Roll src/third_party/WebKit d9c6159:8139f33 (svn 201974:201975)
[chromium-blink-merge.git] / components / webcrypto / nss / util_nss.h
blob04a44ebd184e446d2e9a8665ef9f2e31026a52b7
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef COMPONENTS_WEBCRYPTO_NSS_UTIL_NSS_H_
6 #define COMPONENTS_WEBCRYPTO_NSS_UTIL_NSS_H_
8 #include <keythi.h>
9 #include <pkcs11t.h>
10 #include <seccomon.h>
11 #include <secmodt.h>
13 #include "base/lazy_instance.h"
15 namespace webcrypto {
17 class CryptoData;
19 SECItem MakeSECItemForBuffer(const CryptoData& buffer);
20 enum EncryptOrDecrypt { ENCRYPT, DECRYPT };
22 CryptoData SECItemToCryptoData(const SECItem& item);
24 const CK_FLAGS kAllOperationFlags =
25 CKF_ENCRYPT | CKF_DECRYPT | CKF_SIGN | CKF_VERIFY | CKF_WRAP | CKF_UNWRAP;
27 // Signature for PK11_Encrypt and PK11_Decrypt.
28 typedef SECStatus (*PK11_EncryptDecryptFunction)(PK11SymKey*,
29 CK_MECHANISM_TYPE,
30 SECItem*,
31 unsigned char*,
32 unsigned int*,
33 unsigned int,
34 const unsigned char*,
35 unsigned int);
37 // Signature for PK11_PubEncrypt
38 typedef SECStatus (*PK11_PubEncryptFunction)(SECKEYPublicKey*,
39 CK_MECHANISM_TYPE,
40 SECItem*,
41 unsigned char*,
42 unsigned int*,
43 unsigned int,
44 const unsigned char*,
45 unsigned int,
46 void*);
48 // Signature for PK11_PrivDecrypt
49 typedef SECStatus (*PK11_PrivDecryptFunction)(SECKEYPrivateKey*,
50 CK_MECHANISM_TYPE,
51 SECItem*,
52 unsigned char*,
53 unsigned int*,
54 unsigned int,
55 const unsigned char*,
56 unsigned int);
58 // Singleton that detects whether or not AES-GCM and
59 // RSA-OAEP are supported by the version of NSS being used.
60 // On non-Linux platforms, Chromium embedders ship with a
61 // fixed version of NSS, and these are always available.
62 // However, on Linux (and ChromeOS), NSS is provided by the
63 // system, and thus not all algorithms may be available
64 // or be safe to use.
65 class NssRuntimeSupport {
66 public:
67 bool IsAesGcmSupported() const {
68 return pk11_encrypt_func_ && pk11_decrypt_func_;
71 bool IsRsaOaepSupported() const {
72 return pk11_pub_encrypt_func_ && pk11_priv_decrypt_func_ &&
73 internal_slot_does_oaep_;
76 // Returns NULL if unsupported.
77 PK11_EncryptDecryptFunction pk11_encrypt_func() const {
78 return pk11_encrypt_func_;
81 // Returns NULL if unsupported.
82 PK11_EncryptDecryptFunction pk11_decrypt_func() const {
83 return pk11_decrypt_func_;
86 // Returns NULL if unsupported.
87 PK11_PubEncryptFunction pk11_pub_encrypt_func() const {
88 return pk11_pub_encrypt_func_;
91 // Returns NULL if unsupported.
92 PK11_PrivDecryptFunction pk11_priv_decrypt_func() const {
93 return pk11_priv_decrypt_func_;
96 static NssRuntimeSupport* Get();
98 private:
99 friend struct base::DefaultLazyInstanceTraits<NssRuntimeSupport>;
101 NssRuntimeSupport();
103 PK11_EncryptDecryptFunction pk11_encrypt_func_;
104 PK11_EncryptDecryptFunction pk11_decrypt_func_;
105 PK11_PubEncryptFunction pk11_pub_encrypt_func_;
106 PK11_PrivDecryptFunction pk11_priv_decrypt_func_;
107 bool internal_slot_does_oaep_;
110 } // namespace webcrypto
112 #endif // COMPONENTS_WEBCRYPTO_NSS_UTIL_NSS_H_