OSKeyStore.h (3909B)
1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- 2 * 3 * This Source Code Form is subject to the terms of the Mozilla Public 4 * License, v. 2.0. If a copy of the MPL was not distributed with this 5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ 6 7 // Generic key store implementation for platforms that we don't support with OS 8 // specific implementations. 9 10 #ifndef OSKeyStore_h 11 #define OSKeyStore_h 12 13 #include "nsCOMPtr.h" 14 #include "nsIOSKeyStore.h" 15 #include "nsISerialEventTarget.h" 16 #include "nsString.h" 17 #include "ScopedNSSTypes.h" 18 19 #include <memory> 20 #include <vector> 21 22 class AbstractOSKeyStore { 23 public: 24 // Retrieve a secret with the given label. 25 virtual nsresult RetrieveSecret(const nsACString& aLabel, 26 /* out */ nsACString& aSecret) = 0; 27 // Store a new secret with the given label. 28 virtual nsresult StoreSecret(const nsACString& secret, 29 const nsACString& label) = 0; 30 // Delete the secret with the given label. 31 virtual nsresult DeleteSecret(const nsACString& label) = 0; 32 virtual ~AbstractOSKeyStore() = default; 33 34 // Returns NS_OK if the secret with the given label is available in the key 35 // store, an error indicating why it was not available otherwise. 36 virtual nsresult SecretAvailable(const nsACString& label); 37 // Perform encryption or decryption operation with the given secret and input 38 // bytes. The output is written in outBytes. This function can make use of the 39 // AesGcm class to use NSS for encryption and decryption. 40 virtual nsresult EncryptDecrypt(const nsACString& label, 41 const std::vector<uint8_t>& inBytes, 42 std::vector<uint8_t>& outBytes, bool encrypt); 43 44 size_t GetKeyByteLength() { return mKeyByteLength; } 45 46 protected: 47 /* These helper functions are implemented in OSKeyStore.cpp and implement 48 * common functionality of the abstract key store to encrypt and decrypt. 49 */ 50 nsresult DoCipher(const mozilla::UniquePK11SymKey& aSymKey, 51 const std::vector<uint8_t>& inBytes, 52 std::vector<uint8_t>& outBytes, bool aEncrypt); 53 nsresult BuildAesGcmKey(std::vector<uint8_t> keyBytes, 54 /* out */ mozilla::UniquePK11SymKey& aKey); 55 56 private: 57 const size_t mKeyByteLength = 16; 58 const size_t mIVLength = 12; 59 }; 60 61 #define NS_OSKEYSTORE_CONTRACTID "@mozilla.org/security/oskeystore;1" 62 #define NS_OSKEYSTORE_CID \ 63 {0x57972956, 0x5718, 0x42d2, {0x80, 0x70, 0xb3, 0xfc, 0x72, 0x21, 0x2e, 0xaf}} 64 65 nsresult GetPromise(JSContext* aCx, 66 /* out */ RefPtr<mozilla::dom::Promise>& aPromise); 67 68 class OSKeyStore final : public nsIOSKeyStore { 69 public: 70 NS_DECL_THREADSAFE_ISUPPORTS 71 NS_DECL_NSIOSKEYSTORE 72 73 OSKeyStore(); 74 nsresult GenerateSecret(const nsACString& aLabel, 75 /* out */ nsACString& aRecoveryPhrase); 76 nsresult SecretAvailable(const nsACString& aLabel, 77 /* out */ bool* aAvailable); 78 nsresult RecoverSecret(const nsACString& aLabel, 79 const nsACString& aRecoveryPhrase); 80 nsresult DeleteSecret(const nsACString& aLabel); 81 nsresult RetrieveRecoveryPhrase(const nsACString& aLabel, 82 /* out */ nsACString& aRecoveryPhrase); 83 nsresult EncryptBytes(const nsACString& aLabel, 84 const std::vector<uint8_t>& aInBytes, 85 /*out*/ nsACString& aEncryptedBase64Text); 86 nsresult DecryptBytes(const nsACString& aLabel, 87 const nsACString& aEncryptedBase64Text, 88 /*out*/ uint32_t* outLen, 89 /*out*/ uint8_t** outBytes); 90 91 private: 92 ~OSKeyStore() = default; 93 94 std::unique_ptr<AbstractOSKeyStore> mKs; 95 nsCOMPtr<nsISerialEventTarget> mBackgroundSerialEventTarget; 96 }; 97 98 #endif // OSKeyStore_h