OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_SIGNATURE_VERIFIER_H_ | 5 #ifndef CRYPTO_SIGNATURE_VERIFIER_H_ |
6 #define CRYPTO_SIGNATURE_VERIFIER_H_ | 6 #define CRYPTO_SIGNATURE_VERIFIER_H_ |
7 | 7 |
| 8 #include <stdint.h> |
| 9 |
8 #include <vector> | 10 #include <vector> |
9 | 11 |
10 #include "build/build_config.h" | 12 #include "build/build_config.h" |
11 #include "base/basictypes.h" | |
12 #include "crypto/crypto_export.h" | 13 #include "crypto/crypto_export.h" |
13 | 14 |
14 #if defined(USE_OPENSSL) | 15 #if defined(USE_OPENSSL) |
15 typedef struct env_md_st EVP_MD; | 16 typedef struct env_md_st EVP_MD; |
16 typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; | 17 typedef struct evp_pkey_ctx_st EVP_PKEY_CTX; |
17 #else | 18 #else |
18 typedef struct HASHContextStr HASHContext; | 19 typedef struct HASHContextStr HASHContext; |
19 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; | 20 typedef struct SECKEYPublicKeyStr SECKEYPublicKey; |
20 typedef struct VFYContextStr VFYContext; | 21 typedef struct VFYContextStr VFYContext; |
21 #endif | 22 #endif |
(...skipping 29 matching lines...) Expand all Loading... |
51 // must not be further encoded in an ASN.1 BIT STRING. | 52 // must not be further encoded in an ASN.1 BIT STRING. |
52 // Note: An RSA signature is actually a big integer. It must be in | 53 // Note: An RSA signature is actually a big integer. It must be in |
53 // big-endian byte order. | 54 // big-endian byte order. |
54 // | 55 // |
55 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo | 56 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo |
56 // structure, which contains not only the public key but also its type | 57 // structure, which contains not only the public key but also its type |
57 // (algorithm): | 58 // (algorithm): |
58 // SubjectPublicKeyInfo ::= SEQUENCE { | 59 // SubjectPublicKeyInfo ::= SEQUENCE { |
59 // algorithm AlgorithmIdentifier, | 60 // algorithm AlgorithmIdentifier, |
60 // subjectPublicKey BIT STRING } | 61 // subjectPublicKey BIT STRING } |
61 bool VerifyInit(const uint8* signature_algorithm, | 62 bool VerifyInit(const uint8_t* signature_algorithm, |
62 int signature_algorithm_len, | 63 int signature_algorithm_len, |
63 const uint8* signature, | 64 const uint8_t* signature, |
64 int signature_len, | 65 int signature_len, |
65 const uint8* public_key_info, | 66 const uint8_t* public_key_info, |
66 int public_key_info_len); | 67 int public_key_info_len); |
67 | 68 |
68 // Initiates a RSA-PSS signature verification operation. This should be | 69 // Initiates a RSA-PSS signature verification operation. This should be |
69 // followed by one or more VerifyUpdate calls and a VerifyFinal call. | 70 // followed by one or more VerifyUpdate calls and a VerifyFinal call. |
70 // | 71 // |
71 // The RSA-PSS signature algorithm parameters are specified with the | 72 // The RSA-PSS signature algorithm parameters are specified with the |
72 // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments. | 73 // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments. |
73 // | 74 // |
74 // An RSA-PSS signature is a nonnegative integer encoded as a byte string | 75 // An RSA-PSS signature is a nonnegative integer encoded as a byte string |
75 // (of the same length as the RSA modulus) in big-endian byte order. It | 76 // (of the same length as the RSA modulus) in big-endian byte order. It |
76 // must not be further encoded in an ASN.1 BIT STRING. | 77 // must not be further encoded in an ASN.1 BIT STRING. |
77 // | 78 // |
78 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo | 79 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo |
79 // structure, which contains not only the public key but also its type | 80 // structure, which contains not only the public key but also its type |
80 // (algorithm): | 81 // (algorithm): |
81 // SubjectPublicKeyInfo ::= SEQUENCE { | 82 // SubjectPublicKeyInfo ::= SEQUENCE { |
