Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(521)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: crypto/signature_creator_openssl.cc

Issue 1305183005: Add a CreatePSS method to SignatureCreator to permit the generation of PSS signatures. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« crypto/signature_creator_nss.cc ('K') | « crypto/signature_creator_nss.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: crypto/signature_creator_openssl.cc
diff --git a/crypto/signature_creator_openssl.cc b/crypto/signature_creator_openssl.cc
index 0d90d50044da8de10c7af00f80bb2ccf65e4e548..b17e73db94ce657ee19b8973167909c484c9f029 100644
--- a/crypto/signature_creator_openssl.cc
+++ b/crypto/signature_creator_openssl.cc
@@ -40,9 +40,20 @@ int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) {
} // namespace
-// static
SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key,
- HashAlgorithm hash_alg) {
+ HashAlgorithm hash_algm) {
davidben 2015/08/21 21:52:23 Nit: hash_alg, to be consistent?
+ return SignatureCreator::CreateImpl(key, hash_algm, false);
+}
+
+SignatureCreator* SignatureCreator::CreatePSS(RSAPrivateKey* key,
+ HashAlgorithm hash_algm) {
+ return SignatureCreator::CreateImpl(key, hash_algm, true);
+}
+
+// static
+SignatureCreator* SignatureCreator::CreateImpl(RSAPrivateKey* key,
+ HashAlgorithm hash_alg,
+ bool use_pss) {
OpenSSLErrStackTracer err_tracer(FROM_HERE);
scoped_ptr<SignatureCreator> result(new SignatureCreator);
const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
@@ -50,10 +61,20 @@ SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key,
if (!digest) {
return NULL;
}
- if (!EVP_DigestSignInit(result->sign_context_, NULL, digest, NULL,
+ EVP_PKEY_CTX* pkey_ctx;
+ if (!EVP_DigestSignInit(result->sign_context_, &pkey_ctx, digest, NULL,
key->key())) {
return NULL;
}
+ if (use_pss) {
+ if (1 != EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING)) {
davidben 2015/08/21 21:52:23 You can just use ! now. BoringSSL narrowed both of
+ LOG(FATAL) << "EVP_PKEY_CTX_set_rsa_padding";
+ }
+ // -1 sets the salt length to the digest length.
+ if (1 != EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1)) {
+ LOG(FATAL) << "EVP_PKEY_CTX_set_rsa_pss_saltlen";
+ }
+ }
return result.release();
}
« crypto/signature_creator_nss.cc ('K') | « crypto/signature_creator_nss.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698