OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/ec_signature_creator_impl.h" | 5 #include "crypto/ec_signature_creator_impl.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <secerr.h> | 9 #include <secerr.h> |
10 #include <sechash.h> | 10 #include <sechash.h> |
(...skipping 24 matching lines...) Expand all Loading... | |
35 std::vector<uint8> hash_data(HASH_ResultLen(hash_type)); | 35 std::vector<uint8> hash_data(HASH_ResultLen(hash_type)); |
36 SECStatus rv = HASH_HashBuf( | 36 SECStatus rv = HASH_HashBuf( |
37 hash_type, &hash_data[0], input->data, input->len); | 37 hash_type, &hash_data[0], input->data, input->len); |
38 if (rv != SECSuccess) | 38 if (rv != SECSuccess) |
39 return rv; | 39 return rv; |
40 SECItem hash = {siBuffer, &hash_data[0], | 40 SECItem hash = {siBuffer, &hash_data[0], |
41 static_cast<unsigned int>(hash_data.size())}; | 41 static_cast<unsigned int>(hash_data.size())}; |
42 | 42 |
43 // Compute signature of hash. | 43 // Compute signature of hash. |
44 int signature_len = PK11_SignatureLen(key); | 44 int signature_len = PK11_SignatureLen(key); |
45 std::vector<uint8> signature_data(signature_len); | 45 result = SECITEM_AllocItem(NULL, result, signature_len); |
46 SECItem sig = {siBuffer, &signature_data[0], | 46 rv = PK11_Sign(key, result, &hash); |
47 static_cast<unsigned int>(signature_len)}; | |
48 rv = PK11_Sign(key, &sig, &hash); | |
49 if (rv != SECSuccess) | 47 if (rv != SECSuccess) |
50 return rv; | 48 SECITEM_FreeItem(result, false /* don't free *result itself */); |
wtc
2012/09/12 19:47:45
Change "false" to "PR_FALSE".
agl
2012/09/12 21:41:46
(moot)
| |
51 | 49 return rv; |
52 // DER encode the signature. | |
53 return DSAU_EncodeDerSigWithLen(result, &sig, sig.len); | |
54 } | 50 } |
55 | 51 |
56 } // namespace | 52 } // namespace |
57 | 53 |
58 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) | 54 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) |
59 : key_(key) { | 55 : key_(key) { |
60 EnsureNSSInit(); | 56 EnsureNSSInit(); |
61 } | 57 } |
62 | 58 |
63 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} | 59 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} |
64 | 60 |
65 bool ECSignatureCreatorImpl::Sign(const uint8* data, | 61 bool ECSignatureCreatorImpl::Sign(const uint8* data, |
66 int data_len, | 62 int data_len, |
67 std::vector<uint8>* signature) { | 63 std::vector<uint8>* signature) { |
68 // Data to be signed | 64 // Data to be signed |
69 SECItem secret; | 65 SECItem secret; |
70 secret.type = siBuffer; | 66 secret.type = siBuffer; |
71 secret.len = data_len; | 67 secret.len = data_len; |
72 secret.data = const_cast<unsigned char*>(data); | 68 secret.data = const_cast<unsigned char*>(data); |
73 | 69 |
74 // SECItem to receive the output buffer. | 70 // SECItem to receive the output buffer. |
75 SECItem result; | 71 SECItem result; |
76 result.type = siBuffer; | 72 result.type = siBuffer; |
77 result.len = 0; | 73 result.len = 0; |
78 result.data = NULL; | 74 result.data = NULL; |
79 | 75 |
80 // Sign the secret data and save it to |result|. | 76 // Sign the secret data and save it to |result|. |
81 SECStatus rv = | 77 SECStatus rv = |
82 SignData(&result, &secret, key_->key(), HASH_AlgSHA1); | 78 SignData(&result, &secret, key_->key(), HASH_AlgSHA256); |
83 if (rv != SECSuccess) { | 79 if (rv != SECSuccess) { |
84 DLOG(ERROR) << "DerSignData: " << PORT_GetError(); | 80 DLOG(ERROR) << "DerSignData: " << PORT_GetError(); |
85 return false; | 81 return false; |
86 } | 82 } |
87 | 83 |
88 // Copy the signed data into the output vector. | 84 // Copy the signed data into the output vector. |
89 signature->assign(result.data, result.data + result.len); | 85 signature->assign(result.data, result.data + result.len); |
90 SECITEM_FreeItem(&result, PR_FALSE /* only free |result.data| */); | 86 SECITEM_FreeItem(&result, PR_FALSE /* only free |result.data| */); |
91 return true; | 87 return true; |
92 } | 88 } |
93 | 89 |
94 } // namespace crypto | 90 } // namespace crypto |
OLD | NEW |