82 // algorithm AlgorithmIdentifier, | 83 // algorithm AlgorithmIdentifier, |
83 // subjectPublicKey BIT STRING } | 84 // subjectPublicKey BIT STRING } |
84 bool VerifyInitRSAPSS(HashAlgorithm hash_alg, | 85 bool VerifyInitRSAPSS(HashAlgorithm hash_alg, |
85 HashAlgorithm mask_hash_alg, | 86 HashAlgorithm mask_hash_alg, |
86 int salt_len, | 87 int salt_len, |
87 const uint8* signature, | 88 const uint8_t* signature, |
88 int signature_len, | 89 int signature_len, |
89 const uint8* public_key_info, | 90 const uint8_t* public_key_info, |
90 int public_key_info_len); | 91 int public_key_info_len); |
91 | 92 |
92 // Feeds a piece of the data to the signature verifier. | 93 // Feeds a piece of the data to the signature verifier. |
93 void VerifyUpdate(const uint8* data_part, int data_part_len); | 94 void VerifyUpdate(const uint8_t* data_part, int data_part_len); |
94 | 95 |
95 // Concludes a signature verification operation. Returns true if the | 96 // Concludes a signature verification operation. Returns true if the |
96 // signature is valid. Returns false if the signature is invalid or an | 97 // signature is valid. Returns false if the signature is invalid or an |
97 // error occurred. | 98 // error occurred. |
98 bool VerifyFinal(); | 99 bool VerifyFinal(); |
99 | 100 |
100 // Note: we can provide a one-shot interface if there is interest: | 101 // Note: we can provide a one-shot interface if there is interest: |
101 // bool Verify(const uint8* data, | 102 // bool Verify(const uint8_t* data, |
102 // int data_len, | 103 // int data_len, |
103 // const uint8* signature_algorithm, | 104 // const uint8_t* signature_algorithm, |
104 // int signature_algorithm_len, | 105 // int signature_algorithm_len, |
105 // const uint8* signature, | 106 // const uint8_t* signature, |
106 // int signature_len, | 107 // int signature_len, |
107 // const uint8* public_key_info, | 108 // const uint8_t* public_key_info, |
108 // int public_key_info_len); | 109 // int public_key_info_len); |
109 | 110 |
110 private: | 111 private: |
111 #if defined(USE_OPENSSL) | 112 #if defined(USE_OPENSSL) |
112 bool CommonInit(const EVP_MD* digest, | 113 bool CommonInit(const EVP_MD* digest, |
113 const uint8* signature, | 114 const uint8_t* signature, |
114 int signature_len, | 115 int signature_len, |
115 const uint8* public_key_info, | 116 const uint8_t* public_key_info, |
116 int public_key_info_len, | 117 int public_key_info_len, |
117 EVP_PKEY_CTX** pkey_ctx); | 118 EVP_PKEY_CTX** pkey_ctx); |
118 #else | 119 #else |
119 static SECKEYPublicKey* DecodePublicKeyInfo(const uint8* public_key_info, | 120 static SECKEYPublicKey* DecodePublicKeyInfo(const uint8_t* public_key_info, |
120 int public_key_info_len); | 121 int public_key_info_len); |
121 #endif | 122 #endif |
122 | 123 |
123 void Reset(); | 124 void Reset(); |
124 | 125 |
125 std::vector<uint8> signature_; | 126 std::vector<uint8_t> signature_; |
126 | 127 |
127 #if defined(USE_OPENSSL) | 128 #if defined(USE_OPENSSL) |
128 struct VerifyContext; | 129 struct VerifyContext; |
129 VerifyContext* verify_context_; | 130 VerifyContext* verify_context_; |
130 #else | 131 #else |
131 // Used for all signature types except RSA-PSS. | 132 // Used for all signature types except RSA-PSS. |
132 VFYContext* vfy_context_; | 133 VFYContext* vfy_context_; |
133 | 134 |
134 // Used for RSA-PSS signatures. | 135 // Used for RSA-PSS signatures. |
135 HashAlgorithm hash_alg_; | 136 HashAlgorithm hash_alg_; |
136 HashAlgorithm mask_hash_alg_; | 137 HashAlgorithm mask_hash_alg_; |
137 unsigned int salt_len_; | 138 unsigned int salt_len_; |
138 SECKEYPublicKey* public_key_; | 139 SECKEYPublicKey* public_key_; |
139 HASHContext* hash_context_; | 140 HASHContext* hash_context_; |
140 #endif | 141 #endif |
141 }; | 142 }; |
142 | 143 |
143 } // namespace crypto | 144 } // namespace crypto |
144 | 145 |
145 #endif // CRYPTO_SIGNATURE_VERIFIER_H_ | 146 #endif // CRYPTO_SIGNATURE_VERIFIER_H_ |
OLD | NEW |