Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / common / extensions / api / platform_keys_internal.idl
blob48719e2c91b6b831f7d00ac69d93e51307ced9e8
1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // Internal API for to implement the platformKeys and enterprise.platformKeys
6 // APIs.
7 [implemented_in = "chrome/browser/extensions/api/platform_keys/platform_keys_api.h"]
8 namespace platformKeysInternal {
9 callback SelectCallback = void (platformKeys.Match[] certs);
11 // Invoked by <code>sign</code>.
12 // |signature| The signature, a octet string.
13 callback SignCallback = void(ArrayBuffer signature);
15 // Called back by <code>getPublicKey</code>.
16 // |publicKey| The Subject Public Key Info (see X.509) of the requested
17 // certificate.
18 // |algorithm| A partial WebCrypto KeyAlgorithm containing all information
19 // that is available from the Subject Public Key Info. It does not contain
20 // signature/hash parameters.
21 callback GetPublicKeyCallback = void(ArrayBuffer publicKey, object algorithm);
23 interface Functions {
24 // See documentation in platformKeys.
25 static void selectClientCertificates(
26 platformKeys.SelectDetails details,
27 SelectCallback callback);
29 // Internal version of platformKeys.subtleCrypto.sign and
30 // enterprise.platformKeys.Token.subtleCrypto.sign.
31 // |tokenId| The id of a Token returned by |getTokens|.
32 // |publicKey| The Subject Public Key Info of a key previously generated by
33 // |generateKey| in DER encoding.
34 // |hashAlgorithmName| The recognized algorithm name of the hash algorithm,
35 // as specified by WebCrypto, that will be used to digest |data|
36 // before signing. Currently supported are: SHA-{1,256,384,512}.
37 // If instead the algorithm name "none" is provided, no hashing will be
38 // applied, the data is PKCS#1 v1.5 padded but not hashed.
39 // TODO(pneubeck): use an enum once supported:
40 // http://www.crbug.com/385539 .
41 // |data| The data to sign.
42 // |callback| Called back with the signature of |data|.
43 // TODO: Instead of ArrayBuffer should be (ArrayBuffer or ArrayBufferView),
44 // or at least (ArrayBuffer or Uint8Array).
45 static void sign(DOMString tokenId,
46 ArrayBuffer publicKey,
47 DOMString hashAlgorithmName,
48 ArrayBuffer data,
49 SignCallback callback);
51 // Checks whether <code>certificate</code> certifies a key that allows usage
52 // of the WebCrypto algorithm <code>algorithmName</code>. If so, calls back
53 // <code>callback</code> with the key info and a WebCrypto
54 // <code>KeyAlgorithm</code> dictionary describing the key's algorithm. The
55 // <code>name</code> property will equal <code>algorithmName</code>.
56 // Otherwise, calls back with an error.
57 static void getPublicKey(ArrayBuffer certificate,
58 DOMString algorithmName,
59 GetPublicKeyCallback callback);