| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/signature_verifier.h" | 5 #include "crypto/signature_verifier.h" |
| 6 | 6 |
| 7 #include <openssl/bytestring.h> | 7 #include <openssl/bytestring.h> |
| 8 #include <openssl/digest.h> |
| 8 #include <openssl/evp.h> | 9 #include <openssl/evp.h> |
| 9 #include <openssl/x509.h> | |
| 10 #include <stdint.h> | 10 #include <stdint.h> |
| 11 | 11 |
| 12 #include <vector> | 12 #include <vector> |
| 13 | 13 |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/memory/scoped_ptr.h" | 15 #include "base/memory/scoped_ptr.h" |
| 16 #include "crypto/openssl_util.h" | 16 #include "crypto/openssl_util.h" |
| 17 #include "crypto/scoped_openssl_types.h" | 17 #include "crypto/scoped_openssl_types.h" |
| 18 | 18 |
| 19 namespace crypto { | 19 namespace crypto { |
| (...skipping 17 matching lines...) Expand all Loading... |
| 37 }; | 37 }; |
| 38 | 38 |
| 39 SignatureVerifier::SignatureVerifier() | 39 SignatureVerifier::SignatureVerifier() |
| 40 : verify_context_(NULL) { | 40 : verify_context_(NULL) { |
| 41 } | 41 } |
| 42 | 42 |
| 43 SignatureVerifier::~SignatureVerifier() { | 43 SignatureVerifier::~SignatureVerifier() { |
| 44 Reset(); | 44 Reset(); |
| 45 } | 45 } |
| 46 | 46 |
| 47 bool SignatureVerifier::VerifyInit(const uint8_t* signature_algorithm, | 47 bool SignatureVerifier::VerifyInit(SignatureAlgorithm signature_algorithm, |
| 48 int signature_algorithm_len, | |
| 49 const uint8_t* signature, | 48 const uint8_t* signature, |
| 50 int signature_len, | 49 int signature_len, |
| 51 const uint8_t* public_key_info, | 50 const uint8_t* public_key_info, |
| 52 int public_key_info_len) { | 51 int public_key_info_len) { |
| 53 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 52 int pkey_type = EVP_PKEY_NONE; |
| 54 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm( | 53 const EVP_MD* digest = nullptr; |
| 55 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len)); | 54 switch (signature_algorithm) { |
| 56 if (!algorithm.get()) | 55 case RSA_PKCS1_SHA1: |
| 57 return false; | 56 pkey_type = EVP_PKEY_RSA; |
| 58 int nid = OBJ_obj2nid(algorithm.get()->algorithm); | 57 digest = EVP_sha1(); |
| 59 const EVP_MD* digest; | 58 break; |
| 60 if (nid == NID_ecdsa_with_SHA1) { | 59 case RSA_PKCS1_SHA256: |
| 61 digest = EVP_sha1(); | 60 pkey_type = EVP_PKEY_RSA; |
| 62 } else if (nid == NID_ecdsa_with_SHA256) { | 61 digest = EVP_sha256(); |
| 63 digest = EVP_sha256(); | 62 break; |
| 64 } else { | 63 case ECDSA_SHA256: |
| 65 // This works for PKCS #1 v1.5 RSA signatures, but not for ECDSA | 64 pkey_type = EVP_PKEY_EC; |
| 66 // signatures. | 65 digest = EVP_sha256(); |
| 67 digest = EVP_get_digestbyobj(algorithm.get()->algorithm); | 66 break; |
| 68 } | 67 } |
| 69 if (!digest) | 68 DCHECK_NE(EVP_PKEY_NONE, pkey_type); |
| 70 return false; | 69 DCHECK(digest); |
| 71 | 70 |
| 72 return CommonInit(digest, signature, signature_len, public_key_info, | 71 return CommonInit(pkey_type, digest, signature, signature_len, |
| 73 public_key_info_len, NULL); | 72 public_key_info, public_key_info_len, nullptr); |
| 74 } | 73 } |
| 75 | 74 |
| 76 bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg, | 75 bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg, |
| 77 HashAlgorithm mask_hash_alg, | 76 HashAlgorithm mask_hash_alg, |
| 78 int salt_len, | 77 int salt_len, |
| 79 const uint8_t* signature, | 78 const uint8_t* signature, |
| 80 int signature_len, | 79 int signature_len, |
| 81 const uint8_t* public_key_info, | 80 const uint8_t* public_key_info, |
| 82 int public_key_info_len) { | 81 int public_key_info_len) { |
| 83 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 82 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 84 const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); | 83 const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); |
| 85 DCHECK(digest); | 84 DCHECK(digest); |
| 86 if (!digest) { | 85 if (!digest) { |
| 87 return false; | 86 return false; |
| 88 } | 87 } |
| 89 | 88 |
| 90 EVP_PKEY_CTX* pkey_ctx; | 89 EVP_PKEY_CTX* pkey_ctx; |
| 91 if (!CommonInit(digest, signature, signature_len, public_key_info, | 90 if (!CommonInit(EVP_PKEY_RSA, digest, signature, signature_len, |
| 92 public_key_info_len, &pkey_ctx)) { | 91 public_key_info, public_key_info_len, &pkey_ctx)) { |
| 93 return false; | 92 return false; |
| 94 } | 93 } |
| 95 | 94 |
