| Index: crypto/signature_verifier_win.cc
|
| diff --git a/crypto/signature_verifier_win.cc b/crypto/signature_verifier_win.cc
|
| deleted file mode 100644
|
| index dfb17a49955ab9127691b10e05482be626bb02d3..0000000000000000000000000000000000000000
|
| --- a/crypto/signature_verifier_win.cc
|
| +++ /dev/null
|
| @@ -1,121 +0,0 @@
|
| -// Copyright (c) 2011 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "crypto/signature_verifier.h"
|
| -
|
| -#include "base/logging.h"
|
| -#include "crypto/capi_util.h"
|
| -
|
| -#pragma comment(lib, "crypt32.lib")
|
| -
|
| -namespace crypto {
|
| -
|
| -SignatureVerifier::SignatureVerifier() : hash_object_(0), public_key_(0) {
|
| - if (!CryptAcquireContext(provider_.receive(), NULL, NULL,
|
| - PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
|
| - provider_.reset();
|
| -}
|
| -
|
| -SignatureVerifier::~SignatureVerifier() {
|
| -}
|
| -
|
| -bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
|
| - int signature_algorithm_len,
|
| - const uint8* signature,
|
| - int signature_len,
|
| - const uint8* public_key_info,
|
| - int public_key_info_len) {
|
| - signature_.reserve(signature_len);
|
| - // CryptoAPI uses big integers in the little-endian byte order, so we need
|
| - // to first swap the order of signature bytes.
|
| - for (int i = signature_len - 1; i >= 0; --i)
|
| - signature_.push_back(signature[i]);
|
| -
|
| - CRYPT_DECODE_PARA decode_para;
|
| - decode_para.cbSize = sizeof(decode_para);
|
| - decode_para.pfnAlloc = crypto::CryptAlloc;
|
| - decode_para.pfnFree = crypto::CryptFree;
|
| - CERT_PUBLIC_KEY_INFO* cert_public_key_info = NULL;
|
| - DWORD struct_len = 0;
|
| - BOOL ok;
|
| - ok = CryptDecodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
|
| - X509_PUBLIC_KEY_INFO,
|
| - public_key_info,
|
| - public_key_info_len,
|
| - CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG,
|
| - &decode_para,
|
| - &cert_public_key_info,
|
| - &struct_len);
|
| - if (!ok)
|
| - return false;
|
| -
|
| - ok = CryptImportPublicKeyInfo(provider_,
|
| - X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
|
| - cert_public_key_info, public_key_.receive());
|
| - crypto::CryptFree(cert_public_key_info);
|
| - if (!ok)
|
| - return false;
|
| -
|
| - CRYPT_ALGORITHM_IDENTIFIER* signature_algorithm_id;
|
| - struct_len = 0;
|
| - ok = CryptDecodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
|
| - X509_ALGORITHM_IDENTIFIER,
|
| - signature_algorithm,
|
| - signature_algorithm_len,
|
| - CRYPT_DECODE_ALLOC_FLAG | CRYPT_DECODE_NOCOPY_FLAG,
|
| - &decode_para,
|
| - &signature_algorithm_id,
|
| - &struct_len);
|
| - DCHECK(ok || GetLastError() == ERROR_FILE_NOT_FOUND);
|
| - ALG_ID hash_alg_id;
|
| - if (ok) {
|
| - hash_alg_id = CALG_MD4; // Initialize to a weak hash algorithm that we
|
| - // don't support.
|
| - if (!strcmp(signature_algorithm_id->pszObjId, szOID_RSA_SHA1RSA))
|
| - hash_alg_id = CALG_SHA1;
|
| - else if (!strcmp(signature_algorithm_id->pszObjId, szOID_RSA_MD5RSA))
|
| - hash_alg_id = CALG_MD5;
|
| - crypto::CryptFree(signature_algorithm_id);
|
| - DCHECK_NE(static_cast<ALG_ID>(CALG_MD4), hash_alg_id);
|
| - if (hash_alg_id == CALG_MD4)
|
| - return false; // Unsupported hash algorithm.
|
| - } else if (GetLastError() == ERROR_FILE_NOT_FOUND) {
|
| - // TODO(wtc): X509_ALGORITHM_IDENTIFIER isn't supported on XP SP2. We
|
| - // may be able to encapsulate signature_algorithm in a dummy SignedContent
|
| - // and decode it with X509_CERT into a CERT_SIGNED_CONTENT_INFO. For now,
|
| - // just hardcode the hash algorithm to be SHA-1.
|
| - hash_alg_id = CALG_SHA1;
|
| - } else {
|
| - return false;
|
| - }
|
| -
|
| - ok = CryptCreateHash(provider_, hash_alg_id, 0, 0, hash_object_.receive());
|
| - if (!ok)
|
| - return false;
|
| - return true;
|
| -}
|
| -
|
| -void SignatureVerifier::VerifyUpdate(const uint8* data_part,
|
| - int data_part_len) {
|
| - BOOL ok = CryptHashData(hash_object_, data_part, data_part_len, 0);
|
| - DCHECK(ok) << "CryptHashData failed: " << GetLastError();
|
| -}
|
| -
|
| -bool SignatureVerifier::VerifyFinal() {
|
| - BOOL ok = CryptVerifySignature(hash_object_, &signature_[0],
|
| - signature_.size(), public_key_, NULL, 0);
|
| - Reset();
|
| - if (!ok)
|
| - return false;
|
| - return true;
|
| -}
|
| -
|
| -void SignatureVerifier::Reset() {
|
| - hash_object_.reset();
|
| - public_key_.reset();
|
| - signature_.clear();
|
| -}
|
| -
|
| -} // namespace crypto
|
| -
|
|
|
Chromium Code Reviews
Issue 11092006:
crypto: remove unused Mac SignatureVerifier. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src