/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ /* ***** BEGIN LICENSE BLOCK ***** * Version: MPL 1.1/GPL 2.0/LGPL 2.1 * * The contents of this file are subject to the Mozilla Public License Version * 1.1 (the "License"); you may not use this file except in compliance with * the License. You may obtain a copy of the License at * http://www.mozilla.org/MPL/ * * Software distributed under the License is distributed on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License * for the specific language governing rights and limitations under the * License. * * The Original Code is Weave code. * * The Initial Developer of the Original Code is * Mozilla Corporation * Portions created by the Initial Developer are Copyright (C) 2007 * the Initial Developer. All Rights Reserved. * * Contributor(s): * Dan Mills (original author) * Honza Bambas * Justin Dolske * * Alternatively, the contents of this file may be used under the terms of * either the GNU General Public License Version 2 or later (the "GPL"), or * the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), * in which case the provisions of the GPL or the LGPL are applicable instead * of those above. If you wish to allow use of your version of this file only * under the terms of either the GPL or the LGPL, and not to allow others to * use your version of this file under the terms of the MPL, indicate your * decision by deleting the provisions above and replace them with the notice * and other provisions required by the GPL or the LGPL. If you do not delete * the provisions above, a recipient may use your version of this file under * the terms of any one of the MPL, the GPL or the LGPL. * * ***** END LICENSE BLOCK ***** */ #include "nsISupports.idl" [scriptable, uuid(f4463043-315e-41f3-b779-82e900e6fffa)] interface IWeaveCrypto : nsISupports { /** * Shortcuts for some algorithm SEC OIDs. Full list available here: * http://lxr.mozilla.org/seamonkey/source/security/nss/lib/util/secoidt.h */ const unsigned long DES_EDE3_CBC = 156; const unsigned long AES_128_CBC = 184; const unsigned long AES_192_CBC = 186; const unsigned long AES_256_CBC = 188; /** * One of the above constants. Used as the mechanism for encrypting bulk * data and wrapping keys. * * Default is AES_256_CBC. */ attribute unsigned long algorithm; /** * The size of the RSA key to create with generateKeypair(). * * Default is 2048. */ attribute unsigned long keypairBits; /** * Encrypt data using a symmetric key. * The algorithm attribute specifies how the encryption is performed. * * @param clearText * The data to be encrypted (not base64 encoded). * @param symmetricKey * A base64-encoded symmetric key (eg, one from generateRandomKey). * @param iv * A base64-encoded initialization vector * @returns Encrypted data, base64 encoded */ ACString encrypt(in AUTF8String clearText, in ACString symmetricKey, in ACString iv); /** * Encrypt data using a symmetric key. * The algorithm attribute specifies how the encryption is performed. * * @param cipherText * The base64-encoded data to be decrypted * @param symmetricKey * A base64-encoded symmetric key (eg, one from unwrapSymmetricKey) * @param iv * A base64-encoded initialization vector * @returns Decrypted data (not base64-encoded) */ AUTF8String decrypt(in ACString cipherText, in ACString symmetricKey, in ACString iv); /** * Generate a RSA public/private keypair. * * @param aPassphrase * User's passphrase. Used with PKCS#5 to generate a symmetric key * for wrapping the private key. * @param aSalt * Salt for the user's passphrase. * @param aIV * Random IV, used when wrapping the private key. * @param aEncodedPublicKey * The public key, base-64 encoded. * @param aWrappedPrivateKey * The public key, encrypted with the user's passphrase, and base-64 encoded. */ void generateKeypair(in ACString aPassphrase, in ACString aSalt, in ACString aIV, out ACString aEncodedPublicKey, out ACString aWrappedPrivateKey); /* * Generate a random symmetric key. * * @returns The random key, base64 encoded */ ACString generateRandomKey(); /* * Generate a random IV. * * The IV will be sized for the algorithm specified in the algorithm * attribute of IWeaveCrypto. * * @returns The random IV, base64 encoded */ ACString generateRandomIV(); /* * Generate random data. * * @param aByteCount * The number of bytes of random data to generate. * @returns The random bytes, base64-encoded */ ACString generateRandomBytes(in unsigned long aByteCount); /** * Encrypts a symmetric key with a user's public key. * * @param aSymmetricKey * The base64 encoded string holding a symmetric key. * @param aEncodedPublicKey * The base64 encoded string holding a public key. * @returns The wrapped symmetric key, base64 encoded * * For RSA, the unencoded public key is a PKCS#1 object. */ ACString wrapSymmetricKey(in ACString aSymmetricKey, in ACString aEncodedPublicKey); /** * Decrypts a symmetric key with a user's private key. * * @param aWrappedSymmetricKey * The base64 encoded string holding an encrypted symmetric key. * @param aWrappedPrivateKey * The base64 encoded string holdering an encrypted private key. * @param aPassphrase * The passphrase to decrypt the private key. * @param aSalt * The salt for the passphrase. * @param aIV * The random IV used when unwrapping the private key. * @returns The unwrapped symmetric key, base64 encoded * * For RSA, the unencoded, decrypted key is a PKCS#1 object. */ ACString unwrapSymmetricKey(in ACString aWrappedSymmetricKey, in ACString aWrappedPrivateKey, in ACString aPassphrase, in ACString aSalt, in ACString aIV); };