crypto/signature_verifier_openssl.cc - Issue 17776003: Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures.

Side by Side Diff: crypto/signature_verifier_openssl.cc

Issue 17776003: Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/

Patch Set: Work around the lack of HASH_GetType and HASH_ResultLenContext Created 7 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "crypto/signature_verifier.h"	5 #include "crypto/signature_verifier.h"

6	6

7 #include <openssl/evp.h>	7 #include <openssl/evp.h>

8 #include <openssl/x509.h>	8 #include <openssl/x509.h>

9	9

10 #include <vector>	10 #include <vector>

11	11

12 #include "base/logging.h"	12 #include "base/logging.h"

13 #include "base/memory/scoped_ptr.h"	13 #include "base/memory/scoped_ptr.h"

14 #include "base/stl_util.h"	14 #include "base/stl_util.h"

15 #include "crypto/openssl_util.h"	15 #include "crypto/openssl_util.h"

16	16

17 namespace crypto {	17 namespace crypto {

18	18

	19 namespace {

	20

	21 const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) {

	22 switch (hash_alg) {

	23 case SignatureVerifier::SHA1:

	24 return EVP_sha1();

	25 case SignatureVerifier::SHA256:

	26 return EVP_sha256();

	27 }

	28 return EVP_md_null();

	29 }

	30

	31 } // namespace

	32

19 struct SignatureVerifier::VerifyContext {	33 struct SignatureVerifier::VerifyContext {

20 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key;

21 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;	34 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx;

22 };	35 };

23	36

24 SignatureVerifier::SignatureVerifier()	37 SignatureVerifier::SignatureVerifier()

25 : verify_context_(NULL) {	38 : verify_context_(NULL) {

26 }	39 }

27	40

28 SignatureVerifier::~SignatureVerifier() {	41 SignatureVerifier::~SignatureVerifier() {

29 Reset();	42 Reset();

30 }	43 }

31	44

32 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,	45 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,

33 int signature_algorithm_len,	46 int signature_algorithm_len,

34 const uint8* signature,	47 const uint8* signature,

35 int signature_len,	48 int signature_len,

36 const uint8* public_key_info,	49 const uint8* public_key_info,

37 int public_key_info_len) {	50 int public_key_info_len) {

38 DCHECK(!verify_context_);

39 verify_context_ = new VerifyContext;

40 OpenSSLErrStackTracer err_tracer(FROM_HERE);	51 OpenSSLErrStackTracer err_tracer(FROM_HERE);

41

42 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(	52 ScopedOpenSSL<X509_ALGOR, X509_ALGOR_free> algorithm(

43 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));	53 d2i_X509_ALGOR(NULL, &signature_algorithm, signature_algorithm_len));

44 if (!algorithm.get())	54 if (!algorithm.get())

45 return false;	55 return false;

	56 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);

	57 if (!digest)

	58 return false;

46	59

47 const EVP_MD* digest = EVP_get_digestbyobj(algorithm.get()->algorithm);	60 return CommonInit(digest, signature, signature_len, public_key_info,

	61 public_key_info_len, NULL);

	62 }

	63

	64 bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg,

	65 HashAlgorithm mask_hash_alg,

	66 int salt_len,

	67 const uint8* signature,

	68 int signature_len,

	69 const uint8* public_key_info,

	70 int public_key_info_len) {

	71 OpenSSLErrStackTracer err_tracer(FROM_HERE);

	72 const EVP_MD* digest = ToOpenSSLDigest(hash_alg);

48 DCHECK(digest);	73 DCHECK(digest);

49	74

50 signature_.assign(signature, signature + signature_len);	75 EVP_PKEY_CTX* pkey_ctx;

	76 if (!CommonInit(digest, signature, signature_len, public_key_info,

	77 public_key_info_len, &pkey_ctx)) {

	78 return false;

	79 }

51	80

52 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.	81 int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);

53 char* data = reinterpret_cast<char>(const_cast<uint8>(public_key_info));	82 if (rv != 1)

