crypto/ec_signature_creator.h - Issue 10910226: crypto: change ECSignatureCreator defaults to match SPDY.

Side by Side Diff: crypto/ec_signature_creator.h

Issue 10910226: crypto: change ECSignatureCreator defaults to match SPDY. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Address rsleevi's comments Created 8 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_	5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_

6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_	6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_

7	7

8 #include <vector>	8 #include <vector>

9	9

10 #include "base/basictypes.h"	10 #include "base/basictypes.h"

(...skipping 13 matching lines...) Expand all Loading...
24	24

25 // Signs data using a bare private key (as opposed to a full certificate).	25 // Signs data using a bare private key (as opposed to a full certificate).

26 // We need this class because SignatureCreator is hardcoded to use	26 // We need this class because SignatureCreator is hardcoded to use

27 // RSAPrivateKey.	27 // RSAPrivateKey.

28 class CRYPTO_EXPORT ECSignatureCreator {	28 class CRYPTO_EXPORT ECSignatureCreator {

29 public:	29 public:

30 virtual ~ECSignatureCreator() {}	30 virtual ~ECSignatureCreator() {}

31	31

32 // Create an instance. The caller must ensure that the provided PrivateKey	32 // Create an instance. The caller must ensure that the provided PrivateKey

33 // instance outlives the created ECSignatureCreator.	33 // instance outlives the created ECSignatureCreator.

34 // TODO(rch): This is currently hard coded to use SHA1. Ideally, we should	34 // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should

35 // pass in the hash algorithm identifier.	35 // pass in the hash algorithm identifier.

36 static ECSignatureCreator* Create(ECPrivateKey* key);	36 static ECSignatureCreator* Create(ECPrivateKey* key);

37	37

38 // Set a factory to make the Create function return non-standard	38 // Set a factory to make the Create function return non-standard

39 // ECSignatureCreator objects. Because the ECDSA algorithm involves	39 // ECSignatureCreator objects. Because the ECDSA algorithm involves

40 // randomness, this is useful for higher-level tests that want to have	40 // randomness, this is useful for higher-level tests that want to have

41 // deterministic mocked output to compare.	41 // deterministic mocked output to compare.

42 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory);	42 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory);

43	43

44 // Signs \|data_len\| bytes from \|data\| and writes the results into	44 // Signs \|data_len\| bytes from \|data\| and writes the results into

45 // \|signature\| as a DER encoded ECDSA-Sig-Value from RFC 3279.	45 // \|signature\| as a pair of big-endian field elements.
	wtc 2012/09/12 19:47:45 The r and s of a signature are integers. (The x,y The r and s of a signature are integers. (The x,y coordinates of a point are field elements.) This comments needs to say the r and s integers are each big-endian, zero-padded to the right length, and then concatenated. That right length is hard to describe concisely (the length in bytes of the order of the curve's base point). For P-256, that's 32 bytes. agl 2012/09/12 21:41:46 This is a NIST curve, so x and y are field element Show quoted text On 2012/09/12 19:47:45, wtc wrote: > > The r and s of a signature are integers. (The x,y coordinates > of a point are field elements.) This is a NIST curve, so x and y are field elements too (of the scalar field). Although I agree that it might confuse things to call them that, so I've removed that wording. Show quoted text > This comments needs to say the r and s integers are each > big-endian, zero-padded to the right length, and then > concatenated. That right length is hard to describe > concisely (the length in bytes of the order of the curve's > base point). For P-256, that's 32 bytes. Done. wtc 2012/09/12 22:06:27 For P-256, r and s are integers mod n, whereas x a Show quoted text On 2012/09/12 21:41:46, agl wrote: > > This is a NIST curve, so x and y are field elements too (of > the scalar field). For P-256, r and s are integers mod n, whereas x and y are integers mod p. n and p are both 256-bit primes but are different. This is why I think it's confusing to say r and s are field elements, even though they are technically because n < p.
46 //

47 // ECDSA-Sig-Value ::= SEQUENCE {

48 // r INTEGER,

49 // s INTEGER }

50 virtual bool Sign(const uint8* data,	46 virtual bool Sign(const uint8* data,

51 int data_len,	47 int data_len,

52 std::vector<uint8>* signature) = 0;	48 std::vector<uint8>* signature) = 0;

53 };	49 };

54	50

55 } // namespace crypto	51 } // namespace crypto

56	52

57 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_	53 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_

OLD	NEW

« no previous file with comments | « no previous file | crypto/ec_signature_creator_nss.cc » ('j') | crypto/ec_signature_creator_nss.cc » ('J')