OLD | NEW |
---|---|
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "base/crypto/signature_verifier.h" | 5 #include "base/crypto/signature_verifier.h" |
6 | 6 |
7 #include <openssl/evp.h> | |
8 #include <openssl/x509.h> | |
9 | |
10 #include <vector> | |
11 | |
7 #include "base/logging.h" | 12 #include "base/logging.h" |
13 #include "base/openssl_util.h" | |
14 #include "base/scoped_ptr.h" | |
15 #include "base/stl_util-inl.h" | |
8 | 16 |
9 namespace base { | 17 namespace base { |
10 | 18 |
11 SignatureVerifier::SignatureVerifier() { | 19 struct SignatureVerifier::VerifyContext { |
20 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key; | |
21 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx; | |
22 }; | |
23 | |
24 SignatureVerifier::SignatureVerifier() | |
25 : verify_context_(NULL) { | |
12 } | 26 } |
13 | 27 |
14 SignatureVerifier::~SignatureVerifier() { | 28 SignatureVerifier::~SignatureVerifier() { |
29 Reset(); | |
15 } | 30 } |
16 | 31 |
17 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm, | 32 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm, |
18 int signature_algorithm_len, | 33 int signature_algorithm_len, |
19 const uint8* signature, | 34 const uint8* signature, |
20 int signature_len, | 35 int signature_len, |
21 const uint8* public_key_info, | 36 const uint8* public_key_info, |
22 int public_key_info_len) { | 37 int public_key_info_len) { |
23 NOTIMPLEMENTED(); | 38 DCHECK(!verify_context_); |
24 return false; | 39 verify_context_ = new VerifyContext; |
40 EnsureOpenSSLInit(); | |
41 OpenSSLErrStackTracer err_tracer("VerifyInit"); | |
bulach
2010/11/17 14:35:09
maybe: SignatureVerifier::VerifyInit
joth
2010/11/17 14:49:31
Done.
| |
42 | |
43 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm( | |
44 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len)); | |
45 if (!algorithm.get()) | |
46 return false; | |
47 | |
48 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm); | |
49 DCHECK(digest); | |
50 | |
51 signature_.assign(signature, signature + signature_len); | |
52 | |
53 // BIO_new_mem_buf is not const aware, but it does not modify the buffer. | |
54 char* data = reinterpret_cast<char*>(const_cast<uint8*>(public_key_info)); | |
55 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data, | |
56 public_key_info_len)); | |
57 if (!bio.get()) | |
58 return false; | |
59 | |
60 verify_context_->public_key.reset(d2i_PUBKEY_bio(bio.get(), NULL)); | |
61 if (!verify_context_->public_key.get()) | |
62 return false; | |
63 | |
64 verify_context_->ctx.reset(EVP_MD_CTX_create()); | |
65 int rv = EVP_VerifyInit_ex(verify_context_->ctx.get(), digest, NULL); | |
66 if (!rv) | |
67 return false; | |
68 | |
69 return true; | |
25 } | 70 } |
26 | 71 |
27 void SignatureVerifier::VerifyUpdate(const uint8* data_part, | 72 void SignatureVerifier::VerifyUpdate(const uint8* data_part, |
28 int data_part_len) { | 73 int data_part_len) { |
29 NOTIMPLEMENTED(); | 74 DCHECK(verify_context_); |
75 OpenSSLErrStackTracer err_tracer("VerifyUpdate"); | |
bulach
2010/11/17 14:35:09
ditto
joth
2010/11/17 14:49:31
Done.
| |
76 int rv = EVP_VerifyUpdate(verify_context_->ctx.get(), | |
77 data_part, data_part_len); | |
78 DCHECK_EQ(rv, 1); | |
30 } | 79 } |
31 | 80 |
32 bool SignatureVerifier::VerifyFinal() { | 81 bool SignatureVerifier::VerifyFinal() { |
33 NOTIMPLEMENTED(); | 82 DCHECK(verify_context_); |
34 return false; | 83 OpenSSLErrStackTracer err_tracer("VerifyFinal"); |
bulach
2010/11/17 14:35:09
ditto
joth
2010/11/17 14:49:31
Done.
| |
84 int rv = EVP_VerifyFinal(verify_context_->ctx.get(), | |
85 signature_.data(), signature_.size(), | |
86 verify_context_->public_key.get()); | |
87 DCHECK_GE(rv, 0); | |
88 Reset(); | |
89 return rv == 1; | |
35 } | 90 } |
36 | 91 |
37 void SignatureVerifier::Reset() { | 92 void SignatureVerifier::Reset() { |
38 NOTIMPLEMENTED(); | 93 delete verify_context_; |
94 verify_context_ = NULL; | |
95 signature_.clear(); | |
39 } | 96 } |
40 | 97 |
41 } // namespace base | 98 } // namespace base |
OLD | NEW |