| 96 int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING); | 95 int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING); |
| 97 if (rv != 1) | 96 if (rv != 1) |
| 98 return false; | 97 return false; |
| 99 const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg); | 98 const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg); |
| 100 DCHECK(mgf_digest); | 99 DCHECK(mgf_digest); |
| 101 if (!mgf_digest) { | 100 if (!mgf_digest) { |
| 102 return false; | 101 return false; |
| 103 } | 102 } |
| 104 rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest); | 103 return EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest) && |
| 105 if (rv != 1) | 104 EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len); |
| 106 return false; | |
| 107 rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len); | |
| 108 return rv == 1; | |
| 109 } | 105 } |
| 110 | 106 |
| 111 void SignatureVerifier::VerifyUpdate(const uint8_t* data_part, | 107 void SignatureVerifier::VerifyUpdate(const uint8_t* data_part, |
| 112 int data_part_len) { | 108 int data_part_len) { |
| 113 DCHECK(verify_context_); | 109 DCHECK(verify_context_); |
| 114 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 110 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 115 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(), | 111 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(), |
| 116 data_part, data_part_len); | 112 data_part, data_part_len); |
| 117 DCHECK_EQ(rv, 1); | 113 DCHECK_EQ(rv, 1); |
| 118 } | 114 } |
| 119 | 115 |
| 120 bool SignatureVerifier::VerifyFinal() { | 116 bool SignatureVerifier::VerifyFinal() { |
| 121 DCHECK(verify_context_); | 117 DCHECK(verify_context_); |
| 122 OpenSSLErrStackTracer err_tracer(FROM_HERE); | 118 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 123 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(), signature_.data(), | 119 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(), signature_.data(), |
| 124 signature_.size()); | 120 signature_.size()); |
| 125 DCHECK_EQ(static_cast<int>(!!rv), rv); | 121 DCHECK_EQ(static_cast<int>(!!rv), rv); |
| 126 Reset(); | 122 Reset(); |
| 127 return rv == 1; | 123 return rv == 1; |
| 128 } | 124 } |
| 129 | 125 |
| 130 bool SignatureVerifier::CommonInit(const EVP_MD* digest, | 126 bool SignatureVerifier::CommonInit(int pkey_type, |
| 127 const EVP_MD* digest, |
| 131 const uint8_t* signature, | 128 const uint8_t* signature, |
| 132 int signature_len, | 129 int signature_len, |
| 133 const uint8_t* public_key_info, | 130 const uint8_t* public_key_info, |
| 134 int public_key_info_len, | 131 int public_key_info_len, |
| 135 EVP_PKEY_CTX** pkey_ctx) { | 132 EVP_PKEY_CTX** pkey_ctx) { |
| 136 if (verify_context_) | 133 if (verify_context_) |
| 137 return false; | 134 return false; |
| 138 | 135 |
| 139 verify_context_ = new VerifyContext; | 136 verify_context_ = new VerifyContext; |
| 140 | 137 |
| 141 signature_.assign(signature, signature + signature_len); | 138 signature_.assign(signature, signature + signature_len); |
| 142 | 139 |
| 143 CBS cbs; | 140 CBS cbs; |
| 144 CBS_init(&cbs, public_key_info, public_key_info_len); | 141 CBS_init(&cbs, public_key_info, public_key_info_len); |
| 145 ScopedEVP_PKEY public_key(EVP_parse_public_key(&cbs)); | 142 ScopedEVP_PKEY public_key(EVP_parse_public_key(&cbs)); |
| 146 if (!public_key || CBS_len(&cbs) != 0) | 143 if (!public_key || CBS_len(&cbs) != 0 || |
| 144 EVP_PKEY_id(public_key.get()) != pkey_type) { |
| 147 return false; | 145 return false; |
| 146 } |
| 148 | 147 |
| 149 verify_context_->ctx.reset(EVP_MD_CTX_create()); | 148 verify_context_->ctx.reset(EVP_MD_CTX_create()); |
| 150 int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx, | 149 int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx, |
| 151 digest, nullptr, public_key.get()); | 150 digest, nullptr, public_key.get()); |
| 152 return rv == 1; | 151 return rv == 1; |
| 153 } | 152 } |
| 154 | 153 |
| 155 void SignatureVerifier::Reset() { | 154 void SignatureVerifier::Reset() { |
| 156 delete verify_context_; | 155 delete verify_context_; |
| 157 verify_context_ = NULL; | 156 verify_context_ = NULL; |
| 158 signature_.clear(); | 157 signature_.clear(); |
| 159 } | 158 } |
| 160 | 159 |
| 161 } // namespace crypto | 160 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1679873005:
Switch SignatureVerifier to taking an algorithm enum. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master