OLD | NEW |
| (Empty) |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "crypto/signature_creator.h" | |
6 | |
7 #include <cryptohi.h> | |
8 #include <keyhi.h> | |
9 #include <stdint.h> | |
10 #include <stdlib.h> | |
11 | |
12 #include <memory> | |
13 | |
14 #include "base/logging.h" | |
15 #include "crypto/nss_util.h" | |
16 #include "crypto/rsa_private_key.h" | |
17 | |
18 namespace crypto { | |
19 | |
20 namespace { | |
21 | |
22 SECOidTag ToNSSSigOid(SignatureCreator::HashAlgorithm hash_alg) { | |
23 switch (hash_alg) { | |
24 case SignatureCreator::SHA1: | |
25 return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; | |
26 case SignatureCreator::SHA256: | |
27 return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; | |
28 } | |
29 return SEC_OID_UNKNOWN; | |
30 } | |
31 | |
32 SECOidTag ToNSSHashOid(SignatureCreator::HashAlgorithm hash_alg) { | |
33 switch (hash_alg) { | |
34 case SignatureCreator::SHA1: | |
35 return SEC_OID_SHA1; | |
36 case SignatureCreator::SHA256: | |
37 return SEC_OID_SHA256; | |
38 } | |
39 return SEC_OID_UNKNOWN; | |
40 } | |
41 | |
42 } // namespace | |
43 | |
44 SignatureCreator::~SignatureCreator() { | |
45 if (sign_context_) { | |
46 SGN_DestroyContext(sign_context_, PR_TRUE); | |
47 sign_context_ = NULL; | |
48 } | |
49 } | |
50 | |
51 // static | |
52 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key, | |
53 HashAlgorithm hash_alg) { | |
54 std::unique_ptr<SignatureCreator> result(new SignatureCreator); | |
55 result->sign_context_ = SGN_NewContext(ToNSSSigOid(hash_alg), key->key()); | |
56 if (!result->sign_context_) { | |
57 NOTREACHED(); | |
58 return NULL; | |
59 } | |
60 | |
61 SECStatus rv = SGN_Begin(result->sign_context_); | |
62 if (rv != SECSuccess) { | |
63 NOTREACHED(); | |
64 return NULL; | |
65 } | |
66 | |
67 return result.release(); | |
68 } | |
69 | |
70 // static | |
71 bool SignatureCreator::Sign(RSAPrivateKey* key, | |
72 HashAlgorithm hash_alg, | |
73 const uint8_t* data, | |
74 int data_len, | |
75 std::vector<uint8_t>* signature) { | |
76 SECItem data_item; | |
77 data_item.type = siBuffer; | |
78 data_item.data = const_cast<unsigned char*>(data); | |
79 data_item.len = data_len; | |
80 | |
81 SECItem signature_item; | |
82 SECStatus rv = SGN_Digest(key->key(), ToNSSHashOid(hash_alg), &signature_item, | |
83 &data_item); | |
84 if (rv != SECSuccess) { | |
85 NOTREACHED(); | |
86 return false; | |
87 } | |
88 signature->assign(signature_item.data, | |
89 signature_item.data + signature_item.len); | |
90 SECITEM_FreeItem(&signature_item, PR_FALSE); | |
91 return true; | |
92 } | |
93 | |
94 bool SignatureCreator::Update(const uint8_t* data_part, int data_part_len) { | |
95 SECStatus rv = SGN_Update(sign_context_, data_part, data_part_len); | |
96 if (rv != SECSuccess) { | |
97 NOTREACHED(); | |
98 return false; | |
99 } | |
100 | |
101 return true; | |
102 } | |
103 | |
104 bool SignatureCreator::Final(std::vector<uint8_t>* signature) { | |
105 SECItem signature_item; | |
106 SECStatus rv = SGN_End(sign_context_, &signature_item); | |
107 if (rv != SECSuccess) { | |
108 return false; | |
109 } | |
110 signature->assign(signature_item.data, | |
111 signature_item.data + signature_item.len); | |
112 SECITEM_FreeItem(&signature_item, PR_FALSE); | |
113 return true; | |
114 } | |
115 | |
116 SignatureCreator::SignatureCreator() : sign_context_(NULL) { | |
117 EnsureNSSInit(); | |
118 } | |
119 | |
120 } // namespace crypto | |
OLD | NEW |