Index: crypto/ec_signature_creator_nss.cc |
diff --git a/crypto/ec_signature_creator_nss.cc b/crypto/ec_signature_creator_nss.cc |
index a85b1e94fecf20299494fcffdc95c7894fb375da..40949f0b56a519a1137f6570bb34b12b78e26280 100644 |
--- a/crypto/ec_signature_creator_nss.cc |
+++ b/crypto/ec_signature_creator_nss.cc |
@@ -79,7 +79,7 @@ bool ECSignatureCreatorImpl::Sign(const uint8* data, |
// Sign the secret data and save it to |result|. |
SECStatus rv = |
- SignData(&result, &secret, key_->key(), HASH_AlgSHA1); |
+ SignData(&result, &secret, key_->key(), HASH_AlgSHA256); |
if (rv != SECSuccess) { |
DLOG(ERROR) << "DerSignData: " << PORT_GetError(); |
return false; |
@@ -91,4 +91,20 @@ bool ECSignatureCreatorImpl::Sign(const uint8* data, |
return true; |
} |
+bool ECSignatureCreatorImpl::DecodeSignature(const std::vector<uint8>& der_sig, |
+ std::string* out_raw_sig) { |
+ SECItem der_sig_item; |
+ der_sig_item.type = siBuffer; |
+ der_sig_item.len = der_sig.size(); |
+ der_sig_item.data = const_cast<uint8*>(der_sig.data()); |
+ |
+ static const int kP256ScalarBytes = 32; |
+ SECItem* raw_sig = DSAU_DecodeDerSigToLen(&der_sig_item, 2*kP256ScalarBytes); |
+ if (!raw_sig) |
+ return false; |
+ out_raw_sig->assign(reinterpret_cast<char*>(raw_sig->data), raw_sig->len); |
+ SECITEM_FreeItem(raw_sig, PR_TRUE /* free SECItem structure itself. */); |
+ return true; |
+} |
+ |
} // namespace crypto |