OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ | 5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ |
6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ | 6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ |
7 | 7 |
8 #include <string> | |
8 #include <vector> | 9 #include <vector> |
9 | 10 |
10 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
11 #include "crypto/crypto_export.h" | 12 #include "crypto/crypto_export.h" |
12 | 13 |
13 namespace crypto { | 14 namespace crypto { |
14 | 15 |
15 class ECPrivateKey; | 16 class ECPrivateKey; |
16 class ECSignatureCreator; | 17 class ECSignatureCreator; |
17 | 18 |
18 class CRYPTO_EXPORT ECSignatureCreatorFactory { | 19 class CRYPTO_EXPORT ECSignatureCreatorFactory { |
19 public: | 20 public: |
20 virtual ~ECSignatureCreatorFactory() {} | 21 virtual ~ECSignatureCreatorFactory() {} |
21 | 22 |
22 virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0; | 23 virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0; |
23 }; | 24 }; |
24 | 25 |
25 // Signs data using a bare private key (as opposed to a full certificate). | 26 // Signs data using a bare private key (as opposed to a full certificate). |
26 // We need this class because SignatureCreator is hardcoded to use | 27 // We need this class because SignatureCreator is hardcoded to use |
27 // RSAPrivateKey. | 28 // RSAPrivateKey. |
28 class CRYPTO_EXPORT ECSignatureCreator { | 29 class CRYPTO_EXPORT ECSignatureCreator { |
29 public: | 30 public: |
30 virtual ~ECSignatureCreator() {} | 31 virtual ~ECSignatureCreator() {} |
31 | 32 |
32 // Create an instance. The caller must ensure that the provided PrivateKey | 33 // Create an instance. The caller must ensure that the provided PrivateKey |
33 // instance outlives the created ECSignatureCreator. | 34 // instance outlives the created ECSignatureCreator. |
34 // TODO(rch): This is currently hard coded to use SHA1. Ideally, we should | 35 // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should |
35 // pass in the hash algorithm identifier. | 36 // pass in the hash algorithm identifier. |
36 static ECSignatureCreator* Create(ECPrivateKey* key); | 37 static ECSignatureCreator* Create(ECPrivateKey* key); |
37 | 38 |
38 // Set a factory to make the Create function return non-standard | 39 // Set a factory to make the Create function return non-standard |
39 // ECSignatureCreator objects. Because the ECDSA algorithm involves | 40 // ECSignatureCreator objects. Because the ECDSA algorithm involves |
40 // randomness, this is useful for higher-level tests that want to have | 41 // randomness, this is useful for higher-level tests that want to have |
41 // deterministic mocked output to compare. | 42 // deterministic mocked output to compare. |
42 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); | 43 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); |
43 | 44 |
44 // Signs |data_len| bytes from |data| and writes the results into | 45 // Signs |data_len| bytes from |data| and writes the results into |
45 // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279. | 46 // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279. |
46 // | 47 // |
47 // ECDSA-Sig-Value ::= SEQUENCE { | 48 // ECDSA-Sig-Value ::= SEQUENCE { |
48 // r INTEGER, | 49 // r INTEGER, |
49 // s INTEGER } | 50 // s INTEGER } |
50 virtual bool Sign(const uint8* data, | 51 virtual bool Sign(const uint8* data, |
51 int data_len, | 52 int data_len, |
52 std::vector<uint8>* signature) = 0; | 53 std::vector<uint8>* signature) = 0; |
54 | |
55 // DecodeSignature converts from a DER encoded ECDSA-Sig-Value (as produced | |
56 // by Sign) to a `raw' ECDSA signature which consists of a pair of | |
57 // big-endian, zero-padded, 256-bit integers, r and s. On success it returns | |
wtc
2012/09/12 22:06:27
The size of r and s depends on the ECPrivateKey ob
agl
2012/09/13 20:17:59
I've changed the output to also be a std::vector<u
| |
58 // true and puts the raw signature into |out_raw_sig|. | |
59 virtual bool DecodeSignature(const std::vector<uint8>& signature, | |
60 std::string* out_raw_sig) = 0; | |
53 }; | 61 }; |
54 | 62 |
55 } // namespace crypto | 63 } // namespace crypto |
56 | 64 |
57 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ | 65 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ |
OLD | NEW |