54 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,

55 public_key_info_len));

56 if (!bio.get())

57 return false;	83 return false;

58	84 rv = EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx,

59 verify_context_->public_key.reset(d2i_PUBKEY_bio(bio.get(), NULL));	85 ToOpenSSLDigest(mask_hash_alg));

60 if (!verify_context_->public_key.get())	86 if (rv != 1)

61 return false;	87 return false;

62	88 rv = EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len);

63 verify_context_->ctx.reset(EVP_MD_CTX_create());

64 int rv = EVP_VerifyInit_ex(verify_context_->ctx.get(), digest, NULL);

65 return rv == 1;	89 return rv == 1;

66 }	90 }

67	91

68 void SignatureVerifier::VerifyUpdate(const uint8* data_part,	92 void SignatureVerifier::VerifyUpdate(const uint8* data_part,

69 int data_part_len) {	93 int data_part_len) {

70 DCHECK(verify_context_);	94 DCHECK(verify_context_);

71 OpenSSLErrStackTracer err_tracer(FROM_HERE);	95 OpenSSLErrStackTracer err_tracer(FROM_HERE);

72 int rv = EVP_VerifyUpdate(verify_context_->ctx.get(),	96 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(),

73 data_part, data_part_len);	97 data_part, data_part_len);

74 DCHECK_EQ(rv, 1);	98 DCHECK_EQ(rv, 1);

75 }	99 }

76	100

77 bool SignatureVerifier::VerifyFinal() {	101 bool SignatureVerifier::VerifyFinal() {

78 DCHECK(verify_context_);	102 DCHECK(verify_context_);

79 OpenSSLErrStackTracer err_tracer(FROM_HERE);	103 OpenSSLErrStackTracer err_tracer(FROM_HERE);

80 int rv = EVP_VerifyFinal(verify_context_->ctx.get(),	104 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(),

81 vector_as_array(&signature_), signature_.size(),	105 vector_as_array(&signature_),

82 verify_context_->public_key.get());	106 signature_.size());

83 DCHECK_GE(rv, 0);	107 DCHECK_GE(rv, 0);

84 Reset();	108 Reset();

85 return rv == 1;	109 return rv == 1;

86 }	110 }

87	111

	112 bool SignatureVerifier::CommonInit(const EVP_MD* digest,

	113 const uint8* signature,

	114 int signature_len,

	115 const uint8* public_key_info,

	116 int public_key_info_len,

	117 EVP_PKEY_CTX** pkey_ctx) {

	118 if (verify_context_)

	119 return false;

	120

	121 verify_context_ = new VerifyContext;

	122

	123 signature_.assign(signature, signature + signature_len);

	124

	125 // BIO_new_mem_buf is not const aware, but it does not modify the buffer.

	126 char* data = reinterpret_cast<char>(const_cast<uint8>(public_key_info));

	127 ScopedOpenSSL<BIO, BIO_free_all> bio(BIO_new_mem_buf(data,

	128 public_key_info_len));

	129 if (!bio.get())

	130 return false;

	131

	132 ScopedOpenSSL<EVP_PKEY, EVP_PKEY_free> public_key(

	133 d2i_PUBKEY_bio(bio.get(), NULL));

	134 if (!public_key.get())

	135 return false;

	136

	137 verify_context_->ctx.reset(EVP_MD_CTX_create());

	138 int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx,

	139 digest, NULL, public_key.get());

	140 return rv == 1;

	141 }

	142

88 void SignatureVerifier::Reset() {	143 void SignatureVerifier::Reset() {

89 delete verify_context_;	144 delete verify_context_;

90 verify_context_ = NULL;	145 verify_context_ = NULL;

91 signature_.clear();	146 signature_.clear();

92 }	147 }

93	148

94 } // namespace crypto	149 } // namespace crypto

OLD	NEW

« no previous file with comments | « crypto/signature_verifier_nss.cc ('k') | crypto/signature_verifier_unittest.cc » ('j') | no next file with comments »