OLD | NEW |
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. | 1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
2 * Use of this source code is governed by a BSD-style license that can be | 2 * Use of this source code is governed by a BSD-style license that can be |
3 * found in the LICENSE file. | 3 * found in the LICENSE file. |
4 */ | 4 */ |
5 | 5 |
6 #include "signature_digest.h" | 6 #include "signature_digest.h" |
7 #define OPENSSL_NO_SHA | 7 #define OPENSSL_NO_SHA |
8 #include <openssl/engine.h> | 8 #include <openssl/engine.h> |
9 #include <openssl/pem.h> | 9 #include <openssl/pem.h> |
10 #include <openssl/rsa.h> | 10 #include <openssl/rsa.h> |
(...skipping 13 matching lines...) Expand all Loading... |
24 Memcpy(p, digestinfo, digestinfo_size); | 24 Memcpy(p, digestinfo, digestinfo_size); |
25 Memcpy(p + digestinfo_size, digest, digest_size); | 25 Memcpy(p + digestinfo_size, digest, digest_size); |
26 return p; | 26 return p; |
27 } | 27 } |
28 | 28 |
29 uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, int algorithm) { | 29 uint8_t* SignatureDigest(const uint8_t* buf, uint64_t len, int algorithm) { |
30 uint8_t* info_digest = NULL; | 30 uint8_t* info_digest = NULL; |
31 uint8_t* digest = NULL; | 31 uint8_t* digest = NULL; |
32 | 32 |
33 if (algorithm >= kNumAlgorithms) { | 33 if (algorithm >= kNumAlgorithms) { |
34 debug("SignatureDigest() called with invalid algorithm!\n"); | 34 VBDEBUG(("SignatureDigest() called with invalid algorithm!\n")); |
35 } else if ((digest = DigestBuf(buf, len, algorithm))) { | 35 } else if ((digest = DigestBuf(buf, len, algorithm))) { |
36 info_digest = PrependDigestInfo(algorithm, digest); | 36 info_digest = PrependDigestInfo(algorithm, digest); |
37 } | 37 } |
38 Free(digest); | 38 Free(digest); |
39 return info_digest; | 39 return info_digest; |
40 } | 40 } |
41 | 41 |
42 uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, | 42 uint8_t* SignatureBuf(const uint8_t* buf, uint64_t len, const char* key_file, |
43 int algorithm) { | 43 int algorithm) { |
44 FILE* key_fp = NULL; | 44 FILE* key_fp = NULL; |
45 RSA* key = NULL; | 45 RSA* key = NULL; |
46 uint8_t* signature = NULL; | 46 uint8_t* signature = NULL; |
47 uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); | 47 uint8_t* signature_digest = SignatureDigest(buf, len, algorithm); |
48 int signature_digest_len = (hash_size_map[algorithm] + | 48 int signature_digest_len = (hash_size_map[algorithm] + |
49 digestinfo_size_map[algorithm]); | 49 digestinfo_size_map[algorithm]); |
50 key_fp = fopen(key_file, "r"); | 50 key_fp = fopen(key_file, "r"); |
51 if (!key_fp) { | 51 if (!key_fp) { |
52 debug("SignatureBuf(): Couldn't open key file: %s\n", key_file); | 52 VBDEBUG(("SignatureBuf(): Couldn't open key file: %s\n", key_file)); |
53 Free(signature_digest); | 53 Free(signature_digest); |
54 return NULL; | 54 return NULL; |
55 } | 55 } |
56 if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL))) | 56 if ((key = PEM_read_RSAPrivateKey(key_fp, NULL, NULL, NULL))) |
57 signature = (uint8_t*) Malloc(siglen_map[algorithm]); | 57 signature = (uint8_t*) Malloc(siglen_map[algorithm]); |
58 else | 58 else |
59 debug("SignatureBuf(): Couldn't read private key from file: %s\n", | 59 VBDEBUG(("SignatureBuf(): Couldn't read private key from file: %s\n", |
60 key_file); | 60 key_file)); |
61 if (signature) { | 61 if (signature) { |
62 if (-1 == RSA_private_encrypt(signature_digest_len, /* Input length. */ | 62 if (-1 == RSA_private_encrypt(signature_digest_len, /* Input length. */ |
63 signature_digest, /* Input data. */ | 63 signature_digest, /* Input data. */ |
64 signature, /* Output signature. */ | 64 signature, /* Output signature. */ |
65 key, /* Key to use. */ | 65 key, /* Key to use. */ |
66 RSA_PKCS1_PADDING)) /* Padding to use. */ | 66 RSA_PKCS1_PADDING)) /* Padding to use. */ |
67 debug("SignatureBuf(): RSA_private_encrypt() failed.\n"); | 67 VBDEBUG(("SignatureBuf(): RSA_private_encrypt() failed.\n")); |
68 } | 68 } |
69 fclose(key_fp); | 69 fclose(key_fp); |
70 if (key) | 70 if (key) |
71 RSA_free(key); | 71 RSA_free(key); |
72 Free(signature_digest); | 72 Free(signature_digest); |
73 return signature; | 73 return signature; |
74 } | 74 } |
OLD | NEW |