 283                            const CryptoData& data,
 284                            std::vector<uint8>* buffer);
 285
 286 }  // namespace platform
 287
 288 }  // namespace webcrypto
 289
 290 }  // namespace content
 291
 292 #endif  // CONTENT_CHILD_WEBCRYPTO_PLATFORM_CRYPTO_H_