| Index: base/crypto/signature_verifier_nss.cc
|
| ===================================================================
|
| --- base/crypto/signature_verifier_nss.cc (revision 81350)
|
| +++ base/crypto/signature_verifier_nss.cc (working copy)
|
| @@ -1,113 +0,0 @@
|
| -// Copyright (c) 2009 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "base/crypto/signature_verifier.h"
|
| -
|
| -#include <cryptohi.h>
|
| -#include <keyhi.h>
|
| -#include <stdlib.h>
|
| -
|
| -#include "base/logging.h"
|
| -#include "base/nss_util.h"
|
| -
|
| -namespace base {
|
| -
|
| -SignatureVerifier::SignatureVerifier() : vfy_context_(NULL) {
|
| - EnsureNSSInit();
|
| -}
|
| -
|
| -SignatureVerifier::~SignatureVerifier() {
|
| - Reset();
|
| -}
|
| -
|
| -bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
|
| - int signature_algorithm_len,
|
| - const uint8* signature,
|
| - int signature_len,
|
| - const uint8* public_key_info,
|
| - int public_key_info_len) {
|
| - signature_.assign(signature, signature + signature_len);
|
| -
|
| - CERTSubjectPublicKeyInfo* spki = NULL;
|
| - SECItem spki_der;
|
| - spki_der.type = siBuffer;
|
| - spki_der.data = const_cast<uint8*>(public_key_info);
|
| - spki_der.len = public_key_info_len;
|
| - spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_der);
|
| - if (!spki)
|
| - return false;
|
| - SECKEYPublicKey* public_key = SECKEY_ExtractPublicKey(spki);
|
| - SECKEY_DestroySubjectPublicKeyInfo(spki); // Done with spki.
|
| - if (!public_key)
|
| - return false;
|
| -
|
| - PLArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| - if (!arena) {
|
| - SECKEY_DestroyPublicKey(public_key);
|
| - return false;
|
| - }
|
| -
|
| - SECItem sig_alg_der;
|
| - sig_alg_der.type = siBuffer;
|
| - sig_alg_der.data = const_cast<uint8*>(signature_algorithm);
|
| - sig_alg_der.len = signature_algorithm_len;
|
| - SECAlgorithmID sig_alg_id;
|
| - SECStatus rv;
|
| - rv = SEC_QuickDERDecodeItem(arena, &sig_alg_id, SECOID_AlgorithmIDTemplate,
|
| - &sig_alg_der);
|
| - if (rv != SECSuccess) {
|
| - SECKEY_DestroyPublicKey(public_key);
|
| - PORT_FreeArena(arena, PR_TRUE);
|
| - return false;
|
| - }
|
| -
|
| - SECItem sig;
|
| - sig.type = siBuffer;
|
| - sig.data = const_cast<uint8*>(signature);
|
| - sig.len = signature_len;
|
| - SECOidTag hash_alg_tag;
|
| - vfy_context_ = VFY_CreateContextWithAlgorithmID(public_key, &sig,
|
| - &sig_alg_id, &hash_alg_tag,
|
| - NULL);
|
| - SECKEY_DestroyPublicKey(public_key); // Done with public_key.
|
| - PORT_FreeArena(arena, PR_TRUE); // Done with sig_alg_id.
|
| - if (!vfy_context_) {
|
| - // A corrupted RSA signature could be detected without the data, so
|
| - // VFY_CreateContextWithAlgorithmID may fail with SEC_ERROR_BAD_SIGNATURE
|
| - // (-8182).
|
| - return false;
|
| - }
|
| -
|
| - rv = VFY_Begin(vfy_context_);
|
| - if (rv != SECSuccess) {
|
| - NOTREACHED();
|
| - return false;
|
| - }
|
| - return true;
|
| -}
|
| -
|
| -void SignatureVerifier::VerifyUpdate(const uint8* data_part,
|
| - int data_part_len) {
|
| - SECStatus rv = VFY_Update(vfy_context_, data_part, data_part_len);
|
| - DCHECK(rv == SECSuccess);
|
| -}
|
| -
|
| -bool SignatureVerifier::VerifyFinal() {
|
| - SECStatus rv = VFY_End(vfy_context_);
|
| - Reset();
|
| -
|
| - // If signature verification fails, the error code is
|
| - // SEC_ERROR_BAD_SIGNATURE (-8182).
|
| - return (rv == SECSuccess);
|
| -}
|
| -
|
| -void SignatureVerifier::Reset() {
|
| - if (vfy_context_) {
|
| - VFY_DestroyContext(vfy_context_, PR_TRUE);
|
| - vfy_context_ = NULL;
|
| - }
|
| - signature_.clear();
|
| -}
|
| -
|
| -} // namespace base
|
|
|
Chromium Code Reviews
Issue 6805019:
Move crypto files out of base, to a top level directory. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/