зеркало из https://github.com/mozilla/gecko-dev.git
225 строки
7.8 KiB
Plaintext
225 строки
7.8 KiB
Plaintext
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* ***** BEGIN LICENSE BLOCK *****
|
|
* Version: MPL 1.1/GPL 2.0/LGPL 2.1
|
|
*
|
|
* The contents of this file are subject to the Mozilla Public License Version
|
|
* 1.1 (the "License"); you may not use this file except in compliance with
|
|
* the License. You may obtain a copy of the License at
|
|
* http://www.mozilla.org/MPL/
|
|
*
|
|
* Software distributed under the License is distributed on an "AS IS" basis,
|
|
* WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
|
|
* for the specific language governing rights and limitations under the
|
|
* License.
|
|
*
|
|
* The Original Code is Weave code.
|
|
*
|
|
* The Initial Developer of the Original Code is
|
|
* Mozilla Corporation
|
|
* Portions created by the Initial Developer are Copyright (C) 2007
|
|
* the Initial Developer. All Rights Reserved.
|
|
*
|
|
* Contributor(s):
|
|
* Dan Mills <thunder@mozilla.com> (original author)
|
|
* Honza Bambas <honzab@allpeers.com>
|
|
* Justin Dolske <dolske@mozilla.com>
|
|
*
|
|
* Alternatively, the contents of this file may be used under the terms of
|
|
* either the GNU General Public License Version 2 or later (the "GPL"), or
|
|
* the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
|
|
* in which case the provisions of the GPL or the LGPL are applicable instead
|
|
* of those above. If you wish to allow use of your version of this file only
|
|
* under the terms of either the GPL or the LGPL, and not to allow others to
|
|
* use your version of this file under the terms of the MPL, indicate your
|
|
* decision by deleting the provisions above and replace them with the notice
|
|
* and other provisions required by the GPL or the LGPL. If you do not delete
|
|
* the provisions above, a recipient may use your version of this file under
|
|
* the terms of any one of the MPL, the GPL or the LGPL.
|
|
*
|
|
* ***** END LICENSE BLOCK ***** */
|
|
|
|
#include "nsISupports.idl"
|
|
|
|
[scriptable, uuid(f4463043-315e-41f3-b779-82e900e6fffa)]
|
|
interface IWeaveCrypto : nsISupports
|
|
{
|
|
/**
|
|
* Shortcuts for some algorithm SEC OIDs. Full list available here:
|
|
* http://lxr.mozilla.org/seamonkey/source/security/nss/lib/util/secoidt.h
|
|
*/
|
|
|
|
const unsigned long DES_EDE3_CBC = 156;
|
|
const unsigned long AES_128_CBC = 184;
|
|
const unsigned long AES_192_CBC = 186;
|
|
const unsigned long AES_256_CBC = 188;
|
|
|
|
/**
|
|
* One of the above constants. Used as the mechanism for encrypting bulk
|
|
* data and wrapping keys.
|
|
*
|
|
* Default is AES_256_CBC.
|
|
*/
|
|
attribute unsigned long algorithm;
|
|
|
|
/**
|
|
* The size of the RSA key to create with generateKeypair().
|
|
*
|
|
* Default is 2048.
|
|
*/
|
|
attribute unsigned long keypairBits;
|
|
|
|
/**
|
|
* Encrypt data using a symmetric key.
|
|
* The algorithm attribute specifies how the encryption is performed.
|
|
*
|
|
* @param clearText
|
|
* The data to be encrypted (not base64 encoded).
|
|
* @param symmetricKey
|
|
* A base64-encoded symmetric key (eg, one from generateRandomKey).
|
|
* @param iv
|
|
* A base64-encoded initialization vector
|
|
* @returns Encrypted data, base64 encoded
|
|
*/
|
|
ACString encrypt(in AUTF8String clearText,
|
|
in ACString symmetricKey, in ACString iv);
|
|
|
|
/**
|
|
* Encrypt data using a symmetric key.
|
|
* The algorithm attribute specifies how the encryption is performed.
|
|
*
|
|
* @param cipherText
|
|
* The base64-encoded data to be decrypted
|
|
* @param symmetricKey
|
|
* A base64-encoded symmetric key (eg, one from unwrapSymmetricKey)
|
|
* @param iv
|
|
* A base64-encoded initialization vector
|
|
* @returns Decrypted data (not base64-encoded)
|
|
*/
|
|
AUTF8String decrypt(in ACString cipherText,
|
|
in ACString symmetricKey, in ACString iv);
|
|
|
|
/**
|
|
* Generate a RSA public/private keypair.
|
|
*
|
|
* @param aPassphrase
|
|
* User's passphrase. Used with PKCS#5 to generate a symmetric key
|
|
* for wrapping the private key.
