| blob | b16504e9b5f443de5e8eb97b63d7369b23189afb |
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
6 #define CHROME_BROWSER_CHROMEOS_PLATFORM_KEYS_PLATFORM_KEYS_H_
8 #include <string>
9 #include <vector>
18 }
23 }
29 // A token is a store for keys or certs and can provide cryptographic
30 // operations.
31 // ChromeOS provides itself a user token and conditionally a system wide token,
32 // thus these tokens use static identifiers. The platform keys API is designed
33 // to support arbitrary other tokens in the future, which could then use
34 // run-time generated IDs.
38 // Supported hash algorithms.
40 HASH_ALGORITHM_SHA1,
41 HASH_ALGORITHM_SHA256,
42 HASH_ALGORITHM_SHA384,
43 HASH_ALGORITHM_SHA512
44 };
47 // Functions of this namespace shouldn't be called directly from the context of
48 // an extension. Instead use PlatformKeysService which enforces restrictions
49 // upon extensions.
53 GenerateKeyCallback;
55 // Generates a RSA key pair with |modulus_length_bits|. |token_id| is currently
56 // ignored, instead the user token associated with |browser_context| is always
57 // used. |callback| will be invoked with the resulting public key or an error.
66 // Digests |data| with |hash_algorithm| and afterwards signs the digest with the
67 // private key matching |public_key|, if that key is stored in the given token.
68 // |token_id| is currently ignored, instead the user token associated with
69 // |browser_context| is always used. |public_key| must be the DER encoding of a
70 // SubjectPublicKeyInfo. |callback| will be invoked with the signature or an
71 // error message.
72 // Currently supports RSA keys only.
75 HashAlgorithm hash_algorithm,
82 // If the list of certificates could be successfully retrieved, |certs| will
83 // contain the list of available certificates (maybe empty) and |error_message|
84 // will be empty. If an error occurred, |certs| will be empty and
85 // |error_message| contain an error message.
88 GetCertificatesCallback;
90 // Returns the list of all certificates with stored private key available from
91 // the given token. |token_id| is currently ignored, instead the user token
92 // associated with |browser_context| is always used. |callback| will be invoked
93 // with the list of available certificates or an error message.
98 // If an error occurred during import, |error_message| will be set to an error
99 // message.
101 ImportCertificateCallback;
103 // Imports |certificate| to the given token if the certified key is already
104 // stored in this token. Any intermediate of |certificate| will be ignored.
105 // |token_id| is currently ignored, instead the user token associated with
106 // |browser_context| is always used. |callback| will be invoked when the import
107 // is finished, possibly with an error message.
113 // If an error occurred during removal, |error_message| will be set to an error
114 // message.
116 RemoveCertificateCallback;
118 // Removes |certificate| from the given token if present. Any intermediate of
119 // |certificate| will be ignored. |token_id| is currently ignored, instead the
120 // user token associated with |browser_context| is always used. |callback| will
121 // be invoked when the removal is finished, possibly with an error message.
127 // If the list of available tokens could be successfully retrieved, |token_ids|
128 // will contain the token ids. If an error occurs, |token_ids| will be NULL and
129 // |error_message| will be set to an error message.
132 GetTokensCallback;
134 // Gets the list of available tokens. |callback| will be invoked when the list
135 // of available tokens is determined, possibly with an error message.
136 // Must be called and calls |callback| on the UI thread.