base/crypto/signature_verifier_openssl.cc - Issue 5105003: Implements Signature Creator & Verifier for openssl

Side by Side Diff: base/crypto/signature_verifier_openssl.cc

Issue 5105003: Implements Signature Creator & Verifier for openssl (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: lint Created 10 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2010 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "base/crypto/signature_verifier.h"	5 #include "base/crypto/signature_verifier.h"

6	6

	7 #include <openssl/evp.h>

	8 #include <openssl/x509.h>

	9

	10 #include <vector>

	11

7 #include "base/logging.h"	12 #include "base/logging.h"

	13 #include "base/openssl_util.h"

	14 #include "base/scoped_ptr.h"

	15 #include "base/stl_util-inl.h"

8	16

9 namespace base {	17 namespace base {

10	18

11 SignatureVerifier::SignatureVerifier() {	19 struct SignatureVerifier::VerifyContext {

	20 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key;

	21 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;

	22 };

	23

	24 SignatureVerifier::SignatureVerifier()

	25 : verify_context_(NULL) {

12 }	26 }

13	27

14 SignatureVerifier::~SignatureVerifier() {	28 SignatureVerifier::~SignatureVerifier() {

	29 Reset();

15 }	30 }

16	31

17 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,	32 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,

18 int signature_algorithm_len,	33 int signature_algorithm_len,

19 const uint8* signature,	34 const uint8* signature,

20 int signature_len,	35 int signature_len,

21 const uint8* public_key_info,	36 const uint8* public_key_info,

22 int public_key_info_len) {	37 int public_key_info_len) {

23 NOTIMPLEMENTED();	38 DCHECK(!verify_context_);

24 return false;	39 verify_context_ = new VerifyContext;

	40 EnsureOpenSSLInit();

	41 OpenSSLErrStackTracer err_tracer("VerifyInit");
	bulach 2010/11/17 14:35:09 maybe: SignatureVerifier::VerifyInit maybe: SignatureVerifier::VerifyInit joth 2010/11/17 14:49:31 Done. Show quoted text On 2010/11/17 14:35:09, bulach wrote: > maybe: SignatureVerifier::VerifyInit Done.
	42

	43 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(

	44 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));

	45 if (!algorithm.get())

	46 return false;

	47

	48 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);

	49 DCHECK(digest);

	50

	51 signature_.assign(signature, signature + signature_len);

	52

	53 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.

	54 char* data = reinterpret_cast<char>(const_cast<uint8>(public_key_info));

	55 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,

	56 public_key_info_len));

	57 if (!bio.get())

	58 return false;

	59

	60 verify_context_->public_key.reset(d2i_PUBKEY_bio(bio.get(), NULL));

	61 if (!verify_context_->public_key.get())

	62 return false;

	63

	64 verify_context_->ctx.reset(EVP_MD_CTX_create());

	65 int rv = EVP_VerifyInit_ex(verify_context_->ctx.get(), digest, NULL);

	66 if (!rv)

	67 return false;

	68

	69 return true;

25 }	70 }

26	71

27 void SignatureVerifier::VerifyUpdate(const uint8* data_part,	72 void SignatureVerifier::VerifyUpdate(const uint8* data_part,

28 int data_part_len) {	73 int data_part_len) {

29 NOTIMPLEMENTED();	74 DCHECK(verify_context_);

	75 OpenSSLErrStackTracer err_tracer("VerifyUpdate");
	bulach 2010/11/17 14:35:09 ditto ditto joth 2010/11/17 14:49:31 Done. Show quoted text On 2010/11/17 14:35:09, bulach wrote: > ditto Done.
	76 int rv = EVP_VerifyUpdate(verify_context_->ctx.get(),

	77 data_part, data_part_len);

	78 DCHECK_EQ(rv, 1);

30 }	79 }

31	80

32 bool SignatureVerifier::VerifyFinal() {	81 bool SignatureVerifier::VerifyFinal() {

33 NOTIMPLEMENTED();	82 DCHECK(verify_context_);

34 return false;	83 OpenSSLErrStackTracer err_tracer("VerifyFinal");
	bulach 2010/11/17 14:35:09 ditto ditto joth 2010/11/17 14:49:31 Done. Show quoted text On 2010/11/17 14:35:09, bulach wrote: > ditto Done.
	84 int rv = EVP_VerifyFinal(verify_context_->ctx.get(),

	85 signature_.data(), signature_.size(),

	86 verify_context_->public_key.get());

	87 DCHECK_GE(rv, 0);

	88 Reset();

	89 return rv == 1;

35 }	90 }

36	91

37 void SignatureVerifier::Reset() {	92 void SignatureVerifier::Reset() {

38 NOTIMPLEMENTED();	93 delete verify_context_;

	94 verify_context_ = NULL;

	95 signature_.clear();

39 }	96 }

40	97

41 } // namespace base	98 } // namespace base

OLD	NEW

« base/crypto/signature_creator_openssl.cc ('K') | « base/crypto/signature_verifier.h ('k') | base/openssl_util.h » ('j') | base/openssl_util.h » ('J')