|
|
* @param aSalt
|
|
* Salt for the user's passphrase.
|
|
* @param aIV
|
|
* Random IV, used when wrapping the private key.
|
|
* @param aEncodedPublicKey
|
|
* The public key, base-64 encoded.
|
|
* @param aWrappedPrivateKey
|
|
* The public key, encrypted with the user's passphrase, and base-64 encoded.
|
|
*/
|
|
void generateKeypair(in ACString aPassphrase, in ACString aSalt, in ACString aIV,
|
|
out ACString aEncodedPublicKey, out ACString aWrappedPrivateKey);
|
|
|
|
/*
|
|
* Generate a random symmetric key.
|
|
*
|
|
* @returns The random key, base64 encoded
|
|
*/
|
|
ACString generateRandomKey();
|
|
|
|
/*
|
|
* Generate a random IV.
|
|
*
|
|
* The IV will be sized for the algorithm specified in the algorithm
|
|
* attribute of IWeaveCrypto.
|
|
*
|
|
* @returns The random IV, base64 encoded
|
|
*/
|
|
ACString generateRandomIV();
|
|
|
|
/*
|
|
* Generate random data.
|
|
*
|
|
* @param aByteCount
|
|
* The number of bytes of random data to generate.
|
|
* @returns The random bytes, base64-encoded
|
|
*/
|
|
ACString generateRandomBytes(in unsigned long aByteCount);
|
|
|
|
|
|
/**
|
|
* Encrypts a symmetric key with a user's public key.
|
|
*
|
|
* @param aSymmetricKey
|
|
* The base64 encoded string holding a symmetric key.
|
|
* @param aEncodedPublicKey
|
|
* The base64 encoded string holding a public key.
|
|
* @returns The wrapped symmetric key, base64 encoded
|
|
*
|
|
* For RSA, the unencoded public key is a PKCS#1 object.
|
|
*/
|
|
ACString wrapSymmetricKey(in ACString aSymmetricKey,
|
|
in ACString aEncodedPublicKey);
|
|
|
|
/**
|
|
* Decrypts a symmetric key with a user's private key.
|
|
*
|
|
* @param aWrappedSymmetricKey
|
|
* The base64 encoded string holding an encrypted symmetric key.
|
|
* @param aWrappedPrivateKey
|
|
* The base64 encoded string holdering an encrypted private key.
|
|
* @param aPassphrase
|
|
* The passphrase to decrypt the private key.
|
|
* @param aSalt
|
|
* The salt for the passphrase.
|
|
* @param aIV
|
|
* The random IV used when unwrapping the private key.
|
|
* @returns The unwrapped symmetric key, base64 encoded
|
|
*
|
|
* For RSA, the unencoded, decrypted key is a PKCS#1 object.
|
|
*/
|
|
ACString unwrapSymmetricKey(in ACString aWrappedSymmetricKey,
|
|
in ACString aWrappedPrivateKey,
|
|
in ACString aPassphrase,
|
|
in ACString aSalt,
|
|
in ACString aIV);
|
|
|
|
/**
|
|
* Rewrap a private key with a new user passphrase.
|
|
*
|
|
* @param aWrappedPrivateKey
|
|
* The base64 encoded string holding an encrypted private key.
|
|
* @param aPassphrase
|
|
* The passphrase to decrypt the private key.
|
|
* @param aSalt
|
|
* The salt for the passphrase.
|
|
* @param aIV
|
|
* The random IV used when unwrapping the private key.
|
|
* @param aNewPassphrase
|
|
* The new passphrase to wrap the private key with.
|
|
* @returns The (re)wrapped private key, base64 encoded
|
|
*
|
|
*/
|
|
ACString rewrapPrivateKey(in ACString aWrappedPrivateKey,
|
|
in ACString aPassphrase,
|
|
in ACString aSalt,
|
|
in ACString aIV,
|
|
in ACString aNewPassphrase);
|
|
|
|
/**
|
|
* Verify a user's passphrase against a private key.
|
|
*
|
|
* @param aWrappedPrivateKey
|
|
* The base64 encoded string holding an encrypted private key.
|
|
* @param aPassphrase
|
|
* The passphrase to decrypt the private key.
|
|
* @param aSalt
|
|
* The salt for the passphrase.
|
|
* @param aIV
|
|
* The random IV used when unwrapping the private key.
|
|
* @returns Boolean true if the passphrase decrypted the key correctly.
|
|
*
|
|
*/
|
|
boolean verifyPassphrase(in ACString aWrappedPrivateKey,
|
|
in ACString aPassphrase,
|
|
in ACString aSalt,
|
|
in ACString aIV);
|
|
};
|
|
|