OpenSSL/NSS implementation of ProofVerfifier.

crypto/signature_verifier_openssl.cc

Index: crypto/signature_verifier_openssl.cc
diff --git a/crypto/signature_verifier_openssl.cc b/crypto/signature_verifier_openssl.cc
index 1e71339d0fdfc7730b30f0eda40be806db931daa..a85f00b491ed8e479883f49e09227a28470c53c5 100644
--- a/crypto/signature_verifier_openssl.cc
+++ b/crypto/signature_verifier_openssl.cc
@@ -53,7 +53,17 @@ bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
       d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));
   if (!algorithm.get())
     return false;
-  const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);
+  int nid = OBJ_obj2nid(algorithm.get()->algorithm);
+  const EVP_MD* digest;
+  if (nid == NID_ecdsa_with_SHA1) {
+    digest = EVP_sha1();
+  } else if (nid == NID_ecdsa_with_SHA256) {
+    digest = EVP_sha256();
+  } else {
+    // This works for PKCS #1 v1.5 RSA signatures, but not for ECDSA
+    // signatures.
+    digest = EVP_get_digestbyobj(algorithm.get()->algorithm);
+  }
   if (!digest)
     return false;
 
@@ -104,7 +114,8 @@ bool SignatureVerifier::VerifyFinal() {
   int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(),
                                  vector_as_array(&signature_),
                                  signature_.size());
-  DCHECK_GE(rv, 0);
+  // rv is -1 if a DER-encoded ECDSA signature cannot be decoded correctly.
+  DCHECK_GE(rv, -1);
   Reset();
   return rv == 1;
 }