OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ | 5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ |
6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ | 6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ |
7 | 7 |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
(...skipping 13 matching lines...) Expand all Loading... | |
24 | 24 |
25 // Signs data using a bare private key (as opposed to a full certificate). | 25 // Signs data using a bare private key (as opposed to a full certificate). |
26 // We need this class because SignatureCreator is hardcoded to use | 26 // We need this class because SignatureCreator is hardcoded to use |
27 // RSAPrivateKey. | 27 // RSAPrivateKey. |
28 class CRYPTO_EXPORT ECSignatureCreator { | 28 class CRYPTO_EXPORT ECSignatureCreator { |
29 public: | 29 public: |
30 virtual ~ECSignatureCreator() {} | 30 virtual ~ECSignatureCreator() {} |
31 | 31 |
32 // Create an instance. The caller must ensure that the provided PrivateKey | 32 // Create an instance. The caller must ensure that the provided PrivateKey |
33 // instance outlives the created ECSignatureCreator. | 33 // instance outlives the created ECSignatureCreator. |
34 // TODO(rch): This is currently hard coded to use SHA1. Ideally, we should | 34 // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should |
35 // pass in the hash algorithm identifier. | 35 // pass in the hash algorithm identifier. |
36 static ECSignatureCreator* Create(ECPrivateKey* key); | 36 static ECSignatureCreator* Create(ECPrivateKey* key); |
37 | 37 |
38 // Set a factory to make the Create function return non-standard | 38 // Set a factory to make the Create function return non-standard |
39 // ECSignatureCreator objects. Because the ECDSA algorithm involves | 39 // ECSignatureCreator objects. Because the ECDSA algorithm involves |
40 // randomness, this is useful for higher-level tests that want to have | 40 // randomness, this is useful for higher-level tests that want to have |
41 // deterministic mocked output to compare. | 41 // deterministic mocked output to compare. |
42 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); | 42 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); |
43 | 43 |
44 // Signs |data_len| bytes from |data| and writes the results into | 44 // Signs |data_len| bytes from |data| and writes the results into |
45 // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279. | 45 // |signature| as a pair of big-endian field elements. |
wtc
2012/09/12 19:47:45
The r and s of a signature are integers. (The x,y
agl
2012/09/12 21:41:46
This is a NIST curve, so x and y are field element
wtc
2012/09/12 22:06:27
For P-256, r and s are integers mod n, whereas x a
| |
46 // | |
47 // ECDSA-Sig-Value ::= SEQUENCE { | |
48 // r INTEGER, | |
49 // s INTEGER } | |
50 virtual bool Sign(const uint8* data, | 46 virtual bool Sign(const uint8* data, |
51 int data_len, | 47 int data_len, |
52 std::vector<uint8>* signature) = 0; | 48 std::vector<uint8>* signature) = 0; |
53 }; | 49 }; |
54 | 50 |
55 } // namespace crypto | 51 } // namespace crypto |
56 | 52 |
57 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ | 53 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ |
OLD | NEW |