crypto/signature_verifier_openssl.cc - Issue 17776003: Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures.

Side by Side Diff: crypto/signature_verifier_openssl.cc

Issue 17776003: Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Add a unit test with RSA PSS test vectors downloaded from RSA Labs Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "crypto/signature_verifier.h"	5 #include "crypto/signature_verifier.h"

6	6

7 #include <openssl/evp.h>	7 #include <openssl/evp.h>

8 #include <openssl/x509.h>	8 #include <openssl/x509.h>

9	9

10 #include <vector>	10 #include <vector>

11	11

12 #include "base/logging.h"	12 #include "base/logging.h"

13 #include "base/memory/scoped_ptr.h"	13 #include "base/memory/scoped_ptr.h"

14 #include "base/stl_util.h"	14 #include "base/stl_util.h"

15 #include "crypto/openssl_util.h"	15 #include "crypto/openssl_util.h"

16	16

17 namespace crypto {	17 namespace crypto {

18	18

	19 namespace {

	20

	21 const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) {

	22 switch (hash_alg) {

	23 case SignatureVerifier::SHA1:

	24 return EVP_sha1();

	25 case SignatureVerifier::SHA256:

	26 return EVP_sha256();

	27 }

	28 }

	29

	30 } // namespace

	31

19 struct SignatureVerifier::VerifyContext {	32 struct SignatureVerifier::VerifyContext {

20 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key;

21 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;	33 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;

22 };	34 };

23	35

24 SignatureVerifier::SignatureVerifier()	36 SignatureVerifier::SignatureVerifier()

25 : verify_context_(NULL) {	37 : verify_context_(NULL) {

26 }	38 }

27	39

28 SignatureVerifier::~SignatureVerifier() {	40 SignatureVerifier::~SignatureVerifier() {

29 Reset();	41 Reset();

30 }	42 }

31	43

32 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,	44 bool SignatureVerifier::CommonInit(const EVP_MD* digest,

33 int signature_algorithm_len,

34 const uint8* signature,	45 const uint8* signature,

35 int signature_len,	46 int signature_len,

36 const uint8* public_key_info,	47 const uint8* public_key_info,

37 int public_key_info_len) {	48 int public_key_info_len,

38 DCHECK(!verify_context_);	49 EVP_PKEY_CTX** pkey_ctx) {

	50 if (verify_context_)

	51 return false;

	52

39 verify_context_ = new VerifyContext;	53 verify_context_ = new VerifyContext;

40 OpenSSLErrStackTracer err_tracer(FROM_HERE);	54 OpenSSLErrStackTracer err_tracer(FROM_HERE);
	wtc 2013/06/27 02:23:51 rsleevi: I am not familiar with OpenSSLErrStackTra rsleevi: I am not familiar with OpenSSLErrStackTracer. Could you please doublecheck all uses of OpenSSLErrStackTracer in this file? In particular, do we need to use OpenSSLErrStackTracer in CommonInit(), whose callers already use OpenSSLErrStackTracer? Ryan Sleevi 2013/06/27 16:51:08 Ah, as long as both callers have an err tracer, no Show quoted text On 2013/06/27 02:23:51, wtc wrote: > > rsleevi: I am not familiar with OpenSSLErrStackTracer. > Could you please doublecheck all uses of OpenSSLErrStackTracer > in this file? In particular, do we need to use > OpenSSLErrStackTracer in CommonInit(), whose callers > already use OpenSSLErrStackTracer? Ah, as long as both callers have an err tracer, no, it's not needed. Basically, any time you're calling an OpenSSL function, you want to make sure that at unwind time, there's at least a tracer on the stack.
41	55

42 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(

43 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));

44 if (!algorithm.get())

45 return false;

46

47 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);

48 DCHECK(digest);

49

50 signature_.assign(signature, signature + signature_len);	56 signature_.assign(signature, signature + signature_len);

51	57

52 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.	58 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.

