search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bug 1935611 - Fix libyuv/libpng link failed for loongarch64. r=glandium,tnikkel,ng
[gecko.git] / security / manager / ssl / OSKeyStore.h
blobd1cbd2529d9ad175881dbc20870436dee131b033
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 *
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 // Generic key store implementation for platforms that we don't support with OS
8 // specific implementations.
9
10 #ifndef OSKeyStore_h
11 #define OSKeyStore_h
12
13 #include "nsCOMPtr.h"
14 #include "nsIOSKeyStore.h"
15 #include "nsISerialEventTarget.h"
16 #include "nsString.h"
17 #include "ScopedNSSTypes.h"
18
19 #include <memory>
20 #include <vector>
21
22 class AbstractOSKeyStore {
23 public:
24 // Retrieve a secret with the given label.
25 virtual nsresult RetrieveSecret(const nsACString& aLabel,
26 /* out */ nsACString& aSecret) = 0;
27 // Store a new secret with the given label.
28 virtual nsresult StoreSecret(const nsACString& secret,
29 const nsACString& label) = 0;
30 // Delete the secret with the given label.
31 virtual nsresult DeleteSecret(const nsACString& label) = 0;
32 virtual ~AbstractOSKeyStore() = default;
33
34 // Returns true if the secret with the given label is available in the key
35 // store, false otherwise.
36 virtual bool SecretAvailable(const nsACString& label);
37 // Perform encryption or decryption operation with the given secret and input
38 // bytes. The output is written in outBytes. This function can make use of the
39 // AesGcm class to use NSS for encryption and decryption.
40 virtual nsresult EncryptDecrypt(const nsACString& label,
41 const std::vector<uint8_t>& inBytes,
42 std::vector<uint8_t>& outBytes, bool encrypt);
43
44 size_t GetKeyByteLength() { return mKeyByteLength; }
45
46 protected:
47 /* These helper functions are implemented in OSKeyStore.cpp and implement
48 * common functionality of the abstract key store to encrypt and decrypt.
49 */
50 nsresult DoCipher(const mozilla::UniquePK11SymKey& aSymKey,
51 const std::vector<uint8_t>& inBytes,
52 std::vector<uint8_t>& outBytes, bool aEncrypt);
53 nsresult BuildAesGcmKey(std::vector<uint8_t> keyBytes,
54 /* out */ mozilla::UniquePK11SymKey& aKey);
55
56 private:
57 const size_t mKeyByteLength = 16;
58 const size_t mIVLength = 12;
59 };
60
61 #define NS_OSKEYSTORE_CONTRACTID "@mozilla.org/security/oskeystore;1"
62 #define NS_OSKEYSTORE_CID \
63 { \
64 0x57972956, 0x5718, 0x42d2, { \
65 0x80, 0x70, 0xb3, 0xfc, 0x72, 0x21, 0x2e, 0xaf \
66 } \
67 }
68
69 nsresult GetPromise(JSContext* aCx,
70 /* out */ RefPtr<mozilla::dom::Promise>& aPromise);
71
72 class OSKeyStore final : public nsIOSKeyStore {
73 public:
74 NS_DECL_THREADSAFE_ISUPPORTS
75 NS_DECL_NSIOSKEYSTORE
76
77 OSKeyStore();
78 nsresult GenerateSecret(const nsACString& aLabel,
79 /* out */ nsACString& aRecoveryPhrase);
80 nsresult SecretAvailable(const nsACString& aLabel,
81 /* out */ bool* aAvailable);
82 nsresult RecoverSecret(const nsACString& aLabel,
83 const nsACString& aRecoveryPhrase);
84 nsresult DeleteSecret(const nsACString& aLabel);
85 nsresult RetrieveRecoveryPhrase(const nsACString& aLabel,
86 /* out */ nsACString& aRecoveryPhrase);
87 nsresult EncryptBytes(const nsACString& aLabel,
88 const std::vector<uint8_t>& aInBytes,
89 /*out*/ nsACString& aEncryptedBase64Text);
90 nsresult DecryptBytes(const nsACString& aLabel,
91 const nsACString& aEncryptedBase64Text,
92 /*out*/ uint32_t* outLen,
93 /*out*/ uint8_t** outBytes);
94
95 private:
96 ~OSKeyStore() = default;
97
98 std::unique_ptr<AbstractOSKeyStore> mKs;
99 nsCOMPtr<nsISerialEventTarget> mBackgroundSerialEventTarget;
100 };
101
102 #endif // OSKeyStore_h