Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(195)

Unified Diff: base/crypto/signature_verifier_openssl.cc

Issue 5105003: Implements Signature Creator & Verifier for openssl (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: wtc comments - change error stack tracer to use FROM_HERE Created 10 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « base/crypto/signature_verifier.h ('k') | base/crypto/symmetric_key_openssl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: base/crypto/signature_verifier_openssl.cc
diff --git a/base/crypto/signature_verifier_openssl.cc b/base/crypto/signature_verifier_openssl.cc
index 49b5e073d1171bd9dffe0295047bee329bf1215b..b4fff781bc5b9345812138493b5aa208aa2cc4b5 100644
--- a/base/crypto/signature_verifier_openssl.cc
+++ b/base/crypto/signature_verifier_openssl.cc
@@ -4,14 +4,28 @@
#include "base/crypto/signature_verifier.h"
+#include <openssl/evp.h>
+#include <openssl/x509.h>
+
+#include <vector>
+
#include "base/logging.h"
+#include "base/openssl_util.h"
+#include "base/scoped_ptr.h"
namespace base {
-SignatureVerifier::SignatureVerifier() {
+struct SignatureVerifier::VerifyContext {
+ ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key;
+ ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;
+};
+
+SignatureVerifier::SignatureVerifier()
+ : verify_context_(NULL) {
}
SignatureVerifier::~SignatureVerifier() {
+ Reset();
}
bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
@@ -20,22 +34,60 @@ bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
int signature_len,
const uint8* public_key_info,
int public_key_info_len) {
- NOTIMPLEMENTED();
- return false;
+ DCHECK(!verify_context_);
+ verify_context_ = new VerifyContext;
+ OpenSSLErrStackTracer err_tracer(FROM_HERE);
+
+ ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(
+ d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));
+ if (!algorithm.get())
+ return false;
+
+ const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);
+ DCHECK(digest);
+
+ signature_.assign(signature, signature + signature_len);
+
+ // BIO_new_mem_buf is not const aware, but it does not modify the buffer.
+ char* data = reinterpret_cast<char*>(const_cast<uint8*>(public_key_info));
+ ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,
+ public_key_info_len));
+ if (!bio.get())
+ return false;
+
+ verify_context_->public_key.reset(d2i_PUBKEY_bio(bio.get(), NULL));
+ if (!verify_context_->public_key.get())
+ return false;
+
+ verify_context_->ctx.reset(EVP_MD_CTX_create());
+ int rv = EVP_VerifyInit_ex(verify_context_->ctx.get(), digest, NULL);
+ return rv == 1;
}
void SignatureVerifier::VerifyUpdate(const uint8* data_part,
int data_part_len) {
- NOTIMPLEMENTED();
+ DCHECK(verify_context_);
+ OpenSSLErrStackTracer err_tracer(FROM_HERE);
+ int rv = EVP_VerifyUpdate(verify_context_->ctx.get(),
+ data_part, data_part_len);
+ DCHECK_EQ(rv, 1);
}
bool SignatureVerifier::VerifyFinal() {
- NOTIMPLEMENTED();
- return false;
+ DCHECK(verify_context_);
+ OpenSSLErrStackTracer err_tracer(FROM_HERE);
+ int rv = EVP_VerifyFinal(verify_context_->ctx.get(),
+ signature_.data(), signature_.size(),
+ verify_context_->public_key.get());
+ DCHECK_GE(rv, 0);
+ Reset();
+ return rv == 1;
}
void SignatureVerifier::Reset() {
- NOTIMPLEMENTED();
+ delete verify_context_;
+ verify_context_ = NULL;
+ signature_.clear();
}
} // namespace base
« no previous file with comments | « base/crypto/signature_verifier.h ('k') | base/crypto/symmetric_key_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698