Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(133)

Side by Side Diff: base/crypto/signature_verifier.h

Issue 6805019: Move crypto files out of base, to a top level directory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
(Empty)
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef BASE_CRYPTO_SIGNATURE_VERIFIER_H_
6 #define BASE_CRYPTO_SIGNATURE_VERIFIER_H_
7 #pragma once
8
9 #include "build/build_config.h"
10
11 #if defined(USE_NSS)
12 #include <cryptoht.h>
13 #elif defined(OS_MACOSX)
14 #include <Security/cssm.h>
15 #endif
16
17 #include <vector>
18
19 #include "base/base_api.h"
20 #include "base/basictypes.h"
21
22 #if defined(OS_WIN)
23 #include "base/crypto/scoped_capi_types.h"
24 #endif
25
26 namespace base {
27
28 // The SignatureVerifier class verifies a signature using a bare public key
29 // (as opposed to a certificate).
30 class BASE_API SignatureVerifier {
31 public:
32 SignatureVerifier();
33 ~SignatureVerifier();
34
35 // Streaming interface:
36
37 // Initiates a signature verification operation. This should be followed
38 // by one or more VerifyUpdate calls and a VerifyFinal call.
39 //
40 // The signature algorithm is specified as a DER encoded ASN.1
41 // AlgorithmIdentifier structure:
42 // AlgorithmIdentifier ::= SEQUENCE {
43 // algorithm OBJECT IDENTIFIER,
44 // parameters ANY DEFINED BY algorithm OPTIONAL }
45 //
46 // The signature is encoded according to the signature algorithm, but it
47 // must not be further encoded in an ASN.1 BIT STRING.
48 // Note: An RSA signatures is actually a big integer. It must be in the
49 // big-endian byte order.
50 //
51 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
52 // structure, which contains not only the public key but also its type
53 // (algorithm):
54 // SubjectPublicKeyInfo ::= SEQUENCE {
55 // algorithm AlgorithmIdentifier,
56 // subjectPublicKey BIT STRING }
57 bool VerifyInit(const uint8* signature_algorithm,
58 int signature_algorithm_len,
59 const uint8* signature,
60 int signature_len,
61 const uint8* public_key_info,
62 int public_key_info_len);
63
64 // Feeds a piece of the data to the signature verifier.
65 void VerifyUpdate(const uint8* data_part, int data_part_len);
66
67 // Concludes a signature verification operation. Returns true if the
68 // signature is valid. Returns false if the signature is invalid or an
69 // error occurred.
70 bool VerifyFinal();
71
72 // Note: we can provide a one-shot interface if there is interest:
73 // bool Verify(const uint8* data,
74 // int data_len,
75 // const uint8* signature_algorithm,
76 // int signature_algorithm_len,
77 // const uint8* signature,
78 // int signature_len,
79 // const uint8* public_key_info,
80 // int public_key_info_len);
81
82 private:
83 void Reset();
84
85 std::vector<uint8> signature_;
86
87 #if defined(USE_OPENSSL)
88 struct VerifyContext;
89 VerifyContext* verify_context_;
90 #elif defined(USE_NSS)
91 VFYContext* vfy_context_;
92 #elif defined(OS_MACOSX)
93 std::vector<uint8> public_key_info_;
94
95 CSSM_CC_HANDLE sig_handle_;
96
97 CSSM_KEY public_key_;
98 #elif defined(OS_WIN)
99 ScopedHCRYPTPROV provider_;
100
101 ScopedHCRYPTHASH hash_object_;
102
103 ScopedHCRYPTKEY public_key_;
104 #endif
105 };
106
107 } // namespace base
108
109 #endif // BASE_CRYPTO_SIGNATURE_VERIFIER_H_
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698