53 char* data = reinterpret_cast<char>(const_cast<uint8>(public_key_info));	59 char* data = reinterpret_cast<char>(const_cast<uint8>(public_key_info));

54 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,	60 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,

55 public_key_info_len));	61 public_key_info_len));

56 if (!bio.get())	62 if (!bio.get())

57 return false;	63 return false;

58	64

59 verify_context_->public_key.reset(d2i_PUBKEY_bio(bio.get(), NULL));	65 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key(

60 if (!verify_context_->public_key.get())	66 d2i_PUBKEY_bio(bio.get(), NULL));

	67 if (!public_key.get())

61 return false;	68 return false;

62	69

63 verify_context_->ctx.reset(EVP_MD_CTX_create());	70 verify_context_->ctx.reset(EVP_MD_CTX_create());

64 int rv = EVP_VerifyInit_ex(verify_context_->ctx.get(), digest, NULL);	71 int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx,

	72 digest, NULL, public_key.get());

	73 return rv == 1;

	74 }

	75

	76 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,

	77 int signature_algorithm_len,

	78 const uint8* signature,

	79 int signature_len,

	80 const uint8* public_key_info,

	81 int public_key_info_len) {

	82 OpenSSLErrStackTracer err_tracer(FROM_HERE);

	83 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(

	84 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));

	85 if (!algorithm.get())

	86 return false;

	87 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);

	88 if (!digest)

	89 return false;

	90

	91 return CommonInit(digest, signature, signature_len, public_key_info,

	92 public_key_info_len, NULL);

	93 }

	94

	95 bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,

	96 HashAlgorithm mask_hash_alg,

	97 int salt_len,

	98 const uint8* signature,

	99 int signature_len,

	100 const uint8* public_key_info,

	101 int public_key_info_len) {

	102 OpenSSLErrStackTracer err_tracer(FROM_HERE);

	103 const EVP_MD* digest = ToOpenSSLDigest(hash_alg);

	104 DCHECK(digest);

	105

	106 EVP_PKEY_CTX* pkey_ctx;

	107 if (!CommonInit(digest, signature, signature_len, public_key_info,

	108 public_key_info_len, &pkey_ctx)) {

	109 return false;

	110 }

	111

	112 int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);

	113 if (rv != 1)

	114 return false;

	115 rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx,

	116 ToOpenSSLDigest(mask_hash_alg));

	117 if (rv != 1)

	118 return false;

	119 rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len);

65 return rv == 1;	120 return rv == 1;

66 }	121 }

67	122

68 void SignatureVerifier::VerifyUpdate(const uint8* data_part,	123 void SignatureVerifier::VerifyUpdate(const uint8* data_part,

69 int data_part_len) {	124 int data_part_len) {

70 DCHECK(verify_context_);	125 DCHECK(verify_context_);

71 OpenSSLErrStackTracer err_tracer(FROM_HERE);	126 OpenSSLErrStackTracer err_tracer(FROM_HERE);

72 int rv = EVP_VerifyUpdate(verify_context_->ctx.get(),	127 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(),

73 data_part, data_part_len);	128 data_part, data_part_len);

74 DCHECK_EQ(rv, 1);	129 DCHECK_EQ(rv, 1);

75 }	130 }

76	131

77 bool SignatureVerifier::VerifyFinal() {	132 bool SignatureVerifier::VerifyFinal() {

78 DCHECK(verify_context_);	133 DCHECK(verify_context_);

79 OpenSSLErrStackTracer err_tracer(FROM_HERE);	134 OpenSSLErrStackTracer err_tracer(FROM_HERE);

80 int rv = EVP_VerifyFinal(verify_context_->ctx.get(),	135 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(),

81 vector_as_array(&signature_), signature_.size(),	136 vector_as_array(&signature_),

82 verify_context_->public_key.get());	137 signature_.size());

83 DCHECK_GE(rv, 0);	138 DCHECK_GE(rv, 0);

84 Reset();	139 Reset();

85 return rv == 1;	140 return rv == 1;

86 }	141 }

87	142

88 void SignatureVerifier::Reset() {	143 void SignatureVerifier::Reset() {

89 delete verify_context_;	144 delete verify_context_;

90 verify_context_ = NULL;	145 verify_context_ = NULL;

91 signature_.clear();	146 signature_.clear();

92 }	147 }

93	148

94 } // namespace crypto	149 } // namespace crypto

OLD	NEW

« no previous file with comments | « crypto/signature_verifier_nss.cc ('k') | crypto/signature_verifier_unittest.cc » ('j') | no next file with comments »