Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures.

crypto/signature_verifier.h

Index: crypto/signature_verifier.h
===================================================================
--- crypto/signature_verifier.h	(revision 208575)
+++ crypto/signature_verifier.h	(working copy)
@@ -12,7 +12,12 @@
 #include "base/basictypes.h"
 #include "crypto/crypto_export.h"
 
-#if !defined(USE_OPENSSL)
+#if defined(USE_OPENSSL)
+typedef struct env_md_st EVP_MD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+#else
+typedef struct HASHContextStr HASHContext;
+typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
 typedef struct VFYContextStr VFYContext;
 #endif
 
@@ -22,6 +27,12 @@
 // (as opposed to a certificate).
 class CRYPTO_EXPORT SignatureVerifier {
  public:
+  // The set of supported hash functions. Extend as required.
+  enum HashAlgorithm {
+    SHA1,
+    SHA256,
+  };
+
   SignatureVerifier();
   ~SignatureVerifier();
 
@@ -29,6 +40,7 @@
 
   // Initiates a signature verification operation.  This should be followed
   // by one or more VerifyUpdate calls and a VerifyFinal call.
+  // NOTE: for RSA-PSS signatures, use VerifyInitRSAPSS instead.
   //
   // The signature algorithm is specified as a DER encoded ASN.1
   // AlgorithmIdentifier structure:
@@ -54,6 +66,29 @@
                   const uint8* public_key_info,
                   int public_key_info_len);
 
+  // Initiates a RSA-PSS signature verification operation.  This should be
+  // followed by one or more VerifyUpdate calls and a VerifyFinal call.
+  //
+  // The RSA-PSS signature algorithm parameters are specified with the
+  // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments.
+  //
+  // An RSA-PSS signature is encoded as a big integer in the big-endian byte

[agl, 2013/06/26 15:21:10]

s/the //

[wtc, 2013/06/27 02:23:51]

Done.

+  // order. It must not be further encoded in an ASN.1 BIT STRING.
+  //
+  // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
+  // structure, which contains not only the public key but also its type
+  // (algorithm):
+  //   SubjectPublicKeyInfo  ::=  SEQUENCE  {
+  //       algorithm            AlgorithmIdentifier,
+  //       subjectPublicKey     BIT STRING  }
+  bool VerifyInitRSAPSS(HashAlgorithm hash_alg,
+                        HashAlgorithm mask_hash_alg,
+                        int salt_len,
+                        const uint8* signature,
+                        int signature_len,

[agl, 2013/06/26 15:21:10]

nit: size_t for lengths?

[wtc, 2013/06/27 02:23:51]

I will do this in a separate cleanup CL because it will require OWNERS
review of changes outside src/crypto.

+                        const uint8* public_key_info,
+                        int public_key_info_len);
+
   // Feeds a piece of the data to the signature verifier.
   void VerifyUpdate(const uint8* data_part, int data_part_len);
 
@@ -73,6 +108,18 @@
   //               int public_key_info_len);
 
  private:
+#if defined(USE_OPENSSL)
+  bool CommonInit(const EVP_MD* digest,
+                  const uint8* signature,
+                  int signature_len,
+                  const uint8* public_key_info,
+                  int public_key_info_len,
+                  EVP_PKEY_CTX** pkey_ctx);
+#else
+  static SECKEYPublicKey* DecodePublicKeyInfo(const uint8* public_key_info,
+                                              int public_key_info_len);
+#endif
+
   void Reset();
 
   std::vector<uint8> signature_;
@@ -81,7 +128,15 @@
   struct VerifyContext;
   VerifyContext* verify_context_;
 #else
+  // Used for all signature types except RSA-PSS.
   VFYContext* vfy_context_;
+
+  // Used for RSA-PSS signatures.
+  HashAlgorithm hash_alg_;
+  HashAlgorithm mask_hash_alg_;
+  unsigned int salt_len_;
+  SECKEYPublicKey* public_key_;
+  HASHContext* hash_context_;
 #endif
 };