OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/ec_signature_creator_impl.h" | 5 #include "crypto/ec_signature_creator_impl.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <pk11pub.h> | 8 #include <pk11pub.h> |
9 #include <secerr.h> | 9 #include <secerr.h> |
10 #include <sechash.h> | 10 #include <sechash.h> |
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
43 // Compute signature of hash. | 43 // Compute signature of hash. |
44 int signature_len = PK11_SignatureLen(key); | 44 int signature_len = PK11_SignatureLen(key); |
45 std::vector<uint8> signature_data(signature_len); | 45 std::vector<uint8> signature_data(signature_len); |
46 SECItem sig = {siBuffer, &signature_data[0], | 46 SECItem sig = {siBuffer, &signature_data[0], |
47 static_cast<unsigned int>(signature_len)}; | 47 static_cast<unsigned int>(signature_len)}; |
48 rv = PK11_Sign(key, &sig, &hash); | 48 rv = PK11_Sign(key, &sig, &hash); |
49 if (rv != SECSuccess) | 49 if (rv != SECSuccess) |
50 return rv; | 50 return rv; |
51 | 51 |
52 // DER encode the signature. | 52 // DER encode the signature. |
53 return DSAU_EncodeDerSigWithLen(result, &sig, sig.len); | 53 return DSAU_EncodeDerSigWithLen(result, &sig, sig.len); |
wtc
2012/09/12 22:06:27
To be future-proof, we should store sig.len in a m
agl
2012/09/13 20:17:59
Done.
| |
54 } | 54 } |
55 | 55 |
56 } // namespace | 56 } // namespace |
57 | 57 |
58 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) | 58 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) |
59 : key_(key) { | 59 : key_(key) { |
60 EnsureNSSInit(); | 60 EnsureNSSInit(); |
61 } | 61 } |
62 | 62 |
63 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} | 63 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} |
64 | 64 |
65 bool ECSignatureCreatorImpl::Sign(const uint8* data, | 65 bool ECSignatureCreatorImpl::Sign(const uint8* data, |
66 int data_len, | 66 int data_len, |
67 std::vector<uint8>* signature) { | 67 std::vector<uint8>* signature) { |
68 // Data to be signed | 68 // Data to be signed |
69 SECItem secret; | 69 SECItem secret; |
70 secret.type = siBuffer; | 70 secret.type = siBuffer; |
71 secret.len = data_len; | 71 secret.len = data_len; |
72 secret.data = const_cast<unsigned char*>(data); | 72 secret.data = const_cast<unsigned char*>(data); |
73 | 73 |
74 // SECItem to receive the output buffer. | 74 // SECItem to receive the output buffer. |
75 SECItem result; | 75 SECItem result; |
76 result.type = siBuffer; | 76 result.type = siBuffer; |
77 result.len = 0; | 77 result.len = 0; |
78 result.data = NULL; | 78 result.data = NULL; |
79 | 79 |
80 // Sign the secret data and save it to |result|. | 80 // Sign the secret data and save it to |result|. |
81 SECStatus rv = | 81 SECStatus rv = |
82 SignData(&result, &secret, key_->key(), HASH_AlgSHA1); | 82 SignData(&result, &secret, key_->key(), HASH_AlgSHA256); |
83 if (rv != SECSuccess) { | 83 if (rv != SECSuccess) { |
84 DLOG(ERROR) << "DerSignData: " << PORT_GetError(); | 84 DLOG(ERROR) << "DerSignData: " << PORT_GetError(); |
85 return false; | 85 return false; |
86 } | 86 } |
87 | 87 |
88 // Copy the signed data into the output vector. | 88 // Copy the signed data into the output vector. |
89 signature->assign(result.data, result.data + result.len); | 89 signature->assign(result.data, result.data + result.len); |
90 SECITEM_FreeItem(&result, PR_FALSE /* only free |result.data| */); | 90 SECITEM_FreeItem(&result, PR_FALSE /* only free |result.data| */); |
91 return true; | 91 return true; |
92 } | 92 } |
93 | 93 |
94 bool ECSignatureCreatorImpl::DecodeSignature(const std::vector<uint8>& der_sig, | |
95 std::string* out_raw_sig) { | |
96 SECItem der_sig_item; | |
97 der_sig_item.type = siBuffer; | |
98 der_sig_item.len = der_sig.size(); | |
99 der_sig_item.data = const_cast<uint8*>(der_sig.data()); | |
100 | |
101 static const int kP256ScalarBytes = 32; | |
102 SECItem* raw_sig = DSAU_DecodeDerSigToLen(&der_sig_item, 2*kP256ScalarBytes); | |
103 if (!raw_sig) | |
104 return false; | |
105 out_raw_sig->assign(reinterpret_cast<char*>(raw_sig->data), raw_sig->len); | |
106 SECITEM_FreeItem(raw_sig, PR_TRUE /* free SECItem structure itself. */); | |
107 return true; | |
108 } | |
109 | |
94 } // namespace crypto | 110 } // namespace crypto |
OLD | NEW |