Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(172)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: crypto/signature_creator_openssl.cc

Issue 1305183005: Add a CreatePSS method to SignatureCreator to permit the generation of PSS signatures. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« crypto/signature_creator_nss.cc ('K') | « crypto/signature_creator_nss.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "crypto/signature_creator.h" 5 #include "crypto/signature_creator.h"
6 6
7 #include <openssl/evp.h> 7 #include <openssl/evp.h>
8 #include <openssl/rsa.h> 8 #include <openssl/rsa.h>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 22 matching lines...) Expand all
33 case SignatureCreator::SHA1: 33 case SignatureCreator::SHA1:
34 return NID_sha1; 34 return NID_sha1;
35 case SignatureCreator::SHA256: 35 case SignatureCreator::SHA256:
36 return NID_sha256; 36 return NID_sha256;
37 } 37 }
38 return NID_undef; 38 return NID_undef;
39 } 39 }
40 40
41 } // namespace 41 } // namespace
42 42
43 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key,
44 HashAlgorithm hash_algm) {
davidben 2015/08/21 21:52:23 Nit: hash_alg, to be consistent?
45 return SignatureCreator::CreateImpl(key, hash_algm, false);
46 }
47
48 SignatureCreator* SignatureCreator::CreatePSS(RSAPrivateKey* key,
49 HashAlgorithm hash_algm) {
50 return SignatureCreator::CreateImpl(key, hash_algm, true);
51 }
52
43 // static 53 // static
44 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key, 54 SignatureCreator* SignatureCreator::CreateImpl(RSAPrivateKey* key,
45 HashAlgorithm hash_alg) { 55 HashAlgorithm hash_alg,
56 bool use_pss) {
46 OpenSSLErrStackTracer err_tracer(FROM_HERE); 57 OpenSSLErrStackTracer err_tracer(FROM_HERE);
47 scoped_ptr<SignatureCreator> result(new SignatureCreator); 58 scoped_ptr<SignatureCreator> result(new SignatureCreator);
48 const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); 59 const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
49 DCHECK(digest); 60 DCHECK(digest);
50 if (!digest) { 61 if (!digest) {
51 return NULL; 62 return NULL;
52 } 63 }
53 if (!EVP_DigestSignInit(result->sign_context_, NULL, digest, NULL, 64 EVP_PKEY_CTX* pkey_ctx;
65 if (!EVP_DigestSignInit(result->sign_context_, &pkey_ctx, digest, NULL,
54 key->key())) { 66 key->key())) {
55 return NULL; 67 return NULL;
56 } 68 }
69 if (use_pss) {
70 if (1 != EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)) {
davidben 2015/08/21 21:52:23 You can just use ! now. BoringSSL narrowed both of
71 LOG(FATAL) << "EVP_PKEY_CTX_set_rsa_padding";
72 }
73 // -1 sets the salt length to the digest length.
74 if (1 != EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1)) {
75 LOG(FATAL) << "EVP_PKEY_CTX_set_rsa_pss_saltlen";
76 }
77 }
57 return result.release(); 78 return result.release();
58 } 79 }
59 80
60 // static 81 // static
61 bool SignatureCreator::Sign(RSAPrivateKey* key, 82 bool SignatureCreator::Sign(RSAPrivateKey* key,
62 HashAlgorithm hash_alg, 83 HashAlgorithm hash_alg,
63 const uint8* data, 84 const uint8* data,
64 int data_len, 85 int data_len,
65 std::vector<uint8>* signature) { 86 std::vector<uint8>* signature) {
66 ScopedRSA rsa_key(EVP_PKEY_get1_RSA(key->key())); 87 ScopedRSA rsa_key(EVP_PKEY_get1_RSA(key->key()));
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
105 // Sign it. 126 // Sign it.
106 if (!EVP_DigestSignFinal(sign_context_, vector_as_array(signature), &len)) { 127 if (!EVP_DigestSignFinal(sign_context_, vector_as_array(signature), &len)) {
107 signature->clear(); 128 signature->clear();
108 return false; 129 return false;
109 } 130 }
110 signature->resize(len); 131 signature->resize(len);
111 return true; 132 return true;
112 } 133 }
113 134
114 } // namespace crypto 135 } // namespace crypto
OLDNEW
« crypto/signature_creator_nss.cc ('K') | « crypto/signature_creator_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698